PRIVACY POLICY
Article 1
Consent to Collection of Personal Information and Collection Method
< ROSÉ LASH (www.roselash.co.kr) > (hereinafter “Website”) shall establish a procedure for allowing customers to click the button “Agree” to the terms of use, collection of personal information, and details of personal information used. Customers shall be deemed to have agreed to the collection and use of their personal information by clicking the “Agree” button.
Article 2
Personal Information Items Collected and Purpose of Using Personal Information
"Personal Information” means information on persons and refers to their names or any other information that identifies such persons. (Even if such information alone cannot identify a certain person, such information that can be easily combined with other information and be used to identify such a person.)
The Website has the following purposes for collecting and using customers' personal information:
Personal information of general members
- Time of collection: Signing up for membership
- Mandatory collection items: ID, password, e-mails, names
- Optional collection items: Profile images, date of birth, telephone number, address
- Purpose of using personal information: Signing up for membership, customer consulting for the use of services, and delivery of notices
- Retention period: Immediately deleted upon withdrawal of membership or retained for five
(5) years for purchasing members
Order information (including members and non-members)
- Time of collection: Upon placing orders
- Mandatory collection items: Information of customers placing orders (name, address, telephone, and e-mail), information on recipient (name, address, telephone),
payment approval information
- Optional collection items: Delivery of messages
- Purpose of using personal information: Payment and delivery of ordered products
- Retention period: Retained for five (5) years
Article 3
Collection of Personal Information via Cookies
The Website may install and operate cookies that store and frequently retrieve customers' information. A cookie means a small amount of text files that a website sends to users’ computer browsers (Internet Explorer, and others)
1) Purposes of using cookies
- Providing differentiated information, depending on individuals’ interests
- Analyzing the access frequency or staying time of users, identifying users’ tastes and interests, and using them for target marketing and as a measure for service
improvement
- Tracing the information on items purchased and items to which users pay attention, and providing tailor-made services
2) Operation of cookies and rejection of cookiesCookies are stored at the hard disk of users’ computers. Cookies identify users’ computers but do not personally identify
users. In addition, customers may accept or reject all cookies, or go through checks whenever cookies are stored by changing settings on their web browser.
However, if customers refuse to store cookies, they may not use some services that require them.
3) Method for changing settings to reject cookies
A. Internet Explorer
Directly change settings by clicking Tools > Internet Options > Personal Information tab on the upper menu of a web browser
B. Chrome
Directly change settings by clicking Menu icon on the upper right bar of a web browser >Settings > Advanced Settings on the bottom of the screen > Contents
Setting button on Personal Information section > Cookies section
Article 4
Periods of Retaining and Using Personal Information and Destruction of Personal Information
1) Customers’ personal information shall be destroyed without any delay after the purposes of collection and use of their personal information have been fulfilled.
However, if customers’ personal information needs to be retained for a certain period of time for the following purpose of verifying transaction parties’ rights and
obligations in accordance with provisions of relevant statutes, such as the Protection of Consumers in e-commerce and Other Transactions Act, such information
shall be retained for the specified period:
A. Article 6 of the Protection of Consumers in e-commerce and Other Transactions Act
- Records on contracts or withdrawal of offers: Retained for five (5) years
- Records on payments and the supply of goods: Retained for five (5) years
- Records on the resolution of customers’ complaints or disputes: Retained for three (3) years
B. Article 15.2 of the Protection of Communication Secrets Act
- Log-in records: Retained for three (3) months
C. Other related statutes
2) The Website shall destroy personal information in the following manner.
A. Destruction procedure-The information entered for membership sign-up shall be transferred to a separate database, stored for a certain period of time in accordance
with internal guidelines and other relevant statutes, and then destroyed.
- The above personal information shall not be used for any purposes other than for the purposes stipulated by law.
B. Destruction methods-Personal information printed out on paper shall be destroyed by shredding or burning. - Personal information in electronic file format shall be
entirely destroyed by technological methods so that they may not be restored or regenerated.
3) The Website shall give dormant members (who have not used services for the last twelve (12) months) a notice on the forfeiture of membership in accordance with
Article 29.2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection. If such members fail to reply to such a notice,
they may be considered to have forfeited their membership at the Website’s discretion. In such a case, dormant members’ personal information may be stored and
managed separately from other members’ personal information. Such personal information that is separated and stored shall be destroyed after the lapse of the
statutory retention period. In case a customer makes a request, then such a customer’s personal information that is not destroyed shall be made available again at
the time of resuming the use of services.
Article 5
Provision of Personal Information for Third Parties
1) The Website shall neither use customers’ personal information nor provide such information for other persons, companies, and institutions beyond the scope of
Article 1 above (Personal Information Items Collected and Purpose of Using Personal Information).
2) The following cases are exceptions.
A. When customers’ personal information is required by relevant institutions for investigative purposes in accordance with relevant statutes
B. When customers’ personal information is provided in a form that cannot identify certain individuals for advertisers, suppliers, or research organizations to compile
statistics or conduct academic or market research
C. When customers’ personal information is requested in accordance with pre-determined procedures under other relevant statutesEven if personal information is
provided in accordance with the foregoing, we do our best to ensure that such information is not indiscriminately provided against the original purpose of collection
and use of such information.
Article 6
Access and Modification of Personal Information
1) Customers may access or modify their personal information registered at the Website at any time. Customers may click the Change Members’ Information menu
and directly access or modify their personal information. They may also request for such access or modification by sending e-mails or written requests to a chief
privacy officer or a personal information handling employee at the Website. Then, the Website shall take relevant measures without any delay.
2) If customers demand the correction of any errors in their personal information, such personal information shall be neither used nor provided by the Website until
such errors have been corrected.
3) If incorrect personal information has been already provided for any third party, then the Website shall immediately notify such third party of the result of correction
of this information and have this third party also modify the information.
Article 7
Withdrawal of Consent to Collection, Use, and Provision of Personal Information
1) Customers may withdraw their consent to the collection, use, and provision of their personal information that is made available when signing up for membership at
any time. They may do so by clicking Withdrawal of Consent (Membership) in the Personal Information Management Menu on the initial landing page of the Website.
They may also do so by contacting the chief privacy officer of the Website in writing, by telephone, or through e-mail. Then, the Website shall immediately take
necessary measures, such as deletion of personal information. The Website shall immediately notify customers of such measures, including withdrawal of consent
and destruction of personal information.
2) The Website shall take necessary measures to ensure that customers withdraw their consent (membership) to the collection of their information through an easier
method than what they used to give their consent to the method of collecting personal information.
Article 8
Protection of Personal Information of Children under Fourteen Years of Age
The Website deems the protection of children’s personal information in online environments to be also important. It does not allow children under fourteen years of age who require the consent of their legal counsel to apply for membership. If such children sign up for the Website or provide their personal information due to the theft of their names and information or abuse of systems, then their legal counsels may exercise all rights.
Article 9
Chief Privacy Officer
The Website appoints the following chief privacy officer who is responsible for the handling of personal information and the handling of customers’ complaints regarding
personal information and damage reliefs.
โถ Chief Privacy Officer
- Name: Sun Kyung Kim
- Tel : 070-7797-7774
- Contact point: info@jstkor.com
Article 10
Modification of the Guideline on Personal Information Processing
This guideline on personal information processing shall take effect on its effective date. Any addition of change under statutes and this guideline, and deletion and correction of anything in this guideline shall be announced via notices seven (7) days prior to the effectuation of such addition, deletion, or correction.
