TWINNY

Privacy Policy

TWINNY Corporation (hereinafter referred to as the "Company") complies with the Personal Information Protection Act. The Company established and disclosed the following privacy policy to protect the personal information of data subjects and handle related complaints promptly.

Article 1:
Purpose of Personal Information Processing

The Company processes personal information for the following purposes. Processed personal information will not be used for purposes other than those stated. If the purpose of use is changed, necessary measures, such as obtaining separate consent, will be taken.

① (Provision of goods or services) The Company processes personal information for the purpose of providing services, content, and customized services.

② (Use for marketing and advertising) The Company processes personal information for the purpose of developing new services or products, providing customized services, sharing event, and advertising information, verifying the validity of services, tracking access frequency, and generating statistics on the use of services.

Article 2:
Items and Collection Methods of Personal Information

The Company collects the following personal information items:

① When downloading information such as inquiries, responses, and catalogs throughout the Company, the Company collects the following personal information to verify the identity of the individual:
-Full name, email address, phone number, Company name, Company information (warehouse size, average monthly order quantity, inventory management code (SKU), etc.).

② During the process of using the service or conducting business operations, the following information may be automatically generated and collected:
-User's browser type and operating system, visit history (including IP address and access time), cookies, gender, region (country), Company/organization, service ISP and IP, and access host.

Article 3:
Processing and Retention Period of Personal Information

The Company processes and retains personal information within the period specified by law or the period agreed upon with the data subjects at the time of collecting personal information.

① User information for handling requests such as viewing personal information: 3 years

② Personal information related to inquiries: 1 year

③ Service visit record: 1 year

Article 4:
Provision of Personal Information to Third Parties

The Company uses personal information within the scope notified in Article 1 "Purpose of Personal Information Processing" and generally does not exceed or disclose personal information to external parties without the prior consent of the data subjects. However, there are exceptions in the following cases.

① When the data subjects have given prior consent.

② When there is a request from an investigative agency based on the regulations of the law or in accordance with the procedures and methods prescribed by the law for investigative purposes.

Article 5:
Rights, Obligations, and Exercise Methods of Data Subjects

As data subjects, users can exercise following rights:

① The data subjects can exercise the following rights related to personal information protection against the Company at any time:
-The right to request access to personal information
-The right to request correction in case of errors
-The right to request deletion
-The right to request suspension of processing

② The exercise of rights under Paragraph 1 may be made to the Company in writing, by electronic mail, facsimile transmission (FAX), or other means in accordance with Form No. 8 of the Enforcement Regulations of the Personal Information Protection Act, and the Company will take measures without delay.

③ If the data subjects request correction or deletion of personal information due to errors and so on, the Company shall not use or provide the personal information until the correction or deletion is completed.

④ The exercise of the rights under Paragraph 1 may be made through a legal representative or an authorized person of data subjects. In this case, a power of attorney in the form of Attachment No. 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.

Article 6:
Installation, Operation, and Rejection of Personal Information Automatic Collection Devices

The Company uses 'cookies' to periodically store and retrieve user information.
A cookie is a small text file sent from the server used to run the website to the user's browser and can be stored on the user's computer hard disk.

① Purpose of using cookies:
-Cookies are used to track and analyze the user's visit and usage patterns, popular search terms, and secure connections to provide the user with optimized information on the visited services and websites.

② Installation, operation, and rejection of cookies:
-Users can choose to accept all cookies, receive confirmation each time a cookie is saved, or reject the saving of all cookies by adjusting the options in their web browser.
(Go to Tools > Internet Options > Privacy in the web browser.)
-If a user refuses to install cookies, there will be no penalty, but the provision of services may be affected.

Article 7:
Destruction of Personal Information

Personal information is generally destroyed without delay once the purpose of processing personal information has been achieved. The Company's procedures, deadlines, and methods for the destruction of personal information are as follows.

① Destruction procedure
-Information entered by the data subjects will be destroyed in accordance with internal policies and relevant laws and regulations after the retention period has expired or the processing purpose has been achieved.

② Destruction period
-Personal information will be destroyed within five business days from the end of the retention period, in cases where the personal information becomes unnecessary due to the achievement of the processing purpose, termination of the relevant service, or closure of the business.

③ Destruction method
-Personal information printed on paper is destroyed by shredding or incineration, while personal information stored in electronic file format is deleted using technical methods that make record recovery impossible.

Article 8:
Measures to Ensure the Security of Personal Information

The Company takes administrative, technical, and physical measures to prevent the loss, theft, leakage, forgery, alteration, or damage of personal information.

① Administrative measures:
Establishing and implementing internal management plans, regular employee training, etc.

② Technical measures:
Access control for personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs, etc.

③ Physical measures:
Access control for computer rooms, data storage rooms, etc.

Article 9:
Personal Information Protection Manager

The Company designates the following departments and individuals as responsible for protecting users' personal information and handling complaints related to personal information:

① Personal Information Protection Manager:
Sangmok Lee, Division Director of Management Support Division (smlee@twinny.co.kr)

② Personal Information Protection Officer:
Eunmi Min, Team Leader of Human Resources Team(eunmi@twinny.co.kr)

Article 10:
Remedy for Infringement of Rights and Interests

If personal information infringement occurs during the process of using the Company's website or services, users can report or consult with the following third-party organizations:

-Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
-Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
-Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
-Korean National Police Agency: 182 (ecrm.cyber.go.kr)