000 (hereinafter referred to as the “Company”) complies with the Personal Information Protection Regulations of the relevant laws and regulations that information and communication service providers must comply with, such as the Telecommunications Secrets Protection Act, the Telecommunications Business Act, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, and is doing its best to protect the rights and interests of users by establishing a personal information handling policy based on the relevant laws and regulations.

1. Items of Personal Information Collected and Collection Methods
A. Items of Personal Information Collected
The Company collects the following personal information for membership registration, consultation, content purchase, service application, etc.

Required: ID, password, password retrieval question and answer, email address, nickname
Optional: Name, phone number
In addition, the following information may be automatically generated and collected during the service use process or business processing.

IP Address, cookies, access log, service use record, bad use record, payment record
B. Personal Information Collection Methods
The Company collects personal information in the following ways.

Website membership registration, consultation bulletin board, email, event participation, delivery request

Provision from partner companies

Collection through creation information collection tool

2. Purpose of collection and use of personal information
A. Contract performance regarding service provision and fee settlement according to service provision
Content provision, purchase and fee payment, fee collection

B. Member management
Member service use and limited self-verification system-based self-verification, personal identification, prevention of fraudulent use by bad members and prevention of unauthorized use, confirmation of intent to join, restriction on membership and number of memberships, confirmation of consent of legal representative when collecting personal information of children under 14 years of age, future legal representative self-verification, record keeping for dispute resolution, complaint handling, etc. civil complaint handling, delivery of notices

D. Development of new services and use in marketing and advertising
Development and specialization of new services (products), grasp of access frequency or statistics on members' use of services, delivery of advertising information such as events

3. Sharing and provision of personal information
The company uses the user's personal information within the scope notified in "2. Purpose of collection and use of personal information" and, in principle, does not use it beyond the scope or disclose the user's personal information to an external party without the user's prior consent. However, the following cases are exceptions.

When the user has agreed to disclosure in advance
When there is a request from an investigative agency in accordance with the procedures and methods stipulated by law or for investigative purposes based on the provisions of laws and regulations

4. Entrustment of handling of personal information
The company does not entrust the handling of personal information to an external company without the user's consent. If such a need arises in the future, we will notify the customer of the entrustee and the content of the entrusted work and obtain prior consent if necessary.

5. Retention and use period of personal information
In principle, the user's personal information is destroyed without delay after the purpose of collection and use of personal information is achieved. However, the following information will be retained for the period specified below for the following reasons:

A. Reason for retaining information according to internal company policy
Record of fraudulent use

Reason for retention: Prevention of fraudulent use
Retention period: 1 year

B. Reason for retaining information according to relevant laws
In cases where it is necessary to retain information according to the provisions of relevant laws such as the Commercial Act, the Act on Consumer Protection in Electronic Commerce, etc., the company will retain member information for a certain period of time specified in the relevant laws. In this case, the company will use the retained information only for the purpose of retention, and the retention period is as follows.

Records related to business transactions

Reason for retention: Act on Consumer Protection in E-commerce, etc.
Retention period: Records related to contracts or cancellation of subscriptions, etc.: 5 years
Records related to payment and supply of goods, etc.: 5 years
Records related to consumer complaints or dispute resolution: 3 years
Records related to identity verification


Reason for retention: Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

Retention period: 6 months
Records related to visits
Reason for retention: Communications Secrets Protection Act
Retention period: 3 months

6. Procedure and method for destroying personal information
In principle, the user's personal information is destroyed without delay when the purpose of collecting and using personal information is achieved.

The company's procedures and methods for destroying personal information are as follows.

A. Destruction procedure
Information entered by the user for membership registration, etc. is transferred to a separate DB (separate file in the case of paper) after the purpose is achieved and stored for a certain period of time according to internal policies and other relevant laws and regulations for information protection (see retention and use period) and then destroyed. This personal information will not be used for any other purpose than that for which it is held, unless required by law.

B. Method of destruction
Personal information printed on paper will be destroyed by shredding or incineration.
Personal information stored in electronic file format will be deleted using a technical method that renders the records unrecoverable.

7. Rights of users and legal representatives and methods of exercising them
Users and legal representatives may view or modify their registered personal information or that of children under the age of 14 at any time, and may also request cancellation of membership.
To view or modify personal information of users or children under the age of 14, click on 'View Member Information' (or 'Modify Member Information', etc.), and to cancel membership (withdraw consent), click on 'Cancel' to directly view, correct, or cancel membership.

If a user requests correction of errors in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the results of the correction process will be notified to the third party without delay to ensure that the correction is made. The company processes personal information that has been terminated or deleted at the request of the user or legal representative in accordance with the provisions of “5. Retention and Use Period of Personal Information” and processes it so that it cannot be viewed or used for any other purpose.

8. Matters regarding the installation/operation and refusal of automatic personal information collection devices
The company uses ‘cookies’ to store and retrieve user information from time to time in order to provide personalized and customized services. Cookies are very small text files that the server used to operate the website sends to the user’s browser and are stored on the hard disk of the user’s computer.

A. Purpose of cookie use
The company uses cookies to provide optimized information to users by identifying the visit and use patterns, popular search terms, whether secure access is used, news editing, and user scale for each service and website visited by the user.

B. Installation/operation and refusal of cookies
Users have the option to install cookies. Therefore, users can allow all cookies, check each time a cookie is saved, or refuse to save all cookies by setting options in their web browser. However, if you refuse to store cookies, you may have difficulty using some services that require login.

9. Technical/administrative protection measures for personal information
In handling users' personal information, the company implements the following technical/administrative measures to ensure the safety of personal information so that it is not lost, stolen, leaked, altered, or damaged.

A. Technical measures
Your personal information is protected by a password, and important data is protected through a separate security function by encrypting files and transmission data or using the file lock function.
We are taking measures to prevent damage from computer viruses by using antivirus programs. Antivirus programs are updated periodically, and in the event of a sudden virus outbreak, we apply the vaccine as soon as it is released to prevent personal information from being infringed.
We are adopting a security device (SSL or SET) that uses an encryption algorithm to safely transmit personal information on the network.
In order to prevent your personal information from being leaked due to hacking, etc., we are using a device that blocks external intrusions and installing an intrusion detection system on each major server to monitor intrusions 24 hours a day.
B. Administrative measures
In addition to the efforts mentioned above, members themselves should be careful not to expose their passwords, etc. to third parties. In particular, please always be careful not to leak passwords, etc. through PCs installed in public places. It is recommended that members use their ID and password only for themselves and change their passwords frequently.
We strictly limit personal information handling staff to those who perform personal information management tasks and those who inevitably handle personal information in the course of their work, and emphasize compliance with this policy through regular training of responsible staff. We also check the implementation status of this policy and the compliance status of responsible staff through the implementation inspection of the security department, and take immediate corrective action if any problems are found.

10. Contact information for the personal information manager
You may report any complaints related to personal information protection that arise while using the company's services to the personal information manager.

The company will promptly and sufficiently respond to user reports.

Personal Information Manager
Name: 000
Phone Number: 02-0000-0000
Email: 0000@0000.com
If you need to report or consult about other personal information infringements, please contact the following organizations.

Personal Information Infringement Report Center (www.cyberprivacy.or.kr / 1336)
Supreme Prosecutors' Office Internet Crime Investigation Center (http://sppo.go.kr / 02-3480-3600)
National Police Agency Cyber ​​Terror Response Center (www.ctrc.go.kr / 02-392-0330)

11. Notification Obligation
If there are additions, deletions, or modifications to the current personal information handling policy, we will notify you through the "Notices" section of the website at least 7 days prior to the revision.

Announcement Date: December 20, 2022
Effective Date: December 20, 2022
Revised Date: December 20, 2022