DAR (or “we,” “our,” etc.) recognizes
the importance of protecting users’ (or “you”) privacy and personal information
and will not use such information other than as described in this Privacy
Policy. This Privacy Policy serves the following purposes:
- provides information regarding the information DAR collects, how the collected information is used, how the information is collected, with whom the information is shared (or “entrusted,” “provided to,” etc.) when necessary, and how and when the information, which has fully served its purpose, is destroyed;
- informs users, the subjects of the information, on their rights regarding their own personal information, as well as the methods and procedures they are entitled to rely on in order to exercise such rights. Guidelines will also be provided for the rights that legal representatives (including parents, etc.) may exercise to protect the personal information of minors under the age of 14; and
- if personal information has been infringed upon, provides guidelines on measures that users may take to prevent further damage, individuals to contact for damage restoration, as well as the provision of available assistance.
- Personal Information Collection
DAR only collects information that is essential to use the site contents or the services or to make a purchase, which includes contact information and information required to process a payment for pay contents or services, including the following, which are collected from the user entering such information to our website.
| Information | Purpose of Collection |
|---|---|
| Contact Information (name, email address, etc.) | Provision of services (communication with customers and transaction identification) |
| Payment information (bank account numbers, billing information, credit/debit card numbers, expiration dates and security code and tracking information from cheques or money orders) | Transaction processing |
Also, user’s IP address, cookies, service usage records, and device information may be generated and collected during service use.
- Use of Collected Personal Information
Personal information use is strictly limited to the purpose of
developing, providing and enhancing services, along with determining
statistical data, and building a safe Internet user environment in relation to our
services, as described below.
Personal information is used to:
- protect users and provide effective services, such as imposing restrictions on service use in violation of laws, regulations, and our Terms of Service, preventing and sanctioning actions that interfere with our service operations, including any unfair service use, preventing account fraud and illegal transactions, providing notices of updates in the Terms of Service, storing records for dispute resolution, and handling civil complaints
- verify user identity for services, process purchases and payments, and conduct the delivery of products and services
- provide marketing and promotions through offering information on events and offering opportunities for participation and providing promotional information
- provide customized services and post advertisements based on the analysis of service usage records and frequency of access, statistics on service use, and other services and statistics
- create a service environment for users that ensure service use free of any fears that may be associated with security, privacy, and safety
- Provision and entrustment of personal information
DAR
does not provide personal information to any third party without obtaining
consent from the user. However, personal information may be provided, and
limited to, the following instances: where the user has personally agreed to
such provision in order to use third party-based services; where DAR is obliged
to provide personal information so to observe relevant laws and regulations;
and/or where it becomes necessary to resolve emergency situations where the
user’s life or safety has been confirmed to be at risk.
DAR
works with third party service providers and other business entities to
facilitate services for users. The affiliated entities will share the personal
information, or process, to assist DAR’ business. At present, the business
partners DAR works with, and their services are as follows, and DAR will
immediately notify any changes in the scope of entrustment or the service
providers should there be any changes.
| Entrusted Company | Entrusted Operations | Retention and Usage Period of Personal Information |
|---|---|---|
| INFINI SOFT Co., Ltd | Payment gateway service (INNOPAY service) | Until the purpose of retention and use are fulfilled or the entrustment agreement term has expired, whichever is earlier. |
| KG INICIS | Payment gateway service (INIpay) | |
| Danal Co., Ltd | Electronic payment service (Danalpay) | |
| bluehost | Hosting service |
Payment service providers collect and process personal
information to assist with settling the payments for transactions or process
withdrawal. The activities of payment service providers will be governed by
their own respective privacy policies.
- Destruction of Personal Information
DAR
destroys personal information immediately after the purpose of collecting and
using the information is fulfilled. However, personal information may be stored
safely for a designated period afterward, if DAR obtains separate consent from
the user to store the personal information for a certain period or if required
by law.
Relevant
laws require DAR to store certain information for a period of time, as
described below. DAR stores the personal information for the period specified
by law and in no case shall the information be used for any other purpose.
| Status | Information | Retention Period |
|---|---|---|
| Act on the Consumer Protection in Electronic Commerce, etc. | Records of payment settlements and supply of goods | 5 years |
| Records of customer complaints or dispute settlements | 3 years | |
| Electronic Financial Transactions Act | Electronic financial transaction records | 5 years |
Personal
information is immediately destroyed to an irrecoverable state once the purpose
of collecting and storing personal information is fulfilled, which includes the
user’s service termination and/or expiration of the personal information
storage period that was approved by the user.
Personal
information stored in electronic form is safely deleted using a technical
approach to prevent it from being restored or regenerated while written
information is shredded or incinerated. Personal information stored on paper
will be destroyed physically.
- Rights of Users & Legal Representatives and Exercising Those Rights
Users or their legal
representatives can contact DAR to view or update their personal information and
can revoke consent to the collection and use of their personal information at
any time. For the avoidance of doubt, (i) users have the right to gain access
to information about the personal data that DAR processes about you, (ii) right
to correct inaccurate information about you, which DAR will correct without
undue delay upon the user’s request and notify to any third party with the same
information to ensure that the necessary correction is made, (iii) right to
erase and permanently delete a user’s information, (iv) right to restrict DAR’s
processing activities, which will limit your use of DAR’s contents and payment
service, (v) right to data portability, where a user’s request to send the
personal information in a structured, commonly used and machine-readable format
will be transmitted to another controller of personal information upon the
request of the user, and (vi) right to object to DAR’s processing of the user’s
personal information, which will limit your use of DAR’s contents and payment
service.
Where the user is a child
under the age of 14, the child’s legal representative has the right to view and
update the child’s personal information, and to revoke consent to the
collection and use of the child’s personal information.
- Measures to Protect Personal Information
DAR works to protect the
security of the information from users by adapting Secure Sockets Layer (SSL) technology,
which encrypts information that users input during transmission. Passwords,
unique identifiable information, account numbers, and credit card numbers are encrypted
for storage as required by law. Email addresses are also encrypted and stored.
Also, dar.re.kr is hosted on
a server that is secure and hacker safe. The server is built to secure the
website and emails. The site account related information is kept with secure
way so that others cannot access it.
The hosting service utilizes a special program from the server to keep
the account and website secure. The server continually monitors the files
uploaded to the hosting server. Network specialists
are monitoring the server to check this. If the network specialists find malware files in the website, then they
will immediately notify DAR.
- Chief Privacy Officer & Responsible Personnel
DAR has designated the following persons as the Chief Privacy Officer and Personal Information Manager. They
remain responsible for responding to DAR user inquiries regarding personal information and resolving any related complaints. DAR responds to all
requests that are received from individuals wishing to exercise their data
protection rights in accordance with applicable data protection laws. If
you have any concerns or questions about the privacy policies or practices of
DAR, please contact the following individuals:
| Chief Privacy Officer | Personal Information Manager |
| Name: PARK YOUNGKEUM Affiliation: DAR Position: Representative (CPO) Phone: +82-70-7678-7055 Email: dar@dar.re.kr | Name: PARK YOUNGKEUM Affiliation: DAR Position: Representative Phone: +82-70-7678-7055 Email: dar@dar.re.kr |
Contact the organizations
shown below to file reports or seek consultation for other privacy
infringements.
- Privacy Infringement Report Center (Website: privacy.kisa.or.kr / Phone: +82-118)
- Cyber Crime Investigation Unit, Supreme Prosecutor’s Office (Website: www.spo.go.kr / Phone: +82-1301)
- Obligation to Notify Prior to Amendment
DAR will give out a notice of any addition, deletion, and/or modification in this Privacy Policy through notification at least 7 days prior to the scheduled amendment.
However, notifications for amendments that affect significant rights of users, including changes to the collected personal information or to the purpose of using such information, will be filed at least 30 days prior to the scheduled amendment. In such cases, the consent of users may be obtained once more upon necessity.
- Applicable Privacy Policy
This Privacy Policy shall apply from March 5, 2020.
You can check out our updated Privacy Policies at this site, if any.