Private Policy

Privacy Policy of Connectwave Inc.

Connectwave Inc. (hereinafter referred to as “we”) complies with statutory provisions related to personal information such as Information & Communication Network Utilization Promotion and Information Protection Act and Privacy Act, striving to protect the rights of our users by establishing Privacy Policy. The Privacy Policy informs users the purpose and methods of using their personal data and how we protect it. If we revise the Privacy Policy, it will be notified through our website announcements. (or individual notification)

1. Collected Personal Information Items and Methods of Collection
A. Collected Personal Information Items
We collect the personal information of our users to provide better and high-quality services including customized services for our members.



● General Consumers
- Name, ID (email address), password: Member verification for member services
- Email address, phone number: Notification, communication with members for handling complaints and other things, informing new services or products and events
- Gender, age, country of residence: Offering personalized services
- Address: Accurate address for product delivery
- IP Address : Prevention of illegitimate uses of bad members and unauthorized uses

● Wholesalers
- Name, ID (email address), password: Member verification for member services
- Email address, phone number: Notification, communication with members for handling complaints and other things, informing new services or products and events
- Gender, age, country of residence: Offering personalized services
- Address: Accurate address for product delivery
- Business owner information: Verification for B2B services offered to business owners
- IP Address : Prevention of illegitimate uses of bad members and unauthorized uses

● Franchises
- Shopping mall information (name of shopping mall, ID, password, address, phone number, fax number, email address) : Member verification for member services
- Contact information (name of employee, office phone number, cell phone number, e-mail) : Notification, communication with members for handling complaints and other things, informing new services or products and events
- Business owner information (name of business, name of owner, business registration number, address, corporate registration number, mail order registration number, category and type of business): Verification for services open to business owners and obtaining their business information to prevent consumer damages
- Settlement information (bank name, account number, account name) : PG request and payment settlement
- Shipping information (name of courier, setting shipping charge) : Providing consumer services and preventing their damages
- IP Address : Prevention of illegitimate uses of bad members and unauthorized uses


Information we need for offering personalized services

B. Method of Collection
We ask users to enter certain required information to offer services when they sign up for membership. Also, we may request additional personal information for statistical analysis or prize give-away, upon survey or events within our services. However, we do not collect personal information that may violate human rights of our users (race and ethnicity, ideology and creed, place of birth and hometown, political inclination and affiliation, criminal records, health status, sex life, etc.). If we have to, we will definitely seek prior consent of our users.

2. Purpose of Personal Information Collection and Uses
A. Developing new services
Based on the personal information offered by our users, we can develop more useful services. The information also allows us to set priorities more efficiently as to services we should develop when creating new services or expanding contents. The information also helps us select and offer the contents in high demand among our users.

B. Management of members
Identification for member service usage; individual verification; prevention of illegitimate uses of bad members and unauthorized uses; confirming the membership intention; age verification; verifying whether a legal guardian of a child under the age of 14 has agreed to personal information collection; handling complaints; notification

C. Utilization for marketing and ads
Developing new services; notification of events; offering customized services; offering services and placing ads according to demographic characteristics; identifying access frequency and creating statistics on service usage of members

3. Period of Personal Information Retention and Use
Once our purpose of collecting and using personal information is served, we destroy it without delay as a rule. However, the following information is retained for the following reasons for the specified period.

A. Based on company's internal policy
- Records of illegitimate uses: Prevention of illegitimate uses
- Retention period: 1 year from the date of illegitimate use

B. Based on related laws
- Records of contract or membership cancellation: 5 years (law on consumer protection in transactions including electronic commerce)
- Records of payment and supply of goods: 5 years (law on consumer protection in transactions including electronic commerce)
- Records of handling customer complaints or disputes: 3 years (law on consumer protection in transactions including electronic commerce)
- Records of visits (log): 3 months (Communications Privacy Act)

4. Procedures and Methods of Personal Information Destruction
Once our purpose of collecting and using personal information is served, we destroy it without delay with the following methods.

A. Destruction Procedure
The information entered by our users for service usage is transferred to a separate database (or a filing cabinet for paper) once our purpose is served. After being stored for a certain period of time (See the Period of Personal Information Retention and Use above), the data is all destroyed and will not be used for any other purpose, unless permitted by law, based on our internal policy and related laws for personal data protection.

B. Destruction Method
- Personal information printed out on paper is destroyed by shedding with a grinder or incinerating.
- Personal information stored in electronic files is deleted permanently with technical method.

5. Offering Personal Information to Third Party
The personal information of our users is used only within the scope they agreed to in the Purpose of Personal Information Collection and Uses. Without their prior consent, we do not use the data beyond the scope or disclose it to a third party in general. However, the following cases will be the exception.
- When users gave prior consent
- When a law enforcement agency has requested the disclosure of data for investigation purpose according to the procedures and methods specified by law

6. Consignment of Handing Personal Data
To offer services smoothly, we consign the personal data and have regulations on managing the data securely that our consignees should follow throughout the contract, according to related laws.

Our consignees of handling the personal data and their duties are as follows.
Consignee   Duties  Personal Data Item  Period of Retention and Use
MakeshopNcompany, Inc.  Product delivery    Name, transaction details, e-mail, cell phone number, address   Until contract
expires
KR Partners Inc.
KG Inicis
Bank of America
Palpal  Payment for services    Identification number, credit card information or account information of financial institutions, access IP, transaction details, email  Until contract
expires


7. Rights of Users and Legal Guardians and How to Exercise them
A. Users and legal guardians can view or revise the registered data of themselves and
minors under the age of 14 respectively and request withdrawal of their consent
(membership cancellation) anytime.

B. To view or revise the data of users or minors under the age of 14, log in and click “Edit personal information” (or “Edit member information) at My Page. To cancel membership (withdrawal of consent), click “Unsubscribe.” Once the identification process is over, you can view and revise information or withdraw your membership. Or if you contact our Privacy Manager via letter, phone or email, we will handle your request without delay.

C. When users request correction of errors in their personal data, we do not use or offer it to a third party till it is corrected. If we have already offered the wrong data to a third party, we will notify the corrected results without delay for their correction.

D. As for personal data revoked or deleted upon request from users or legal guardians, it will be handled according to the stipulations of “3. Period of Personal Information Retention and Use.” Also, we make sure that the data is not viewed or used for any other purposes.

8. Installation, Operation, and Rejection of Automatic Personal Information Collection Device (Cookie)
To offer personalized and customized services, we operate ‘cookie’ that stores and retrieves user information on an ongoing basis. Cookie is a tiny text file sent from a server, which we use to operate our website, to the browser of users and is stored in the computer hard disk of users.

A. Purpose of Cookie Usage
Analysis of access frequency and visiting time of users; identifying their preferences and interests; tracking traces; conducting target marketing and offering customized services by identifying the level of their event participation and the number of their visits

B. Installation/ Operation of Cookie
Users have choices for cookie installation. They may accept all cookies, check all cookies being stored, or reject all cookies by setting the option at the web browser.

C. Method of rejecting cookie setting
As for method of rejecting cookie setting, users can select the option of their web browser to accept all cookies, check all cookies being stored, or reject all cookies. However, if they reject all cookie installation, they may experience problems in receiving services.

Example of setting (in case of Internet Explorer): Tools at the top of web browser> Internet Option > Personal Information

9. Technical/ Administrative Measures for Privacy Protection
A. We take the following technical measures to prevent the loss, theft, leakage, forgery, and damage of personal data of our users to securely handle the data.
- The personal data of our users is protected through encryption. However, there is a possibility that it may be lost, stolen or leaked while the users access the internet at public places. Therefore, they should not disclose, lend, or offer their personal information to others and protect it from unauthorized collection of personal data via social engineering method such as phishing. We do not take any responsibility for the loss, theft, leakage, phishing, and disclosure of personal data that occurred due to the negligence of users.
- The personal data of our users is protected with passwords. All files and transmitted data is encrypted and important data is protected with separate security functions.
- To prevent damages of possible computer virus, we take protective measures 24/7 with employees and vaccine that automatically updates new data at all times. In case of computer virus, an alarm is automatically sent to the employee in charge and the issue will be fixed automatically through our system.
- We use a security device (SSL or SET) that can send the personal data from our network securely with encryption algorithms.
- We operate external intrusion detection and prevention system 24/7 to prevent leakage of personal data, which may occur due to intrusion into our company data communication network such as hacking.

B. We are aware of the importance of privacy protection and take the following
administrative measures for maximum protection of personal data of our users, including minimizing the number of employees handing the data.
- We provide regular in-house training and external training on acquiring new security technology and privacy protection duties for employees handling personal data.
- We mandate all new employees to submit Pledge of Security to prevent their data leakage and monitor whether all employees are complying with Privacy Policy. We have internal procedures on corrective action, improvement, and other necessary measures, in case the Privacy Policy is violated. When the duties of employees handling personal data are transferred, it is done under thorough security and we hold them responsible for personal data accidents during and after their employment.
- We separate personal data from general data through a separate server for storage, instead of mixing it together.
- We restrict access to computer rooms and data storage rooms by designating them as a specially-protected zone
- We do not take any responsibility for issues that occur due to mistakes of our users or basic risks online. Each user should manage his or her ID and password properly for protection of personal data and take responsibility for it.

10. Privacy Manager
We strive to help users access good data securely. We will take full responsibility for accidents that occurred in violation of our Privacy Policy notified to our users. However, we do not take any responsibility for the following cases: data damage caused by unforeseen accidents due to basic network risks such as hacking, despite our technical measures; disputes caused by postings of our website visitors. The person in charge of handling personal data of our users is as follows. We respond to inquiries about personal data sincerely and promptly.

Name of Privacy Manager: Heo, Kangil
Phone number: 02) 2026-2300
Email address: shutt2r@cocen.com

11. Services of Handling Complaints about Personal Data
We operate the following department that handles complaints about privacy in order to protect the personal data of our users and handle complaints about personal data.

Department that handles complaints about privacy: OKVIT Team
Phone number: +82-2-6903-9327
Email address: help@okvit.com

As for privacy-related complaints arising from using our services, users can report them to our Privacy Manager or related department. We will respond to them promptly in detail. If you need to report a privacy violation or to get counseling, please contact the following agencies.
- Personal Information Dispute Mediation Committee (www.1336.or.kr/1336)
- Privacy Mark Certification Committee (www.eprivacy.or.kr/02-580-0533~4)
- Internet Crime Investigation Center of Prosecutor's Office (http://icic.sppo.go.kr/02-3480-3600)
- Cyber Terror Response Center of National Police Agency (www.ctrc.go.kr/02-392-0330)

12. Notification Duty
A. All users can view the details on personal data protection including our Privacy Policy
on the first page of our website at all times.

B. If the key content of our Privacy Policy is revised due to changes in legal policies or security technology, we will notify the reasons for revision and the new content at our website prior to enforcing the new Privacy Policy.

C. Since the content of this Privacy Policy may be changed anytime, please check it every time you visit our website.

13. Notice for unsubscribe
If you want to unsubscribe OKVIT, your coupons and points are disappeared.
Additionally, You can re-join same ID after 6-month later

This Policy is effective on 5, 19, 2014

RECENTLY VIEWED

TOP