Position on Personal Information Protection
GoShopKorea (referred to as the “Company”) aims at creating an environment in which customers around the world can readily obtain South Korea products. The Company handles a range of personal information, including information about customers and clients, as part of its business activities.
As a business entity that handles the personal information of customers and clients who uses its services, the Company recognizes the importance of protecting personal information. The Company also understands that it has an obligation to appropriately use and protect such information. For this reason, the Company is committed to the proper protection of personal information and to continuing to take all steps required to ensure appropriate handling and security. The Company regards the protection of personal information as critical to its business and has consequently established “GoShopKorea.com’s Policies for Personal Information Protection,” below.
Personal Information Protection Policy
- The Company shall comply with the applicable laws, regulations, and guidelines and other rules pertaining to the protection of personal information and anonymized information (hereinafter collectively referred to as “Personal Information”).
- In the provision of the online services, the Company shall notify the customer of the available point of contact at the Company and receive consent before obtaining personal information within the appropriate extent.
- The Company shall prevent and correct unauthorized access to Personal Information, as well as the loss, destruction, falsification, and leakage of any personal information.
- The Company shall respond in good faith to inquiries and requests for disclosure from customers in relation to personal information.
- The Company shall conduct ongoing improvement of the management structure and framework related to the protection of Personal Information.
The Company believes that it is most important to comply with laws and regulations pertaining to the protection of personal information and to thoroughly implement the appropriate collection, use, and management of such information within the Company for customers to feel secure in using the services provided by the Company.
Handling of Personal Information
- Information (membership ID, name, gender, e-mail address, telephone number, address, nickname, pen name, date of birth, occupation, job title, credit card information, purchase history, and any other relevant information that can be used to identify a specific individual through a combination of information) that can be used to identify the specific individual due to its inclusion of a name, date of birth, or other description contained in such information (any and all matters written, recorded or otherwise expressed using voice, movement or other methods in documents, drawings or electromagnetic records).
- Information that contains individual identification codes.
- Handling of anonymized information : The Company currently does not create anonymized personal information. If the Company creates anonymized information or provides it to a third party, the Company shall take precautions for safety management in compliance with the separately stipulated Rules for Handling Anonymized Information.
- Purposes of use, legal basis : The Company shall use personal information for the following purposes:
- Member management
- Sales (including the conclusion, etc. of an agreement to provide services; this meaning applies below) of products, rights, digital content and services (hereinafter referred to as the “products, etc.” This shall include financial products, etc.) of the Company and third parties
- Running of campaigns, prize planning and questionnaires
- Simplification of work operations such as member registration for the use of services that require member registration
- Notification (including notification via electronic mail) of matters necessary for the operation of this website
- Advertisement and sales solicitation (including those via electronic mail) of the products, etc. of the Company and third parties
- Transmission of e-mail magazines
- Packing and shipping operations of the products, etc.
- Billing calculation and billing
- Provision of services such as points, coupons and mileage (hereinafter referred to as “points, etc.”)
- Posting of submitted information
- Inquiries and after-sales services
- Research and analysis of marketing data and development of new services
- Preparation of statistical data
- Execution of operations when the Company handles personal information under contract for another business entity, etc.
- Enforcement of rights and the performance of obligations based on contracts and laws, etc.
- Consideration of business alliance : The Company process personal data in the performance of the contract to which an individual is party. The provision of personal data is requirement necessary to enter into a service contract with the Company. If the individual chooses to withhold any personal data requested by the Company, it may not be possible for him or her to use the Company’s services.Where the Company processes personal data based on consent, individuals have a right to withdraw consent at any time.
- Provision of personal information : The Company takes appropriate steps to protect personal information and shall not disclose nor provide it to a third party in a form that allows an individual to be identified without the consent of that individual, except where allowed by the Personal Information Protection Law, and other applicable laws and regulations.Personal data held by the Company may be transferred to third party payment service providers.h
- Transfer to third countries : Where the Company transfer personal data outside of the EU to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfer will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU.
- Security : When personal information is provided through this website, it is encrypted using the industry standard encryption method called SSL (Secure Sockets Layer) to protect it from unauthorized access of a third party.The Company shall provide security by using SSL encrypted communication to protect personal information when the Company deems it necessary to do so.The Company also places strict controls on personal information based on the management standard it has predetermined and takes steps to prevent access to and the loss, destruction, alteration, leakage and infection of personal information by establishing a firewall, developing antivirus measures, and taking other action.
- Disclosure, revision and deletion of personal information : The Company shall respond to requests for the disclosure, revision, addition, deletion, discontinuation of use, elimination, cessation of provision to third parties and notification of purposes of use of personal information, withdrawal of consent (where applicable) in accordance with the Personal Information Protection Law and other applicable laws and regulations.If the request does not meet the requirements stipulated by the Personal Information Protection Law, the Company may be unable to respond to the request.
Aug. 2021 established