Privacy Policy
We strive to constantly innovate and grow to reward our customers with better services.
General Provisions
Millennial Works Co., Ltd. highly values customers' personal information and strictly complies with applicable privacy laws, including the Act on Promotion of Information and Communications Network Utilization and Information Protection and the Personal Information Protection Act. We have established and comply with this Privacy Policy. This Privacy Policy may be amended due to changes in relevant laws or Millennial Works' internal policies. Please check this page frequently when visiting the site. ※ The list of entrusted companies may change depending on service changes and contract periods. Any changes will be announced in advance through the notice section. Short-term event-related processing will be announced separately at the time of participation.
Article 1. Items of Personal Information Collected and Purposes of Use
"When a customer registers as a member, we provide a procedure to click the 'Agree' button for the terms of use and the details of the collection and use of personal information, and by clicking the 'Agree' button, the customer is deemed to have agreed to the collection and use of personal information." We collect the following information as needed at the time of membership registration and order placement: - When registering as a member (Required): ID, password, password reminder question/answer, email, authentication value (mobile phone verification), name, date of birth, and confirmation that the user is over 14 years old · Purpose: Identity verification at registration, service use and consultation, delivery of notices · Retention period: Until membership withdrawal or expiration of statutory retention period - When registering as a member (Optional): Address, home phone number, mobile phone number - When placing an order (Required): Orderer information (name, address, mobile phone number, email), recipient information (name, address, mobile phone number), and payment approval information · Purpose: Payment and delivery of ordered products · Retention period: Statutory retention period - When placing an order (Optional): Orderer home phone number, recipient home phone number, delivery message, overseas shipping option - When placing a non-member order (Required): Orderer information (name, address, mobile phone number, email, order inquiry password/confirmation), recipient information (name, address, mobile phone number), payment approval information · Purpose: Payment and delivery of ordered products · Retention period: Statutory retention period - When placing a non-member order (Optional): Orderer home phone number, recipient home phone number, delivery message
Article 2. Collection of Personal Information by Cookies
(1) What are Cookies? The company uses cookies to store and retrieve customer information. A cookie is a small text file sent by the website to the customer's web browser (such as Internet Explorer) and stored on the customer's computer. (2) Purposes of Using Cookies - To provide differentiated information tailored to each individual's areas of interest - To analyze frequency of access or visit time and understand users' preferences and interests for targeted marketing and service improvement - To track information on items purchased or viewed in order to provide personalized shopping services (3) Operation and Rejection of Cookies Cookies are stored on the user's computer hard drive. They identify the user's computer but do not personally identify the user. Customers can choose to allow all cookies, reject all cookies, or be notified whenever cookies are stored through their browser settings. However, rejecting cookies may make it impossible to use some services that require login. ※ How to reject cookies (based on Internet Explorer): Go to [Tools] > [Internet Options] > [Privacy] > [Advanced] and select your desired settings.
Article 3. Retention, Use Period, and Destruction of Personal Information
(1) The customer's personal information is destroyed without delay when the purpose of collection and use has been achieved, such as membership withdrawal or upon request for withdrawal of consent. However, in accordance with relevant laws such as the Act on Consumer Protection in Electronic Commerce, etc., the company will retain certain information for a specified period when necessary to confirm rights and obligations related to transactions, as follows: - Act on Consumer Protection in Electronic Commerce, etc., Article 6 · Records on contracts or withdrawal of subscription: 5 years · Records on payment and supply of goods, etc.: 5 years · Records on consumer complaints or dispute resolution: 3 years - Protection of Communications Secrets Act, Article 15-2 · Records on visits (logs): 1 year - Other relevant laws (2) The company's methods of destroying personal information are as follows: - Destruction procedure: Information entered for membership registration, etc. is transferred to a separate DB (or a separate filing cabinet for paper) and stored for a certain period of time in accordance with internal policies and related laws, then destroyed. Personal information transferred to the DB will not be used for any other purpose except as required by law. - Destruction method: · Personal information printed on paper is shredded or incinerated. · Personal information stored in electronic file formats is deleted using technical methods that do not allow records to be restored. (3) In accordance with Article 29 (2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, customers who have not used the service for 12 consecutive months may be classified as dormant members. The company may notify such members of the loss of membership and, if there is no response within the specified period, may terminate their membership. In such cases, personal information of dormant members will be stored and managed separately from that of active members and destroyed after the legally required retention period has elapsed. Upon the customer's request, personal information that has not been destroyed may be restored for service use.
Article 4. Provision of Personal Information to Third Parties
(1) The company does not use customers' personal information beyond the scope notified in "Article 1. Items of Personal Information Collected and Purposes of Use" nor provide it to third parties such as individuals, companies, or institutions. (2) However, the following cases are exceptions: - When required by law or requested by an investigative agency for investigative purposes in accordance with legal procedures - When provided in a form that cannot identify specific individuals for statistics, academic research, or market research to advertisers, partners, or research organizations - When requested in accordance with other procedures stipulated by relevant laws Even in such exceptional cases, the company will make every effort to ensure that personal information is not provided excessively or used beyond the original purpose of collection and use.
Article 5. Outsourcing of Personal Information Processing
To provide better services and improve customer convenience, the company entrusts the processing of personal information to external specialized companies as follows: [Examples of entrusted tasks and recipients] - Delivery of ordered products: Korea Post (parcel service) - System development and maintenance: Cafe24 - Delivery/inventory management system service: Cellmate Co., Ltd., AseTech - Call center operation, server setup and maintenance: Callnet Korea Co., Ltd. - Payment and escrow service: LG Uplus Corp. - Mobile phone payment: KG Mobilians Co., Ltd. - Identity verification, I-Pin service: NICE Information Service Co., Ltd. - Mobile phone identity verification service: Korea Cyber Payment Co., Ltd. - Product review management and reward points: CREMA Factory ※ Only the minimum personal information necessary to perform the entrusted tasks is provided to the entrusted companies. ※ Depending on the customer's service use, personal information may be selectively provided to relevant companies as needed. ※ The list of entrusted companies may change depending on service changes and contract periods. Any changes will be announced through the notice section in advance. Short-term event-related processing will be announced separately at the time of participation.
Article 6. Access, Correction, and Withdrawal of Consent for Personal Information
(1) Customers may access and correct their registered personal information at any time. To access or correct personal information, go to 『MY PAGE』 > 『My info』 on the website's main page to view or edit your information directly, or contact the personal information protection manager in writing, by phone, or by email, and we will take prompt action. (2) Customers may withdraw their consent to the collection, use, and provision of personal information given at the time of membership registration at any time. To withdraw consent, go to 『MY PAGE』 > 『My info』 on the website's main page or contact the personal information protection manager in writing, by phone, or by email. In such cases, we will immediately take necessary measures such as deleting the personal information and promptly notify the customer of the result.
Article 7. Technical and Managerial Measures for Personal Information Protection
(1) Customers' personal information is basically protected by their ID and password. The company has taken the following technical and managerial measures to prevent personal information from being leaked, altered, or damaged: [Technical Measures] - Access control for personal information processing systems to prevent unauthorized external access - Encryption of important data during storage and transmission to ensure safe storage and management - Regular updates and inspections of security programs to prevent the leakage and damage of personal information due to hacking or malicious code - Adoption of security devices for safe transmission of personal information on the network, especially for payment-related information - Use of intrusion prevention systems (firewalls) to block unauthorized external access, and implementation of all feasible technical measures to ensure system security [Managerial Measures] - Verification of identity to the greatest extent possible when handling personal information, such as when requesting password confirmation - Restricting access to personal information to the personal information protection manager and those employees who must handle personal information for business purposes - Providing ongoing training to employees handling personal information to emphasize compliance with this Privacy Policy (2) Customers must take care to ensure that their ID, password, and resident registration number are not exposed or leaked to others on the internet. The company is not responsible for any problems caused by customers' negligence or poor management. (3) Customers are encouraged to use passwords that are difficult to guess by combining letters and numbers and to change their passwords regularly. (4) After using the service, customers should always log out and close their web browser. This is especially important when using a shared or public computer.
Article 8. Obligations of Users
(1) Customers should accurately provide and maintain up-to-date personal information to prevent unforeseen accidents. Customers are responsible for any accidents resulting from providing inaccurate information, and may have their membership revoked or use of the website restricted if they provide false information or misuse another person's information. (2) Customers are responsible for maintaining the confidentiality of their ID and password. The company will never directly ask customers for their password by any means. Please be especially careful not to let your password be known to others. (3) Customers have not only the right to have their personal information protected, but also the obligation to protect themselves and not to infringe on others' personal information. Please be careful not to damage other people's personal information, including in posts and comments. (4) Failure to fulfill these obligations and damage to others' personal information may result in penalties under relevant laws. In particular, please take extra care when accessing the internet in public places.
Article 9. Protection of Personal Information of Children Under 14
The company recognizes the importance of protecting children's personal information in the online environment and does not accept membership registrations from children under the age of 14 who require the consent of their legal representative.
Articles 10 and 11. Personal Information Protection Department and Notification Obligation
The company has designated the following department and personal information protection manager to protect customers' personal information and handle complaints related to personal information: - Customer Service Department: Customer Center - Phone: 02-6387-2000 - Email: mw@millennialsworks.com - Personal Information Protection Manager: Oh Mi Ryeong If you need to report or consult about personal information infringement, you may contact the following organizations: - KISA Privacy Protection Center (http://privacy.kisa.or.kr / 118) - Cyber Bureau of the National Police Agency (http://cyberbureau.police.go.kr / 182) - Cyber Investigation Department of the Supreme Prosecutors' Office (http://spo.go.kr / +82-2-3480-3570) - Personal Information Infringement Report Center (operated by KISA) (http://privacy.kisa.or.kr / 118) - Personal Information Dispute Mediation Committee (operated by KISA) (http://www.kopico.go.kr / +82-1833-6972) This Privacy Policy may be amended due to changes in government policy, company policy, or security technology. In such cases, the changes will be announced on the website's notice section at least 7 days prior to the effective date. Effective date of this Privacy Policy: - Announcement date: October 24, 2017 - Effective date: November 1, 2017
