Notice on the Collection and Use of Personal Information

1. Items of Personal Information Collected and Purpose of Collection

• The company collects the following personal information within the minimum scope necessary to provide services.

(1) Collected items: Name, date of birth, email address, phone number, etc

(2) Purpose of collection: To verify identity and gather necessary information for service provision and consultation during service usage.

• Additionally, the following information may be automatically generated and collected during service use.

(1) IP address, cookies, visit date and time, service usage records, etc

2. Use of Collected Personal Information

• The company uses personal information for purposes such as member management, service development, and service operation.

(1) Member identification, confirmation of intent to register, and prevention of unauthorized use for member management

(2) Identity verification and payment processing for paid services of unauthorized use for member management

(3) Providing personalized content based on service usage history, access frequency, and statistical analysis of service use

(4) Utilizing information for marketing and promotions, including offering event information, participation opportunities, and advertising

(5) Establishing a secure service environment in terms of security and privacy protection

(6) Operating services, including improving existing services, developing new services, handling inquiries, and delivering notifications

(7) Taking measures to restrict members who violate laws or terms of service, and preventing or sanctioning actions that disrupt smooth service operation, such as fraudulent activities

• There may be additional uses or provisions of personal information.

(1) Within the scope reasonably related to the original collection purpose, personal information may be used or provided to third parties without user consent as permitted by law. In such cases, the following factors are considered: whether the additional use or provision is related to the original purpose, whether it was predictable based on the circumstances of collection or customary practices, whether it unfairly infringes on the user's rights, and whether necessary measures, such as pseudonymization or encryption, have been taken to ensure safety.

(2) Personal information may be pseudonymized and used for purposes such as statistical compilation, scientific research, or preservation of public records. In these cases, pseudonymized information is stored and managed separately from additional data to prevent re-identification, with the implementation of necessary technical and administrative safeguards.

3. Retention and Disposal of Personal Information

• The company promptly disposes of personal information collected upon member withdrawal. However, if required by applicable laws, the information is retained for a specified period before being destroyed.

• The following are cases where information is retained for a certain period as mandated by law (such as the Consumer Protection Act in Electronic Commerce, the Framework Act on Electronic Documents and Transactions, and the Protection of Communications Secrets Act).

(1) Records related to contracts or withdrawal of subscription: Retained for 5 years.

(2) Records related to payment and supply of goods: Retained for 5 years.  

(3) Records related to electronic financial transactions: Retained for 5 years.

(4) Records related to electronic financial transactions: Retained for 5 years.

(5) Records related to contracts or withdrawal of subscription: Retained for 5 years.

(6) Service visit records: Retained for 3 months.

• To prevent unauthorized use, names and user IDs may be retained for a certain period.

4. Personal Information Protection Officer and Department

The company has designated the following Personal Information Protection Officer and department to handle user inquiries and complaints related to personal information.

• Personal Information Protection Officer and Department

o Name: Jaeyoung Lee

o Department: Data Planning Team

o Phone: 02-511-6293

o Email: jayden.lee@dexterkrema.com

• If you need to report or seek advice on a personal information breach, you may contact the following organizations.

o Personal Information Infringement Report Center: https://privacy.kisa.or.kr / (toll-free) 118

o Supreme Prosecutors' Office Cyber Investigation Division: https://spo.go.kr / (toll-free) 1301

o Cyber Safety Bureau of the National Police Agency: https://ecrm.police.go.kr / (toll-free) 182

5. Obligation to Notify Prior to Amendments

If there are any additions, deletions, or modifications to this Privacy Policy, the company will provide advance notice at least 7 days prior to the changes. However, in cases of significant changes affecting user rights, such as changes in the items of personal information collected or the purpose of use, the company will provide notice at least 30 days in advance.

Announcement Date: May 2, 2024

Effective Date: May 2, 2024