1. Information We Collect
We may collect personal information in connection with your use of the Site or any Services (collectively, “Personal Information”). This information is collected for our legitimate business purposes and may be used as described below.
(1) Active Collection Of Information.
We may actively collect certain Personal Information including:
º Upon registration
– Required: Name, email, country of nationality
– Optional: Date of birth
º Upon placing an order
– Address, mobile number
(2) Automatic Collection of Information
User’s records of history (IP address, cookies, service records, device info, etc.) on the Website may
be generated and collected using automated systems.
2. Method of collection
We collect personal data of users in the following manner:
– Collection through Website or mobile devices with the prior consent of the users
3. Consignment of Personal Information
|Consigned||Consigned Services||Consigning Period|
|CJ OliveNetworks Co., Ltd.||Automated collection of information and recommendation of services for each customer, customer statistics/ analysis||Until termination of services|
|Channel Corporation||Smart message transmission service||Until termination of services|
|Eximbay||Payment services, safe purchase services||Until termination of services|
|DHL||Shipping and handling||Until termination of services|
|Rincos Co., Ltd||Shipping and handling||Until termination of services|
|Doora Logistics Co., Ltd.||Shipping and handling||Until termination of services|
|Hanam Post Office||Shipping and handling (EMS, K-PACKET)||Until termination of services|
|Pantos||Shipping and handling||Until termination of services|
4. User Rights
(1) Managing Content.
(2) Objection to receiving marketing emails.
(3) Withdrawing Consent.
(4) Data Access; Copies; Transfer; Correction.
Applicable law may entitle you to request the following with respect to Personal Information that we hold about you: (a) that we provide you with access to such Personal Information; (b) that we provide you with copies of such Personal Information in a structured, commonly used, and machine- readable format and/or request that we transmit this information to another service provider (where technically feasible); and/or (c) that we correct inaccurate or incomplete Personal Information about you.
(5) Restriction Of Processing.
Applicable law may give you the right to limit the ways in which we use your Personal Information, in particular where (a) you contest the accuracy of your Personal Information; (b) the processing of your Personal Information is unlawful and you oppose the erasure of such information; (c) we no longer need your Personal Information for the purposes of the processing, but you require the information for the establishment, exercise, or defense of legal claims; or (d) you have objected to the processing and a determination of whether our legitimate grounds override your own is pending.
(6) Objection To Processing.
Applicable law may entitle you to require us not to process your Personal Information for certain specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing, we will no longer process your Personal Information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise, or defense of legal claims. Where your Personal Information is processed for direct marketing purposes, you may, at any time, ask us to cease processing your data for these direct marketing purposes.
If you no longer want us to use your information, you can request that we erase your Personal Information. Please note that if you request the erasure of your Personal Information: (a) we may retain some of your Personal Information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety; (b) we may retain and use your Personal Information to the extent necessary to comply with our legal obligations; (c) some copies of your Personal Information (such as log records) may remain in our database, but are disassociated from personal identifiers; and (d) residual copies of your Personal Information may not be removed from our backup systems for a limited period of time.
(8) Lodging Complaints.
You have the right to lodge complaints about the data processing activities carried out by us before the applicable data protection authorities.
5. User Obligations
(1) Complete, Current, Truthful, and Accurate Information.
(2) Use of and Access to Services.
You, not we, are solely responsible and liable for your activity, behavior, use, and conduct on the Site and in connection with any Services. Any submission of information by you does not guarantee that we will permit you to access and/or use any or all of the features or functions of the Site or any Services.
(3) Confidentiality; Reporting.
You are responsible for maintaining the confidentiality of any account usernames and/or passwords you may have that are associated with the Site or the Services and for any access to or use of the Services using such account usernames and/or passwords, whether or not authorized by you. You must notify us immediately of any unauthorized use of such account usernames and/or passwords or any other breach of security.
6. Data Security
We maintain reasonable technical, physical, administrative, and procedural security precautions to help protect against loss, misuse, unauthorized access, disclosure, alteration, interception, or destruction of the information you provide to us. Please note, however, that no such precautions are 100% effective. As a result, we cannot guarantee or warrant the security of any information you disclose or transmit to us, and we are not responsible for the theft, destruction, interception, or inadvertent disclosure of your Personal Information. Therefore, any transmission of Personal Information is at your own risk.
We do not and will not send you emails asking you to provide or confirm personal information. A technique known as “phishing” attempts to steal personal identity data and financial account credentials from consumers. “Phishers” use “spoofed” emails to lead consumers to sham websites which trick recipients into divulging personal information including credit card numbers, account usernames, passwords, and social security numbers. If you receive such an email communication purporting to be from the Site or in connection with any Services, please forward it immediately to [[email protected] and then delete it from your computer.
We reserve the right to deny to any user access and/or use privileges, including without limitation use of any services, features, or functions of one of our sites, if there is a question regarding the identity of the person accessing or attempting to access any services, features, or functions.
7. Retention Of Personal Information
We generally retain your personal information for as long as necessary for our legitimate business interests or to comply with legal obligations. If you no longer want us to use your information, you may request that it be erased. Please see “3. User Rights” section (7) above for more detail about such erasure. If you would like to find out how long we keep your personal information for a particular purpose you can contact us at: [[email protected] ]
8. General Data Protection Policy
For the purpose of data protection of its users, we maintain a record of processing activities (Article 30 of GDPR), designates DPO to operate its business in accordance with GDPR (Article 37), implements Data Protection Impact Assessment (DPIA) under the supervision of the DPO and trains its employees for data protection (Article 39).
We allow a data subject to exercise his or her rights guaranteed by GDPR as follows: the right to receipt of his or her data (Articles 13 and 14), the right to access (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to data portability (Article 20), the right to object (Article 21) and the right not to be subject to an automated individual decision-making, including profiling (Article 22).
We are in compliance with the obligations of data protection by design and by default (Article 25) and implements technical and operational measures reasonably necessary to prevent the data from leakage and breach (Article 32). It notifies a personal data breach to the supervisory authority within 72 hours after having become aware of it (Article 33) and communicates a personal data breach to a data subject without undue delay if the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons (Article 34).
We may transfer users’ personal data to companies located in other countries or other companies for any purpose specified in this Policy. It will take reasonable measures to the companies where the personal data is transmitted, retained or processed in order to protect the data.
9. Notification of Changes
10. Contact Us
Office of the Chief Privacy Officer
[Company] HAPAD LTD.
[Address] 1803 Haul Road Daly City 94015
[Email] [email protected]
Last updated: 29/05/2023