Privacy Policy

IICOMBINED Co., Ltd. (hereinafter referred to as the “Company”) values the personal information of members (hereinafter referred to as the “Users”) that is used in the Tamburins shopping Mall (hereinafter referred to as the “Mall”) operated by the Company and is committed to making the utmost efforts to protect the personal information of the Users.

The Company complies with all the laws and provisions related to privacy protection, including the 「Personal Information Protection Act」 and the 「Act on Promotion of Information and Communications Network Utilization and Information Protection」, and further protects the personal information of the Users by separately establishing the Privacy Policy of the Company and abiding by the Privacy Policy. In addition, the Company keeps the Privacy Policy open on the first page of the Company’s website such that the Users may readily access the Privacy Policy at any time. The Privacy Policy of the Company may be changed in accordance with the changes of related laws and public notices or the changes of internal action plans. In the event that the Privacy Policy is modified, the modifications will be notified through the website.

Article 1 (Consent to the Collection of Personal Information, and the Collection Method Thereof)

  1. The term “mall” means a virtual business place that is set by using information and communications facilities, such as a computer, to provide customers with service, such as the sale of goods and services (hereinafter referred to as the “services, etc.”), such that the services, etc. may be transacted.
  2. The term “member” means a user who signs up through membership registration by providing his/her personal information to the Company.
  3. The term “non-member” means a person using the service provided by the Company without signing up for the Company’s website.
  4. A user may give consent by marking a consent form online or offline regarding the Company’s collection of the personal information of the user pursuant to the Privacy Policy of the Company. The marking of the consent form by the user may be deemed that the user agrees the collection of the personal information related thereto.

Article 2 (Personal Information Items to be Collected and Purpose of Collection and Use)

  1. The Company collects the minimum personal information necessary for providing service when the Users join as members to use membership service. However, the Company may selectively receive additional personal information of the Users to provide a better quality, customized service.
  2. The Company does not collect sensitive personal information, including ideologies, personal beliefs, admissions to or withdrawals from trade unions or political parties, political opinions, health, sex lives, medical histories, religion, regions of origin, criminal records, and other personal information that is likely to violate basic human rights, without obtaining separate explicit consent of the Users.
  3. The items of personal information collected by the Company during membership registration, and the main purpose of collecting and using the personal information, are as follows:
  4. IP addresses, cookies, dates of visit, service use records, bad use records, etc. may be automatically generated and collected during online service use or transactions.
  5. Information on a terminal (terminal model, operation system (OS) information, browser information, etc.) may be collected to verify a user, provide service, and prevent wrongful use in the event of an online (and mobile) service, and mobile carrier information may be additionally collected and used to provide service suitable for mobile service features, such as a notification service (only provided when a customer gives consent), the upgrading of application versions, etc., in the event of the mobile service.
  6. Where a user purchases products or the services, etc. from the Company, the following additional information shall be input for payment settlement, product delivery, refunds, etc.:
    • the methods of payment,
      • in the event of credit card payment: the minimum necessary information for payment, such as the type of credit card, the credit card number, or the expiration date; and
      • in the event of bank account transfer: the name of bank, the bank account number, the name of transferor, the corporate registration number, or the mobile phone number
    • The name of sender and recipient, the address, the phone number, and other information necessary for product delivery.
  7. Besides the collection of personal information for membership registration through the website or an offline registration form, the Company collects personal information in the following cases and obtains consent by clearly stating the purpose of collection when collecting the personal information:
    • In the event of responding to inquiries: receiving personal information necessary for handling and responding to the inquiries and other requests from the Users
    • In the event of customer service: preparing customer charts to keep records for customer service and grievance resolution
    • In the event of a survey or a giveaway event: receiving selective personal information for statistical analysis or gift-giving; and
    • In the event of selecting a prosumer as a monitor: receiving applications for monitoring and prosumer activities.
  8. The Company collects and uses the personal information of the Users as marketing materials via user identification, gift shipping, and statistical analysis with the purpose of providing an optimal service to the Users’ taste. Without prior consent from the Users or provisions of related laws and statutes, the Company does not use the personal information for any purposes other than the purposes stated to the Users in advance nor disclose the personal information to the outside under any circumstances.
  9. The Company may process Alien Registration Numbers after obtaining the separate consent of the subjects of personal information for identity authentication based around service use.
  10. The Users may refuse consent to the collection and use of personal information. However, where the Users refuse consent to the collection and use of necessary information, the use of membership service is not allowed. In the event that the Users refuse consent to the collection and use of selective information, membership registration is allowed, but the use of services and offerings requiring the selective information may be limited.
  11. Items of personal information to be collected from non-members
    Non-membership customers as well as membership customers may purchase goods and service products in the Tamburins shopping Mall. The Mall requests non-members for personal information (the name of purchaser, address, contact information, email, information related to payment and refund, etc.) only necessary for shipping, payment, order history viewing, or purchase confirmation where the non-members order a product. In the event that a non-member makes a purchase in the Mall, the purchaser information and the recipient information that are input by the non-member are not used for any purposes other than the purposes related to payment and shipping of the product. The Mall equally protects the personal information of members and non-members.

Article 3 (Provision of Personal Information)

  1. The Company does not use personal information of the Users exceeding the range notified through Article 2 nor provide the personal information to a third party except for cases in which consent of the Users is obtained or cases permitted by the provisions of related laws and statutes.
  2. However, the personal information may be provided without the separate consent of the Users in the following cases:
    • Where it is necessary for payment of the fees for service provision
    • Where it is necessary for statistics recording, academic research, or market research, in which the personal information is provided to research institutes, survey agencies, or market researchers after being processed in a form such that a specific individual is not recognizable; and
    • Where there are special provisions under the 「Personal Information Protection Act」, the 「Protection of Communications Secrets Act」, the 「Framework Act on National Taxes」, the 「Act on Promotion of Information and Communications Network Utilization and Information Protection」, the 「Act on Real Name Financial Transactions and Confidentiality」, the 「Credit Information Use and Protection Act」, the 「Framework Act on Telecommunications」, the 「Telecommunications Business Act」, the 「Local Tax Act」, the 「Consumer Protection Act」, the 「Criminal Procedure Act」, etc.
  3. The Users may refuse consent to provide their personal information to a third party, and the use of service based thereon may be limited when refusing to consent.
  4. In the event that the Company provides the personal information to a third party of a foreign country, the Company notifies the Users of the provision and obtains consent.

Article 4 (Outsourcing of Personal Information Processing)

  1. The Company outsources the processing of personal information as follows for such purposes as service improvement and smooth data processing and obtains the consent of the Users when any of the following are changed:
  2. In the event of outsourcing the processing of personal information, the Company manages and supervises service providers to protect the privacy of the Users under outsourcing contracts and ensures that the service providers strictly observe instructions related to privacy protection, maintain confidentiality on the private information, and do not provide the personal information to any other third parties without consent of the Users.
  3. In the event of outsourcing the processing of personal information for events or promotions, the Company obtains separate consent from the Users and provides it to the service providers.

Article 5 (Retention and Use Period of Personal Information and Destruction Procedure and Method)

  1. The Company retains the personal information of the Users and uses the personal information for service provision while the Users use the service provided by the Company. The computerized personal information of the Users shall not be printed out unless by a privacy protection manager or officer or persons obtaining approval from the privacy protection manager or officer.
  2. In the event that the Users requests the Company to delete their personal information or cancels their membership, the Company takes action without delay, and information is completely deleted from a disk in an irreversible method in which records are unrecoverable, and access thereto or use thereof becomes impossible afterwards.
  3. In the event that the following reasons of destruction occur with respect to the purpose of collecting and/or receiving personal information, the Company destroys the personal information of the Users without delay by deleting information from a disk according to the Company’s internal destruction procedure or by shredding it with a shredder if it has been printed out:
    • Membership registration information: In the event that a user cancels their membership or when a user is removed from the membership
    • Payment information: In the event that payment is completely settled or when a claim is extinguished by prescription
    • Shipping information: In the event that goods or services are delivered or provided
    • Information collected for a survey or an event: In the event that the survey or the event is ended.
  4. Even after the purpose of collection or receipt is achieved, where retention is necessary pursuant to the provisions of laws and statutes, including the 「Act on the Consumer Protection in Electronic Commerce」, the 「Personal Information Protection Act」, the 「Commercial Act」, the 「Framework Act on National Taxes」, the 「Electronic Financial Transactions Act」, the 「Protection of Communications Secrets Act」, etc., the personal information of the Users may be retained for a certain period as follows:
    • Records on a contract or a withdrawal of offer: 5 years
    • Records on payment settlement and supply of services, etc.: 5 years
    • Records on handling of consumer complaints or dispute resolution: 3 years
    • Ledgers and evidence documents on all transactions prescribed by the Tax Act: 5 years
    • Records on electronic financial transactions: 5 years
    • Service visit records: 3 months.

Article 6 (Privacy Protection and Related Grievance Resolution Department)

  1. The Company designates a department dedicated to privacy protection and grievance resolution to protect the personal information of the Users and handle grievances related thereto. The Company makes sure that Users’ inquiries and complaints are promptly addressed by appointing a privacy protection manager and a privacy protection officer.
    • Customer Service Department
      CS center phone number: +82 1644-1246
      Email: cs@tamburins.com
    • Privacy Protection Manager
  2. In the event that a user needs counseling due to an occurrence of or concerns about an infringement with respect to their personal information, the user may contact the following organizations as well as the privacy protection department of paragraph (1):
    • Personal Information Infringement Report Center of Korea Internet and Security Agency (KISA): call 118 (without a telephone exchange number)
      URL : http://privacy.kisa.or.kr
    • Privacy Protection Portal of Personal Information Protection Commission: call 118 (without a telephone exchange number)
      URL : http://www.spo.go.kr
    • Korean National Police Agency Cyber Bureau: call 182 (without a telephone exchange number)
      URL : http://cyberbureau.police.go.kr

Article 7 (Personal Information Collected by Automatic Collection Device)

  1. The Company may use ‘cookies’ (an automatic data collection tool of personal information, such as an Internet log-on file), which store and search for information on the Users from time to time. Cookies are small pieces of information transferred to a browser (Netscape, Internet Explorer, etc.) of the Users by a server that is used to operate the Company’s website, which may also be stored in a hard disk of the Users’ computers. In the event that the Users access the website, the Company’s computer may read the content of cookies in the Users’ browsers and find additional information on the Users from the Users’ computers, thereby providing service with no further input, such as a name, upon renewed access. Cookies identify the Users’ computers but do not identify the Users as individuals.
  2. The Company uses cookies as data to analyze the access frequencies or visit time of members and non-members, count the number of visits from the Users, and perform other activities to support and revamp service necessary for website operation.
  3. The Company uses cookies as data to provide differentiated information according to the field of interest of the Users and allow differential application opportunities by tracking the number of visits and the degree of participation of the Users in various events held by the Company.
  4. The Users have the right to choose their cookie settings. Accordingly, the Users may choose among options in their web browser settings: Accept All, Accept in Part, or Block All.
    1. How to enable cookies (if using Internet Explorer 6.0)
      Click on [Tools] from the Task Bar of the Internet page, choose [Internet Options], choose [Privacy Tab], and then in [Privacy Protection Level], set up whether to accept cookies.
    2. How to review cookies received (if using Internet Explorer 6.0)
      Click [Tools] from the Task Bar of the Internet page, choose [Internet Options], go to General Tab (Basic Tab), choose [Settings] of temporary internet file, and then choose [View File].

Article 8 (Access and Modification of Personal Information)

  1. The Users may directly access or modify their personal information by logging in to the Company’s website and clicking [Edit Profile] at any time, request their personal information from a service provider or other parties entrusted to process personal information, or request access, modification, deletion, and suspension of processing to the Company’s privacy protection department via phone call, written letter, or email. The Company will take relevant action in response to requests from the Users without delay.
  2. In the event that the Users request the correction of errors in their personal information, the Company shall not use or provide the personal information before completing the correction. In the event that the erroneous personal information has been already processed, the Company will immediately reflect the correction results.
  3. The access and modification of personal information may be restricted in the following cases:
    • where it is likely to seriously harm the rights and interests of a third party
    • where it is likely to cause a serious inconvenience to the work of the service provider
    • where it violates laws and statutes.

Article 9 (Withdrawal of Consent to Collection, Use, and Provision of Personal Information)

  1. The Users may withdraw their consent to the collection, use, and provision of personal information at any time. The methods thereof (membership cancellation) may be the direct withdrawal of consent (membership cancellation) by the Users after logging in to the Company’s website, requesting the withdrawal of consent by the Users to the service provider or other parties entrusted to process personal information, or contacting the Company’s privacy protection department via phone call, email, or written letter. The Company will take necessary action, including the processing of membership cancellation and the destruction of personal information, in response to the Users’ requests without delay.
  2. The Company is committed to taking action to make the methods of withdrawing the consent (cancelling the membership) to the collection of personal information easier than the collection process of personal information.

Article 10 (Administrative, Technical, and Physical Measures for Privacy Protection)

  1. The Company establishes, implements, and provides training on an internal management plan for the safe processing of personal information.
  2. The Company seeks technical measures to secure safety to prevent any loss, theft, leakage, alteration, or damage of personal information in processing the personal information of the Users.
  3. The personal information of the Users is managed through an intranet which is unable to be accessed or intruded from an external network, and important data is strictly protected through separate security functions including file locking or the encryption of files and transmission data.
  4. The Company is committed to ensuring the security of the intranet by using an intrusion detection system at every server and firewall to protect against hacking attempts and external intrusion and is continuously strengthening security by installing an access control system.
  5. A personal information processing system and personal information handlers prevent the violation of personal information by installing a vaccine program on IT devices used to process personal information so as to inspect and respond at all times to any intrusion of a computer virus, spyware, or other malicious programs.
  6. With regard to the personal information of the Users, the Company limits access authority access to only a minimum number of employees, and for the sake of safety of personal information, establishes internal procedures on data access and management and enforces access control and use of locks, which the Company makes sure the employees understand and comply with.
  7. The handover process of personal information handlers is carefully carried out with security maintained, and the scope of accountability for personal information breaches after their joining and leaving of the Company is clarified.
  8. The Users are required to maintain the accuracy of personal information they provide to the Company through self-checks and management. In the event that the Users use others’ private information with no legitimate authority or harm others’ rights while using Internet websites, the Users may not only be sanctioned by the Company but may also be faced with civil or criminal liabilities.
  9. The Company holds no accountability for any problems caused by the leakage of personal information, such as account identification (ID) or password (P/W), incurred due to the carelessness of the Users themselves or problems on the Internet. Therefore, in order to protect their personal information, the Users shall individually keep their ID and P/W intact and take responsibility therefor. However, where the personal information of the Users is lost, leaked, altered, or damaged due to a mistake of the Company’s internal administrator or technical administrative incidents, the Company will immediately notify the Users of the fact and seek appropriate remedial measures and compensation.

Article 11 (Rights of User and Legal Representative and Method of Exercising the Rights)

  1. The Users or their legal representatives may exercise the rights related to the access, modification, and change of personal information and withdrawal from membership as the same persons who provide the personal information or their legal representatives.
  2. The Company collects the personal information of children aged under 14 only with the consent of the children’s legal representatives (parents, etc.) to specially protect the personal information of children.
  3. The Users and their legal representatives may exercise their rights regarding personal information by contacting the Company via the Internet, phone call, or written letter, and the Company will take necessary action without delay.

Article 12 (Notification Obligation in the event of Change of Privacy Policy)

The Privacy Policy may be revised in accordance with the changes of the laws, statutes, and government policies or the changes of the Company’s internal action plans or security technology. In such an event, the Company will post the revised content along with the reasons for change on the first page of the Company’s website at least 7 days (30 days where there are material changes in the Users’ rights, including the items of personal information to be collected by the Company, the change of purpose of use, etc.) prior to putting the revised Privacy Policy into practice.

Notification date: June. 5, 2023
Enforcement date: June. 12, 2023

지급보증서 지급보증서