'Duwon Shipping' (hereinafter referred to as the 'Company') values your personal information and complies with the "Personal Information Protection Act" and the "Act on Promotion of Information and Communications Network Utilization and Information Protection." The Company informs you through this privacy policy about how the personal information you provide is being used, the methods of use, and what measures are being taken to protect personal information.
Personal Information Collection Items
The Company collects the following personal information for membership registration, consultation, service applications, etc.
- Collection Items
Required information: Name, Email (ID), Password, Date of Birth, Mobile Phone Number, Inquiry Content
For Duwon Shipping's online services such as consultation requests and membership registration, the following information may be collected only for users of the respective services. - Personal Information Collection Methods
The Company collects personal information through the following methods:
Website (membership registration), written forms, Q&A board, email, etc.
Purpose of Collection and Use of Personal Information
The Company uses the collected personal information for the following purposes:
- Member Management
Identity verification for membership service use, personal identification, prevention of unauthorized use by malicious members, verification of registration intent, age verification, complaint handling, notification delivery - Marketing and Advertising
Delivery of promotional information such as events, analysis of access frequency, or statistics on members' service usage
Retention and Use Period of Personal Information
In principle, personal information is destroyed without delay once the purpose of collection and use of personal information has been achieved. However, the following information is retained for the specified period for the reasons stated below:
- Information Retention Reasons Due to Internal Company Policy
Records of improper use
Retention Reason: Prevention of improper use
Retention Period: 1 year - Information Retention Reasons Due to Relevant Laws
When it is necessary to preserve information in accordance with the provisions of relevant laws such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, the Company keeps member information for a certain period as stipulated by the relevant laws.
In this case, the Company uses the stored information only for the purpose of storage, and the retention periods are as follows:
| Content | Retention Reason | Retention Period |
|---|
| Records related to identity verification | Act on Promotion of Information and Communications Network Utilization and Information Protection | 6 months |
| Website visit records | Communications Privacy Protection Act | 3 months |
Personal Information Destruction Procedures and Methods
In principle, the Company destroys personal information without delay when an individual requests its destruction. The destruction procedures and methods are as follows:
- Destruction Procedure
Information entered by members for membership registration, etc., is moved to a separate DB (or a separate file cabinet in the case of paper) after the purpose has been achieved and is stored for a certain period according to internal policies and other relevant laws regarding information protection (refer to retention and use period) before being destroyed.
Personal information moved to a separate DB is not used for any purpose other than being retained unless required by law. - Destruction Method
Personal information stored in electronic file format is deleted using technical methods that prevent the records from being reproduced.
Personal information printed on paper is destroyed by shredding or incineration.
Measures to Ensure the Safety of Personal Information
In accordance with Article 29 of the Personal Information Protection Act, the Company is taking the following technical/administrative and physical measures necessary to ensure security:
- Minimization and Training of Personal Information Handling Staff
The Company designates employees who handle personal information and limits it to designated personnel to minimize the management of personal information. - Regular Self-Audits
The Company conducts regular (annual) self-audits to ensure the security of personal information handling. - Establishment and Implementation of Internal Management Plans
The Company conducts regular (annual) self-audits to ensure the security of personal information handling. - Encryption of Personal Information
Members' personal information passwords are encrypted for storage and management, so only the individual knows them, and important data is protected using separate security functions such as encrypting files and transmission data or using file locking functions. - Technical Measures Against Hacking
The Company installs security programs and performs regular updates and checks to prevent personal information leakage and damage due to hacking or computer viruses, and installs systems in areas controlled from external access and technologically/physically monitors and blocks access. - Access Restriction to Personal Information
The Company takes necessary measures to control access to personal information by granting, changing, and revoking access rights to the database system that processes personal information, and controls unauthorized access from outside using an intrusion prevention system. Additionally, even for task managers, access rights to personal information processing systems are differentially granted according to the nature of the work, limited to the minimum scope necessary for performing the task. - Storage and Prevention of Falsification of Access Records
Records of access to the personal information processing system are stored and managed for at least 6 months, and security functions are used to prevent access records from being falsified, stolen, or lost. - Use of Locking Devices for Document Security
Documents and storage media containing personal information are kept in a safe place with locking devices. - Access Control for Unauthorized Persons
A separate physical storage location is maintained for personal information, and access control procedures are established and operated.
Sharing and Provision of Personal Information
The Company uses the user's personal information within the scope notified in the 'Purpose of Collection and Use of Personal Information' and does not use it beyond this scope or provide it to external parties without the user's prior consent.
However, the following cases are exceptions:
- - When users have given prior consent
- - When required by law or when requested by investigative agencies for investigation purposes in accordance with procedures and methods specified by law
Users' Rights and Their Exercise
Users can view or modify their registered personal information at any time and request withdrawal of membership.
For users to view or modify their personal information, they can directly access, view, and correct it by clicking on "Edit My Information" (or "Edit Member Information").
Alternatively, you can contact the personal information manager in writing, by phone, or by email, and we will take action without delay.
If you request correction of errors in your personal information, we will not use or provide the personal information until the correction is completed. Also, if incorrect personal information has already been provided to a third party, we will notify the third party of the correction result without delay to ensure the correction is made.
Personal information that has been terminated or deleted at the user's request is processed in accordance with the "Retention and Use Period of Personal Information Collected by the Company" and is processed so that it cannot be viewed or used for purposes other than those specified.
Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
The Company operates 'cookies' that frequently store and find your information. A cookie is a very small text file sent by the server operating the Company's website to your browser and is stored on your computer's hard disk. The Company uses cookies for the following purposes:
Purpose of Using Cookies
- - Analysis of members' and non-members' access frequency and visit times, understanding users' preferences and areas of interest, tracking behavior, targeted marketing and personalized service provision through participation in various events and tracking visit counts
You have a choice regarding cookie installation. Therefore, you can set options in your web browser to allow all cookies, verify each time a cookie is saved, or refuse all cookie storage.
How to Refuse Cookie Settings
- Example: To refuse cookie settings, you can allow all cookies, verify each time a cookie is saved, or refuse all cookie storage by selecting options in the web browser you use.
Setting method example (for Internet Explorer):
Web browser's top menu: Tools > Internet Options > Privacy
However, if you refuse cookie installation, there may be difficulties in providing services.
If you need to report or consult regarding personal information infringement, please contact the following institutions:
- Personal Dispute Resolution Committee (Website: http://www.1336.or.kr Phone: 1336)
- Information Security Mark Certification Committee (Website: http://www.eprivacy.or.kr Phone: 02-580-0533~4)
- Supreme Prosecutors' Office Internet Crime Investigation Center (Website: http://icic.sppo.go.kr Phone: 02-3480-3600)
- National Police Agency Cyber Terror Response Center (Website: http://www.ctrc.go.kr Phone: 02-392-0330)
Obligation to Notify
When there are additions, deletions, or modifications to the current privacy policy content, we will notify you through 'Announcements' on the homepage at least 7 days before the revision. However, for important changes to user rights such as the collection and use of personal information and provision to third parties, we will notify you at least 30 days in advance.
- Effective Date: January 1, 2022
