Privacy Policy
2025. 12. 12.
Article 1 (Purpose)
Maedowang Co., Ltd. (hereinafter referred to as the 'Company') establishes this Privacy Policy to protect the information (hereinafter referred to as 'Personal Information') of individuals (hereinafter referred to as 'Users' or 'Individuals') who use the services provided by the Company (Momocall, hereinafter referred to as the 'Company Services'). This policy is established to comply with the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (hereinafter referred to as the 'Information and Communications Network Act'), and other relevant laws and regulations. Furthermore, to ensure the prompt and smooth handling of complaints related to the protection of service users' personal information, the Company establishes and discloses the following Personal Information Processing Policy (hereinafter referred to as 'this Policy').
Article 2 (Items of Personal Information Processed by Purpose and Retention Period)
The items of personal information processed by the Company, the purpose of processing, and the retention and use period are as follows.
Category | Personal Information Item | Purpose of Processing | Retention and Use Period |
|---|---|---|---|
Membership Registration and Management | Required: Email address (ID), login account identifier (social account ID, etc.), name or nickname, password (hash value), service usage history (sign-up date, withdrawal date, login records), smartphone device information (device model, OS version, app version, device identifier), access IP address, access date/time, service usage logs, failure and error logs, history of improper use | Member identification and verification, account creation and management, prevention of unauthorized use and abnormal activities, management of service usage history, delivery of notices, alerts, and important announcements, handling customer inquiries and complaints | Until termination of the service use agreement and withdrawal of membership. However, if preservation is required under relevant laws and regulations, it will be stored separately for the period specified in such laws and regulations (see separate table below). |
Customer inquiry and complaint handling | Required: Email address, inquiry content, conversation records generated during the inquiry/consultation process (email, chat, other records), account information (ID, service usage history, etc.), contact information | Receiving and processing member inquiries, consultations, and complaints; responding to service failures and errors; handling and responding to disputes when they occur; managing consultation history | Retained for 3 years after inquiry/complaint resolution (in accordance with the Consumer Protection Act's obligation to preserve records of consumer complaints and dispute resolution). After this period, data is promptly destroyed. |
Marketing and Event Notifications (Optional) | Mobile phone number, email address or social account ID, app push token (device identification token), service usage history (simple usage type/frequency, etc.), event participation history | Service-related news, feature/plan changes, event/promotion notifications, personalized announcements, marketing communications to expand service usage | Until withdrawal of consent or account termination. (However, data will be retained for the period required by relevant laws and regulations if necessary) |
Billing Settlement and Payment/Refund (Required): | Paid service usage records, purchased product information, payment amount, payment date/time, payment approval/cancellation history, refund history, market payment identifier (e.g., Google Play/Apple App Store payment ID) | Billing and payment processing for paid services (subscriptions, usage rights, etc.), refund/cancellation processing, settlement of overpayments/underpayments, handling payment-related inquiries | Until termination of the service usage agreement and withdrawal of membership |
Personal information processed will not be used for any purpose other than those stated above. If the purpose of processing changes, the Company shall obtain separate consent or take other necessary measures in accordance with applicable laws.
The Company processes and retains personal information within the period permitted by law or within the period agreed upon by the data subject at the time of collection.
Retained information and retention period under the Act on Consumer Protection in Electronic Commerce, etc.
Records related to contracts or withdrawal of subscription: 5 years
Records related to payment and supply of goods: 5 years
Records related to consumer complaints or dispute resolution: 3 years
Records related to labeling and advertising: 6 months
Retained Information and Retention Periods under the Communications Secrecy Protection Act
Website log records: 3 months
Information retained and retention periods under the Electronic Financial Transactions Act
Records related to electronic financial transactions: 5 years
Act on the Protection and Use of Location Information
Records concerning personal location information: 6 months
Article 3 (Provision of Personal Information to Third Parties)
The Company processes personal information only within the scope necessary for the stated purposes. The Company provides personal information to third parties only in cases falling under Articles 17 and 18 of the Personal Information Protection Act, such as with the data subject's consent or under special provisions of law, and does not provide the personal information of data subjects to third parties for any other purpose.
Article 4 (Entrustment of Personal Information Processing)
The Company entrusts the processing of personal information as follows to ensure smooth service provision and personal information handling.
Category | Entity Entrusted (Recipient) | Entrusted Tasks | Retention and Use Period of Personal Information |
|---|---|---|---|
Service usage analysis | Mixpannel | Statistical analysis of media and logs from app installations | Until the termination of the outsourcing contract |
Cloud Infrastructure / Server Hosting | Google Cloud Platform | Data storage and service operation | Until member withdrawal or termination of the entrustment contract |
Article 4-2 (Cross-border Transfer of Personal Information)
The Company entrusts the processing of personal information to overseas contractors as follows in order to provide services to users, and personal information may be transferred overseas in connection with this processing.
Entities (Consignees) and Countries | Items of Personal Information Transferred | Timing and Method of Transfer | Purpose of Transfer | Retention and Use Period |
|---|---|---|---|---|
Mixpanel, Inc. (United States) | · Event logs collected during service use (button clicks, screen transitions, etc.) | |||
· App installation/launch information, referral source information | ||||
· Device information (device identifier, OS/app version, etc.) | ||||
· IP address and associated geographic location information (country/city, etc.) | ||||
· (When optionally collected) Account identification information such as email address | Transmitted to Mixpanel's servers via the internet network when the user installs/launches the app or uses the service | Service usage behavior analysis, statistics generation, service quality and user experience improvement | Until the termination of the entrustment contract or the user's account deletion (however, if retention is required by law, until the end of the relevant retention period) |
Article 5 (Destruction of Personal Information)
The Company shall promptly destroy personal information when it is no longer necessary, such as upon expiration of the retention period or achievement of the processing purpose.
If personal information must be retained under other laws or regulations even after the retention period agreed upon with the data subject has expired or the processing purpose has been achieved, the Company will store such personal information in a separate database (DB) or at a different storage location.
The procedures and methods for destroying personal information are as follows.
Destruction Procedure: The Company identifies personal information for which a reason for destruction has arisen and destroys it upon approval by the company's personal information protection officer.
Destruction Method: The Company shall destroy personal information recorded or stored in electronic file format in a manner that prevents its reproduction. Personal information recorded or stored on paper documents shall be destroyed by shredding or incineration.
Article 6 (Rights, Obligations, and Exercise Methods of Data Subjects and Legal Representatives)
Data subjects may exercise their rights at any time, such as requesting access, correction, deletion, or suspension of processing of their personal information from the company. To view or modify their personal information, data subjects must complete an identity verification process through the methods provided by the Company. To withdraw consent (cancel membership), they must use 'Withdraw Membership'.
The Company does not provide services to users under the age of 14 and therefore does not process the personal information of data subjects under the age of 14.
Users may exercise their rights by submitting a written request, email, or fax to the company in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act. The company will take action without delay upon receiving such requests.
Rights may also be exercised through a legal representative or authorized agent of the data subject. In such cases, a power of attorney must be submitted using the form specified in the "Notice on Personal Information Processing Methods."
Requests for access to personal information or suspension of processing may be restricted under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
Requests for correction or deletion of personal information cannot be made if such information is explicitly designated as subject to collection under other laws or regulations.
The company has an obligation to verify whether the person requesting access, correction, deletion, or suspension of processing is the data subject themselves or a legitimate representative.
Article 7 (Measures to Ensure the Security of Personal Information)
The company takes the following measures to ensure the security of personal information.
Administrative Measures: Regular employee training, establishment and implementation of internal management plans, etc.
Technical Measures: Encryption of unique identifiers, installation and updating of security programs, management of access rights to personal information processing systems, installation of access control systems
Article 8 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
The Company uses automatic personal information collection devices (hereinafter 'cookies') to store and periodically retrieve usage information in order to provide users with customized services. Cookies are small pieces of information sent by the server (http) used to operate the Company’s website and related online services to the user's web browser (including PCs and mobile devices) and may be stored in the user's storage space.
Users have the option to choose whether to accept cookies. Therefore, users can set their web browser options to accept all cookies, to be prompted each time a cookie is stored, or to refuse the storage of all cookies.
However, if you refuse to store cookies, you may experience difficulties using some company services that require login.
Article 9 (How to Specify Cookie Acceptance)
You can configure settings such as allowing cookies or blocking cookies through your web browser options.
Edge: Settings menu in the upper-right corner of the web browser > Cookies and site permissions > Manage and delete cookies and site data
Chrome: Settings menu in the top-right corner of the web browser > Privacy and security > Cookies and other site data
Whale: Settings menu in the top-right corner of the web browser > Privacy > Cookies and other site data
Safari: Web browser Settings menu > Privacy > Manage Website Data > Select this website and click Remove
Article 10 (Appointment of the Company's Personal Information Protection Officer)
The Company designates the relevant department and a Personal Information Protection Officer as follows to protect users' personal information and handle complaints related to personal information.
Personal Information Protection Officer
Name: Lim Juseong
Position: CTO
Email: jusung@sellking.kr
Article 11 (Remedies for Infringement of Rights)
Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Reporting Center, etc., to receive relief for personal information infringements. For other reports or consultations regarding personal information infringements, please contact the following institutions.
Personal Information Dispute Mediation Committee: (No area code required) 1833-6972 (www.kopico.go.kr)
Personal Information Infringement Reporting Center: (No area code required) 118 (privacy.kisa.or.kr)
Supreme Prosecutors' Office: (No area code) 1301 (www.spo.go.kr)
National Police Agency: (Toll-free) 182 (ecrm.cyber.go.kr)
The company guarantees the data subject's right to self-determination over their personal information and strives to provide consultation and remedy for damages caused by personal information infringement. If you need to report an incident or seek consultation, please contact the department responsible as stated in Paragraph 1.
Pursuant to the provisions of Article 35 (Access to Personal Information), Article 36 (Correction or Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act, any person whose rights or interests have been infringed upon by a disposition or omission of the head of a public institution may file an administrative appeal in accordance with the Administrative Appeal Act.
Central Administrative Appeals Commission: (No area code required) 110 (www.simpan.go.kr)
Supplementary Provisions
Article 1 This policy shall take effect on December 22, 2025.
Korean Privacy Policy 개인정보처리방침
Previous Privacy Policy
November 24, 2024 Privacy Policy
