TERMS OF SERIVICE AND PRIVACY POLICY
TERMS OF SERIVICE
AND PRIVACY POLICY
Rowon Holdings Co., Ltd. (referred to as "the Company" hereafter)
In compliance with Article 30 of the "Personal Information Protection Act", we are committed to protecting the personal information of our users and have established and disclosed our privacy policy to address any related concerns promptly and effectively.
Please note that our privacy policy may change based on amendments to laws or guidelines related to personal information protection or changes in our company's policy. We encourage our members to regularly check this policy when visiting our site.
Here is Luxury Panda's Privacy Policy.
1. Definition of Privacy Policy Terms
2. Consent for Personal Information Collection
3. Types of Personal Information Collected and Collection Methods
4. Purpose of Personal Information Collection and Use
5. Retention Period and Usage of Personal Information
6. Procedures and Methods for Personal Information Destruction
7. Sharing and Disclosure of Personal Information
8. Information on Provisioning Personal Information to Third Parties
9. Delegation of Personal Information Processing
10. User Rights and Methods of Exercising Those Rights
11. Installation/Operation and Rejection of Automatic Personal Information Collection Devices
12. Technical / Administrative Measures for Personal Information Protection
13. Data Protection Officer & Contact Details
14. Obligation to Notify
1. Definition of Terms for Personal Information Processing Policy
A. The term "Personal Information" refers to information related to a living individual which can identify the person based on elements such as their name or identification number (even if that information by itself doesn't directly identify someone but can when combined with other details), and it also includes data that has been pseudonymized and which, without supplementary details, cannot be reverted back to its original state to identify an individual (pseudonymous data).C. "Member" means an individual who has formally registered with Luxury Panda by submitting their personal details.
D. The term "non-member" means an individual who avails of the services offered by Luxury Panda without undergoing the formal membership registration process.
2.Consent for Personal Information Collection
3. Types of Personal Information Collected and Collection Methods
A. Information We Collect
For purposes such as membership registration, efficient customer service, and the delivery of our various offerings, we gather specific personal details as outlined below.
| Category | Information Collected/Used | Purpose of Collection/Use | |
| During Registration (General) | Required | ID, Password, Name, Email Address, Mobile Number, Confirmation of age above 14 | Identification, Delivering important notifications, Tailored services, Inquiries |
| Optional | |||
| Simplified Registration (Naver) | Required | Unique User Identifier, Nickname | Personal Identification |
| Simplified Registration (Kakao) | Required | Unique User Identifier, Nickname | Personal Identification |
| Upon Purchase | Required | Orderer Details (Name, Email Address, Mobile Number), | Providing payment/refund services, Providing order/delivery/transaction lookup services, |
| Optional | Recipient Details (Name, Delivery Address, Mobile Number) | Customer service and complaint handling, Complying with e-commerce laws, Confirming intention to receive prizes | |
| For Refunds (Partial Cancellations) | Required | Bank Name, Account Holder's Name, Account Number | Processing refunds (partial cancellations) |
| For Quick Login | Required | Username (Automatically Generated), Nickname, Confirmation of Age Above 14 | Identification, Delivering important notifications, Handling service inquiries, Addressing concerns |
| For Event Inquiries | Required | Company, Name, Email Address, Phone Number, Mobile Number | Response to event inquiries |
| Information Collected During Service Use | Required | IP Address, Cookies, Date of Visit, Service Usage History | Service usage statistics, Fraud prevention, Providing customized services |
| During Mobile Service Usage | Required | UUID (Unique App Identifier) Push Token (Generated Value), OS Type & Version, Device Type | Service usage statistics, Mobile alert services, etc. |
[Member Management]
For member service use, limited personal verification during specific service stages, personal identification, confirmation of intent to join, prevention of misuse against LUXURY PANDA's terms, record-keeping for dispute resolution, handling complaints and grievances, and notifying about new services, products, and events
[New Service Development and Use in Marketing/Advertising]
For developing new services, delivering personalized services, providing services and ads based on statistical features, verifying service validity, offering event and promotional information and participation opportunities, and generating usage statistics for members
5. Retention Period and Usage of Personal Information
As a general rule, once the purpose of collecting and using personal information is fulfilled, it is immediately destroyed.| Legal Basis | Retention Purpose | Information Held | Retention Duration |
| Consumer Protection in Electronic Commerce Act | Records pertaining to contracts or offer withdrawals | User identification information, records of contracts or offer withdrawals | 5 years |
| Records related to payment and the provision of goods | |||
| Records concerning user complaints or dispute resolution | Identification details, records of dispute resolution, etc. | 3 years | |
| Protection of Communications Secrets Act | Provided upon request from investigative authorities | Log records, IP addresses, etc. | 3 months |
- This personal data is not used for any other purpose unless required by law.
B. Destruction Method
- Personal information stored in electronic file format is deleted using technical methods that prevent record recovery.
- Printed personal information is destroyed by shredding or incineration.
The company uses the personal information of users only within the scope stated in "Section 4. Purpose of Personal Information Collection and Use." We do not use the information beyond this scope or disclose users' personal information to outsiders without their prior consent. However, there are exceptions in the following situations.
A. Family Site
The "Family Site" refers to a separate site provided by the company that requires members to log in. Members can conveniently use the company-operated Family Site with a single ID without having to go through a separate registration process. Even if a new Family Site is added after the member's initial application, the member can use it without any additional registration. In such cases, the company will notify about the new service through the company website or the member's email. If a non-member uses the Family Site to purchase products, the company may retain the personal information provided by the non-member at that time in accordance with the law on consumer protection in e-commerce.
B. Affiliate Partners
To achieve our service objectives with affiliate partners, we may provide them with the minimal necessary member information, but only with prior consent from our members. Please be informed that our role is primarily as an intermediary for online sales, not a direct seller. Hence, when you click on a shopping link or banner on our website redirecting you to another site (including the mentioned shop or web page), the privacy policy of that specific site applies. Always ensure to review the privacy policies of sites you visit.
8. Information on Provisioning Personal Information to Third Parties
As a fundamental principle, we don't share personal information with third parties without the member's consent. However, there are instances, like when making a purchase, product delivery, on-site computer services, quotation requests, user research, or event participation, where your personal information might be provided to the managing organization or service agency following a separate consent process.
| Recipient | Purpose | Information Shared | Retention Duration |
| Event Organizers | Verify event participation, identity verification, prize dispatch | Name, e-mail, phone number, address (for tangible rewards) | 3 months |
| Reseller laws | Facilitate order deliveries, handle customer inquiries, address complaints | Order details (name, email, phone number), delivery details (name, address, phone), additional contacts (if provided) | Until 3 months post service completion |
9. Delegation of Personal Information Processing
Our company abides by the relevant laws to ensure the safe management of personal information during outsourcing contracts. The list below provides details about the institutions we entrust with personal information, their tasks, and the retention and usage period for the said data.
Information and period of entrustment of the processing of personal information
| Entrusted Organization | Scope of Work | Retention Period and Usage of Personal Information |
| NICE INFORMATION SERVICE Co. Ltd. | verification / age verification account confirmation (for digital currency reimbursements) | No separate storage; utilizing the pre-existing data held by the agency |
| Toss payments | Handling of credit card transactions and direct bank transfers | Until account deactivation or the conclusion of our contractual agreement |
| CJ Logistics Corporation | Goods Delivery | |
| Naver Cloud Co. ltd. | Notification via SMS and email | |
| Kakao Corp. | Notification via KakaoTalk |
- If we decide to entrust additional parties with the processing of personal information, we will notify you in advance through written notices, emails, phone calls, or our website about the entrusted entities, their scope of activities, and the extent of the shared information.
- During the entrustment contract, we ensure that the service provider adheres to guidelines regarding the protection of personal information. This includes confidentiality maintenance, prohibition against third-party sharing, responsibility in the event of incidents, the period of entrustment, and the return or destruction of personal information after the termination of the process. All of these contractual details are kept in written or electronic format.
10. User Rights and Methods of Exercising Those Rights
A. Users can always view or edit their registered personal information and can also request account cancellation.
B. To view or edit personal information, users should log in and go to 'My Page > Edit Profile'. For account cancellation (withdrawal of consent), please reach out to the Data Protection Officer either in writing, by phone, or via email.
C. If a user requests a correction due to an error in their personal information, we will not use or provide the specific information until the correction is completed. If incorrect information has been provided to a third party, we will notify them immediately to correct it.
D. The company processes any personal information deleted or terminated upon the user's request in line with our "5. Retention and Usage Period" policy. This data cannot be accessed or used for any other purpose.
E. To protect the personal information of children under 14, our company only allows registration for those aged 14 and above, ensuring we do not collect information from younger individuals.
11. Installation/Operation and Rejection of Automatic Personal Information Collection Devices
A. We use 'cookies' to store and frequently access user information, allowing us to offer tailored services. A cookie is a small piece of information sent by the web server to a user's computer browser and may be stored on the user's PC hard drive.
- Internet Explorer : Go to Tools > Internet Options > Privacy > Advanced, and then you can choose to Block or Allow cookies
- Chrome : Navigate to Settings > Privacy & Security > Cookies and other site data, where you can choose to Block or Allow
B. Our company uses ADID/IDFA to offer tailored services and better advertising environments for our users. ADID (for Android OS) and IDFA (for iOS) are advertising IDs unique to mobile app users. They can be gathered to optimize the provision of tailored services and a more superior advertising ambiance.
- ADID : Settings > Google (Google Settings) > Ads > Opt-out of Personalized Ads
- IDFA : Settings > Privacy > Advertising > Limit Ad Tracking
However, if you opt out of ADID/IDFA collection, you might encounter limitations in accessing personalized services.
12. Technical / Administrative Measures for Personal Information Protection
Our company has implemented various technical and managerial measures to prevent the loss, theft, leak, alteration, or damage of our users' personal information.
A. Technical Measures
- Encryption of Passwords: Users' personal details are securely protected by passwords. Only the individual user knows their Member ID password, making it possible to view or change their personal information exclusively by them. Therefore, it's crucial not to disclose your password to anyone. For your safety, we recommend that after using the PC, you log out online and close the web browser. Especially when sharing a PC with others or using it in public places (such as offices, schools, libraries, internet cafés, etc.), the aforementioned procedure is crucial to prevent personal information from being exposed to others.
- State-of-the-Art Security System Installation: We are fully committed to preventing the leakage or damage of member's personal information caused by hacking or computer viruses. In anticipation of any potential damage to personal information, we regularly back up data. Using the latest antivirus software, we prevent the leakage or damage of users' personal information. Additionally, we employ encrypted communication to safely transmit personal data over the network. Furthermore, using our intrusion prevention system, we control unauthorized access from the outside. We are also making efforts to equip every possible technological tool to ensure system-wide security.
B. Administrative Measures
- Regular Training for Personal Data Protection Managers: We limit personal data handling to designated personnel, granting them unique passwords updated periodically. We consistently emphasize the importance of our data protection policy through regular training for these individuals.
- Operation of a Dedicated Personal Information Protection Division: We run an internal organization dedicated to personal data protection, monitoring compliance with our policies. Immediate corrective actions are taken if any issues are detected. However, we do not take responsibility for any breaches due to user negligence or internet-related issues, leading to the disclosure of IDs, passwords, or phone numbers.
13. Data Protection Officer & Contact Details
Users can report any personal data protection issues arising from the use of our services to the designated Data Protection Officer or the respective department. We promise to provide prompt and comprehensive responses to your reports.
Name | Department | Email | Phone number |
Byeong-wook Song (Personal Information Protection Manager) | E-Commerce Division | rowonholdings@rowon.co.kr | 1661- 2226 |
Users seeking remedies for personal information breaches can request dispute resolution or consultation from entities such as the Personal Information Dispute Mediation Committee and the Personal Information Infringement Reporting Center of the Korea Internet & Security Agency. For additional inquiries or reports concerning personal data breaches, please refer to the institutions listed below.
- Personal Information Infringement Reporting Center (Managed by Korea Internet & Security Agency) (privacy.kisa.or.kr / Dial 118 without area code)
- Cyber Investigation Division, Supreme Prosecutors' Office (www.spo.go.kr / Dial 1301 without area code)
- Cyber Security Bureau, National Police Agency (cyberbureau.police.go.kr / Dial 182 without area code) - Personal Information Dispute Mediation Committee (Managed by Korea Internet & Security Agency) (www.kopico.go.kr / Dial 118 without area code, Extension 2)
14. Obligation to Notify
Should there be changes to this Privacy Policy due to amendments in legislation, policies, or changes in security technology, we will notify through our company website's announcements at least 7 days before the updated policy's enforcement date.
- Announced on: September 11, 2022
- Effective from: September 18, 2022
Privacy Policy ・ Site Map ・ Map
This site is optimized in the Chrome web browser.
Copyright©Rowon Holdings Cop. 2023. All Right Reserved.
Privacy Policy / Refusal to collect e-mails without permission ・ Site Map ・ Map
This site is optimized in the Chrome web browser.
Copyright©Rowon Holdings Cop. 2023. All Right Reserved.
