| Privacy Policy |

Rowon Holdings Co., Ltd. (referred to as "the Company" hereafter)
In compliance with Article 30 of the "Personal Information Protection Act", we are committed to protecting the personal information of our users and have established and disclosed our privacy policy to address any related concerns promptly and effectively.

Please note that our privacy policy may change based on amendments to laws or guidelines related to personal information protection or changes in our company's policy. We encourage our members to regularly check this policy when visiting our site.

Here is Luxury Panda's Privacy Policy.


1. Definition of Privacy Policy Terms
2. Consent for Personal Information Collection
3. Types of Personal Information Collected and Collection Methods
4. Purpose of Personal Information Collection and Use
5. Retention Period and Usage of Personal Information
6. Procedures and Methods for Personal Information Destruction
7. Sharing and Disclosure of Personal Information
8. Information on Provisioning Personal Information to Third Parties
9. Delegation of Personal Information Processing
10. User Rights and Methods of Exercising Those Rights
11. Installation/Operation and Rejection of Automatic Personal Information Collection Devices
12. Technical / Administrative Measures for Personal Information Protection
13. Data Protection Officer & Contact Details
14. Obligation to Notify


1. Definition of Terms for Personal Information Processing Policy

A. The term "Personal Information" refers to information related to a living individual which can identify the person based on elements such as their name or identification number (even if that information by itself doesn't directly identify someone but can when combined with other details), and it also includes data that has been pseudonymized and which, without supplementary details, cannot be reverted back to its original state to identify an individual (pseudonymous data).
B. "User" means anyone, be it a member or non-member, who accesses Luxury Panda and utilizes services as per our provided terms.

C. "Member" means an individual who has formally registered with Luxury Panda by submitting their personal details.

D. The term "non-member" means an individual who avails of the services offered by Luxury Panda without undergoing the formal membership registration process.

2.Consent for Personal Information Collection

We provide users with an option to either click on the "Agree" or "Disagree" button concerning the content of Luxury Panda's Privacy Policy or our Terms of Use. By indicating agreement, the user acknowledges their consent to our collection of their personal information.


3. Types of Personal Information Collected and Collection Methods                        

A. Information We Collect                             

For purposes such as membership registration, efficient customer service, and the delivery of our various offerings, we gather specific personal details as outlined below.

CategoryInformation Collected/UsedPurpose of Collection/Use
During Registration (General)RequiredID, Password, Name, Email Address,
Mobile Number, Confirmation of age above 14
Identification, Delivering important notifications,
Tailored services, Inquiries
Simplified Registration
RequiredUnique User Identifier, NicknamePersonal Identification
Simplified Registration
RequiredUnique User Identifier, NicknamePersonal Identification
Upon PurchaseRequiredOrderer Details (Name, Email Address, Mobile Number),Providing payment/refund services, Providing order/delivery/transaction lookup services,
OptionalRecipient Details
(Name, Delivery Address, Mobile Number)
Customer service and complaint handling, Complying with e-commerce laws, Confirming intention to receive prizes
For Refunds
(Partial Cancellations)
RequiredBank Name, Account Holder's Name,
Account Number
Processing refunds
(partial cancellations)
For Quick LoginRequiredUsername (Automatically Generated),
Nickname, Confirmation of Age Above 14
Identification, Delivering important notifications,
Handling service inquiries, Addressing concerns
For Event InquiriesRequiredCompany, Name, Email Address,
Phone Number, Mobile Number
Response to event inquiries
Information Collected
During Service Use
RequiredIP Address, Cookies, Date of Visit,
Service Usage History
Service usage statistics, Fraud prevention,
Providing customized services
During Mobile Service UsageRequiredUUID (Unique App Identifier) Push Token (Generated Value), OS Type & Version, Device TypeService usage statistics, Mobile alert services, etc.

B. Method of Personal Information Collection
We collect personal information through the following methods. - Website, mobile applications, mobile web pages, written forms, fax, phone, consultation boards, email, event participation, delivery requests - Provided by affiliated companies

4. Purpose of Personal Information Collection and Use
A. At LUXURY PANDA, we collect only the essential information needed to provide our basic services. For additional personal information related to specific services, we obtain separate consent at the time of collection. Not providing optional data will not limit your use of our services.

[Member Management]

For member service use, limited personal verification during specific service stages, personal identification, confirmation of intent to join, prevention of misuse against LUXURY PANDA's terms, record-keeping for dispute resolution, handling complaints and grievances, and notifying about new services, products, and events

[New Service Development and Use in Marketing/Advertising]

For developing new services, delivering personalized services, providing services and ads based on statistical features, verifying service validity, offering event and promotional information and participation opportunities, and generating usage statistics for members

5. Retention Period and Usage of Personal Information

As a general rule, once the purpose of collecting and using personal information is fulfilled, it is immediately destroyed.
There are exceptions, detailed as follows.

A. Legal Grounds for Data Retention
In instances where there's a need to retain data as mandated by laws such as the Commercial Act and the Consumer Protection in Electronic Commerce Act, the company will hold onto the user information for the prescribed period. In such cases, the company only uses the stored information for its retention purpose, with the specifics outlined below.

Legal BasisRetention PurposeInformation HeldRetention Duration
Consumer Protection in
Electronic Commerce Act
Records pertaining to contracts or offer withdrawals
User identification information, records of contracts or offer withdrawals

5 years
Records related to payment and the provision of goods
Records concerning user complaints or dispute resolutionIdentification details,
records of dispute resolution, etc.
3 years
Protection of Communications Secrets ActProvided upon request from investigative authoritiesLog records, IP addresses, etc.3 months

Under the Protection of Communications Secrets Act, log records, IP addresses, etc., are provided upon request by investigative agencies for a duration of three months. B. If a member hasn't used LUXURY PANDA's services for one year, their personal information is managed based on Article 39-6 of the Personal Information Protection Act. Users are notified in advance, and their data is stored separately. This segregated information is retained for four years and then promptly destroyed.

6. Procedures and Methods for Personal Information Destruction

As a general rule, once the purpose of collecting and using personal information is fulfilled, it is immediately destroyed. The company's procedure and method for personal information destruction are as follows.

A. Destruction Procedure
- Once the purpose, such as membership registration, is achieved, the user's entered information is transferred to a separate DB (for paper, a separate document box). Following internal policies and related legal regulations on information protection (see retention and usage period), it's stored for a certain period and then discarded.

- This personal data is not used for any other purpose unless required by law.

B. Destruction Method

- Personal information stored in electronic file format is deleted using technical methods that prevent record recovery.
- Printed personal information is destroyed by shredding or incineration.

7. Sharing and Disclosure of Personal Information

The company uses the personal information of users only within the scope stated in "Section 4. Purpose of Personal Information Collection and Use." We do not use the information beyond this scope or disclose users' personal information to outsiders without their prior consent. However, there are exceptions in the following situations.

A. Family Site

The "Family Site" refers to a separate site provided by the company that requires members to log in. Members can conveniently use the company-operated Family Site with a single ID without having to go through a separate registration process. Even if a new Family Site is added after the member's initial application, the member can use it without any additional registration. In such cases, the company will notify about the new service through the company website or the member's email. If a non-member uses the Family Site to purchase products, the company may retain the personal information provided by the non-member at that time in accordance with the law on consumer protection in e-commerce.

B. Affiliate Partners

To achieve our service objectives with affiliate partners, we may provide them with the minimal necessary member information, but only with prior consent from our members. Please be informed that our role is primarily as an intermediary for online sales, not a direct seller. Hence, when you click on a shopping link or banner on our website redirecting you to another site (including the mentioned shop or web page), the privacy policy of that specific site applies. Always ensure to review the privacy policies of sites you visit.

8. Information on Provisioning Personal Information to Third Parties

As a fundamental principle, we don't share personal information with third parties without the member's consent. However, there are instances, like when making a purchase, product delivery, on-site computer services, quotation requests, user research, or event participation, where your personal information might be provided to the managing organization or service agency following a separate consent process.

RecipientPurposeInformation SharedRetention Duration
Event OrganizersVerify event participation, identity verification, prize dispatchName, e-mail, phone number, address (for tangible rewards)3 months
Reseller lawsFacilitate order deliveries, handle customer inquiries, address complaintsOrder details (name, email, phone number), delivery details (name, address, phone), additional contacts (if provided)Until 3 months post service completion

9. Delegation of Personal Information Processing

Our company abides by the relevant laws to ensure the safe management of personal information during outsourcing contracts. The list below provides details about the institutions we entrust with personal information, their tasks, and the retention and usage period for the said data.

Information and period of entrustment of the processing of personal information

Entrusted OrganizationScope of WorkRetention Period
and Usage of Personal Information
NICE INFORMATION SERVICE Co. Ltd.verification / age verification
account confirmation
(for digital currency reimbursements)
No separate storage; utilizing the pre-existing data held by the agency
Toss paymentsHandling of credit card transactions
and direct bank transfers
Until account deactivation or the conclusion
of our contractual agreement
CJ Logistics CorporationGoods Delivery
Naver Cloud Co. ltd.Notification via SMS and email
Kakao Corp.Notification via KakaoTalk

- If we decide to entrust additional parties with the processing of personal information, we will notify you in advance through written notices, emails, phone calls, or our website about the entrusted entities, their scope of activities, and the extent of the shared information.

- During the entrustment contract, we ensure that the service provider adheres to guidelines regarding the protection of personal information. This includes confidentiality maintenance, prohibition against third-party sharing, responsibility in the event of incidents, the period of entrustment, and the return or destruction of personal information after the termination of the process. All of these contractual details are kept in written or electronic format.

10. User Rights and Methods of Exercising Those Rights

A. Users can always view or edit their registered personal information and can also request account cancellation.

B. To view or edit personal information, users should log in and go to 'My Page > Edit Profile'. For account cancellation (withdrawal of consent), please reach out to the Data Protection Officer either in writing, by phone, or via email.

C. If a user requests a correction due to an error in their personal information, we will not use or provide the specific information until the correction is completed. If incorrect information has been provided to a third party, we will notify them immediately to correct it.

D. The company processes any personal information deleted or terminated upon the user's request in line with our "5. Retention and Usage Period" policy. This data cannot be accessed or used for any other purpose.

E. To protect the personal information of children under 14, our company only allows registration for those aged 14 and above, ensuring we do not collect information from younger individuals.

11. Installation/Operation and Rejection of Automatic Personal Information Collection Devices

A. We use 'cookies' to store and frequently access user information, allowing us to offer tailored services. A cookie is a small piece of information sent by the web server to a user's computer browser and may be stored on the user's PC hard drive.

- Internet Explorer : Go to Tools > Internet Options > Privacy > Advanced, and then you can choose to Block or Allow cookies

- Chrome : Navigate to Settings > Privacy & Security > Cookies and other site data, where you can choose to Block or Allow

B. Our company uses ADID/IDFA to offer tailored services and better advertising environments for our users. ADID (for Android OS) and IDFA (for iOS) are advertising IDs unique to mobile app users. They can be gathered to optimize the provision of tailored services and a more superior advertising ambiance.

- ADID : Settings > Google (Google Settings) > Ads > Opt-out of Personalized Ads

- IDFA : Settings > Privacy > Advertising > Limit Ad Tracking

However, if you opt out of ADID/IDFA collection, you might encounter limitations in accessing personalized services.

12. Technical / Administrative Measures for Personal Information Protection

Our company has implemented various technical and managerial measures to prevent the loss, theft, leak, alteration, or damage of our users' personal information.

A. Technical Measures

- Encryption of Passwords: Users' personal details are securely protected by passwords. Only the individual user knows their Member ID password, making it possible to view or change their personal information exclusively by them. Therefore, it's crucial not to disclose your password to anyone. For your safety, we recommend that after using the PC, you log out online and close the web browser. Especially when sharing a PC with others or using it in public places (such as offices, schools, libraries, internet cafés, etc.), the aforementioned procedure is crucial to prevent personal information from being exposed to others.

- State-of-the-Art Security System Installation: We are fully committed to preventing the leakage or damage of member's personal information caused by hacking or computer viruses. In anticipation of any potential damage to personal information, we regularly back up data. Using the latest antivirus software, we prevent the leakage or damage of users' personal information. Additionally, we employ encrypted communication to safely transmit personal data over the network. Furthermore, using our intrusion prevention system, we control unauthorized access from the outside. We are also making efforts to equip every possible technological tool to ensure system-wide security.

B. Administrative Measures

- Regular Training for Personal Data Protection Managers: We limit personal data handling to designated personnel, granting them unique passwords updated periodically. We consistently emphasize the importance of our data protection policy through regular training for these individuals.

- Operation of a Dedicated Personal Information Protection Division: We run an internal organization dedicated to personal data protection, monitoring compliance with our policies. Immediate corrective actions are taken if any issues are detected. However, we do not take responsibility for any breaches due to user negligence or internet-related issues, leading to the disclosure of IDs, passwords, or phone numbers.

13. Data Protection Officer & Contact Details

Users can report any personal data protection issues arising from the use of our services to the designated Data Protection Officer or the respective department. We promise to provide prompt and comprehensive responses to your reports.

Phone number
Byeong-wook Song (Personal Information Protection Manager)
E-Commerce Division
1661- 2226

Users seeking remedies for personal information breaches can request dispute resolution or consultation from entities such as the Personal Information Dispute Mediation Committee and the Personal Information Infringement Reporting Center of the Korea Internet & Security Agency. For additional inquiries or reports concerning personal data breaches, please refer to the institutions listed below.

- Personal Information Infringement Reporting Center (Managed by Korea Internet & Security Agency) (privacy.kisa.or.kr / Dial 118 without area code)

- Cyber Investigation Division, Supreme Prosecutors' Office (www.spo.go.kr / Dial 1301 without area code)

- Cyber Security Bureau, National Police Agency (cyberbureau.police.go.kr / Dial 182 without area code) - Personal Information Dispute Mediation Committee (Managed by Korea Internet & Security Agency) (www.kopico.go.kr / Dial 118 without area code, Extension 2)

14. Obligation to Notify

Should there be changes to this Privacy Policy due to amendments in legislation, policies, or changes in security technology, we will notify through our company website's announcements at least 7 days before the updated policy's enforcement date.

- Announced on: September 11, 2022

- Effective from: September 18, 2022

Privacy Policy Site Map Map

This site is optimized in the Chrome web browser.

Copyright©Rowon Holdings Cop. 2023. All Right Reserved.

Privacy Policy / Refusal to collect e-mails without permission     Site Map     Map

This site is optimized in the Chrome web browser.

Copyright©Rowon Holdings Cop. 2023. All Right Reserved.