■ General Provision
■ Information to be collected and method of collection
1. Information items to be collected
1) In order to process member registration, information to search the order in the case of nonmembers, convenient customer service, and various other services, Printing Box collects necessary personal information as follows.
- Required : ID that the user wants, password, name, telephone number, Email address
2) The process of the service use or the information as follows may be generated automatically and be collected.
- IP Address, cookie, date of visit, type of OS and browser, record of service use, Bad log
- When using mobile services: Device model, hardware ID, OS type in the device, model type
3) The following information may be collected only for the user of the service during the use of
additional service and customized service or event application if you agree to collect additional
- The addresses for delivering prizes etc., or coupon etc. that can be used after
registering the account, the name of the recipient, the landline phone number, the
mobile phone number, E-Mail, etc.
4) The following information may be collected during the use of paid services.
- Credit Card payment: Card company name, card number, etc.
- Mobile phone payment: Phone number, carrier, payment authorization number, email address, etc.
- Transferring: Bank name, account number, etc.
- Certificate: Certificate number
- Refund: Account information for refund (bank name, account number, account depositor’s name
2. Method of collection
Printing box collects the personal information in a way of the followings.
- Homepage, written form, telephone calling, fax, customer service board, e-mailing, event participation, (nonmember’s purchase included)
• Provided by partner companies
• Tools for collection of created information
■ Agreement on the collection of the personal information
■ The purpose of the collection of the personal information and its utilization
1. Printing box utilizes collected personal information for the following purposes. Other than the following reasons, the information provided by users is not used, and when there is any change, user’s agreement is required in advance.
- Name, ID, password: Used to identify users for membership service.
- Email address, telephone number: Used to communicate smoothly from delivery notice, checking
user’s opinion, and complaints handling, etc,
Guidance of new services/new products or event information
• Bank account information: Credit card information: to pay for the paid information
• Address, telephone number: to secure the correct delivery location of bills, purchased products or giveaways.
• Other selected information: to provided tailored services.
2. We do not collect certain categories of sensitive personal data, collection of which may infringe your basic civil rights (race and ethnicity, beliefs and creed, birth place and domicile, political affiliation and criminal record, health and sex life, etc.).
■ Personal Information Collection by Cookies
1. What is cookie?
2. Cookie Management
For the user’s convenience, Printing box is managing cookies. The information collected through cookies by Printing box is only user’s e-mail for account identification, and other information
is not collected. User’s e-mails collected through cookies by Printing Box is used for the following purposes.
• Provide differentiated information according to individual interests
• Post on Bulletin Board
Cookies expire at browser shutdown or logout.
■ Use Personal Information for Other Purposes and Provision of Personal Information to a Third Party
1. Other than the specified purpose for its internet services, Printing Box must not use the user’s personal information o specified purpose to provide internet services, and not provide the information to a third party without user’s consent. However, the following are exceptions.
1) When there are specific regulations in laws such as, act on real name financial transactions and confidentiality, credit information use and protection act, framework act on telecommunications, telecommunications business act, local subsidy act, consumer protection act, Korea development bank act, criminal procedure act, or, in exceptional cases, if information is provided by the related laws or by the request of the investigating agency, we must notify it to the person. It may not be notified by the grounds of laws inevitably.
2) When it is needed to settle the fare from service provision
3) When it is provided in a form that cannot identify a specific individual for statistical writing, academic research or market research.
2. The Printing Box may provide personal information of the customer to the partners or share it with the partners etc. to provide better service to the users. When we provide or share the
personal information, we notify each user of partners, personal information items provided or shared, the purpose of personal information provision or sharing, personal information protection and management, and the retention period, and seek the user’s consent in advance, and do not provide or share any information to the partners etc. without the user’s consent. Also, you may withdraw the consent at any time.
■ Reading / Modification of Personal Information
1. You can read or correct your registered personal information at any time. If you want to read and modify your personal information, please click “My Page > My Account” to read, and “Manage Member’s Info > Modify Personal Info” to modify by yourself.
2. If you request modification of errors, we will not use or provide the personal information until the modification is completed.
3. If we have already provided incorrect personal information to a third party, we will notify the third party without delay and correct the result of the modification process.
■ Withdrawal of Consent for Personal Information Collection, Use, and Provision
1. You can withdraw your consent to collect, use and provide your personal information through membership. If you want to withdraw your consent, please click “My account” on the first page of our homepage, and go to “Manage Member’s Info > Delete Account”, or contact the person in charge of personal information protection in writing, by phone or email, and we will take proper measures such as deleting the personal information immediately etc. However, to withdraw the consent on some essential items is impossible due to the characteristics of service provision, withdrawing consent on all items is the only possible by deleting account. If we take measures such as withdrawing consent or deleting personal information, we will notify the user without delay.
2. Printing box will take necessary measures to make it easier to withdraw consent to collection of personal information (delete account) than to collect personal information.
■ The Period of Retention and Use Personal Information
1. The user’s personal information is destroyed without delay after the purpose of personal information collection or use is accomplished. However, if there needs to hold it in accordance with
the provisions of laws such as commercial law, there is an exception.
1) In the case of account information, when you delete your account or are expelled
2) In the case of payment information, when the payment completion day or bond’s extinctive prescription is expired
Also, when a member has not used the service for 1 year from the last login period, the company notifies the member of the notice of destroying personal information by email before 30
days from due date of destroying to manage member’s personal information according to the ‘policy of personal information due date’. After the notice, the last service use period is renewed
by the member’s login on the service, and if the last service period of the member is not renewed for 30 days even though the member has been informed, member’s personal information
(personal information, email, contact information) is separately stored / managed (or destroyed). In order to reuse, you should log in after doing extra self-authentication.
2. Despite the principle of immediate destruction when the purpose of collecting personal information above is to be accomplished, if it is necessary to hold it for a certain period on the
grounds of confirming the relation of rights and obligations related to the transaction, we hold it for a certain time on the grounds of “Consumer Protection Act on Electronic Commerce etc.”.
- In the case of member’s information, we seek the member’s consent by demonstrating the purpose and the period of retention and retained personal information items in advance such as
deleting account or being expelled from a member, etc.
- Records on withdrawal of contract or subscription: 5 years
- Records of payment and goods supply: 5 years
- Records of consumer complaints or disputes: 3 years
3. When users require reading the transaction information retained with user’s consent, Printing Box takes measures for immediate reading.
■ Procedures and methods of destroying personal information
According to the principles, the user’s personal information is destroyed without delay after the purpose of personal information collection or use is accomplished, and the procedures and methods of destroying personal information of Printing Box are as follows.
1. Procedure of destroying
• The information entered by the user for membership, etc., is transferred to a separate DB after the purpose of use has been accomplished (in the case of paper, separate document), and destroyed after being stored for a certain period in accordance with the internal policy and on the grounds of other related laws (refer to retention and use period).
• This personal information is only used for retention and not used for any other purposes other than those governed by law.
2. Method of destroying
- Personal information printed on paper is ground by a grinder or destroyed by incineration.
- Personal information stored in an electronic file is deleted using a technical method that cannot regenerate the records of personal information.
■ User’s Right and Obligations
1. Please input the latest personal information of the user accurately and prevent any unexpected accident. The responsibility of the accident caused by the incorrect information entered by the user belongs to the user oneself, and if you input false information such as theft of other person’s information, your membership may be lost.
2. Users have the rights to protect their personal information to protect themselves and not to infringe on other’s information. Please be careful not to let your personal information including password leak, and do not damage other’s personal information including posts. If you do not fulfill such responsibilities and damage other’s information, you may be punish by “the act on promotion of information and communications network utilization and information protection, etc.”
■ Duty of Notification
it on the ‘Notice’ on our homepage at least 10 days before the changes
Security measures for User’s Personal Information Protection
■ Technical and administrative measures for personal information protection
1. Technical measures
Printing Box takes the following technical measures to ensure safety or your personal information to prevent your personal information from being lost, stolen, leaked, altered or damaged.
1) User’s personal information is protected by password, and files and transmission data are encrypted and cannot be accessed by ordinary users and administrators.
2) Printing Box uses anti-virus programs to take preventive measures against computer viruses. The anti-virus programs are updated regularly to deal with viruses.
3) Printing Box employs a security device (SSL) that can securely transmit personal information on the network using cryptographic algorithm.
4) In order to protect against hacking and other outside intrusions, we store all the information entered by users on a completely separate server computer, thereby establishing a 100% security system that is originally blocked form the threat of hacking. In addition, each server uses an intrusion prevention system and vulnerability analysis system to ensure security.
2. Administrative measures
1) Printing Box restricts access to your personal information to a minimum number of people. The minimum number of people is as follows.
(1) Those who perform marketing business directly to users.
(2) Those who perform personal information protection task such as the person in charge of personal information protection, personal information protection manager and person in charge.
(3) Those who inevitably handle personal information in other business
2) Regular in-house training and outsourcing training are conducted for employees who handle personal information, such as acquiring new security technologies and obligations for personal information protection.
3) We have internal procedures to prevent information leakage by people in advance through the security pledge of all employee at the time of joining the company and audit to monitor whether our employees comply with and fulfill the personal information policy.
4) The person who handles personal information’s takeover the business is carried out thoroughly while maintaining security, and we clarify the responsibility for personal information accidents after joining and leaving the company.
5) The server room is set as the control zone and the entrance is controlled.
6) Printing Box is NOT responsible for any mistakes made by the individual user or anything that
happens due to the fundamental risk of internet.
7) In case of loss, leakage, alteration or damage of personal information caused by mistakes from internal person in charge or from technical management, Printing Box will promptly notify the user of it and take appropriate measures and compensate.
User’s Personal Information Protection Contact
■ Feedback and Complaints
1. We value our user’s opinion, and the user has the right to receive sincere answers on the questions
2. We operate a customer service center to smoothly communicate with users and contact details are
[Customer Service Center]
Go to 1:1 Customer Service
Address: Vision O.T.S. 172 Sadangro, Dongjak-gu, Seoul
3. Phone Counselling is from 9:00 am to 6:00 pm on weekdays (Mon-Fri, not available on holidays) (Not available from 12:00~1:00 pm for lunch time)
4. We will give you sincere response to your inquiries by email, fax or mail within 24 hours from receiving. However, after working hours, or on weekends and holidays, we process it on the following working day in principle.
5. If you need consultation about other personal information, you can visit Korea Internet & Security Agency, ePrivacy Mark Authentication Committee, and the cybercrime investigative service at the Supreme Prosecutor’s Office and at the National Police.
The Person in Charge of Personal Information
■ The best way to protect personal information
1. The personal information manager is responsible for any accident against the notice provided to user to protect personal information.
2. However, despite the technological complementary measures, if the information is damaged, infringed or leaked due to the unexpected accidents caused by general risk of network such as hacking, etc., we do NOT take any responsibilities for disputes.
3. The company has NO responsibility for any conflicts according to the posts of visitors and any damage of information according to unexpected accident which are occurred by the danger on the common or basic networks, such as hacking etc., Even though technical problem
The person in charge of personal information protection and the manager are as follows and will
swiftly and fully respond to personal information questions.
The person in charge of personal information protection
• Name: Hyunjung Oh
• Position: Manager
Personal information manager
• Name: Daehee Hong
• Department: Online business department
- Phone: 1600-5942
- Fax: 02-536-5930
Please refer to the organizations below for the further consultation or report on other cases of personal
Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
- Duty : Personal Information Dispute Committee (operated by Korea Internet & Security Agency),
Dispute Mediation Application, Group Dispute Mediation, (civil settlement)
- Homepage : privacy.kisa.or.kr
- Phone : 118
- Address : (138-950) 135 Joongdaero, Songpa-gu, Seoul Korea Internet & Security Agency Personal Information Infringement Report Center
Personal Information Infringement Report Center (www.118.or.kr / 118)
ePrivacy Mark certification committee (www.eprivacy.or.kr / 02-550-9531~2)
High-tech Crime Investigation Section, Supreme Prosecutors’ Office (http://www.spo.go.kr / 02-3480-
Cyber Terror Response Center (www.ctrc.go.kr / 02-393-9112)
Effective Date of Personal Information Protection Policy: 2017-12-11