PRIVACY POLICY

INTRODUCTION

You will find in this Privacy Policy:

  1. Scope of this Privacy policy
  2. Items of personal information collected and method of collection
  3. Purpose of collecting and using personal information
  1. Disclosure of personal information to third parties
  2. International Transfer of personal information
  3. Protection of personal information
  4. Period of retention and use of personal information
  1. Rights of users
  2. Transfer of personal information
  3. Minor Use
  4. Language

 

  1. Scope of this Privacy Policy

 OnTheList., including OnTheList affiliates, (hereinafter referred to as “OnTheList”) is doing its best to ensure that personal information provided by users is protected when operating OnTheList's brand homepage. OnTheList complies with the personal information protection regulations which are required by information and communication service providers such as PERSONAL INFORMATION PROTECTION ACT, PROTECTION OF COMMUNICATIONS SECRETS ACT, TELECOMMUNICATIONS BUSINESS ACT, ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, ETC and personal information protection guidelines established by the Korean government such as the Korea Communications Commission, the Ministry of Science and Technology Information and Communication, and the Ministry of Public Administration and Security, and through its Privacy Policy, informs you of the purposes and methods of using the personal information provided by users, and what measures are being taken to protect personal information.

 

OnTheList's privacy policy is disclosed on the homepage and can be viewed easily by users at any time.

It is important that you read this Privacy Policy together with any other Privacy Policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

 

This Privacy Policy supplements other notices and Privacy Policies and is not intended to override them.

  1. Personal Information Controller

OnTheList is a “data controller” of your personal information.

In simple terms, this means that we (i) “control” your personal information, including making sure that it is kept secure; and (ii) make certain decisions on how to use and protect your personal information, but only to the extent that we have informed you about the use or as otherwise permitted by law.

  1. Contact Information and Complaints

If you have any questions about this Privacy Policy or any questions regarding our use of your personal information, please contact our Personal Information controller at 

 

OnTheList Limited
Attn: Privacy Officer

 

If you need to report or consult about other personal information infringement, please contact the following organizations.

Report Center for Personal Information Breach (Korea Internet & Security Agency) (privacy.kisa.or.kr / 02-405-5118)

Personal Information Dispute Mediation Committee (www.kopico.go.kr / 1833-6972)

OPA PRIVACY (www.eprivacy.or.kr / 02-550-9531~2)

Korean National Police Agency Cyberbureau (www.ctrc.go.kr / 182)

Supreme Prosecutors' Office Advanced Crime Investigation Center (http://www.spo.go.kr / 02-3480-2000)

National Police Agency Cyber Terror Response Center (www.ctrc.go.kr / 02-392-0330)

  1. Changes to this Privacy Policy and Personal Information

This Privacy Policy is regularly reviewed and was last updated on 12 April 2021. We may amend or update our Privacy Policy from time to time. For this purpose, we will provide you notice of amendments to this Privacy Policy and update the “last updated” date above.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

  1. Third-Party Links

The Websites and the App may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Websites or the App, we encourage you to read the privacy policy of every website you visit.

  1.  ITEMS OF PERSONAL INFORMATION COLLECTED AND METHOD OF COLLECTION

1 The types of personal information

 

When using our Websites or the App, we collect and process the following items of personal information: -

  • your first name, last name, username or similar identifier, date of birth, nationality and gender
  • your billing address, delivery address, email address and telephone numbers
  • your bank account and payment card details
  • details about payments to and from you and other details of products and services you have purchased from us
  • your IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Websites or the App
  • your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
  • information about how you use our Websites, the App and other services, for example, how often you come to our showrooms and events and
  • your preferences in receiving marketing from us and our third parties and your communication preferences (“”).

We do not collect sensitive personal information about you (e.g., Social Security numbers, Information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual)  

  1. Method of Collection Direct Interactions

We collect Identity Data, Contact Data and Financial Data about you that you provide to us by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:-

  • apply for our products or services;
  • register on our Websites or the App;
  • subscribe to our newsletter;
  • request other marketing material to be sent to you;
  • enter a competition, promotion or survey; or
  • give us feedback or contact us in any way or form.

Automated Technologies and Interactions

As you interact with our Websites or the App, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.

A cookie is a small file of letters and numbers stored by computer after being sent to your computer when you visit a website. Whenever you visit the same website again, the information stored in the cookie can be retrieved to notify the website of your previous activity. We use cookies to facilitate website navigation, maintain quality of online service, provide additional security, allow the customization of your access to the Websites and remember you when you return to the Websites.

A cookie cannot give us access to your computer or to information beyond what you provide us and we don't store personally identifiable information such as your name or address in cookies we create, but we do use encrypted information gathered from them to help improve your experience on our Websites. If you do not wish to enable cookies, you'll still be able to browse the Websites and use them for research purposes.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

When you visit our Websites, you may notice some cookies that are not related to OnTheList.

 

If you go on to another website that contains embedded content, you may be sent cookies from these websites. We do not control the setting of these cookies, so we suggest you check the third-party websites for more information about their cookies and how to manage them.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

Third Parties

We are also working closely with third parties (including, for example, analytics providers and other third -party providers of services).

We will receive personal information about you from such third parties as set out below:-

  • from analytics providers such as Google, based inside and outside the EEA;
  • from providers of payment services such as Stripe, eWay and Shopify, based inside and outside the EEA;
  • from delivery services such as Kerry Express, DHL, SF Express, Yamato Logistics, ARAMEX, On Time and CN Logistics, based inside and outside the EEA;
  • from mailing list providers such as Mailchimp, Mandrill and Twilio;

3 PURPOSE OF COLLECTING AND USING PERSONAL INFORMATION

 

Most commonly, we will use your personal information in the following circumstances:

3.1 Fulfillment of contracts for service provision and settlement of fees according to service provision

Provision of contents, provision of specific customized services, delivery of goods or sending invoices, identification, purchase and payment, collection of fees

3.2. Member Management

Membership service use and identification according to the limited identification system, personal identification, prevention of illegal use and unauthorized use of bad members, confirmation of intention to join, restriction on the number of subscriptions, confirmation of consent from legal representative when collecting personal information of children under 14, Identification of the legal representative later, preservation of records for dispute settlement, handling complaints , and delivery of notices.

3.3. Use for Marketing, Advertising

We may use your personal information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

You will receive marketing emails and newsletters from us if you have requested information from us or purchased products or services from us, or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have expressly consented to receiving such marketing emails and newsletters.  

We will get your express opt-in consent before we share your personal information with any third party for marketing purposes

  1. DISCLOSURES OF YOUR PERSONAL INFORMATION TO THIRD PARTIES

In principle, we do not disclose users' personal information to the outside.

However, the following cases are exceptions:

  • When the user who is the subject of personal information agrees to provide in advance
  • In accordance with the provisions of the law or at the request of an investigative agency for the purpose of investigation in accordance with the procedures and methods specified in the law
  • When the information subject or its legal representative is in a state where it is not possible to express his or her intention, or when prior consent cannot be obtained due to an unknown address, etc. and it is clearly deemed necessary for the benefit of the imminent life, body or property of the information subject or a third party

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal Information for their own purposes and only permit them to process your personal Information for specified purposes and in accordance with our instructions.

  1. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

Your personal information may be stored and processed in any country where we have facilities or service providers, and by using our Service or by providing consent to us (where required by law), your information may be transferred to countries outside of your country of residence, including to the EEA, which may provide for different data protection rules than in your country.  Appropriate contractual and other measures are in place to protect personal information when it is transferred to our affiliates or third parties in other countries.

 

Please do not hesitate to contact us anytime if you want further information on the specific mechanism used by us when transferring your personal information.

  1. PROTECTION OF YOUR PERSONAL INFORMATION

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  1. RETENTION OF PERSONAL INFORMATION

We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

 

Therefore, the following information is retained for the specified period for the reasons below.

Retention of member information for a certain period of time specified by related laws if it is necessary to preserve it in accordance with the provisions of related laws such as Commercial Law, ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.

  1. a) Items to be retained: Records on contract or withdrawal of subscription, etc.

- Laws for grounds and policies: ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC

- Retention period: 5 years

  1. b) Items to be retained: Records on payment and supply of goods, etc.

- Laws for grounds and policies: ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC

- Retention period: 5 years

  1. c) Items to be retained: Records on consumer complaints or dispute settlement

- Laws for grounds and policies: ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC

- Retention period: 3 years

  1. d) Items to be retained: Records on display/advertising

- Laws for grounds and policies: ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC

- Retention period: 6 months

  1. e) Items to be retained: Books and supporting documents for all transactions prescribed by the tax law

- Laws for grounds and policies: FRAMEWORK ACT ON NATIONAL TAXES

Retention period: 5 years

  1. f) Items to be retained: Records on electronic financial transactions

- Laws for grounds and policies: ELECTRONIC FINANCIAL TRANSACTIONS ACT.

Retention period: 5 years

  1. g) Items to be retained: Service visit history

- Laws for grounds and policies: PROTECTION OF COMMUNICATIONS SECRETS ACT, Act on Information and Communication Network

Retention period: 1 year

  1. h) Items to be retained: Illegal use record

- Laws for grounds and policies: Company internal policy

- Retention period: 1 years

  1. USERS LEGAL RIGHTS:

You are entitled, in accordance with the Personal Information Protection Act “PIPA”), to check whether we hold Personal Information about you and to have access to those Personal informations. Article 35 (Access to Personal Information) If you have accessed to your personal information pursuant to this Article 35, you may request a correction or erasure or a suspension of such personal information from the relevant personal information controller. Requests for access to or to correct personal information should be addressed to our Privacy officer at 

If a user requests correction of errors in personal information, the personal information will not be used or provided until the correction is completed.

In addition, if incorrect personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that correction can be made.

  1. TRANSFER OF PERSONAL INFORMATION

 

In the event that we decide to cease our business inSouth Korea,  and transfer your personal information to another entity as part of a transfer or merger of all or part of the business, we must notify you in advance of:

 

  • The fact that the personal information will be transferred.
  • The name and contact information of the entity acquiring the information.
  • The methods and procedures for objecting to the information transfer.

 

  1. USE BY MINOR

The Service is not directed to individuals under the age of 14, and we request that these individuals not provide personal information through the Service. If your child has submitted Personal Information and you would like to request that such Personal Information be removed, please contact us.

 

11 LANGUAGE

 

This Privacy Policy is drafted in English. and Korean.  If there is a conflict between the English and the Korean version of this Privacy Policy, the English version shall prevail to the maximum extent permitted by law.