Policies to safely protect your valuable information.
Dermanova Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses the following privacy policy to protect users' personal information and to handle grievances promptly and smoothly in accordance with Article 30 of the 「Personal Information Protection Act」.
The Company collects only the minimum personal information necessary for membership management, service provision, contract fulfillment, customer consultation, marketing, and complaint handling, and does not use it for purposes other than those intended.
The Company processes and retains personal information within the period specified by law or the period agreed upon when collecting personal information from the user, and destroys it without delay when the retention period expires.
We collect minimum items required for membership registration, order/payment, and customer center use (name, contact information, address, payment information, etc.), and clearly distinguish between mandatory and optional items.
In principle, the Company restricts membership registration for children under the age of 14, and collects and uses personal information with the consent of a legal representative if necessary.
The Company does not provide personal information to third parties unless there is the user's consent or special provisions in the law. If provision is inevitable, we will notify and obtain consent in advance.
We may entrust processing to external professional companies to improve services, and when concluding an entrustment contract, we supervise compliance with personal information protection related laws.
Personal information is destroyed when it becomes unnecessary, such as when the retention period has elapsed or the purpose of processing has been achieved. Electronic files are destroyed using methods that cannot be restored, and paper documents are shredded or incinerated.
Users may request access, correction, deletion, or suspension of processing of their personal information at any time, and the Company will take action without delay. Legal representatives may exercise the above rights.
The Company safely manages personal information through technical and administrative protection measures such as personal information encryption, access authority management, and security program installation.
We may use cookies, etc. to provide customized services, and users can refuse to save or delete them through browser settings.
The Company designates a Chief Privacy Officer and a person in charge to be responsible for personal information protection and complaint handling. Specific contact information can be found on the Customer Center page.
Users may apply for dispute resolution or consultation to relevant organizations such as the Personal Information Dispute Mediation Committee and the Korea Internet & Security Agency Personal Information Infringement Report Center for remedies for damage caused by personal information infringement.
The Company may amend the Privacy Policy in accordance with laws, policies, or internal operation policies, and will announce it at least 7 days prior to the amendment. In case of significant changes to users, notice will be given 30 days in advance.
(Effective Date) This Privacy Policy is effective from January 1, 2024.