Namyang Dairy Products Co., Ltd. (hereinafter referred to as "the Company") values customer privacy
and complies with the Personal Information Protection Act and the Act on Promotion of Information and
Communications Network Utilization and Information Protection.
The Company publishes its privacy policy on the homepage's first screen, allowing customers to easily
view how their personal information is used and the measures the Company takes to protect it.
The Company has established procedures for revising its privacy policy to facilitate continuous
improvement and may modify the policy to accommodate necessary social changes affecting the
Company.
When revising the privacy policy, we assign version numbers to help customers easily identify the
amended items.
1. Purpose of Collection and Use of Personal Information
2. Retention and Period of Use of Personal Information
3. Provision of Personal Information to Third Parties
4. Outsourcing of Personal Information Processing
5. Procedures and Methods for Destruction of Personal Information
6. Rights of Data Subjects and How to Exercise Them
8. Measures to Ensure the Security of Personal Information
9. Personal Information Protection Officer and Manager
1. Purpose of Collection and Use of Personal Information
The Company collects only the essential information required to provide basic services and obtains separate consent when collecting information to provide services tailored to each customer's preferences and needs. There are no restrictions on using essential services even if optional information is not entered.
The Company does not collect sensitive personal information that may raise concerns about infringement of customers' fundamental human rights, such as their race, ethnicity, thoughts and beliefs, place of origin, permanent address, political tendencies, or criminal records. Additionally, the Company may receive personal information from external companies or organizations affiliated with the Company. In such cases, the affiliated company provides the information to our Company after obtaining consent for the provision of personal information from users in accordance with the Personal Information Protection Act.
The Company collects and uses personal information as follows:
|
Category |
Collection/Usage Items |
Collection/Usage Purpose |
|
|
Common |
Member Registration and Management |
[Required] Personal identification information (Connected Information (CI), Duplicate Registration Confirmation Information (DI), date of birth, gender, and other information necessary for personal identification, once during initial identity verification), name, ID, password, mobile phone number, email, date of birth, gender |
Personal verification and identification for member service provision, contact for contract fulfillment, information provision according to service use (delivery of notices, confirmation of personal intention, service-related consultation, handling of civil complaints, etc.), prevention of improper use and unauthorized use by problematic members, confirmation of service usage history and statistical analysis for service improvement |
|
Member Registration and Management |
[Required] Connected Information (CI), name, date of birth, gender, mobile phone number, email |
||
|
Child Information |
[Required] Child information (name (fetal name), date of birth (expected delivery date)) |
Providing one-on-one baby stool consultation service, providing baby food experience group service, providing child-customized service, storybook, smart calendar service use, statistics and surveys, and goods delivery |
|
|
Pregnancy/Childbirth Stage Celebration Gifts, |
[Required] Name, mobile phone number, address |
Delivery of celebration gifts for each stage of pregnancy/childbirth, event prizes, etc., provision of personalized services and benefits, marketing and advertising for the introduction of new services (products) |
|
|
Social Media Simple Login |
[Required] Kakao (Identification ID, Access Token, Refresh Token), Naver (Identification ID, AccessToken, RefreshToken), Facebook (Identification ID, AccessToken), Apple (Identification ID, AccessToken) |
Social Media Simple Login Utilization |
|
|
Namyang Mall |
Product Purchase |
[Required] Personal identification
information (Connected Information (CI), Duplicate Registration Confirmation Information
(DI), date of birth, gender, and other information necessary for personal identification,
once during initial identity verification), orderer's name, orderer's mobile phone number,
orderer's email, recipient's name, recipient's mobile phone number, shipping address,
entrance password (if entered) |
Product ordering and delivery (including home delivery), confirmation of shipping address, and contact information |
|
Payment Refund |
[Required] Refund account information (account holder, bank name, account number) |
Processing refunds for product purchases |
|
|
Non-member Product Purchase |
[Required] Personal identification information (Connected Information
(CI), Duplicate Registration Confirmation Information (DI), date of birth, gender, and other
information necessary for personal identification, once during initial identity
verification), orderer's name, orderer's mobile phone number, orderer's email, recipient's
name, recipient's mobile phone number, shipping address |
Personal verification and identification, non-member product ordering and delivery, confirmation of shipping address and contact information, and provision of information according to service use (including delivery of notices, confirmation of personal intentions, service-related consultations, and handling of civil complaints) |
|
|
Store Entry Inquiry |
[Required] Name, email, mobile phone number |
Receipt of store entry inquiries and response to results |
|
|
1:1 Inquiry |
[Required] Name, email, mobile phone number |
Receipt and processing of inquiries, retrieval of claim products |
|
|
Namyang I |
Breast Milk Analysis Service |
<Sensitive Information> [Required] Breast milk components, breast
milk analysis results |
Breast milk nutrition analysis and result confirmation |
|
1:1 Baby Stool Consultation Service |
<Sensitive Information> [Required] Feeding type, feeding amount
(daily), stool frequency, stool consistency, stool color, presence of lumpy stool, baby
stool analysis results, attachment (baby stool photo) |
Baby stool analysis and result confirmation, use as research material for the Namyang Dairy Products Research Institute |
|
|
Storybook Creation |
[Required] Profile picture, child information |
New storybook creation |
|
|
1:1 Inquiry |
[Required] Name, email, mobile phone number |
Receipt and processing of inquiries, claim product retrieval |
|
|
Partnership/ |
[Required] Name, email, mobile phone number |
Receipt of partnership/suggestion inquiries and response to results |
|
|
Official Website |
Talent Recruitment |
[Required] Name (Korean, Chinese characters, English), date of birth,
password, address and residence, phone number, mobile phone number, email, educational
background (graduation completion and grade-related information), career information (when
applying for experienced positions), completed courses, desired position/workplace,
self-introduction related information, national merit status |
Providing job application services and applicant verification, conducting and managing recruitment process procedures, handling recruitment-related guidance and inquiries |
|
Talent Recruitment |
[Required] Relationship to merit recipient, type, merit number |
National merit status verification |
|
|
Recruitment Inquiry |
[Required] Name, mobile phone number, email address |
Handling applicant inquiries |
|
|
Cyber Reporting Center Report |
[Optional] Name, contact information, email |
Receipt and processing of cyber reporting center reports |
|
|
Factory Tour |
[Required] Applicant, contact information, email |
Receipt of factory tour applications and selection notification |
|
|
Eco-friendly Classroom |
[Required] Applicant, contact information, email |
Receipt of eco-friendly classroom applications and selection notification |
|
|
Visiting Food Car |
[Required] Applicant, contact information, email |
Receipt of visiting food car applications and selection notification |
|
|
Voice of Customer |
[Required] Name, contact information, email, title,
content |
Receipt and processing of inquiries, claim product retrieval |
|
|
Suggestion |
[Required] Name, contact information, email, response method, suggestion
type, title, inquiry content |
Processing of tasks such as the verification of suggestion content |
|
|
Report |
[Required] Target company for report, target person for report, report
target type, title, inquiry content |
Receipt and processing of suggestions |
|
|
Other |
Generated/Collected during Service Use or Business Processing |
IP address, UserAgent, access time, mobile device information (OS information, UUID, advertising identifier, push token) |
Service usage record statistical analysis and quality management |
2. Retention and Period of Use of Personal Information
In principle, when a customer requests membership withdrawal or withdraws consent for the collection and use of personal information, or when the purpose of collecting and using personal information is achieved or the retention and usage period has ended, the relevant personal information will be destroyed without delay.
The processing and retention periods for each type of personal information are as follows:
|
Category |
Retention Period |
Notes |
|
|
Common |
Member Registration and Management |
Immediately destroyed upon membership withdrawal |
However, retained for the statutory retention period if preservation is necessary according to relevant laws |
|
Pregnancy/Childbirth Stage Celebration Gifts, |
|||
|
Child Information |
|||
|
Social Media Simple Login |
|||
|
Namyang Mall |
Product Purchase |
Destroyed after 5 years of retention |
|
|
Payment Refund |
|||
|
Non-member Product Purchase |
|||
|
1:1 Inquiry |
Destroyed 3 years after the date of inquiry |
||
|
Store Entry Inquiry |
Destroyed 1 year after the date of the store entry inquiry |
||
|
Namyang I |
Breast Milk Analysis Service |
Immediately destroyed after 1 year of retention from the date of analysis result registration or upon membership withdrawal |
|
|
1:1 Baby Stool Consultation Service |
|||
|
Storybook Creation |
Until storybook deletion or membership withdrawal |
||
|
1:1 Inquiry |
Destroyed 3 years after the date of inquiry |
||
|
Partnership/Suggestion Inquiry |
Destroyed 1 year after the date of the partnership/suggestion inquiry |
||
|
Official Homepage |
Talent Recruitment |
Destroyed 6 months after the document submission deadline |
|
|
Recruitment Inquiry |
Destroyed 3 months after the date of inquiry |
||
|
Cyber Reporting Center Report |
The validity period of collected personal information is until destruction after the completion of case processing related to internal reporting |
||
|
Factory Tour |
Destroyed 6 months after the application date |
||
|
Eco-friendly Classroom |
|||
|
Visiting Food Car |
|||
|
Voice of Customer |
Destroyed 3 years after the registration date |
||
|
Suggestion |
Destroyed 1 year after the date of completion of the final processing |
1. Retained for the statutory retention
period if preservation is necessary according to relevant laws
|
|
|
Report |
1. Retained for the statutory retention
period if preservation is necessary according to relevant laws
|
||
The statutory retention periods for personal information are as follows:
- Records concerning contracts or the withdrawal of subscription
Act on Consumer Protection in Electronic Commerce, etc.
Retention period: 5 years
- Records pertaining to payment of prices and supply of goods, etc.
Act on Consumer Protection in Electronic Commerce, etc.
Retention period: 5 years
- Records concerning consumer complaints or dispute resolution
Act on Consumer Protection in Electronic Commerce, etc.
Retention period: 3 years
- Service usage records, access logs, access IP information, etc.
Protection of Communications Secrets Act
Retention period: 3 months
3. Provision of Personal Information to Third Parties
The Company provides personal information to third parties within the scope of consent received from customers or as permitted by relevant laws. It does not use or disclose it to individuals, other companies, or institutions beyond this scope.
|
Provider |
Purpose of Use by Provider |
Personal Information Items Provided |
Provider's Retention and Usage Period |
|
[Product Selling Companies] |
Checking order details and product delivery, customer consultation, and complaint handling |
[Required] Orderer's name, orderer's mobile
phone number, orderer's email, recipient's name, recipient's mobile phone number, shipping
address |
Service provision period (retained for the applicable period if preservation is necessary according to the provisions of relevant laws) |
|
[Health Checkup Hospitals] |
Verification of health checkup status |
Name, contact information, date of birth |
Until the end of the health checkup verification |
|
National Veterans Service |
Verification of veteran status |
Name, contact information, veteran number |
Until the end of the veteran status verification |
|
KB Kookmin Bank |
Verification of subscribers between Namyang Mall and Namyang PAY and provision of Namyang PAY services to Namyang Mall users |
Member identification number |
Until the achievement of the usage purpose, unless there is a preservation obligation under relevant laws |
|
Han & Company CSG (Audit Office) |
Review of the suggestion content |
Name, E-mail address, phone (mobile) number |
Destroyed 1 year after the date of completion of the final processing |
|
Investigation of report content |
4. Outsourcing of Personal Information Processing
The Company outsources some of its operations to external specialized companies, as follows, to enhance services, stipulate necessary matters, and manage and supervise to ensure that the entrusted companies process personal information in a safe manner in accordance with the Personal Information Protection Act.
|
Trustee (Outsourced Company) |
Outsourced Business Content |
Retention and Usage Period |
Re-entrusted Company |
|
Enliple Co., Ltd. |
Data processing and system maintenance, web log analysis |
Until membership withdrawal or fulfillment of the outsourcing purpose |
Luna Soft |
|
Company Agencies |
Home delivery order confirmation and product delivery |
|
|
|
NICE Payments Co., Ltd. |
Payment processing |
|
|
|
ISG Industry, MJ Korea, CJ Logistics |
Product delivery |
|
|
|
Igini Co., Ltd. |
NAVER Cloud MSP and control service provision |
NAVER Cloud Corporation |
|
|
NHN Korean Cyber Payment Co., Ltd. |
Real name/identity verification |
Not separately stored |
|
|
Daou Technology Co., Ltd. |
SMS transmission |
Until the fulfillment of the outsourcing purpose |
|
|
Hana Ad |
Event agency and prize delivery |
|
|
|
Gravy Lab |
Recruitment process (AI Culture-fit diagnosis) implementation |
Destroyed 6 months after the end of the procedure |
|
|
Abyz Co., Ltd. |
Use of the orderer and delivery information when ordering planners |
Until the end of the outsourcing contract |
|
- When concluding outsourcing contracts, we clearly stipulate strict compliance with personal information protection-related instructions, prohibitions concerning personal information, and liability in the event of accidents to ensure the safety of personal information.
'- If the content of the outsourced business or the entrusted company changes, we will promptly disclose this information through this privacy policy.
5. Procedures and Methods for Destruction of Personal Information
In principle, the Company destroys relevant information without delay after the purpose of collecting and using personal information has been achieved. The destruction procedures and methods are as follows:
°Destruction Procedure
Information entered by members for membership registration, etc., is transferred to a separate DB (a separate file cabinet in the case of paper) after the purpose is achieved and is stored for a certain period according to information protection reasons under internal policies and other relevant laws (refer to retention and usage period) before being destroyed. Personal information transferred to a separate DB is not used for any purpose other than retention unless required by law.
°Destruction Method
- Personal information stored in electronic file format is deleted using technical methods that prevent the records from being reproduced.
- Personal information printed on paper is shredded using a shredder or incinerated.
6. Rights of Data Subjects and How to Exercise Them
We protect customers' rights as follows:
1) You can view and modify your personal information at any time.
° You can view and modify the personal information of the data subject being processed by the Company.
° Member information can be viewed at 'My Page > My Information > Member Information Confirmation'.
° If you wish to access personal information that cannot be viewed through the service, please contact our customer center. We will take action within 10 business days, unless there are exceptional circumstances. However, if there are reasons for delay or inability to access, we will inform you promptly.
2) You can request correction or deletion of your personal information at any time.
° You can request correction or deletion of the personal information of the data subject being processed by the Company.
° Member information can be processed using 'My Page > Member Information > Member Information Confirmation' or the customer center. For this purpose, authentication procedures such as identity verification may be carried out.
° When a data subject requests the correction of errors in their personal information, we will not use or provide the information until the correction is complete. If personal information containing errors has already been provided to a third party, we will notify the recipient of the correction so that they can take appropriate action.
3) You can request the withdrawal of your consent to the use of personal information and terminate your membership at any time.
° Withdrawal of consent, deletion, and suspension of processing regarding the provision of personal information can be processed at 'My Page > Member Information > Member Withdrawal'. However, when making such requests, part or all of the service may be restricted. In the case of information collected under other laws, it may be challenging to withdraw consent, delete, or suspend processing.
7. Information Regarding Installation and Operation of Automatic Personal Information Collection Devices and Their Rejection
The Company may install and operate "cookies" that store and periodically retrieve customer information to provide individualized, customized services to customers. A cookie is a small amount of information that is stored on a customer's PC through the customer's web browser when the customer accesses a website. When a customer accesses a website, the Company can read the contents of cookies in the customer's browser, gather additional information, and provide services to the customer without requiring further input of information, such as a name, upon access.
Information collected by the Company through cookies may be used for the following purposes:
- Analyzing the frequency and duration of access for members and non-members, understanding customers' preferences and areas of interest, and using this as a measure for service improvement
- Tracking the history of content browsed with interest to provide personalized services on subsequent access
- Providing differentiated information by identifying the level of event participation and the number of visits
Customers have the option to choose whether to install cookies.
In the "Tools > Internet Options > Privacy > Advanced" section at the top of the web browser, you can accept all cookies, be notified when cookies are installed, or reject all cookies. However, if a customer rejects cookie installation, they may experience inconvenience when using the service.
- Cookie Installation and Rejection Methods
1) Internet Explorer: Tools > Internet Options > Privacy > Advanced > Select Allow/Block
2) Chrome: Settings > Privacy and Security > Cookies and Other Site Data > Set Cookie Level
3) Edge: Settings > Cookies and Site Permissions > Cookies and Site Data > Set Cookie Level
4) Safari: Preferences > Privacy > Cookies and Website Data > Set Cookie Level
Cookies expire when the browser is closed or when you log out.
8. Measures to Ensure the Security of Personal Information
The Company is implementing the following technical/administrative measures to ensure security so that personal information is not lost, stolen, leaked, altered, or damaged when processing customer personal information:
Password Encryption
- The Company's member ID passwords are encrypted, stored, and managed so that only the individual knows them. Confirmation and modification of personal information are only possible by the individual who knows the password.
Countermeasures Against Hacking
- The Company is striving its utmost to prevent the leakage or damage of members' personal information due to hacking or computer viruses. To prepare for potential damage to personal information, we regularly back up data, utilize the latest antivirus programs to prevent leakage or damage to data subjects' personal information or data, and enable the secure transmission of personal information over the network through encrypted communication. We also control unauthorized access from outside using intrusion prevention systems and strive to equip all possible technical devices to secure them systematically.
Minimization and Education of Handling Staff
- The Company limits the handling of personal information to designated personnel, assigns separate passwords for this purpose, regularly updates them, and consistently emphasizes compliance with NamyangI.com's privacy policy through periodic training of personnel.
- Operation of Personal Information Protection Dedicated Organization
Through in-house dedicated organizations for personal information protection, we strive to promptly correct and rectify any issues identified by reviewing the implementation of NamyangI.com's privacy policy and compliance by the person in charge. However, the Company assumes no responsibility for problems arising from the leakage of personal information such as ID, password, or resident registration number due to the carelessness of the data subject themselves or issues on the Internet.
9. Personal Information Protection Officer and Manager
The Company is doing its best to protect personal information, allowing customers to use the service safely. However, despite implementing technical supplementary measures, we are not responsible for unexpected accidents that occur due to basic network risks, such as hacking, which may result in damaged information or disputes arising from posts written by visitors. The Company has designated personal information protection officers and managers as follows to handle customer inquiries and complaints related to personal information, responding promptly and sincerely to customer requests. Additionally, customers can request access to their personal information under Article 35 of the Personal Information Protection Act by contacting the department responsible for handling complaints regarding personal information.
1) Personal Information Protection Officer
|
Category |
Name |
Phone Number |
|
|
Employees/Recruitment |
Director Heo Tae-gwan |
02-736-0872 |
webmaster@namyangi.com |
|
Social Media/Customer Consultation |
Director Shin Hyun-jung |
02-736-0872 |
webmaster@namyangi.com |
|
Namyang Mall/DM |
Division Manager Kwak Jae-woo |
02-736-0872 |
webmaster@namyangi.com |
|
Door-to-Door Sales/Open Market |
Division Manager Park Su-jung |
02-736-0872 |
webmaster@namyangi.com |
|
Corporate/Brand |
Team Leader Kim Na-young |
02-736-0872 |
webmaster@namyangi.com |
2) Customer Service Department
Department: CRM Team
Phone Number: 02-736-0872 / 02-734-1305
Fax Number: 02-733-6389
Email : webmaster@namyangi.com
Address: Namyang Dairy Products Co., Ltd., Dosan 240 Building, 240 Dosan-daero, Gangnam-gu, Seoul
For other reports or consultations regarding personal information infringement, you can contact the following institutions:
1) Personal Information Infringement Report Center (privacy.kisa.or.kr/main.do / Without area code 118)
2) Supreme Prosecutors' Office Cyber Investigation Division (http://www.spo.go.kr / Without area code 1301)
3) National Police Agency Cyber Investigation Bureau (ecrm.police.go.kr / Without area code 182)
4) Personal Information Dispute Mediation Committee (www.kopico.go.kr / Without area code 1833-6972)
10. Other Matters
- Child's Personal Information Protection
The Company does not accept membership registration of children under the age of 14 to protect their personal information.
- Linked Sites
The Company may provide links to other companies' websites or materials to customers. In this case, the Company has no control over external sites and materials, and therefore is not responsible for the accuracy, usefulness, or other aspects of services or materials provided by the relevant site. The Company makes no guarantees. If you click on a link included in NamyangI.com to move to another site's page, the privacy policy of that site is irrelevant to the Company. Hence, please review the policy of the newly visited site.
- Possibility of Disclosure of Sensitive Information
The Company does not disclose sensitive information collected in the process of providing services.
11. Notification Obligations
When there are additions, deletions, or modifications to the current privacy policy, we will notify you through the website's announcements at least seven days prior to the revision.
If the privacy policy is updated due to changes in the collection, use, or disclosure of personal information or the provision of such information to third parties, separate consent will be obtained from the data subject.
Privacy Policy Version Number : V.29.2
Announcement Date: March 13, 2025
Enforcement Date: March 20, 2025