Nexxen Cosmetic

[Privacy Policy]

Nexxen Cosmetic (“the Company”) complies with laws and regulations related to personal information, including the Promotion of Information and Communication Network Usage and Information Protection Act and the Personal Information Protection Act. This Privacy Policy (“the Policy”) is implemented to protect the rights and interests of the users.

This Policy sets out how the Company uses the information and the purposes and method of such use. It also describes the measures the Company takes to protect personal information it collects. The Company will notify you through the corporate website (or individual notices) of any change to the Policy.

■ Information to be collected and method of collection

The Company collects the following personal information to prevent abusive ordering, inquiring and general misuse of the Company's website:

- Items to be collected: Name, telephone number, country, e-mail, records of visits, logins, connection IP information

- Method of collection: via the website (when ordering & making inquiries)

■ Purpose of Collection and Use of Personal Information

a. Development of new services

The Company can develop more useful services based on the personal information provided by its users. When developing new services or expanding the contents of the services, the Company can, more efficiently prioritize the services based on the personal information provided by the existing users, and can rationally select contents to meet the requirements of the users better.

b. Marketing and Advertisement

Providing information and customized services upon the development of new services and events; providing services and advertising according to demographic characteristics; understanding access frequency or statistics on the use of the services by the members

■ Period of Retention and Use of Personal Information

In principle, the Company destroys personal information of the users without delay when the purposes of its collection and use have been realized. However, the Company may retain personal information of the users in following cases for a specific period:

a. For internal use according to the Company's policy:

– records of unlawful use: to prevent further abuse

– retention period: for a year from the date of abuse

b. For external requirements pursuant to relevant laws and regulations:

– Records on contracts or withdrawal of subscription: 5 years (The Act on Consumer Protection in Electronic Commerce)

– Record on payment and supply of goods: 5 years (The Act on Consumer Protection in Electronic Commerce)

– Record on consumer complaint or dispute treatment: 3 years (The Act on Consumer Protection in Electronic Commerce)

– Records on visits (login): 3 months (The Protection of Communications Secrets Act)

■ Procedure and method of destruction of personal information

The Company destroys information of the users in the following way immediately after the purposes of its collection and use have been realized:

a. Destruction Procedure

The information entered by the user for his/her use of the Company’s services is transferred to a separate DB after the purpose has been realized. In case of hard copy information, it is retained in a separate filing cabinet for a specific period (see the Period of Retention and Use) according to the Company’s policy and other relevant laws and regulations. Personal information transferred to a separate DB will not be used for any purposes unless otherwise provided by law.

b. Destruction Method

– Hard copies of personal information: shredded or incinerated

– Soft copies of personal information: by a technical method ensuring that the information so destroyed cannot be restored

■ Provision of personal information to a 3rd party

Except for the following cases, the Company does not disclose or provide personal information of the users to a 3rd party:

- The Company had obtained consent from the user in advance;

- Disclosure requested by an investigation bureau for detecting crimes under the procedure and method as prescribed in the applicable laws and regulations

■ Commissioning of the collected personal information

The Company entrusts users’ information to outsourcing companies to handle the information for the provision of better services to the users. The Company sets out the requirements to ensure that the personal information commissioned can be safely managed by the outsourcing companies.

■ Rights of Users and their Legal Representative and Exercise of the Rights

If a user requests for correction of an error in his/her personal information, the Company will not use or provide that information until it is corrected. Moreover, if the wrong personal information is already provided to a third party, the Company will notify the third party without delay to correct the information.

- The Company shall, at the request of the user or his/her legal representative, terminate or delete the personal information according to Article "3. Period of Retention and Use of Personal Information" and shall ensure that the information is not disclosed or provided for any other purposes.

■ Using Cookies

The Company operates cookies for the provision of personalized and customized services to its users and the storage and loading of user information. Cookies are tiny text files to be sent to the browser of the users by the Company’s server which is used for the operation of the Company’s websites and will be stored in the hard-disk of the users' computer.

a. Purpose of using Cookies

To provide targeted marketing and customized services through analysis of user's access frequency and time of visit, identification of user's taste and interests, traceability, attendance at various events and number of visits

b. Installation and operation of Cookies

c. Method of Refusing Cookie Installation

Users have options for cookie installation: They may select an option to allow all cookies on the web browser, an option to have each cookie checked whenever it is saved, or an option to refuse all cookies to be saved. If the user rejects the installation of cookies, it may be difficult for that user to use some of the services provided by the Company.

To set an option (with Internet Explorer): Tool at the top of the browser -> Internet Option -> Personal Information

■ Staff responsible for managing personal information

The Company is striving to ensure that users have access to valuable information safely. If an adverse event occurs against the protection of personal information, the Company shall be entirely responsible. However, the Company will not be held liable for any damage caused by unexpected accidents in spite of the extensive technological measures it has taken, caused by major risks involved in the network such as hacking or various disputes arising out of the articles posted by visitors. The person responsible for handling your personal information is as follows, and he will respond promptly and faithfully to your inquiries about personal information.

Name of staff responsible for managing personal information: [Sang-gi Park]

Tel.: [02-2216-4501]

E-mail: [online@leeblese.com]

■ Customer Service related to personal information

To protect customers’ personal information and to deal with complaints related to personal information, the Company has designated an exclusive team as follows:

Name of the Team: Online Business Unit

Tel.: 02-2216-4501

E-mail: online@leeblese.com

You may notify the person in charge of personal information protection or the department in charge of any complaints related to the protection of personal information, which you may have during your use of the services of the Company. The Company will respond promptly to the users' complaints. If you need to report or discuss other infringement or violation concerning privacy, please contact any of the following organizations:

– Personal Information Dispute Mediation Committee (www.1336.or.kr/1336)

– ePrivacy Committee (www.eprivacy.or.kr/02-580-0533~4)

– Cybercrime Investigation Division, Supreme Prosecutors’ Office of Republic of Korea (http://icic.sppo.go.kr/02-3480-3600)

– Korean National Police Agency Cyber Bureau (www.ctrc.go.kr/02-392-0330)

■ Duty to Notify

a. Further information concerning the protection of personal information including this Policy is disclosed on the first page of the Company’s website for the users to have instant and easy access.

b. When there is any addition, deletion or modification of material provisions herein following any changes in the statutes, Policy, or security technology, the Company will notify you of such changes, reasons, and details on the Company's website before implementing the proposed changes.

c. The contents of this Policy may change from time to time, so please check every time you visit the Company's website.