Nemoz Privacy Policy
Effective Date: January 20, 2026
Article 1 (Purpose of Processing Personal Information)
Nemoz Lab Co., Ltd. (hereinafter referred to as the “Company”) values the personal information of its users and complies with applicable laws, including the Personal Information Protection Act. This Privacy Policy applies to the Nemoz App, Nemoz Shop, and all related websites and ancillary services operated by the Company.
Personal information processed by the Company shall not be used for purposes other than those stated below. If the purpose of use changes, the Company shall take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
A. Membership Registration and Management
• Verification of intent to register and eligibility (14 years or older)
• Identification and authentication for member services
• Membership registration, withdrawal, and status management
• Delivery of notices and announcements
B. Provision of Goods or Services
• Provision of content; processing of purchases, changes, and cancellations
• Delivery of goods and billing
• Identity verification for financial transactions, payment processing, and settlements
• Prevention of fraudulent or unauthorized use
• Personalized services and usage statistics
C. Customer Support and Complaint Handling
• Communication channels for handling complaints
• Contact for inquiries and fact-finding
• Record retention for dispute resolution
D. Marketing and Advertising (with consent)
• Information on new services, products, and events
• Delivery of prizes for events and promotions
E. Service Improvement and Statistics
• Analysis of access frequency and service usage
• Use of pseudonymized data for AI training and service quality improvement
Article 2 (Items of Personal Information Collected and Collection Methods)
A. Items Collected
| Category | Required Items | Optional Items |
| Upon Registration | Email address, password (encrypted), nickname | Name, mobile number |
| Upon Purchase | Orderer information, shipping information, payment information | Delivery requests |
| During Service Use | Device information, logs, usage records, NEMO Album tag records, app version, language, country/region, time zone | Location data |
| Customer Inquiries | Email address, inquiry contents | Attachments |
| Automatically Generated | Usage logs, cookies, IP address, payment records, fraud records, advertising identifiers (ADID/IDFA) | |
B. Collection Methods
• Website and mobile app registration and usage
• Customer support, email, bulletin boards, and inquiries via hotline
• Event participation and delivery requests
• Automatic collection through data collection tools
Article 3 (Retention and Use Period)
Personal information will be destroyed without delay once the purpose of collection and use has been fulfilled, except as required by law or as otherwise specified below.
A. Based on Internal Policy
Retained for 1 year after contract termination to prevent abuse and resolve disputes.
B. Legal Retention
| Item | Retention Period | Legal Basis |
| Records of advertising | 6 months | Act on Consumer Protection in Electronic Commerce |
| Contracts and withdrawals | 5 years | |
| Payments and supply of goods | 5 years | |
| Consumer complaints and disputes | 3 years | |
| Website access logs | 3 months | Protection of Communications Secrets Act |
Article 4 (Provision of Personal Information to Third Parties)
The Company does not provide personal information to third parties except:
1. With prior user consent
2. When required by law or investigative authorities
3. When processed in anonymized form for statistics, academic research, or marketing purposes only if it is necessary
Article 5 (Outsourcing of Personal Information Processing)
The Company outsources personal information processing tasks to external professional service providers as follows in order to provide its services. The entrusted companies retain personal information until the end of the outsourcing contract and destroy it without delay thereafter. Personal information is provided only to the relevant companies according to the payment method and delivery method selected by the user.
| Entrusted Company | Details of Outsourced Tasks |
| Smartro, Mobilian, Allat, Uplus, KS-NET, etc. | Payment processing and fraud prevention according to the domestic payment method selected by the user (mobile phone, credit card, bank transfer, virtual account deposit, etc.) |
| PayPal, VISA, MASTER, JCB, Amex, Union Pay, Ali Pay, WeChat, etc. | Payment processing and fraud prevention according to the overseas payment method selected by the user |
| Naver Pay, Kakao Pay, Toss, Payco, etc. | Simple payment services |
| cafe24 | Nemoz Shop services |
| DHL, Lotte Courier | Logistics and delivery |
Article 6 (Procedures and Methods for Destruction of Personal Information)
A. Destruction Procedures
Information entered by users is transferred to a separate database (or a separate document storage for paper documents) after the purpose has been achieved. It is stored for a certain period in accordance with internal policies and relevant laws before being destroyed. Personal information transferred to a separate database is not used for any purpose other than those stipulated by law.
B. Destruction Methods
• Electronic files: Deleted using technical methods that make recovery impossible
• Paper documents: Shredded or incinerated
Article 7 (User Rights and How to Exercise Them)
Users may exercise the following rights at any time:
1. Access to and correction of personal information: Directly access and correct through the "Edit Member Information" menu within the service, or request via written document, phone, or email to the Personal Information Protection Officer
2. Suspension of processing and deletion (withdrawal): Apply directly through the "Membership Withdrawal" menu within the service, or request to the Personal Information Protection Officer
3. Withdrawal of consent: Optional consents, such as marketing communications, may be withdrawn through service settings or the customer center
Article 8 (User Obligations)
Users must keep their personal information accurate and up to date and must not steal or disclose others' information. When using shared devices, users must log out after use to protect personal information.
Article 9 (Use of Cookies)
The Company uses cookies to provide personalized services to users. Users may refuse the storage of cookies through browser settings; however, in such cases, some services may be difficult to use.
A. Purpose of Cookie Use
• Analysis of access frequency and visit time
• Identification of user preferences and interests
• Provision of customized services and targeted marketing
B. How to Refuse Cookie Settings
• Chrome: Settings > Privacy and security > Cookies and other site data
• Safari: Preferences > Privacy
• Internet Explorer: Tools > Internet Options > Privacy
Article 10 (Matters Concerning the Collection, Use, and Refusal of Behavioral Information)
The Company may use web log analysis tools and mobile app analytics tools for service usage analysis and the provision of customized advertisements.
A. Tools Used: Google Analytics, Firebase, Facebook Pixel, etc.
B. Collected Items: Advertising identifiers (ADID, IDFA), visit records, app usage records, etc. (in a form that does not identify individuals)
C. How to Refuse
• Chrome: Settings > Privacy and security > Cookies and other site data
• Safari: Preferences > Privacy
• Internet Explorer: Tools > Internet Options > Privacy
Article 11 (Measures to Ensure the Security of Personal Information)
The Company takes administrative (employee training, access control), technical (encryption, installation of security programs), and physical (access control to facilities) measures to protect personal information.
Article 12 (Mobile App Access Permissions)
The Company may access functions within the user's mobile device to provide Nemoz app services and obtain user consent for such access.
A. Required Access Permissions
None (to be specified if there are permissions essential for service use)
B. Optional Access Permissions
• Camera: Nemoz code (QR) recognition and profile photo registration
• NFC: Nemoz album authenticity verification and content activation
• Storage (photos/media): Image storage and profile settings
• Notifications: Receipt of service notifications and event information
C. Users may use basic services without agreeing to optional access permissions; however, some functions (such as authentication) may be restricted. Permission settings can be changed in "Settings > Nemoz" on the device.
Article 13 (Personal Information Protection Officer)
| Personal Information Protection Officer | Department in Charge of Personal Information Complaints |
| Name: JOO DOYEON | Department: CX/CS Team |
| Email: zudoyeon@nemoz.io | Phone: 1533-7674 |
| Email: cs@nemoz.io |
Article 14 (Remedies for Infringement of Rights and Interests)
If users need to report or consult regarding personal information infringement, they may contact the following organizations:
| Organization | Website | Phone Number |
| Personal Information Infringement Report Center | privacy.kisa.or.kr | 118 |
| Personal Information Dispute Mediation Committee | www.kopico.go.kr | 1833-6972 |
| Supreme Prosecutors' Office Cyber Investigation Division | www.spo.go.kr | 1301 |
| National Police Agency Cyber Safety Bureau | cyber.go.kr | 182 |
Article 15 (Responsibility for Linked Sites)
The Company may provide links to websites or materials of other companies through its services. Personal information protection policies of external sites accessed via such links do not apply to this Privacy Policy, and users should review the privacy policies of those sites.
Article 16 (Changes to the Privacy Policy)
If the Company changes this Privacy Policy, it will notify users through service announcements at least 7 days prior to the effective date, stating the reason for the change and the effective date along with the current Privacy Policy. However, changes that significantly affect users' rights or obligations will be notified at least 30 days in advance.
Supplementary Provisions
1. This Privacy Policy shall take effect on January 20, 2026.
2. The existing Nemoz Privacy Policy and Nemoz Shop Privacy Policy applied prior to the enforcement of this policy shall be replaced by this policy.
| Effective Date | Major Revisions |
| 2026.01.20 | Integration of the Nemoz app Privacy Policy and the Nemoz Shop Privacy Policy |
| 2022.06.03 | Initial implementation of the Nemoz Privacy Policy |