This Policy describes how we process your personal data at Nemoz Lab Inc. (“we”)
We have written this document with strict regulations to the South Korean law to protect our customers and give the best solutions to related matters. This Policy is different from the Terms of Use.

1. Our purpose for writing this “Privacy Policy”
We process your personal data for the following purposes. The personal data is not used for purposes other than the below-mentioned, and if the purposes change, we will announce the changes and get the permissions from customers or take required actions according to the Personal Information Protection Act, Article18 (Limitation to Out-of-Purpose Use and Provision of Personal Information).
1) ‘Member’ registration or management
2) Providing products and services
3) Customer service for the ‘member’
4) Event
5) Etc.

2. Personal information we collect about you
When you register as a member of our service, we provide a process of agreement on terms of use and privacy policy. We consider this agreement as agreeing to the collection of personal information. We can collect the personal information mentioned below to perform our duty such as providing customer services, enhancing service quality, and more.
1) Compulsory Categories: Email account, password (encrypted), profile name, service version, OS, OS version, device name, device ID (a randomly given code by our service), language, nation, time zone
2) Selective Categories: phone numbers saved on your list, profile picture (meta-information included), payment histories, location information
Other than this, we may collect your service usage data, browsing histories, cookies, IP addresses, IDs, or payment records, which all are automatically created while you are using our service.

3. Methods of collecting personal information
1) Through ‘member registration’, customer service inquiry, event or raffle entry, delivery request, etc.
2) Automated tools to collect personal information

4. Sharing your personal information with third parties
We do not share your personal information with third parties unless the legal basis requires us to share, or you give consent to use specific features on our service. However, we may ask for your permission if we need to share your personal information to provide you with better services and this process will be strictly under the legal basis of South Korea.

5. Partners we share your personal information
We provide your personal information to the following companies with your consent to provide safe payment. The personal information used for payment is stored until you delete your account or we terminate the partnership. In such cases, your personal information will be deleted without delay.
1) Payment and prevention of appropriation: Allat(Credit card), Mobilliance(mobile payment), U+(account payment), KS-NET(deposit without account)
2) Payment and prevention of appropriation (Overseas): VISA, MASTER, JCB, Amex, Union Pay, Ali Pay, WeChat, Dinners/Discover, eContext(convenience store, bank), Yoomoney, Mir Card, MOLPay, Paypal(online payment)
3) Online Pay: Naver Pay, Kakao Pay, TOSS, PAYCO

6. Data retention and deletion

Legal Basis Time of Retention Categories
Electronic Commerce Consumer Protection Act 6 months Transaction subject identification information, sign or advertisement histories, etc.
5 years Transaction subject identification information, contract or withdrawal histories, etc.
5 years Transaction subject identification information, payment, supply of commodities histories, etc.
3 years Transaction subject identification information, customer inconvenience or conflict records, etc.
Communications Privacy Protection Act 3 months Website browsing histories

7. Your personal information rights and controls
1) You can always peruse your personal information and edit it. If you want to do so, please click ‘Account Settings’ and edit the information.
2) You can withdraw the agreement on collecting/using/providing your personal information whenever you want. However, you can only do it by deleting your account.
3) If you have legitimate reasons for not being able to edit your personal information online, you can ask us for the edit through paper, phone calls, e-mails, etc and we must process your request.
4) When a member of the representative of the member asks for the peruse, verify, or edit of the member’s personal information, we have to respond sincerely to the person. If there is a legal basis that the personal information has a deficiency, the retention period has been passed or has to be deleted for a legitimate reason, we have to process your personal information without delay.
5) We do not allow a person of age below 14 to register for our service. We do not knowingly collect personal data from children under the applicable Age Limit.
6) The personal information deleted, edited, or corrected on the request of the member or the representative of the member, is processed by the retention period mentioned on 5, and we are not able to use the information for other purposes.

8. Your obligations as customers
1) Members should ensure that their personal information is updated and accurately written to prevent unexpected accidents. In this way, they can receive information on important matters, such as securing the self-determination of personal information, changes to services, and suspension/termination. The members are responsible for the consequences of incorrect information and may lose their membership status if they enter false information such as appropriating other people's information.
2) Members are obligated to protect their personal information and not infringe on other people's information. Members should manage their personal information, including their IDs and passwords, carefully to prevent leakage, and try not to damage the personal information and reputation of others, including posts. If you damage other people's information, you can be punished by related laws such as the Information and Communication Network Act.
3) Please log out from your account after you use the service on a jointly used PC or other devices, or if you close the service after connecting to the service using a joint network. Otherwise, there is a risk that the personal information of the member will be easily leaked and edited through the browser.

9. Automatic processing of your personal information
We use ‘cookie’ which finds your personal information frequently. Cookie means a deletable small data file that the web browser stores on the computer. Cookie enhances the online customer experience but if you do not want your personal information to be collected, you can change the settings to not use the cookie or restrict its function.
The customer can set to get the warnings each time cookie is sent or set to not use any type of cookie on the “browser settings” on the device used. Please refer to the browser setting guide function on your device for more information.

10. How to report privacy infringement
We operate 1:1 inquiry to receive any kind of inconvenience on personal information protection. In Korea, you can report to the below-mentioned organizations if you have experienced personal information violations or conflict between you and the company.

Personal Information Infringement Report Center 118
Personal Information Dispute Mediation Committee 1833-6972
Division of Cyber Investigation at the Supreme Prosecutor’s Office Republic of Korea 1303
Cyber Bureau 182

11. Who is in charge of your personal information

Person in Charge for your Personal Information
Name Sujin Jeon
Division in Charge for the Grievances Regarding Personal Information
Division CX/CS Team

12. How we keep your personal data safe
We adopted the following measures to keep your personal data safe.
1) Managerial measures: restrictions on the number of people handling personal information, employee education on personal information, writing law-abiding pledges for the protection of personal information when employing a new employee
2) Technological measures: restrictions on the authority to access the personal information server and systems, adoption of the corporate network firewall system, using code algorithm and security devices to access the system related to the personal data, vaccine program installation
3) Physical measures: restrictions on the access to the personal data storage

13. Link sites
We may provide website links of other companies to provide certain information. In this case, we are not in charge of the service or the usefulness of the information they provide. Also, if you transfer to another website by clicking the hyperlink on our page, the Privacy Policy of Nemoz Lab will lose its legal force.

14. Changes to this policy
We may occasionally make changes to this Policy. When we make material changes to this Policy, we'll provide you with notice 7 days before the changes as appropriate under the circumstances. For example, we may display a prominent notice within the Nemoz App or send you an email or device notification. However, if there are important changes regarding personal rights or obligations, we may notify you 30 days before the changes.

This “Privacy Policy” is effective as of October 3, 2022.