BIOFACTORY
BIOFACTPersonal information collected and the means of collection
A. Information we collectThe Company collects the following data for the purpose of membership sign-ups, consultations, and service applications.
- When signing up for membership: Name, birthday, gender, ID, password, home phone number, mobile number, e-mail, legal representative information for subscribers under the age of 14.
- When applying for services: Address, payment information
Information collected through use of online services or the processing process: use record, access log, cookies, connecting IP information, payment record, unruly use, and others.
Personal information is collected through the website, letter, message boards, e-mail, event entries, delivery request forms, phone, fax, and generated data collection tool.
Purpose of collection and use of personal information
Provision of services obligated by fulfillment of contract and the payment that follows
- Supply content, purchase and payment, delivery of goods, billing statements and others, user verifications for financial transactions and financial services.
Member management
- Identify user to access members-only services, verify user, prevent unauthorized use, check membership subscription, validate age, confirm consent/agreement from legal representative for users under the age of 14, handle complaints and civil affairs, and deliver notices.
Marketing and promotional use
- Delivery of events and unsolicited advertisements; gain a statistical understanding of the members’ frequency of access to and use of site.
Period of possession and utilization of personal information
As a general rule, once the personal data has fulfilled the purposes for which they were collected, they are to be immediately discarded. Except for the following that will be retained for certain periods for reasons noted below.
A. Information held according to the Company’s internal policiesEven when a member has canceled his/her membership, the member’s personal information may be retained for 00 years from the date of cancelation in order to resolve future disputes, to cooperate with the requests of law enforcement agencies, and to prevent the recurrence of fraudulent uses by unruly members.
B. Grounds for holding personal information according to applicable statutesIf retention of personal information is deemed necessary to operate in accordance to the provisions of relevant laws and regulations, including the Act on Consumer Protection in Electronic Commerce, then they will be held in possession by the Company for a certain period of time set by the relevant laws as noted below.
Records related to contracts or withdrawal of subscription
- Purpose of possession: Act on Consumer Protection in Electronic Commerce
- Possession period: 5 years
Records related to payment and supply of goods
- Purpose of possession: Act on Consumer Protection in Electronic Commerce
- Possession period: 5 years
Records related to consumer complaints or dispute settlement
- Purpose of possession: Act on Consumer Protection in Electronic Commerce
- Possession period: 3 years
Records of log
- Purpose of possession: Protection of Communications Secrets Act
- Possession period: 3 months
Procedures and methods of discarding personal information
As a general rule, once the personal data has fulfilled the purposes for which they were collected, they are immediately discarded. The procedure and method to discard is detailed below.
Discarding procedureFollowing the cause for information protection according to the internal policies or related statutes, once the personal data has fulfilled the purposes they will be transferred to a separate database(DB) (or filed separately in a folder if in paper form), then it will be discarded after a certain period of time. Personal information that is transferred to a separate DB will not be used for any other purposes except in the case of the law.
Discarding methodUse technical method to stop reproduction of personal information saved in electronic form.
Disclosing personal information
As a general rule, the Company shall not disclose user’s personal information to any external party except for the cases below.
- Prior consent from user
- Following the legislation rule or when law enforcement agencies require such information for investigative purposes during the process as prescribed by the law.
Consignment of collected personal information
For the provision of services, the Company consigns collected personal information to specialized companies detailed below.
- Consignee: [Name of delivery company]
- Details of consignment: [Delivery company’s consignment details]
- Consignee: [Name of payment gateway provider]
- Details of consignment: [Payment gateway provider’s consignment details]
- Consignee: #supply_list#
- Details of consignment: [Details of consignment]
The rights of users and legal representatives and methods of exercising those rights
- The user may view or edit his/her personal information and request to terminate membership at any time.
- To view or edit a user’s personal information, click on ‘Edit Personal Information’ (or ‘Edit Member Information’) and to cancel subscription (terminate membership) click on ‘Terminate Membership.’ Upon clicking, you’ll be directed to an identification process before you can directly access, correct, or cancel membership.
- User may contact the chief privacy officer by letter, telephone or email, and necessary actions will be taken.
- Should a user request corrections on errors of personal information, the Company shall not use or provide any personal information until a correction is made. In addition, if the wrong personal information has already been provided to a third party, the Company shall immediately notify them so that a proper correction can be made.
- If personal information is canceled or deleted upon request of user, the Company will comply with the terms specified under “Period of possession and utilization of personal information,” and prohibit disclosure or use for any other purposes.
Install, manage and deny operation of device for automatic collection of personal information
The Company uses ‘cookies’ that frequently save and retrieve your information. A cookie is a very small text file that the server, used to operate the Company’s website, sends to your browser. The file is saved in the hard disk of your computer.
Use and purpose of cookies- To analyze the frequencies of a member and non-member’s visit, understand user’s preferences and interests and track user’s footprints, and carry out target marketing and provide customized service by checking level of participation in various events and number of visits.
- You have the right of choice in regards to the installation of cookies. Accordingly, you may allow all cookies by modifying your cookie settings, go through a confirmation process whenever a cookie is saved, or refuse to have all cookies saved.
- To reject establishment of cookies, select options on your web browser and change your settings to allow all cookies, go through a verification process before saving cookies, or reject to save all cookies.
- Example (For Internet Explorer) : Go to ‘Tools’ located on the top of Web Browser > Internet Options > Privacy
- However, there may be certain difficulties in using the services if you reject the installment of cookies.
Civil services with respect to personal information
To protect your personal information and deal with complaints related to personal information, the Company has appointed the following department and chief privacy officer.
Principal Privacy Officer- Name : OOO
- Department : OOO
- Phone Number : OO-OOO-OOOO
- E-mail :
- Name : OOO
- Department : OOO
- Phone Number : OO-OOO-OOOO
- E-mail :
You may report all complaints related to privacy protection, in using the Company’s service, to the chief privacy officer or the department in charge.
The Company shall provide prompt and sufficient answers to your report.
For further consultation or report on other privacy infringements, contact the following the following agencies.
- Privacy Rights Violation Complaint Center (privacy.kisa.or.kr / 118)
- Cybercrime Investigation Department, Supreme Prosecutor’s Office (www.spo.go.kr / 02-3480-2000)
- Cyber Bureau, National Police Agency (www.ctrc.go.kr/ 182)
Duty to notify
- The Company shall notify users of any changes to this privacy policy through the website (or through individual notifications).
- This privacy policy will be enforced starting 0000Y, 00M 00D.
Purposes of Collection and Use of Personal Information
- Supply of content, purchase and payment, delivery of goods or billing statements and others, user authentication for financial transactions and financial services
- User authentication to access members-only service, identity verification, prevention of unauthorized or illegal use, membership subscription check, validation of user age, confirmation of consent/agreement from legal representative for users under the age of 14, handling of complaints and civil affairs, delivery of notices
Types of Personal Information Collected
Name, date of birth, gender, user ID, password, telephone number, mobile phone number, E-mail address, personal information of legal representative for users under the age of 14
Duration of Retention and Use of Personal Information
As a general rule, once the personal data has fulfilled the purposes for which they were collected, they will be discarded without delay. However, it shall be retained for a specified period of time due to the reasons mentioned below.
A. Duration of Retention and Use of Personal Information- Retention pursuant to prevention of illegal transaction and internal shopping mall: OO years
Records on contracts or withdrawal of offers and the like
- Reasons of retention: Act on Consumer Protection in the Electronic Commerce Transactions, Etc.
- Retention Period : 5 years
Records on payment settlement and supply of goods etc.
- Reasons of retention: Act on Consumer Protection in the Electronic Commerce Transactions, Etc
- Retention Period : 5 years
Records on processing of customer disputes and complaints
- Reasons of retention: Act on Consumer Protection in the Electronic Commerce Transactions, Etc
- Retention Period : 3 years
Log records
- Reasons of retention: Communication Privacy Act
- Retention Period : 3 months
※ If you do not accept these terms, you will not be able to create an account with us.