Privacy Policy

SeaHerb Co., Ltd. Privacy Policy

SeaHerb Co., Ltd. (hereinafter referred to as “the Company”) values the privacy of users and complies with the “Personal Information Protection Act” and the “Act on Promotion of Information and Communications Network Utilization and Information Protection.”

The Company discloses how user-provided personal information is used and for what purposes, as well as the measures taken to protect personal information. In addition, the Company notifies users through its website when changes are made to the privacy policy.

1. Processing Purposes and Items of Personal Information
2. Processing and Retention Period of Personal Information
3. Information Sharing with Third Parties
4. Outsourcing of Personal Information Processing
5. Rights and Obligations of Data Subjects and Methods of Exercising Them
6. Procedure and Method for Destroying Personal Information
7. Information on the Personal Information Protection Manager
8. Installation, Operation, and Refusal of Automatic Collection Devices for ersonal Information
9. Measures for Securing the Safety of Personal Information
10. Changes to the Privacy Policy
11. Processing Purposes and Items of Personal Information

 

(1) The Company collects and processes the following personal information of users for the following purposes:

seaherb.com
Collection and Purpose of Use: Product inquiries
Details: Processing and responding to “product inquiries”
Items Collected: Name, contact information / Optional: Email (collected only if provided)
Retention Period: 1 year

(2) The following information may be automatically generated and collected during the use of the service: IP Address, cookies, visit date and time, service usage records, records of improper use

(3) Methods of collecting personal information
① Collection through the website, phone, email, fax, and mail
② Collection through automatic data collection devices when using the website

 

Processing and Retention Period of Personal Information
In principle, the Company disposes of user’s personal information without delay after the purpose of collecting and using personal information has been achieved. However, in cases where it is necessary to retain member information in accordance with relevant laws and regulations, the Company will retain the information for the specified period for the following reasons:

(1) Information retention due to internal policy of the Company

Retained Information: Records of improper use and inquiry details
Retention Period: 1 year
Purpose of Retention: Prevention of improper use and preservation of inquiry details
(2) Information retention according to related laws and regulations

Retained Information / Retention Period / Basis of Laws:
① Website visit records / 3 months / Act on the Protection of Communications Secrets
② Records related to identity verification / 6 months / Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
③ Records related to contracts or withdrawal of subscriptions / 5 years / Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
④ Records related to payment of fees and supply of goods, etc. / 5 years / Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
⑤ Records of consumer complaints or dispute resolution / 3 years / Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
⑥ Records related to display and advertising / 6 months / Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

 

Information Sharing with Third Parties
The Company does not generally provide users’ personal information to external parties. However, exceptions may be made in the following cases:
① When users have given prior consent
② When there is a request from investigative agencies in accordance with the law and procedures for investigation purposes

 

Outsourcing of Personal Information Processing
To ensure smooth operation of the service, the Company outsources the following tasks to external professional companies:

 

Entity Receiving Outsourcing: NHN ACE Co., Ltd.
Outsourced Task: Collecting user behavior information online through the Company’s service’s analysis tool for the purpose of sending targeted advertisements to users
Rights and Obligations of Data Subjects and Methods of Exercising Them
(1) Users have the right to access, correct, delete, or suspend the processing of their personal information by the Company.

(2) The right specified in paragraph (1) may be exercised through the following methods. However, in cases where it is restricted by law, the Company may refuse to exercise the right specified in paragraph (1).

 

seaherb.com
This can be done through the personal information protection manager or the responsible department.
(3) The right specified in paragraph (1) may also be exercised through a legal representative or a delegated person.

(4) The security responsibility for all passwords lies with the user, and the Company will never request the user’s financial information via email or any other means.

(5) Information subjects and legal representatives can inquire about, correct, or delete personal information of themselves or children under 14 years of age registered with the Company. To obtain the consent of the legal representative, the Company may request minimal information such as the name and contact information of the legal representative, and the legal representative of a child may request access, correction, and deletion of the child’s personal information through written communication, phone, email, fax, etc. The Company will take necessary actions without delay in response to such requests.

(6) Users have the right to refuse consent for the collection and use of personal information; however, refusal may result in the inability to trade equipment and parts. In addition, if there is no equipment connection for more than 30 days on the communication network specified by the Company, there may be restrictions on equipment usage. However, immediate use is possible after license authentication.

 

Procedure and Method for Destroying Personal Information
(1) Procedure for destruction
① Collected personal information is transferred to a separate database (in the case of paper, a separate file) after the purpose has been achieved and stored for a certain period according to internal policies and other relevant laws and regulations (refer to the retention and usage period). It is then destroyed.
② Personal information transferred to a separate database is not used for purposes other than those specified by law unless otherwise required.

(2) Destruction method
① Personal information in paper format is destroyed through shredding or incineration.
② Personal information stored in electronic file format is deleted using technology that cannot reproduce the record.

Information on the Personal Information Protection Manager
(1) The Company has designated the following department and personal information protection manager to protect user’s personal information and handle complaints related to personal information:

Department: Personal Information Management Department
Personal Information Protection Manager: Chung-heon Oh
Phone Number: 041-549-6466
Email: sh@seaherb.com
(2) Users can report all complaints related to personal information protection and privacy to the personal information protection manager or the relevant department while using the Company’s services.

(3) In cases where reporting or consultation on personal information infringement is required, please contact the following agencies:
– Personal Information Infringement Report Center (privacy.kisa.or.kr/118)
– Personal Information Dispute Mediation Committee (www.kopico.go.kr/1833-6972)
– Cyber Investigation Division of the Supreme Prosecutors’ Office (spo.go.kr/1301)
– Cyber Safety Bureau of the National Police Agency (cyberbureau.police.go.kr/182)

Installation, Operation, and Refusal of Automatic Collection Devices for Personal Information
(1) The Company operates ‘cookies’ and similar technologies that continuously store and retrieve your information. Cookies are very small text files

sent by a website to your computer’s browser and are stored on your computer’s hard drive.

(2) The Company uses cookies for the following purposes: analyzing user frequency and visit times, tracking user preferences and interests, targeting marketing, and providing personalized services based on user behavior, event participation, and visit frequency, among other purposes.

(3) Users have the option to allow or deny the installation of cookies. Therefore, users can allow all cookies, confirm each time a cookie is saved, or refuse to save all cookies through the web browser settings. However, if a user refuses to install cookies, it may cause difficulties in providing the service.
– Example of settings (for Internet Explorer): Tools in the web browser > Internet Options > Privacy

 

Measures for Securing the Safety of Personal Information
The Company implements technical and managerial protective measures to ensure the safety of personal information in handling user’s personal information to prevent its loss, theft, leakage, alteration, or damage. These measures include:

(1) Minimizing the number of personnel handling personal information and providing education to them to raise awareness of the importance of personal information protection.
(2) Preventing damage from malicious viruses through the use of antivirus programs. The antivirus program is regularly updated to prevent personal information breaches.
(3) Encrypting personal information. Passwords are stored and managed using one-way encryption, and personal information such as resident registration numbers and foreign registration numbers (within the scope required by customs law) and bank account numbers are encrypted and stored using secure encryption algorithms.
Changes to the Privacy Policy
This privacy policy is effective from November 10, 2022. In the event of additions, deletions, or modifications to the content due to changes in laws, policies, or security technologies, the Company will notify users through its website at least 7 days before the effective date of the changes.

– Effective Date: August 3, 2023
– Announcement Date: August 3, 2023

Privacy Policy ver 1.0