• Edition

  • Login

    • Privacy Policy

    Privacy Policy

    March March Co., Ltd. (hereinafter referred to as the “Company”) establishes and discloses the following privacy policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to handle related complaints promptly and efficiently.

    Article 1 (Purpose of Processing Personal Information)

    The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those stated below. If the purpose of use changes, necessary measures such as obtaining separate consent will be taken in accordance with Article 18 of the Personal Information Protection Act.

    Website Membership Registration and Management
    To confirm intent to register, identify and authenticate users, maintain and manage membership status, verify identity under limited verification systems, prevent fraudulent use, confirm parental consent for children under 14, provide notices, and handle complaints.
    Provision of Goods or Services
    For delivery of goods, service provision, sending contracts and invoices, providing content and customized services, identity and age verification, payment processing and settlement, and debt collection.
    Handling Complaints
    To verify the identity of complainants, confirm complaint details, contact and notify for fact-finding, and communicate results.


    Article 2 (Retention and Processing Period of Personal Information)
    The Company processes and retains personal information within the period required by law or agreed upon by the data subject.
    Retention periods are as follows:
    Membership information: Until account withdrawal
    However, in the following cases, until the reason is resolved:
    Ongoing investigations or inquiries due to legal violations
    Outstanding debts or obligations related to website use


    Article 3 (Provision of Personal Information to Third Parties)
    The Company processes personal information only within the scope specified in Article 1 and provides it to third parties only with consent or when required by law.
    The Company provides personal information as follows:
    Recipient: (e.g., OOO Card Co., Ltd.)
    Purpose: (e.g., joint promotions, affiliated credit card issuance)
    Items: (e.g., name, address, phone number, email, payment account info)
    Retention period: (e.g., duration of credit card contract)


    Article 4 (Outsourcing of Personal Information Processing)
    The Company outsources processing as follows:
    Processor: March March Co., Ltd.
    Service: Hosting, mobile app services, marketing, messaging services
    Processor: Toss Payments (PG)
    Service: Payment and escrow processing
    Processor: Korea Post
    Service: Delivery services
    Processor: NOT ON EARTH Customer Center
    Service: Customer support
    The Company ensures compliance with Article 25 of the Personal Information Protection Act through contracts specifying restrictions, security measures, supervision, and liability.
    Changes in outsourcing will be disclosed without delay.


    Article 5 (Rights of Users and Legal Representatives)
    Users may exercise the following rights at any time:
    Access personal information
    Request correction
    Request deletion
    Request suspension of processing
    Requests can be made via written document, phone, email, or fax.
    Until correction/deletion is completed, personal data will not be used or provided.
    Rights may be exercised via legal representatives with proper authorization.
    Users must not infringe on others’ personal data.


    Article 6 (Items of Personal Information Processed)
    Membership Registration
    Required: Name, ID, password, address, phone, email, IPIN
    Optional: Marital status, interests
    Goods/Service Provision
    Required: Name, DOB, ID, password, address, phone, email, payment info
    Optional: Interests, purchase history
    Automatically Collected Data
    IP address, cookies, MAC address, usage logs, visit history
     

    Article 7 (Destruction of Personal Information)
    Personal information is destroyed without delay when no longer needed.
    If retention is required by law, it is stored separately.
    Methods:
    Electronic files: permanently deleted (e.g., low-level format)
    Paper documents: shredded or incinerated
     

    Article 8 (Security Measures)

    The Company implements:

    Administrative: internal policies, employee training
    Technical: access control, encryption, security systems
    Physical: restricted access to facilities
    Article 9 (Cookies)
    Cookies are used for personalized services.
    Cookies store small data on user devices.
    Purpose: analyze usage, preferences, security
    Settings: can be disabled in browser settings
    Note: disabling cookies may limit services
     

    Article 10 (Privacy Officer)
    Name: Kyungsoo Yoon
    Position: CEO
    Email: notonearht.lab@gmail.com

    All privacy-related inquiries can be directed to the above contact.

    Article 11 (Request for Access to Personal Information)

    Users may request access under Article 35 of the Act. The Company will respond promptly.

    Article 12 (Remedies for Infringement of Rights)

    Users may contact:

    Personal Information Infringement Report Center (KISA)
    Website: privacy.kisa.or.kr
    Tel: 118
    Personal Information Dispute Mediation Committee
    Website: www.kopico.go.kr

    Tel: 1833-6972
     

    Supreme Prosecutors’ Office Cyber Crime Division: +82-2-3480-3573
    National Police Agency Cyber Bureau: 182
     

    Article 13 (Effective Date)

    This policy is effective from April 25, 2024.