1. Items of Personal Information Collected

(‘https://www.whenyourapprun.com’ or ‘whenyourapprun.com’) is used to provide services We collect the following personal information and do not use it for any purpose other than the purpose, and in principle, delete sensitive information immediately after processing.

- device identifier for self-identification

- Sensitive information: Profile picture for personal color diagnosis

② The use of collected personal information is as follows.

- Serve ads using device identifier

- Sensitive information: Diagnosis of personal color using profile picture

2. Personal information processing and retention period

(‘https://www.whenyourapprun.com’ or ‘whenyourapprun.com’) is When personal information is collected, personal information is processed and retained within the consented personal information retention and use period or within the personal information retention and use period according to the law.

② The specific personal information processing and retention period is as follows.

- Records related to contract or subscription withdrawal: 5 years

- Records on payment and supply of goods: 5 years

- Records on consumer complaints or dispute handling: 3 years

- Records on collection/processing and use of credit information: 3 years

- Record on display/advertising: 6 months

- Log records such as the user's internet/tracking data of the user's access location: 3 months

- Other communication confirmation data: 12 months

- Sensitive information: Delete immediately (deletion confirmed within 1 day)

3. Rights and obligations of information subjects and legal representatives and how to exercise them Users can exercise the following rights as personal information subjects.

① The information subject can request the following at any time for whenyourapprun (‘https://www.whenyourapprun.com’ or ‘whenyourapprun.com’). You can exercise your rights related to personal information protection.

1. Request to view personal information

2. Request correction in case of errors, etc.

3. Deletion request

4. Request to stop processing



4. Write the items of personal information to be processed

('https://www.whenyourapprun.com' or 'whenyourapprun.com') handles the following personal information items.



5. Destruction of personal information ('whenyourapprun.com') In principle, will destroy the personal information without delay when the purpose of processing personal information is achieved. The procedure, deadline and method of destruction are as follows.

-Destruction Procedure
After the purpose is achieved, the information entered by the user is transferred to a separate DB (separate documents in the case of paper) and stored for a certain period of time in accordance with internal policies and other related laws. It will be destroyed immediately. At this time, the personal information transferred to the DB will not be used for any other purpose unless it is required by law.

-Destruction period
For the personal information of users, the retention period has elapsed. In the case of Within 5 days from the end date, within 5 days from the date when the personal information is deemed unnecessary, such as achievement of the purpose of processing personal information, abolition of the service, termination of business We will destroy your personal information.



6. Matters concerning the installation, operation and rejection of automatic personal information collection devices

whenyourapprun does not use 'cookies' that store and retrieve information subject usage information from time to time.

7. Fill out the person in charge of personal information protection

whenyourapprun(below ‘https://www.whenyourapprun.com’ ‘whenyourapprun.com) is responsible for overall handling of personal information processing, and for the handling of complaints and damage relief of information subjects related to personal information processing, the following We designate a person in charge of personal information protection.

※ You will be connected to the department in charge of personal information protection.

>

② The information subject can use the service (or business) of whenyourapprun (‘https://www.whenyourapprun.com’ or ‘whenyourapprun.com’) You can contact the person in charge of personal information protection and the department in charge of personal information protection related to all personal information protection inquiries, complaint handling, damage relief, etc. that occurred during use. whenyourapprun (‘https://www.whenyourapprun.com’ or ‘whenyourapprun.com’) will respond to and process inquiries from information subjects without delay.

8. Changes to Privacy Policy

① This personal information processing policy is applied from the effective date.



9. Measures to ensure the safety of personal information ('whenyourapprun.com') is taking the following technical/managerial and physical measures to ensure safety in accordance with Article 29 of the Personal Information Protection Act.

1. Conducting regular self-audits
In order to secure stability related to personal information handling, we conduct regular self-audits (once a quarter).

2. Minimization and training of staff handling personal information
We are implementing measures to manage personal information by designating employees who handle personal information and limiting them to those in charge.

3. Establishment and execution of internal management plan
We establish and implement an internal management plan for the safe handling of personal information.

4. Technical measures against hacking, etc.
whenyourapprun>('whenyourapprun.com') is caused by hacking or computer virus In order to prevent leakage and damage of personal information, a security program is installed, periodically updated and inspected, and the system is installed in an area where access from outside is controlled and technically/physically monitored and blocked.

5. Encryption of personal information
The user's personal information is stored and managed with the password encrypted, so that only the user can know it. Yes.

6. Storage of access records and prevention of forgery
Records of access to the personal information processing system are kept and managed for at least six months, and security functions are used to prevent forgery, alteration, theft, and loss of access records.

7. Restriction of access to personal information
We take necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that handles personal information, and we use an intrusion prevention system to control unauthorized access from outside. Yes.

8. Use locking device for document security
Documents and auxiliary storage media containing personal information are stored in a safe place with a lock.

9. Access control for unauthorized persons
We set up a separate physical storage location for storing personal information and establish and operate access control procedures for it.