YILEE (hereinafter referred to as 'the Company') establishes and discloses the following personal information processing guidelines to protect the personal information of data subjects and to handle related complaints swiftly and smoothly, in accordance with Article 30 of the Personal Information Protection Act.




1. Purpose of Collecting and Using Personal Information

1.1 The Company processes the following personal information items:

  • Collected Items: Name, login ID, password, phone number, mobile phone number, address, email, user's mall access route, shopping cart items, purchase history, etc.

1.2 The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be implemented in accordance with Article 18 of the Personal Information Protection Act.

  • Membership registration and management on the website: To confirm membership intent, provide membership services, identify and authenticate members, maintain and manage membership qualifications, implement limited identification verification, prevent fraudulent use of services, confirm consent of legal representatives for processing personal information of children under 14, notify and communicate various notices, and handle complaints.
  • Provision of goods or services: To deliver goods, provide services, send contracts and invoices, provide content, provide customized services, verify identity, verify age, process payments and settlements, collect debts, etc.
  • Handling complaints: To verify the identity of the complainant, confirm the complaint details, communicate and notify for factual investigation, and notify the processing results.




2. Processing and Retention Period of Personal Information

2.1 The Company processes and retains personal information within the personal information retention and use period agreed upon by the data subject or as stipulated by law.

2.2 Each personal information processing and retention period is as follows:

  • Membership registration and management on the website: Until membership withdrawal.
  • Records related to contracts or order cancellations, payment processing, and supply of goods: 5 years.
  • Records related to consumer complaints or dispute resolution: 3 years.




3. Delegation of Personal Information Processing

3.1 The Company delegates personal information processing tasks to facilitate smooth personal information handling as follows:

  • Building and maintaining computer systems: IMWEB co.
  • Delivery of ordered goods: EMS-UPS(International Shippings)
  • Payment and escrow services: Paypal(International Payments)

3.2 If the content of the delegated tasks or the delegatee changes, this will be disclosed without delay through this personal information processing policy.




4. Rights of Users and Legal Representatives and Their Exercise Methods

4.1 Data subjects can exercise the following personal information protection-related rights against the Company at any time:

  • Request to view personal information.
  • Request correction if there is an error.
  • Request deletion.
  • Request to stop processing.

4.2 The exercise of the above rights can be made via email inquiry to the Company, and the Company will take action without delay.

4.3 If the data subject requests correction or deletion due to errors in personal information, the Company will not use or provide the personal information until the correction or deletion is completed.

4.4 The exercise of the above rights can be made through an agent, such as a legal representative or a person authorized by the data subject. In this case, a power of attorney in accordance with the form in Annex No. 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.

4.5 The data subject should not violate the Personal Information Protection Act and other relevant laws by infringing on the personal information and privacy of themselves or others processed by the Company.




5. Destruction of Personal Information

5.1 The Company will destroy personal information without delay when the retention period has expired or the purpose of processing has been achieved, making the personal information unnecessary.

5.2 Even if the consented retention period has expired or the processing purpose has been achieved, if the personal information must be preserved according to other laws, it will be stored separately in a different database (DB) or storage location.

5.3 The procedures and methods for destroying personal information are as follows:

  • Destruction Procedure: The Company selects personal information for which the destruction reason has occurred and destroys it with the approval of the Company's personal information protection officer.
  • Destruction Method: Personal information recorded and stored in electronic file formats is destroyed using technical methods that make the records unrecoverable, and personal information recorded or stored on paper is destroyed by shredding or incineration.




6. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices

6.1 The Company uses 'cookies' to provide individually customized services by storing and retrieving usage information from time to time.

6.2 Cookies are small amounts of information sent to the user's computer browser by the server (HTTP) used to operate the website and are also stored on the hard disk of the user's PC.

  • Purpose of using cookies: Cookies are used to identify and analyze the visiting and usage patterns of each service and website visited by users, popular search terms, secure access, etc., to provide optimized information to users.
  • Installation, operation, and rejection of cookies: You can refuse to store cookies by setting options in the privacy menu of the tools > internet options section at the top of the web browser. However, if you refuse to store cookies, there may be difficulties in using customized services.




7. Personal Information Protection Officer

7.1 The Company designates a person in charge of personal information protection to oversee the personal information processing tasks and handle complaints and damage relief from data subjects.

  • Personal Information Management Officer: YILEE Operations Team
    • Email: cs@yileeonline.com
    • This connects to the personal information protection department.

7.2 Data subjects can inquire about all personal information protection-related matters, complaint handling, and damage relief that occurred while using the Company's services (or business) to the personal information protection team via email.




8. Implementation and Changes to the Personal Information Processing Policy

This personal information processing policy is effective from 24 Sep, 2024.