Privacy policy

In accordance with the Personal Information Protection Act, SOVORO.Inc has the following processing policies to protect users' personal information and rights and interests, and to smoothly handle user complaints related to personal information. SOVORO.Inc will notify you through website announcements (or individual notices) when revising the privacy policy. This policy will take effect from March 1, 2018.


01. Purpose of processing personal information

SOVORO.Inc processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following purposes, and prior consent will be sought if the purpose of use is changed.

  1. We process personal information for the purpose of homepage membership, confirming the intention to sign up as a member, identification and authentication for membership service provision, maintenance and management of membership, prevention of illegal use of services, various notices and notifications, and record preservation for dispute resolution.
  2. We process personal information for the purpose of providing goods or services, providing services, payment, and settlement.
  3. We process personal information for the purpose of marketing and advertising, developing new services (products) and providing customized services, providing event and advertising information and opportunities to participate, identifying access frequencies, or statistics on members' use of services.


02. Personal information file status

Personal information file name : SOVORO.Inc Personal information


03. Processing and retention period of personal information

SOVORO.Inc processes and retains personal information within the period of retention and use of personal information in accordance with laws, or the period of retention and use of personal information agreed upon when collecting personal information from the information subject.

Each personal information processing and retention period is as follows.

1) Homepage membership registration and management

Personal information related to membership registration and management of the website is retained and used for the following purposes for the following purposes for 3 years from the date of consent for collection and use.

2) Provision of goods or services

Personal information related to the provision of goods or services is retained and used for the above purpose of use for up to 3 years from the date of consent for collection and use.

3) Use in marketing and advertising

Personal information related to the use of marketing and advertising is retained and used for the above purpose of use for up to 3 years from the date of consent for collection and use.


04. Rights and obligations of the information subject and legal representative, and how to exercise The user as a personal information subject, can exercise the following rights.

  1. The information subject may exercise the right to access, correct, delete, and request suspension of processing of personal information at any time for the SOVORO.Inc
  2. The exercise of rights pursuant to Paragraph 1 may be made through writing, e-mail, fax, etc. in accordance with Article 41 (Clause 1) of the Enforcement Decree of the Personal Information Protection Act for SOVORO.Inc, and SOVORO.Inc will take action immediately.
  3. The exercise of the rights pursuant to Paragraph 1 can be done through the legal representative of the information subject or through an agent such as a person who has been delegated. In this case, you must submit a power of attorney in accordance with the form of Attachment 11 of the Enforcement Regulations of the Personal Information Protection Act.
  4. The rights of the information subject may be restricted according to Article 35 (5) and Article 37 (2) of the Personal Information Protection Act for requests to view and stop processing personal information.
  5. Request for correction and deletion of personal information cannot be requested if the personal information is specified as the object of collection in other laws.
  6. SOVORO.Inc verifies whether it is the right person who made the request, such as a request for access according to the rights of the information subject, a request for correction or deletion, or a request for access to a request for suspension of processing.


05. Personal information items to be processed 

SOVORO.Inc handles the following personal information items.

  1. Homepage membership registration and management email, mobile phone number, password question and answer, password, date of birth, name, service use record, access log, cookie, access IP information, payment record
  2. Goods or service delivery email, mobile phone number, password question and answer, password, date of birth, name, service use record, access log, cookie, access IP information, payment record
  3. E-mail for marketing and advertisement, mobile phone number, date of birth, name, service use record, access log, cookie, access IP information, payment record


06. Destruction of personal information

In principle, SOVORO.Inc destroys the personal information without delay when the purpose of processing personal information is achieved. The procedure, deadline and method of destruction are as follows.

  1.  Destruction Procedure : The information entered by the user is transferred to a separate DB (separate document in the case of paper) after the purpose is achieved, and is destroyed after a certain period of storage or immediately in accordance with internal policies and other related laws. At this time, the personal information transferred to the DB is not used for other purposes unless it is required by law.
  2. Expiration due : Within 5 days when the personal information of the user has passed the expiration date of destruction, or from the end of the retention period, when the personal information becomes unnecessary, such as achieving the purpose of processing personal information, abolition of the service, termination of business, etc. 
  3. Destruction method : Information in the form of electronic files uses a technical method that cannot reproduce the record. Personal information printed on paper is destroyed by shredding or incineration.
  4. Notice of conversion to dormant account
    Customers who do not have a usage record for one year after the last use of SOVORO is automatically converted to a dormant account. After switching to a dormant account, personal information is separately separated and managed safely, and access to and use of personal information is restricted without the consent of the customer. Customers will be notified via email at least 30 days prior to the transition to a dormant account.


07. Matters concerning the installation, operation and rejection of automatic personal information collection devices

  1. SOVORO.Inc uses ‘cookies’ that store and retrieve usage information from time to time to provide individual customized services.
  2. Cookies are a small amount of information sent to the user's computer browser by the server (http) used to operate the website, and may be stored on the hard disk in the user's PC computer.


08. Change of personal information processing policy

This personal information processing policy is applied from the effective date, and if there is addition, deletion, or correction of changes in accordance with laws and policies, it will be notified through a notice from 7 days before the enforcement of the changes.


09. Measures to ensure the safety of personal information

In accordance with Article 29 of the Personal Information Protection Act, SOVORO.Inc takes technical/administrative and physical measures necessary to ensure safety as follows.

  1. Minimization of Personal Information Handling Employees and Training : We are implementing measures to manage personal information by designating and minimizing the number of employees handling personal information.
  2. Establishment and implementation of an internal management plan : We have established and implemented an internal management plan for the safe handling of personal information.
  3. Encryption of personal information : The user's personal information is encrypted and stored and managed, so only the subject can know it, and for important data, separate security features such as encrypting files and transmission data or using a file lock function are used.
  4. Technical measures against hacking : In order to prevent leakage and damage of personal information by hacking or computer viruses, security programs are installed, periodic updates and inspections are carried out, and systems are installed in areas where access is controlled from outside, and technical/physical monitoring Blocking.
  5. Storage of access records and prevention of falsification : We store and manage records of access to the personal information processing system for at least 6 months, and use security functions to prevent forgery, theft, and loss of access records.
  6. Restriction of access to personal information : We are taking necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and use an intrusion prevention system to prevent unauthorized access from outside.
  7. Access Control for Unauthorized Persons : A separate physical storage place for personal information is established, and access control procedures are established and operated.