Privacy Policy
Bungaejangter Inc. (“Company” or “Bunjang”) establishes the following Privacy Policy to protect users’ personal information and rights and to handle users’ complaints regarding personal information in accordance with the Personal Information Protection Act and other relevant laws.
Table of Contents
Purpose of Personal Information Processing
Items of Personal Information Processed
Retention and Use Period of Personal Information
Processing of Personal Information of Children Under 16
Procedures and Methods for Destruction of Personal Information
Overseas Transfer of Personal Information
Measures to Ensure Security of Personal Information
Rights and Obligations of Data Subjects and Exercise Methods
Designation of Personal Information Protection Officer
Remedies for Infringement of Rights
Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
Changes to the Privacy Policy
1. Purpose of Personal Information Processing
Bunjang processes personal information for the following purposes. Personal information will not be used for purposes other than those stated below. If the purpose changes, separate consent will be obtained in accordance with Article 18 of the Personal Information Protection Act.
① Website Membership Registration and Management: To verify membership intent, provide membership services, identify and authenticate users, maintain and manage membership status, implement limited identity verification, and provide various notifications.
② Marketing and Advertising: To provide event participation opportunities, deliver promotional information, analyze service usage statistics, and understand access frequency.
2. Items of Personal Information Processed
Bunjang processes only the minimum personal information necessary to provide services as follows:
Category | Purpose | Items Collected | Retention and Use Period |
Required | Membership Registration | Email, Nickname, Country | Until membership withdrawal |
Optional | New service announcements, event info | Email, Country | Until consent is withdrawn or membership is terminated |
In the course of using the service, information such as your IP address, cookies, service usage records (access logs), and device information may be generated and collected. Specifically, (1) information about the user may be automatically generated and stored (collected) during the service usage process, or (2) unique information from the user’s device may be collected after being safely converted so that the original values cannot be identified.
Additional collected personal information is used solely for the purposes below, such as developing, providing, and improving the services of Bunjang (including mobile web/app), and creating a safe internet environment.
Personal information is used to protect users and operate the service by taking measures to restrict the use of the service by members who violate laws or Bunjang’s terms of service, preventing and sanctioning activities that hinder the smooth operation of the service including fraudulent use, preventing account theft and fraudulent transactions, delivering notices such as amendments to the terms of service, preserving records for dispute resolution, and handling user inquiries.
Personal information is also used to build a service environment where users can use the service safely from a security, privacy, and safety perspective.
Device model: For statistical and service quality improvement
Access IP address: For cooperation with investigations of suspicious transactions
Advertising identifier, device OS information: For marketing promotions and user/device distinction
3. Retention and Use Period of Personal Information
Bunjang processes and retains personal information within the period of retention and use as prescribed by law or as agreed to by the user at the time of collection. In principle, once the purpose of collection and use of personal information has been achieved, the user’s personal information is promptly destroyed. However, if it is necessary to preserve the information in accordance with relevant laws and regulations, the personal information may be retained for a certain period as specified below.
Relevant Law | Content | Retention Period |
Protection of Communications Secrets Act, Art. 15-2 | Records of website visits (internet logs, access tracking data) | 3 months |
4. Processing of Personal Information of Children Under 16
Bunjang does not collect or use personal information of children under the age of 16, for whom legal guardian consent is required.
5. Procedures and Methods for Destruction of Personal Information
Bunjang promptly destroys personal information when it is no longer needed, such as when the retention period expires or the purpose of use is achieved, in accordance with Article 21 of the Personal Information Protection Act.
① Destruction Procedure: Information entered by users is transferred to a separate database and stored for a certain period under internal policies and relevant laws, then destroyed. Information transferred to the database is not used for other purposes except as required by law.
② Destruction Deadline: When the retention period of the user’s personal information has expired, the personal information is promptly destroyed from the end date of the retention period. Additionally, if the purpose of processing the personal information has been achieved, the relevant service is discontinued, or the business type changes such that the personal information is no longer needed, it is promptly destroyed from the date it is deemed unnecessary to process the personal information.
③ Destruction Method: Personal information stored in electronic files is destroyed using technical methods that prevent recovery or reproduction.
6. Overseas Transfer of Personal Information
If overseas transfer (including outsourcing or storage) of personal information is necessary for contract fulfillment, Bunjang will disclose such transfers in the Privacy Policy in accordance with Article 28-8 of the Personal Information Protection Act.
If the user refuses the overseas transfer of personal information, the company will exclude the user’s personal information from the scope of such transfer. However, in this case, the use of services that necessarily involve the overseas transfer of personal information may be restricted.
Recipient of the Information | Contact Information of Data Protection Officer | Country to Which Data is Transferred | Personal Information to Be Transferred | Date and Method of Transfer | Purpose of Transfer | Retention and Usage Period | Legal Basis for Transfer |
SendGrid | privacy@twilio.com | USA | Transmission via network upon email dispatch | Sending emails for service use | Until membership withdrawal | Personal Information Protection Act Art. 28-8(1)(3) |
Users may refuse overseas transfer, but in such cases, certain services may be restricted.
7. Measures to Ensure Security of Personal Information
In accordance with Article 29 of the Personal Information Protection Act (Duty to Take Safety Measures), Bunjang takes the following technical, administrative, and physical measures necessary to ensure the security of personal information.
a. Minimization and training of personnel handling personal information
We designate and limit the number of employees authorized to handle personal information, minimizing the scope of access and implementing management measures accordingly.
b. Establishment and implementation of an internal management plan
To safely process personal information, we have established and implemented personal information protection guidelines.
c. Technical measures against hacking and other threats
To prevent the leakage or damage of personal information due to hacking, computer viruses, etc., Bunjang installs security programs, regularly updates and inspects them, installs systems in areas with controlled external access, and monitors and blocks unauthorized access both technically and physically.
d. Encryption of personal information
The items of users' personal information subject to encryption are stored and managed in an encrypted form, so that only the user can know them, and important data is protected by using separate security features such as encrypting files and transmitted data or using file lock functions.
e. Retention and protection of access records
Access records to the personal information processing system are retained and managed for at least two years, and security functions are employed to prevent tampering, theft, or loss of these records.
f. Access restriction to personal information
We take necessary measures to control access to personal information by granting, changing, or revoking access rights to the database system that processes personal information, and we use intrusion prevention systems to block unauthorized external access.
g. Use of locks for document security
Documents and auxiliary storage media containing personal information are stored in secure places equipped with locking devices.
h. Control of unauthorized physical access
We maintain separate physical storage locations for personal information and establish and operate access control procedures for these areas.
8. Rights and Obligations of Data Subjects and Exercise Methods
a. Data subjects may exercise their rights to request access, correction, deletion, and suspension of processing of their personal information at any time with Bunjang.
b. To exercise the rights to access and correction under section (a), you may contact us as follows, and Bunjang will take prompt action:
By email
Email: help@bunjang.co.kr
c. To exercise the right to suspend processing under section (a), you can unsubscribe as follows, and Bunjang will take prompt action:
Unsubscribe
Log in to your subscription email > open the received email > click the “Unsubscribe” button
d. To exercise the right to deletion under section (a), you can delete your account as follows, and Bunjang will take prompt action:
Delete Account
My Page > Edit Profile > Click “Delete Account”
e. The rights under section (a) may also be exercised through a representative authorized by the data subject pursuant to Article 38(1) of the Personal Information Protection Act. In this case, a power of attorney must be submitted in the format specified in Form No. 11 of the Notification on Personal Information Processing Methods.
f. Requests for access, correction, deletion, or suspension of processing of personal information may be restricted in accordance with Article 35(4), Article 36(1), and Article 37(2) of the Personal Information Protection Act.
9. Designation of Personal Information Protection Officer
Users may report any personal information protection-related complaints that arise while using the company’s services to the Personal Information Protection Officer or the department in charge of personal information protection. Bunjang will respond promptly and thoroughly to users’ inquiries and reports.
Personal Information Protection Officer
Name: Byungseong Park
Position: Head of Division
Email: privacy@bunjang.co.kr
Department in Charge
Security Team
Email: privacy@bunjang.co.kr
10. Remedies for Infringement of Rights
If you are not satisfied with Bunjang’s handling of personal information complaints or need further assistance, you may contact the following independent agencies:
a. Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
- Responsibilities: Receive reports and provide consultation regarding personal information infringements
- Website: https://privacy.kisa.or.kr
- Address: Personal Information Infringement Report Center, Korea Internet & Security Agency, 9 Jinheung-gil, Naju-si, Jeollanam-do, 58342, Republic of Korea
b. Personal Information Dispute Mediation Committee
- Responsibilities: Mediation of personal information disputes, collective dispute mediation (civil resolution)
- Website: https://www.kopico.go.kr
- Address: 12th Floor, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul, 03171, Republic of Korea
c. Supreme Prosecutors’ Office Cyber Investigation Division: www.spo.go.kr
d. Cyber Crime Reporting System: https://ecrm.police.go.kr/minwon/main
11. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
Bunjang uses cookies to provide personalized services. Cookies are small pieces of data sent to your browser by the server and may be stored on your PC’s hard disk.
When you access the Website, Bunjang’s server reads your cookies and may provide services without requiring additional input.
Cookies identify your computer but do not personally identify you. You can choose to allow all cookies, be notified when cookies are set, or refuse all cookies through your browser settings. However, if you refuse the installation
of cookies, your web experience may become less convenient, and you may encounter difficulties using certain services that require login.
Cookie settings by browser:
Internet Explorer
Microsoft Edge
Chrome
Safari
Firefox
12. Changes to the Privacy Policy
Bunjang will notify users of any changes to the Privacy Policy via website announcements.
Notice Date: July 14, 2025
Effective Date: July 17, 2025
Previous versions of the Privacy Policy can be found below.