Personal Information Protection Policy

1. Definition and duty of notice regarding the personal information protection policy

1-1. This personal information protection policy is valid for all services operated by MADSquare Inc., including the e-commerce website Charis.

1-2. This personal information protection policy was created by MADSquare Inc. and the Company holds the rights to make edits and changes.

1-3. Users will be regarded as agreeing to all of MADSquare Inc.’s personal information protection policy by applying for membership with our services.

1-4. MADSquare Inc reserves the right to reject or withhold a membership application for the following reasons.

  1. In the case that the user fails to provide identity certification for Charis and other services provided by MADSquare Inc. (hereafter referred to as the “Company”).
  2. In the case that the applicant provides information that matches that of a preexisting member.
  3. In the case that the Company’s policies make it impossible to re-register.
  4. In the case that technological operations are unavailable due to technical errors or unavoidable circumstances and natural disasters.
  5. Other instances that the Company deems fair and necessary.

1-5. The current personal information protection policy may be changed as deemed necessary by MADSquare Inc., governmental policies or other related laws. If there are any additions, deletions or changes made to the policy, the Company will provide prior notification 30 days before the changes are implemented.

2. Content of collected personal information and agreement to collection methods

2-1. Purpose and use of collected personal information

  1. A portion of services provided by the Company can be used without membership. The purpose of the Company collection the personal information of users is to confirm the identity of members and the user’s intention to use paid services.
  2. The Company collects personal information for the following purposes and requires personal information in the following categories.
    1. To provide information for basic service provisions needed by members.
      1. Provider and Seller
        1. Personal resident registration number or business license for personal or business identification.
        2. Name, mobile phone number and e-mail address for the fulfillment and notification of the contract.
        3. Bank account and Paypal account information for payment purposes.
        4. Name, address, contact information, and personal customs number or similar information for delivery services.
      2. Customer
        1. Personal resident registration number or business license for personal or business identification.
        2. Name, mobile phone number and e-mail address for the fulfillment and notification of the contract.
        3. Bank account, Paypal account and credit card information for payment purposes.
        4. Name, address, contact information, and personal customs number or similar information for delivery services.
      3. In the case that a buyer becomes a seller, the user’s personal information may be shared or moved to the seller-exclusive website.
    2. To provide information for the provision of user-specific services.
      1. Provider and Seller
        1. Personal or business name, contact information, e-mail address, address etc for marketing, events, analytics, surveys etc.
      2. Customer
        1. Personal or business name, contact information, e-mail address, address etc for marketing, events, analytics, surveys etc.

2-2. The content of the personal information collected by the Company is as follows.

  1. When one is applying for a membership with e-commerce website Charis or other services provided by the Company, the individual will receive a request to provide necessary information such as their name, e-mail address, address, P.O. Box number, contact information and credit card information.
  2. Information will be collected to balance accounts for financial transactions and overseas credit card usage according to e-commerce laws; necessary information will be collected for delivery, exchange and refund services; customs information may be collected for overseas deliveries with permission from the user.
  3. The Company collects IDs and passwords for membership applications, and the user cannot share their ID and password with other people.
  4. Other information may be requested for special purposes, such as for various surveys and events.

2-3. The Company collects personal information in the following methods:

  1. Users will be requested to supply information such as their e-mail address, name and contact information during the membership application process.
  2. Users will be requested to supply information such as their name, bank account information and credit card information during the product payment process.

3. Notice on the use and entrustment of personal information

3-1. The Company will not provide third parties with personal information of users without the user’s permission, and will only use the information within the set parameters. However, the Company reserves the rights to share user information with third parties for the following reasons:

  1. In the case of receiving prior permission from the user.
  2. In the case of a user violating service-related regulations.
  3. In the case of a request being made by investigative agencies or other authorities for legal or investigative purposes.
  4. In the case that it is deemed necessary based on other related laws.

3-2. For a smooth service provision, the Company may outsource certain services to other companies, and these companies may be entrusted with the necessary personal information. In such cases, the Company will provide prior notification and receive prior permission from the user. The services that the Company will require user permission to outsource are as follows:

Third-party Service ProvidersPurpose of UseDuration of Retention and Use
Brand (Product Provider)- Shipping services for products
- Services of return, exchange and collection
- Support services for products
- Report for issuance of international sales
From when separate consent is obtained by the Company, until the earlier of (i) the expiry of the duration of provision of services by the applicable third party or (ii) the termination by the customer of the services provided by the applicable third party
Eximbay, Adyen, Paypal, Uinfo- Processing of payment and verification of accounts
EFS, JX Global, EPANTOS, EMS, UINFO, Airbridge, CESCO, XPOST- Shipping service for product and free gifts for events
Braze, Airbridge, Amplitude, Google Analytics- Event collection and analysis for marketing and personalization services
Fabric, Firebase, Raygun- Data collection for bug reports and app usage analysis
Channel.io- Event collection for customer service response

4. Protection of personal information

The Company prepares and applies technology and policy-based protection measures to prevent the theft, loss, falsification and leak of personal information collected from users. Users must never share or leak their personal information to others, and must take responsibility for protecting their personal information.

4-1. Technology-based protection measures of personal information

  1. Encryption of personal information: The Company encrypts the personal information of users that is saved and stored.

4-2. Policy-based protection measures of personal information

  1. Education for those handling personal information: The Company holds training sessions for those who handle the personal information of users.
  2. Personal information handling policy: The Company has created and posted a personal information protection policy to protect the personal information of users.

4-3. Responsibilities and rights of users to protect personal information

Users have the right to have their personal information protected by service providers. Also, users have a responsibility to protect their own personal information.

  1. The user holds the responsibility of managing their password, and must not share their password with others.
  2. The user holds the responsibility of retrieving and changing their password, and must not exceed the maximum number of password changes.
  3. The user must not share their personal information, including the user’s ID and password, with other people.
  4. The user must always log out after logging in in public places such as offices, schools and work spaces.
  5. Users will abide by the laws related to the protection and use of personal information.

5. Cookies - Installation and management of automatic personal information collection device

The Company uses ‘cookies’ to collection information on members/non-members to provide a more suitable service. Cookies refer to information files sent by website servers to browsers, and these temporary files are saved on user hard drives.

5-1. Users can reject the installation of cookie files. The settings for changing one’s permission to install cookies are as follows (Internet Explorer).

  1. Choose the [Internet Option] from the [Tools] window.
  2. Choose [Personal Information Tab].
  3. Set your options on [Personal Information Protection Level]

5-2. Services may be partially restricted for users who have rejected the installation of cookie files.

6. Period of possession and termination of personal information

6-1. Period of possession of personal information

The Company will maintain possession and protection of users’ personal information from the membership signup date till the termination date to provide a smoother service to users.

6-2. Termination of personal information

Personal information will be terminated when the contract between the Company and the user ends. However, the Company reserves the right to hold personal information for a set period of time to confirm transaction-related contractual obligations in accordance to related laws and consumer protection regulations. The opening and use of said personal information will be limited, and the Company will list the reasons, time period of categories of personal information that will be held.

  • - Records related to the contract and the termination of the contract : 5 years
  • - Records related to payments and goods distribution: 5 years
  • - Records related to consumer complaints and dispute settlements: 3 years

6-3. How to delete personal information

The user can delete personal information stored in the service by using 'Withdrawal' after sign in into the service, and the personal information will be destroyed immediately upon request

6-4. Termination by user

The user can request a termination at any time through the relevant webpage. However, the user must conclude all necessary transactions at minimum 15 days before the termination request.

The user holds sole responsibility for damages and losses incurred due to a failure to comply to said agreement.

6-5. Termination by Company

The Company holds the right to terminate a user’s contract for the following reasons.

  1. In cases in which the user illegally uses a different member’s name, rights, financial information or personal information or infringes upon another member’s profits.
  2. In cases in which the user hinders the Company’s service provision.
  3. In cases in which the user violates laws set by the Republic of Korea.
  4. Other instances that the Company deems fair and necessary.

7. Contact information of person in charge of personal information

  • Ahn Joon-hee
  • CEO
  • helper@madsq.net
  • 02-552-9516

8. Supplementary provision

  1. This policy and supplementary provision will be implemented from 2016.05.09.
  2. All legal grounds are based in Korean law.