Go to the Content Go to the Main Menu Go to the Viewed Today Go to the Footer


privacy policy

Qoo10 Pte. Ltd. (hereinafter referred to as the 'Company') establishes and discloses the following personal information handling policy in order to protect the personal information of the information subject in accordance with Article 30 of the 「Personal Information Protection Act」 and to promptly and smoothly handle related grievances.

If there is a change in laws or guidelines related to personal information and the company's policy changes, the privacy policy may be updated.

The privacy policy contains the following information.

○ This Privacy Policy is effective from May 12, 2022.



Article 1 (Purpose of processing personal information)
The company processes personal information for the following purposes. The personal information being processed is not used for purposes other than Article 6 (Creating items of personal information to be processed). If the purpose of use is changed, measures such as obtaining separate consent in accordance with Article 18 of the 「Personal Information Protection Act」 will be implemented.
Article 2 (Processing and Retention Period of Personal Information)
  • ① Qoo10 collects and uses personal information as in Article 6 (Creating items of personal information to be processed).The period of retention and use of collected personal information is from the signing of the service use contract (membership registration) to the termination of the service use contract (including application for withdrawal and ex officio withdrawal).
  • ② Qoo10 processes and retains personal information within the retention of personal information in accordance with laws and regulations.
    Each personal information processing and (obligatory) retention period in accordance with laws and regulations is as follows.

    Personal information processing and (obligatory) retention period
    Retention informationRetention periodGrounds of Law
    Records on payment and supply of goods5 yearsArticle 6 of the Consumer Protection Act in e-commerce
    Records on contract or withdrawal of subscription5 year
    Records on handling consumer complaints or disputes3 year
    Records on display and advertisement6 month
    Records of Electronic Financial Transactions5 yearArticle 22 of the Electronic Financial Transactions Act
    Website and app visit history3 monthCommunication Secret Protection Act Article 15-2
    Records on the collection, processing and use of credit information3 yearArticle 20 of the Act on the Use and Protection of Credit Information
  • ③ If the use contract is still in effect after the above mandatory retention period, the information is kept until the end of the use contract.If it is necessary to withdraw the information beyond the mandatory retention period, the user can request the withdrawal through Article 12 (Request for Access to Personal Information).
Article 3 (Provision of Personal Information to Third Parties)

Qoo10 uses your personal information within the scope notified in the "Purpose of Collection and Use of Personal Information" of the "Personal Information Handling Policy", the membership application form, the Terms of Service. Do not use it beyond this range or provide it to others or other companies or organizations. However, exceptions are made when there is consent from the customer or when information is requested according to the procedures set by laws and regulations, and in this case, personal information may be used and provided with care.

  • ① The company processes personal information only within the scope specified in Article 1 (Purpose of processing personal information). Personal information is provided to third parties only if it falls under Articles 17 and 18 of the 「Personal Information Protection Act」, such as the consent of the information subject and special provisions of the law.
  • ② The company provides personal information to third parties as follows

    Providing personal information to third parties
    recipientOfferPurpose of provisionRetention and period of use
    VendorName/Phone Number/E-mail/AddressCustomer inquiry and product delivery6 months after delivery
    Shipping companyName/Phone Number/AddressProduct delivery6 months after delivery
    Seller
    [Seller List]
    ID, name, phone number, mobile phone number, delivery address, email address (when selected), customs unique code (when selected)Handling of tasks necessary for the fulfillment of information and communication service provision contracts and e-commerce (mail order sales) contracts, such as product and gift (service) delivery (transmission), product installation, return, refund, customer consultation, etc.3 months after the end of the purchase service
Article 4 (Consignment of Personal Information Processing)
  • ① The company entrusts the following personal information processing tasks for smooth personal information processing.

    Consignment of personal information processing business
    consigneeConsignment workRetention and period of use
    SMSMnwiseSend SMS and KakaoTalk messages
    SMSaligoSend SMS
    PaymentSettle Bank, IncDomestic payment processing
    Paymentnhn korea cyber payment co. ltdDomestic payment processing
    PaymentVIVA REPUBLICA Co., Ltd.Domestic payment processing
    PaymentWorldpay, IncOverseas credit card payment processing
    PaymentVisa IncOverseas credit card payment processing
    PaymentMastercard IncOverseas credit card payment processing
    PaymentJoseph Cyril Bamford Excavators LtdOverseas credit card payment processing
    PaymentUnionPayOverseas credit card payment processing
    Payment2c2pOverseas credit card payment processing
    PaymentPAYPAL HOLDINGS INCORPORATEDOverseas credit card payment processing
  • ② In accordance with Article 26 of the Personal Information Protection Act, the company stipulates in the documents such as prohibition of processing personal information, technical and managerial protection measures, re-entrust restrictions, management and supervision of trustees, and compensation. Supervise whether the trustee handles personal information safely.
  • ③ If the contents of the consigned work or the consignee is changed, we will disclose it through this personal information processing policy without delay.
Article 5 (Rights and Duties of Information Subjects and Legal Representatives and Method of Exercising them)
  • ① The subject of information can exercise the right to view, correct, delete, and suspend processing of personal information at any time with respect to the company.
  • ② The exercise of rights pursuant to Paragraph 1 can be used by the company in writing, e-mail etc. in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the 「Personal Information Protection Act」, and the company will take action without delay.
  • ③The exercise of rights pursuant to Paragraph 1 can be done through an agent, such as a legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in the form of Attachment No. 11 of the “Personal Information Handling Method Notice (No. 2020-7)”.
  • ④ The rights of the information subject may be restricted in accordance with Article 35 (4) and Article 37 (2) of the 「Personal Information Protection Act」.
  • ⑤ The request for correction and deletion of personal information cannot be requested if the personal information is specified as a collection target in other laws.
  • ⑥ The company confirms whether the person who made the request, such as a request for reading, correction or deletion, or request for suspension of processing, is the person or a legitimate agent according to the right of the information subject.
Article 6 (Creating items of personal information to be processed)
  • ① The company is processing the following personal information category.

    1) customer/seller

    Personal information category
    purposecategory
    customer/ sellersign up

    (Required)
    Email, name, password, date of birth, gender

    (optional)
    Mobile phone number, ID, withdrawal account, Q account password

    Order, payment, delivery serviceName, mobile phone number, phone number, address, email, credit card information for card payment, bank account information for bank transfer, simple payment account information for simple payment, Q-coin password for Q-coin payment, Q account password for Qmoney payment , personal customs clearance code
    Email or ID, find a passwordName, gender, date of birth, mobile phone number, email address
    SNS loginGoogle, Facebook, Line, KakaoTalk, Apple account
    Non-member order, payment and delivery serviceName, mobile phone number, phone number, address, email, credit card information for card payment, bank account information for bank transfer, simple payment account information for simple payment, personal customs clearance code.
    Other access informationService usage history, access logs, cookies, access IP information
    sellerSeller member service provision, etc.Company name, contact person name, ID, email, phone number, mobile phone number, address, URL for reference (optional)
    Sales payment settlement, etc.Bank account information, business license number or resident registration number, company name, email, phone number, address.
Article 7 (Destruction of personal information)
  • ① The company destroys the personal information without delay when the personal information becomes unnecessary, such as the expiration of the personal information retention period or achievement of the purpose of processing.
  • ② The company notifies the user in advance of the personal information of the user who has not used the company's service for one year, and destroys or separates the personal information and stores and manages it.
  • ③ If personal information must be continuously preserved according to other laws, the personal information is moved to a separate database (DB) or stored in a different storage location.
  • ④ Separately stored personal information is completely destroyed in a safe manner after five years without the requirements of other laws and regulations.
  • ⑤ The procedures and methods for personal information destruction are as follows.

    • 1. Destruction procedure
      The company selects personal information where the reason for destruction occurs and destroys personal information with the approval of the company's personal information protection manager.

    • 2. Destruction method
      Information in the form of electronic files uses a technical method that cannot reproduce records.
      Personal information printed on paper is shredded with a shredder or destroyed through incineration.

Article 8 (Measures to ensure the safety of personal information)

The company is taking the following measures to ensure the safety of personal information.


  • 1. Conduct regular self-audits
    To ensure the stability of personal information handling, we conduct regular (quarterly) self-audits.

  • 2. Minimize and train personal information management staff
    We are implementing measures to manage personal information by designating employees who handle personal information and limiting them to the person in charge.

  • 3. Establishment and implementation of internal management plan
    We have established and implemented an internal management plan for safe handling of personal information.

  • 4. Technical measures to prepare for hacking, etc
    The company has installed a security program to prevent leakage and damage of personal information caused by hacking or computer viruses. In addition, periodic updates and inspections are performed, the system is installed in an area where access is controlled from outside, and it is monitored and blocked technically and physically.

  • 5. Encryption of personal information
    The user's personal information is stored and managed after the password is encrypted, so only the user can know it. Sensitive data uses separate security features such as encrypting files and transmission data or using a file lock function.

  • 6. Storage of access records and prevention of forgery
    Records accessed to the personal information processing system are kept and managed for at least one year. We use security features to prevent forgery, theft, and loss of access records.

  • 7. Restricting access to personal information
    We take necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and use an intrusion prevention system to control unauthorized access from outside.

  • 8. Using Lockers for Document Security
    Documents containing personal information are stored in a safe place with locks such as secondary storage media.

  • 9. Access control for unauthorized persons
    A separate physical storage place where personal information is stored is established and operated for access control procedures are established.

Article 9 (Matters concerning installation, operation and rejection of automatic personal information collection devices)
  • ① The company uses 'cookie' to store and retrieve usage information from time to time to provide individual customized services to users.
  • ② Cookies are small amounts of information that the server (http) used to run the website sends to the user's computer browser, and are sometimes stored on the user's hard disk in the user's PC computer.


    • 1. Purpose of use of cookies: It is used to provide optimized information to users by identifying the types of visits and usage of each service and website visited by the user, popular search terms, and whether or not secure access is available.
    • 2. Installing and operating and rejecting cookies: You can refuse to save cookies by setting the options in the Tools>Internet Options>Personal Information menu at the top of the web browser.
    • 3. If you refuse to store cookies, you may experience difficulties in using customized services.
Article 10 (Personal Information Protection Officer)
  • ① The company is responsible for overall handling of personal information, and has designated a person in charge of personal information protection as follows to handle complaints and damage relief from information subjects related to personal information processing.

    ※ Connect to your privacy department

    • ▶ Department :Compliance Part
    • - Department :Security Division
    • - Manager :KyoungGeun Lee (CPO)
    • - Contact :+82-02-6004-9000 (Ext : 1595)
    • - Email :privacy@qoo10.com
  • ② Users can inquire about personal information protection related inquiries, complaint handling, damage relief, etc., to the person in charge of personal information protection and the department in charge while using the company service (or business). The company will respond and process inquiries without delay
Article 11 (Standards for Judgment of Additional Use and Provision)

In accordance with Article 15 (3) and 17 (4) of the Personal Information Protection Act, the company may additionally use and provide personal information without the consent of the information subject in consideration of the matters under Article 14-2 of the Enforcement Decree of the Personal Information Protection Act. There is.
Therefore, in order for the company to use and provide additional information without the consent of the information subject, the following matters have been considered.

  • - Whether the purpose of additional use and provision of personal information is related to the original purpose of collection.
  • - Whether there is any predictability of additional use or provision in light of the circumstances in which personal information was collected or processing practices.
  • - Whether the additional use or provision of personal information unreasonably infringes on the interests of the information subject.
  • - Whether measures necessary to secure safety, such as pseudonymization or encryption, have been taken.

※ The criteria for judging considerations for additional use and provision are prepared and disclosed by the business operator/group autonomously determined by themselves.

Article 12 (Request for Access to Personal Information)
Information subjects can view personal information through MyQoo10 on the Qoo10 site, and for information that cannot be directly checked through the Qoo10 website or app, please contact the Qoo10 Customer Center(1:1 Contact Chat, help@qoo10.com ).
Article 13 (Remedies for Infringement of Rights)

The information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency Personal Information Infringement Report Center, etc. In addition, for other personal information infringement reports and consultations, please contact the following organizations.

  • 1. Personal Information Dispute Mediation Committee : (without a country code) 1833-6972 (www.kopico.go.kr)
  • 2. Personal Information Infringement Report Center : (without a country code 118 (privacy.kisa.or.kr)
  • 3. Supreme Public Prosecutors' Office : (without a country code) 1301 (www.spo.go.kr)
  • 4. Public prosecutor's office : (without a country code) 182 (ecrm.cyber.go.kr)
Article 14 (Change of Personal Information Handling Policy)
  • ① This privacy policy is effective from 12 May 2022.
  • ② The previous privacy policy can be found below.


- 2018.09.01 ~ 2022.05.11 apply