Personal information processing policy

(http://www.arte-vic.com> Hereinafter referred to as "Tangible Asset-based Transaction Platform for Art, etc.) establishes and discloses personal information processing policies as follows to protect personal information subjects and quickly and smoothly handle related grievances.
○ This personal information processing policy will take effect on December 17, 2021.


Article 1 (Purpose of processing personal information)

('http://www.arte-vic.com' or 'Tangible Asset-based Transaction Platform such as Art') processes personal information for the following purposes. Personal information being processed is not used for purposes other than the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act. 1. Membership registration and management on the website
Personal information is processed for the purpose of confirming membership intention, identifying oneself according to the provision of membership services, maintaining membership qualifications, managing, preventing illegal use of services, notifying, and handling grievances.
2. Handling civil complaints
Personal information is processed for the purpose of identifying civil petitioners, checking civil complaints, contacting for fact-finding, notification, and notification of processing results.
3. Providing goods or services
Process personal information for the purpose of delivery, service provision, contract, billing, content provision, customized service provision, identity authentication, age certification, fee payment, and settlement.
4. Use for marketing and advertising
Personal information is processed for the purpose of developing new services (products) and providing customized services, providing events and advertising information and opportunities to participate, providing services based on demographic characteristics, validating services, identifying access frequency, or statistics on members' use of services.
5. Personal video information
Personal information is processed for the purpose of preventing and investigating crimes.


Article 2 (Duration of Processing and Retention of Personal Information)

① holds personal information in accordance with laws and regulations, holds personal information agreed upon when collecting personal information from an information subject, processes personal information within the period of use.
② Each personal information processing and retention period is as follows.
• 1. Sign up and manage membership on the website>
• Collection of personal information related to .Holding for the above purpose of use from the date of consent to use to <3 years>.It's used.
• Grounds for holding: Customers and holdings of tangible assets transactions, and follow-up management
• Related Acts and subordinate statutes: Records of the collection/processing, use, etc. of credit information: 3 years
• Reasons for exception: Only immediate destruction of withdrawal



Article 3 (Provide personal information to a third party)

① processes personal information only within the scope specified in Article 1 (Purpose for Processing Personal Information) and provides personal information to third parties only if it falls under Articles 17 and 18 of the Personal Information Protection Act, such as consent of the data subject and special provisions of the law.
② provides personal information to third parties as follows.
• 1. Financial institutions, telecommunications companies >
• Person who receives personal information: financial institutions, telecommunications companies
• Purpose of using the recipient's personal information: email, mobile phone number, password question and answer, password, login ID, gender, birth date, name, credit card information, bank account information, service usage record, access IP information, payment record
• The possession of the recipient.Period of use: Destroy without delay


Article 4 (consignment of personal information processing)

① entrusts personal information processing as follows for smooth personal information processing.
• 1. Financial institutions, telecommunications companies >
• Consigned person (consignee): Identification of account holder
• Contents of entrusted work: sending purchases and charges, shipping goods or bills, handling complaints such as identity authentication (financial transactions, financial services), handling complaints, developing new services (products), providing event and advertising information, and providing opportunities to participate. • Consignment period: 3 years
② In accordance with Article 26 of the Personal Information Protection Act, ArteVIC Co., Ltd. specifies documents such as liability, such as prohibition of personal information processing, technical and administrative protection measures, restrictions on re-consignment, management and damage compensation, and supervises whether the trustee handles personal information safely.
③ If the contents of the consignment work or the trustee change, we will disclose it through this personal information processing policy without delay.


Article 5 (the rights of the information subject and legal representative, duties, and how to exercise them)

① The data subject may exercise the right to view, correct, delete, or suspend personal information at any time against ArteVIC Co., Ltd.
② The exercise of rights under paragraph (1) can be made to ArteVIC Co., Ltd. in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act through e-mail, mock transfer (FAX), etc., and ArteVIC Co., Ltd. will take action without delay.
③ The exercise of rights under paragraph (1) may be made through an agent such as a legal representative of the data subject or a person who has been delegated.In this case, "Notice on how to process personal information (No. 2020-7)" You have to submit a power of attorney in accordance with the attached Form 11.
④ The rights of the data subject may be restricted under Articles 35(4) and 37(2) of the Personal Information Protection Act.
⑤ Requests for correction and deletion of personal information cannot be requested if other laws and regulations stipulate that personal information is subject to collection.
⑥ ARTEVIC Co., Ltd. checks whether the person who made the request, such as reading, correction, deletion, or suspension of processing, is himself or a legitimate agent.


Article 6 (Create an item of personal information to be processed)

① handles the following personal information items.
• 1< Sign up and manage membership on the website>
• Required items: e-mail, mobile phone number, home address, password, login ID, gender, date of birth, name, credit card information, bank account information, service usage record, access IP information, payment record
• Optional items: e-mail, mobile phone number, home address, password question and answer, password, login ID, gender, date of birth, name, credit card information, bank account information, service usage record, access IP information, payment record


Article 7 (destruction of personal information)

① destroys the personal information without delay when personal information becomes unnecessary, such as the lapse of the personal information retention period and the achievement of the processing purpose.
② If personal information must be preserved according to other laws and regulations even after the period of personal information retention agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information will be moved to a separate database (DB) or preserved differently.
1. Legal basis:
2. Personal information items to be preserved: account information, transaction date
③ The procedure and method of destroying personal information are as follows.
1. Destruction procedure
selects personal information that has caused a reason for destruction and destroys personal information with the approval of 2. How to destroy it
Electronic file-type information uses a technical method that cannot play records.
Personal information printed on paper is crushed with a shredder or destroyed through incineration.


Article 8 (measures to ensure the safety of personal information)

is taking the following measures to ensure the safety of personal information.
1. Conduct regular self-audit
In order to secure stability related to personal information handling, we conduct our own audits regularly (once in a quarter).
2. Minimization and training of employees handling personal information
We are implementing measures to manage personal information by designating employees who handle personal information and minimizing it to those in charge.
3. Establishment and implementation of an internal management plan
For the safe processing of personal information, we have established and implemented an internal management plan.
4. Technical measures against hacking, etc.
ArteVIC Co., Ltd. ('arte-based asset-based transaction platform such as art') installs security programs to prevent personal information leakage and damage caused by hacking or computer viruses, periodically renews and inspects, and installs systems in externally controlled areas, monitors and blocks technically/physically.
5. Encryption of personal information
Users' personal information is encrypted, stored, and managed, so only they can know, and important data uses separate security functions such as encrypting files and transport data or using file lock functions.
6. Storage of access records and prevention of forgery
Records of access to the personal information processing system are stored and managed for at least one year, but personal information is added to more than 50,000 information subjects, or unique identification information or sensitive information is stored and managed for more than two years.
In addition, we use security functions to prevent forgery, theft, or loss of access records.
7. Restrict access to personal information
It takes necessary measures to control access to personal information through granting, changing, and canceling access to the database system that processes personal information, and controls unauthorized access from outside using the intrusion blocking system.
8. Use of a locking device for document security
Documents and auxiliary storage media containing personal information are stored in a safe place with locks.
Article 9 (Matters on installation, operation, and rejection of automatic personal information collection devices)

ArteVIC Co., Ltd. does not use "cookie," which stores information on the subject of information and calls it from time to time to time.


Article 10 (Personal Information Protection Officer)

① ArteVIC Co., Ltd. is in charge of personal information processing and designates a person in charge of personal information protection as follows for handling complaints and relief of damage related to personal information processing.
• ▶ Person in charge of personal information protection
• Name: Ham Moonsung
• Position: CEO
• Position: CEO
• Contact: 01064292456, hms@arte-vic.com, 0504-211-2456
※ It connects to the department in charge of personal information protection.
• ▶ Department of Personal Information Protection
• Department Name: Management Support Office
• Staff: Hong Soon Chul
• Contact: 010-9580-8061, schong6dan@gmail.com, 0504-211-2456
② The information subject may contact the personal information protection manager and the department in charge for all inquiries, complaints, and damage relief arising from using the service (or business) of Artev IC Co., Ltd. ArteVIC Co., Ltd. will respond and process inquiries from the data subject without delay.


Article 11 (request for personal information viewing)

The data subject may request the following department to view personal information pursuant to Article 35 of the Personal Information Protection Act.
will try to quickly process the data subject's personal information access request.
• ▶ Receipt of a request for access to personal information and processing department
• Department Name: Management Support Office
• Person in charge: Ham Moonsung
• Contact: 01064292456, hms@arte-vic.com, 0504-211-2456


Article 12 (How to remedy rights and interests)

In order to receive relief from personal information infringement, the data subject may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee and the Personal Information Infringement Report Center of the Korea Internet & Security Agency. In addition, please contact the institution below for reports and consultations of other personal information infringement.

1. Personal Information Dispute Mediation Committee: (without a national number) 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Report Center: (without a national number) 118 (privacy.kisa.or.kr)
3. Supreme Prosecutors' Office: (without a national number) 1301 (www.spo.go.kr)
4. National Police Agency: 182 (ecrm.cyber.go.kr)
Any person who has been infringed on rights or interests due to disposition or omission made by the head of a public institution may request an administrative trial as prescribed by the Administrative Appeals Act.
※ For more information on administrative trials, please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr).


Article 13 (change personal information processing policy)

① This personal information processing policy will take effect from December 17, 2021.
② You can check the previous personal information processing policy below.