trollygo
language language_down
trollygo
stx_mark
top_btn TOP
Privacy Policy

Privacy Policy

Privacy Policy

Chapter 1 General Provisions

 

Article 1 (Overview)

STX ECO (hereinafter referred to as the “Company”) establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act and Article 27-2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., to protect members’ personal information and to handle related complaints promptly and smoothly.
The Company places the utmost importance on the protection of members’ personal information and complies with relevant laws and subordinate statutes such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
Through this Privacy Policy, the Company informs members how the personal information they provide is used and processed, and what measures are being taken to protect such information.
The Company has established procedures whereby members can click the “Agree” or “Disagree” buttons with respect to the collection and use of personal information or the terms of service on the site. If a member clicks the “Agree” button, it shall be deemed as consent to the collection of personal information.
The Company may amend this Privacy Policy in the event of changes due to revisions of relevant laws, internal policies, or changes to the site. In such cases, the Company will notify members through the site.

 

Article 2 (Contents of the Privacy Policy)

Purpose of processing personal information

Processing and retention period of personal information

Provision of personal information to third parties

Entrustment of personal information processing

Rights and obligations of members and their legal representatives, and methods of exercising them

Items of personal information processed and collection methods

Destruction of personal information

Measures to ensure the safety of personal information

Installation, operation, and rejection of automatic personal information collection devices

Personal Information Protection Officer

Request for access to personal information

Remedies for infringement of rights

Changes to the Privacy Policy

 

Chapter 2 Details of the Privacy Policy

 

Article 3 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes.
The personal information being processed shall not be used for purposes other than those specified below. If the purpose of use is changed, the Company will take the necessary measures required by law, including obtaining separate consent in accordance with Article 18(3) of the Personal Information Protection Act and Article 22(1) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

 

Article 4 (Processing and Retention Period of Personal Information)

The Company retains and uses personal information within the period of retention and use as stipulated by law or within the period agreed upon by members at the time of collection. The specific periods of retention and use for each type of personal information are as follows:

Member personal information: Until the purpose of collection is achieved or until the member withdraws consent

Information related to the provision of goods or services: For five (5) years after the termination of the supply contract and settlement relationship

 

Article 5 (Provision of Personal Information to Third Parties)

The Company processes members’ personal information only within the scope disclosed in Article 3 (Purpose of Processing Personal Information). Personal information will only be provided to third parties in cases where the member has consented, where special provisions exist under the law, or in circumstances that fall under Article 17 and Article 18 of the Personal Information Protection Act or Article 24-2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

 

Article 6 (Entrustment of Personal Information Processing)

The Company entrusts the processing of personal information as follows in order to ensure smooth handling of personal information tasks.

When entering into an entrustment contract, the Company specifies in the contract or other documents the matters concerning the prohibition of processing personal information for purposes other than the performance of entrusted tasks, implementation of technical and managerial protective measures, restrictions on re-entrustment, management and supervision of the trustee, liability for damages, etc., in accordance with Article 26 of the Personal Information Protection Act and Article 25 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.. The Company also supervises whether the trustee processes personal information safely.

If there is any change in the details of the entrusted tasks or in the trustee, the Company will disclose such changes without delay through this Privacy Policy.

 

Article 7 (Rights and Obligations of Members and Legal Representatives, and Methods of Exercising Them)

Members may, at any time, exercise the following rights related to the protection of personal information with respect to the Company:

Request for access to personal information

Request for correction if there are errors, etc.

Request for deletion

Request for suspension of processing

The exercise of rights under Paragraph 1 may be made to the Company in writing, by email, or by facsimile (FAX) in accordance with Form No. 8 of the Enforcement Rules of the Personal Information Protection Act, and the Company will take action without delay.

If a member requests correction or deletion of errors in their personal information, the Company will not use or provide the relevant personal information until the correction or deletion is completed.

The exercise of rights under Paragraph 1 may be carried out through the member’s legal representative or an authorized agent. In such cases, a power of attorney in accordance with Form No. 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.

Members must not infringe upon the personal information or privacy of the Company, other members, or third parties by violating relevant laws such as the Personal Information Protection Act.

 

Article 8 (Items of Personal Information Processed and Methods of Collection)

The Company processes the following items of personal information:

During the course of using Internet services, the following information may be automatically generated and collected:
IP address, cookies, MAC address, service usage records, visit records, records of improper use, etc.

The Company collects personal information by the following method:

Automatically generated during the course of using Internet services

 

Article 9 (Destruction of Personal Information)

The Company destroys personal information without delay when the retention period has expired, the processing purpose has been achieved, or the personal information has otherwise become unnecessary.

If personal information must continue to be preserved in accordance with other laws despite the expiration of the retention period consented to by the member or the achievement of the processing purpose, such personal information will be stored in a separate database (DB) or preserved in a different storage location.

The procedures and methods for destroying personal information are as follows:

Destruction Procedure: The Company selects personal information for which the reason for destruction has occurred, obtains approval from the Personal Information Protection Officer, and then destroys the information.

Destruction Method: Personal information recorded and stored in electronic file format is permanently deleted so that the records cannot be restored, and personal information recorded and stored on paper documents is shredded with a shredder or incinerated for destruction.

 

Article 10 (Measures to Ensure the Security of Personal Information)

The Company takes the following administrative, technical, and physical measures to ensure the security of members’ personal information:

Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.

Technical measures: Management of access rights to personal information processing systems, installation of access control systems, encryption and forgery/alteration prevention of unique identification information, installation and updating of security programs, etc.

Physical measures: Control of access through the establishment of computer rooms, data storage rooms, and installation of locking devices, etc.

 

Article 11 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)

The Company uses “cookies” that store and retrieve user information from time to time in order to provide users with personalized services.

A cookie is a small piece of information that the server (http) operating the website sends to the user’s computer browser, and it may be stored on the user’s PC hard disk.

Purpose of using cookies: Cookies are used to identify the services and websites visited and used by the user, search keywords, whether secure access has been established, etc., in order to provide optimized information to the user.

Installation, operation, and rejection of cookies: Users can refuse the storage of cookies by selecting the appropriate option in the privacy menu under Tools > Internet Options at the top of the web browser.

If the storage of cookies is refused, difficulties may arise in the use of customized services.

 

Article 12 (Personal Information Protection Officer)

The Company designates the following Personal Information Protection Officer who is responsible for overseeing the processing of personal information and for handling complaints and remedying damages related to personal information:

 

Personal Information Protection Officer

Name: Hong Gil-dong

Position: Website Administrator

Phone: +82-51-461-2000

 

Members may direct all inquiries, complaints, requests for remedy, or other matters related to personal information protection arising from the use of the Company’s services to the Personal Information Protection Officer and the responsible department. The Company will respond to and handle members’ inquiries without delay.

 

Article 13 (Request for Access to Personal Information)

Members may request access to their personal information pursuant to Article 35 of the Personal Information Protection Act and Article 30(2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. through the department specified in Article 12(1). The Company will endeavor to ensure that requests for access to personal information by members are handled promptly.

 

Article 14 (Remedies for Infringement of Rights)

Members may contact the following agencies for relief, consultation, or other inquiries regarding personal information infringement:

Personal Information Infringement Report Center (http://privacy.kisa.or.kr
/ Tel: 118)

Supreme Prosecutors’ Office Cyber Crime Investigation Division (http://www.spo.go.kr
/ Tel: 1301)

National Police Agency Cyber Bureau (https://ecrm.cyber.go.kr
/ Tel: 182)

 

This Privacy Policy shall take effect as of August 19, 2025.