Privacy Policy


Article 1 (Purpose)

Golden Wayve Limited (hereinafter referred to as "the Company") establishes this Privacy Policy (hereinafter referred to as "this Policy") as follows to comply with the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (hereinafter referred to as the "Information Communications Network Act"), and other relevant laws to protect the personal information (hereinafter referred to as "Personal Information") of individuals (hereinafter referred to as "Users" or "Individuals") who use the services provided by the Company (hereinafter referred to as "Company Services") and to promptly and smoothly handle any complaints related to the protection of Personal Information of service users.


Article 2 (Principles of Processing Personal Information)

In accordance with relevant laws on personal information and this Policy, the Company may collect Users' Personal Information, which can be provided to third parties only with the Users' consent. However, in cases where it is legally required by regulations, the Company may provide Users' collected Personal Information to third parties without prior consent from the Individuals.


Article 3 (Disclosure of this Policy)

The Company makes this Policy available to Users so that they can easily check it at any time through the first screen of the Company’s website or a linked screen from the first screen. The Company ensures that Users can easily check this Policy by utilizing font size, color, etc., when disclosing this Policy as per Paragraph 1.


Article 4 (Amendment of this Policy)

This Policy may be amended due to changes in relevant laws, guidelines, notices related to personal information, or changes in the government or Company Service policies or content. When amending this Policy according to Paragraph 1, the Company will notify the Users by one or more of the following methods:

Posting a notice on the first screen of the internet homepage operated by the Company or through a separate window.

Notifying the Users through written documents, fax, email, or similar methods. The Company will notify the Users at least seven days before the implementation date of the amendment. However, in cases of significant changes to the rights of Users, the Company will notify them at least 30 days in advance.


Article 5 (Information for Identity Verification)

To verify the identity of the Users, the Company collects the following information:

Mandatory information: Email address


Article 6 (Information for Providing Company Services)

To provide Company Services to the Users, the Company collects the following information:

Mandatory information: ID, email address, and name


Article 7 (Methods of Collecting Personal Information)

The Company collects Users' Personal Information through the following methods:

The method where Users enter their Personal Information on the Company's website.

The method where Users enter their Personal Information through applications or services provided by the Company outside the website.

The method where Users enter their Personal Information during the use of Company Services, such as customer service consultations and activities on the bulletin board.


Article 8 (Use of Personal Information)

The Company uses Personal Information in the following cases:

When necessary for the operation of the Company, such as delivering notices.

When responding to inquiries, handling complaints, and improving services for Users.

When providing Company Services.

When taking measures and sanctions to prevent and penalize activities that hinder the smooth operation of services, including violations of laws and Company terms by Users, and fraudulent use.


Article 9 (Retention and Use Period of Personal Information)

The Company retains and uses Users' Personal Information for the period necessary to achieve the purposes of collecting and using Personal Information. Notwithstanding the preceding paragraph, the Company retains records of fraudulent use of services to prevent fraudulent sign-ups and use for up to one year from the time of account termination.


Article 10 (Retention and Use Period of Personal Information According to Laws)

The Company retains and uses Personal Information in accordance with relevant laws as follows:

Information retained according to the Act on Consumer Protection in Electronic Commerce, etc.:

Records on contracts or withdrawal of subscription: 5 years

Records on payment and supply of goods: 5 years

Records on consumer complaints or dispute resolution: 3 years

Records on display/advertising: 6 months

Information retained according to the Protection of Communications Secrets Act:

Website log records: 3 months

Information retained according to the Electronic Financial Transactions Act:

Records on electronic financial transactions: 5 years

Information retained according to the Act on the Protection and Use of Location Information:

Records on personal location information: 6 months


Article 11 (Principle of Personal Information Destruction)

In principle, the Company destroys Users' Personal Information without delay when the purpose of processing Personal Information is achieved, or the retention and use period has elapsed.


Article 12 (Procedure for Destroying Personal Information)

The information entered by Users for membership registration, etc., is transferred to a separate database (DB) (in the case of paper, a separate document box) after the purpose of processing Personal Information is achieved and is stored for a certain period according to internal policies and other relevant laws (refer to the retention and use period) before being destroyed. The Company destroys Personal Information that requires destruction through the approval process of the Personal Information Protection Officer.


Article 13 (Method of Destroying Personal Information)

The Company destroys electronic file-type Personal Information using technical methods that prevent the records from being recovered, and paper documents containing Personal Information are shredded or incinerated.


Article 14 (Measures for Sending Advertising Information)

The Company obtains explicit prior consent from Users when sending advertising information for commercial purposes using electronic transmission media. However, in the following cases, prior consent is not required:

When the Company collects contact information directly from the recipient through transactions of goods, and it sends advertising information about similar goods for commercial purposes within six months from the date the transaction ended.

When a telemarketing seller under the Act on Door-to-Door Sales, etc., verbally informs the recipient of the source of Personal Information and makes telemarketing calls.

Despite the preceding paragraph, the Company does not send advertising information for commercial purposes if the recipient expresses their refusal to receive it or withdraws their prior consent and informs the result of processing the refusal or withdrawal. The Company obtains separate prior consent from the recipient when sending advertising information for commercial purposes using electronic transmission media between 9 PM and 8 AM. When sending advertising information for commercial purposes using electronic transmission media, the Company specifies the following in the advertising information:

The company name and contact information

Details regarding how to express the intention to refuse receiving or withdraw consent for receiving advertising information

When sending advertising information for commercial purposes using electronic transmission media, the Company does not take any of the following measures:

Measures to evade or interfere with the recipient's refusal to receive or withdrawal of consent for receiving advertising information

Measures to automatically generate the recipient's contact information (phone number, email address, etc.) by combining numbers, symbols, or characters

Measures to automatically register phone numbers or email addresses for the purpose of sending advertising information for commercial purposes

Measures to hide the identity of the sender of advertising information or the source of advertising information

Measures to deceive the recipient to induce a response for the purpose of sending advertising information for commercial purposes


Article 15 (Protection of Children's Personal Information)

The Company only allows Users aged 14 years or older to register for membership to protect the Personal Information of children under 14 years old. Despite Paragraph 1, if a User is under 14 years old, the Company obtains consent for the collection, use, and provision of Personal Information from the legal representative of the child. In the case of Paragraph 2, the Company collects additional information such as the name, date of birth, gender, duplicate registration confirmation information (ID), and mobile phone number of the legal representative.


Article 16 (User Obligations)

Users must keep their Personal Information up to date, and the responsibility for problems arising from inaccurate information input by Users lies with the Users themselves. In the case of membership registration using another person's Personal Information, the User may lose their membership qualifications or be punished under relevant Personal Information protection laws. Users are responsible for maintaining the security of their email addresses, passwords, etc., and cannot transfer or lend them to third parties.


Article 17 (Installation, Operation, and Rejection of Automated Personal Information Collection Devices)

The Company uses cookies, which are automated Personal Information collection devices, to provide personalized services to Users. Cookies are small amounts of information sent by the server (http) used to operate the website to the User's web browser (including PC and mobile) and stored in the User's storage space. Users have the option to allow or reject the installation of cookies. Therefore, Users can set options in their web browser to allow all cookies, go through confirmation each time cookies are saved, or refuse to save all cookies. However, if Users refuse to save cookies, they may face difficulties using some services of the Company that require login.


Article 18 (Remedies for Rights Infringement)

Data subjects can apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency’s Personal Information Infringement Report Center, and other organizations to receive remedies for Personal Information infringement. For other inquiries about reporting and consulting on Personal Information infringement, please contact the following agencies:

Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)

Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)

Supreme Prosecutors’ Office: 1301 (www.spo.go.kr)

Police Department: 182 (ecrm.cyber.go.kr)

The Company ensures the protection of the data subjects’ right to self-determination of Personal Information and strives for consultation and remedies for Personal Information infringement. If you need to report or consult, please contact the department in charge mentioned in Paragraph 1. In accordance with Articles 35 (Access to Personal Information), 36 (Correction or Deletion of Personal Information), and 37 (Suspension of Processing of Personal Information) of the Personal Information Protection Act, if the rights or interests of the data subject are infringed upon by the actions or inactions of the head of a public institution, the data subject may request an administrative trial under the Administrative Appeals Act.

Central Administrative Appeals Commission: 110 (www.simpan.go.kr)

Supplementary Provisions


Article 19: This Policy shall be effective from August 5, 2024.