Privacy policy.

Composition (hereinafter referred to as the “Company”) values your personal information and complies with the Act on the Promotion of Information and Communications Network Utilization and Information Protection.
Through our Privacy Policy, we will inform you of the purpose and manner in which the personal information you provide is used and what measures are being taken to protect your personal information.

What personal information we collect and how we collect it
A. Items of personal information we collect
o The Company collects the following personal information for membership, consultation, service application, etc.
- When registering: Name, date of birth, gender, login ID, password, home phone number, mobile phone number, email, legal representative's information for members under 14 years old
- When applying for services: address, payment information

o Service usage records, access logs, cookies, access IP, payment records, and misuse records may be generated and collected in the course of service use or business processing.

B. Collection Methods
- Website, written forms, message boards, email, event entries, shipping requests, phone, fax, and generated information collection tools

Purpose of collecting and using personal information
We use the personal information we collect for the following purposes.
o Performance of the contract for the provision of the Services and settlement of charges for the provision of the Services
Provide content, make purchases and payments, deliver goods or send invoices, authenticate financial transactions, and provide financial services
o Manage members
Confirmation of identity, personal identification, prevention of unauthorized use by rogue members, confirmation of intention to join, confirmation of age, confirmation of consent of legal representative when collecting personal information of children under 14 years of age, handling of complaints, and delivery of notices
o Utilize for marketing and advertising
To deliver advertising information such as events, to understand the frequency of access, or to provide statistics about your use of the Service

Retention and use period of personal information
In principle, after the purpose of collecting and using personal information is fulfilled, the information is destroyed without delay. However, the following information is retained for a specified period of time for the following reasons.

A. Reasons for Retaining Information Based on Company Internal Policy
Even if the member has withdrawn, we may retain the member's information for a period of oo years from the date of termination to prevent the recurrence of unauthorized use by bad members, resolve disputes, and cooperate with investigative agencies.

B. Reasons for retaining information under applicable laws
If it is necessary to preserve member information in accordance with the provisions of related laws such as the Act on Consumer Protection in Electronic Commerce, the Company shall keep member information for a certain period of time as prescribed by related laws as follows.
o Records relating to contracts or subscription withdrawals, etc.
-Retained for: Consumer Protection in Electronic Commerce Act
-Shelf life: 5 years
o Records about payments and the supply of goods and other things
-Retained for: Consumer Protection in Electronic Commerce Act
-Shelf life: 5 years
o Records of consumer complaints or dispute handling
-Retained for: Consumer Protection in Electronic Commerce Act
-Shelf life: 3 years
o Log history
-Rationale for retention: Communications Privacy Act
-Shelf life: 3 months

Procedures and methods for destroying personal information
In principle, the Company destroys personal information without delay after the purpose of collecting and using it has been fulfilled. The procedure and method of destruction are as follows.
o Destruction procedures
The information you enter for membership, etc. is transferred to a separate DB (separate filing cabinet in case of paper) after the purpose is fulfilled and stored for a certain period of time (see Retention and Usage Period) in accordance with the internal policy and other relevant laws and regulations, and then destroyed.
Personal information moved to a separate DB will not be used for any purpose other than that for which it was retained, unless required by law.
o Destruction method
Personal information stored in electronic files is deleted using technical methods that make the records unrecoverable.

Providing personal information
In principle, we do not provide your personal information to outside parties, except in the following cases.
o Users have given informed consent
o When required by law or by a law enforcement agency for investigative purposes in accordance with the procedures and methods prescribed by law.

Consignment of collected personal information
The Company entrusts external specialized companies as follows to fulfill the service.
o Consignment to: [Courier name].
o Contents of consignment: [Contents of consignment to courier company]

o Outsourced to: [PG Company Name]
o Consignment contents: [Consignment contents of PG company]

Rights of users and their legal representatives and how to exercise them
o You may view or correct your personal information on file at any time, and may request to unsubscribe.
o To view or modify personal information of users, click “Change Personal Information” (or “Modify Member Information”), and to cancel membership (withdraw consent), click “Withdraw Membership” after going through the identity verification procedure.
o Alternatively, you can write, call or email our Privacy Officer and we will act without delay.
o If you request the correction of errors in your personal information, we will not use or provide such personal information until the correction is completed. In addition, if we have already provided incorrect personal information to a third party, we will notify the third party without delay of the results of the correction process so that the correction can be made.
o The Company handles personal information that has been terminated or deleted at the request of the user as specified in the “Retention and Use Period of Personal Information Collected by the Company” and does not allow access or use for any other purpose.

■ Installation, operation, and rejection of automatic personal information collection devices
We use “cookies” to store and retrieve information about you from time to time. A cookie is a very small text file that is sent to your browser by the server used to operate the website and is stored on your computer's hard disk.
The Company uses cookies for the following purposes.
o Purpose of use, including cookies
1. Provide targeted marketing and personalized services by analyzing the access frequency and visiting time of members and non-members, identifying users' tastes and interests, tracking their traces, and identifying the degree of participation in various events and the number of visits.
2. you have a choice about the installation of cookies; therefore, you can accept all cookies, confirm each time a cookie is stored, or refuse to store all cookies by setting options in your web browser.
o How to refuse cookie settings
1. You can refuse to set cookies by selecting the options in your web browser to either accept all cookies, confirm each time a cookie is saved, or refuse to save all cookies.
2. Example of how to set up (for Internet Explorer): Tools > Internet Options > Privacy at the top of your web browser
3. However, if you refuse to install cookies, we may have difficulty providing the Service.

Civil service regarding personal information
In order to protect your personal information and handle complaints related to personal information, the Company has designated the relevant departments and the person in charge of personal information protection as follows.
o Privacy Officer
Name: Byungkyu Yoo
Belongs to: Composition
Tel: 010-4433-5922
Email: yellow@dhara.day

o You may report any complaints related to personal information protection arising from the use of the Company's services to the person in charge of personal information protection or the department in charge.
o We will provide you with a prompt and sufficient response to your report.
o If you need to report or consult about other privacy violations, please contact the following organizations.
Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code)
Cybercrime Investigation Unit of the Supreme Prosecutor's Office (www.spo.go.kr / 02-3480-2000)
National Police Agency Cyber Safety Bureau (www.ctrc.go.kr/ 182) without area code