Privacy Policy

‘Korea Ginseng Corporation' (“the Company”) respects the privacy of its customers and abides by the Act on the Promotion of Information and Communication Network Utilization and Information Protection. The Company informs you via our privacy policy of how and for what purpose your personal information is used, as well as the measures we take to protect your personal information. Should our privacy policy be revised, the Company will notify you via a notice on our website or an individual notice of the revision.

This policy will be effective starting May 2, 2019.



Article 1 | What personal information we collect and how we collect it

① What personal information we collect


Purpose of use and collection

Collected items

Retention/usage period

Required information

Membership subscription, service use and consultation

Identification and prevention of illegal use and adult authentication

Your name, date of birth, gender, mobile phone number, login ID, ID password, address, and email address

Deleted immediately upon membership withdrawal

- Your email address which is used as your membership ID is deleted from our database 6 months after your membership withdrawal to prevent its fraudulent use.

- Kept for 5 years if you have purchased our product

(As per the Consumer Protection Act in Electronic Commerce)

- Kept for 3 months in the case of IP addresses

(As per the Protection of Communications Secrets Act)

Your cookies, service use history (dates and times of your visits, IP addresses, bad use record), device information (unique device identifier and OS version), name-based connecting information (CI), and duplication information (DI)

Additional Information

User identification

Your name, date of birth, gender, mobile phone number, duplicate subscription information (DI), encrypted identification information (CI), and national/alien verification information.

Deleted immediately upon membership withdrawal

Cancellations and refunds

Your bank name and bank account number

Kept for 5 years

(As per the Consumer Protection Act in Electronic Commerce)


Recipient information (name, contact number, and address)

Optional information

Marketing and analysis

Your parental status, your children’s age and gender, and your interested brands, interested health history, family information (age and gender), and purpose of purchase (as a gift or for yourself)


Immediately deleted upon membership withdrawal or upon receipt of a request for information deletion or membership suspension.

* Unauthorized use refers to all of the following: unlawful and law-skirting acts such as impersonation, acts prohibited in the Terms and Conditions, and acts that illegally or semi-legally take advantage of the economic benefits of discount vouchers and promotion events provided by the Company, including deliberate repetition of signing up again after membership, withdrawal, and canceling purchases made.

* The above information can be used for statistical analysis of service use.


② Items collected for online non-member purchases: the buyer's name, contact number, email address, and residential address, and the recipient’s name, mobile phone number, landline number, and the shipping address, requests regarding delivery, service use history, cookies, and payment history.


③ Participant members (in events, campaigns)


Collection method

Collected items

Purpose of collection and use

Retention/usage period

Event entry

You either participate directly in an event by leaving a comment on the Company’s bulletin board or on the relevant social media page, or submit your membership information for the event via email.

Your name, social media ID, and membership ID

Winner selection

Collected information is destroyed within 30 days of the event/campaign’s termination.

Event wins

You directly enter your membership information via a message or comment to receive the prize.

Physical prizes: your name, contact number, and address. MMS gift vouchers (Gift show[hf1] ): your name and contact number. Membership points: your membership ID (email address), name, and contact number.

Delivery of prizes

* Participant members refer to members who have participated in an event or campaign launched by the Company either via the bulletin board on our website or our social media pages (Facebook, KakaoStory, Twitter, Instagram, Daum Cafe).


④ How we collect your personal information

a. Collection through the Company's’ Donginbi web store ( ).

b. Collection through delivery requests (you fill out the relevant information fields when placing a member or non-member order)

c. Collection of your payment information and point transaction information generated through your transactions with the Company


⑤ Action taken when we have entered false information

Members must ensure the accuracy and legitimacy of their personal information. If you enter false information through illegitimate means such as by stealing information from another person, the Company may report you to the relevant authorities under its legal obligations to do so and may forcibly withdraw your membership.



Article 2 | Purpose of collection and use of personal information

① The Company collects the minimum necessary amount of your personal information in order to provide you with our services for the following purposes:

Purpose of collection and use

• To use it for the identification process necessary for the provision of our membership services.

• To ensure a smooth communication avenue for notification, complaint handling

• To provide you with information on new services, new products, and events.

• To obtain accurate shipping information with regard to DM and the delivery of prizes, and orders.

• To generate statistical data for marketing and public relations and for customers analysis and service development.

• To use it as marketing material for promoting services and affiliated events run by the Company until such time as the purpose of collecting and using your personal information has been attained.


② We do not collect from you any sensitive personal information that may potentially violate your basic human rights.



Article 3 | Provision and sharing of personal information

① The Company uses your personal information only to the extent that we have specified in the “Personal Information Collection, Provision, and Usage Agreement.” In addition, when we provide your personal information, we do so thoroughly in accordance with the subparagraph.

② In the following cases, we can provide your personal information without your consent as specified in the provisions of relevant laws and regulations.

a. When your personal information is necessary to charge you money (or points) for your use of our services and subsequently to deliver your order.

b. When your personal information is provided after being processed into a form that renders your identify unrecognizable for purposes such as statistics generation, academic research, and market research.

c. When the provision of your personal information is required by law, or when there is a request for the provision of your personal information made by an investigation agency pursuant to the procedures and methods prescribed by law.



Article 4 | Retention, use, and disposal of personal information

① When the purpose of the collection or receipt of your personal information has been attained, the Company immediately disposes of your personal information. Your personal information will be disposed of in the following cases:

a. Membership information: when you have canceled or forfeited your membership.

* However, you will not be able to sign up for 3 months after the withdrawal of your membership, and the Company may keep the minimum amount of your personal information (gender, personally identifiable information) necessary to bar you from signing up again during the aforementioned period.

b. Shipping information: when your desired item or service has been delivered or provided.

c. If your personal information was collected for purposes such as surveys and events: when the survey or event has been terminated.

d. Identification information: When your identify has been authenticated.


② However, we can keep your personal information for a certain period of time if there is a need to do so for reasons such as confirmation of transaction-related management obligations as specified below in accordance with our internal policy and provisions of related laws, including commercial law.

Retained information

Retention period

Related laws

Records of payment, supply of goods

5 years

The Consumer Protection Act in e-commerce

Records of agreements made, subscription cancellations

5 years

The Consumer Protection Act in e-commerce

Records of consumer complaints/disputes processing

3 years

Records of advertisements and displays.

6 months

History of visiting the Company's website

3 months

The Protection of Communications Secrets Act



Article 5 | Third-party handling of personal information collected |

① To carry out our services, the Company outsources the following personal information handling tasks to specialist external companies:

a. Member information DB system (computer center): KGC

b. Feedback handling system management (customer complaint handling): Daeshin Network

c. Online event management:  Will Be Communications, and Astrape

d. Identity authentication service: Seoul Credit Rating Information Co., Ltd., Korea Mobile Authentication Co., Ltd.

e. Mobile phone message delivery: SureM, KT, Easyeye Soft, Will Be Communications, Humuson, and Netpathy

e. Donginbi web store management: Forbiz Korea

f. Logistics & product delivery: HanExpress, CJ Korea Express, Will Be Communications, and Korea Post EMS

g. Sales management system management: Sejung I&C

h. Provision of mobile membership (smart wallet) service (accumulation and use of points, and running various events and promotions): SK Planet Co. Ltd., KT, LG U +, MobiWorks (OKTouch), BNS works, Daum Kakao, MCO Plus (* 기업 안나옴), Samsung Pay, and PAYCO.

h. Consumer surveys: TNS Korea, Millward Brown, Gallop Korea, Research & Research, Hankook Research, GfK Korea, Panel Insight, Macromill Embrain, Global Research, KDN, and Insight Korea

I. Payment module operation: KCP and Eximbay


② To ensure the security of your personal information, when we sign an outsourcing agreement, we clearly stipulate that we will strictly observe directions and restrictions relating to personal information protection and take responsibility for any damage resulting from mishandling of personal information. In addition, we also keep the terms and conditions of such agreements on paper and digitally. If the name of our entrusted company has changed, we will post the new name on our privacy policy page.



Article 6 | Disposal of personal information

① Disposal procedure

- Once its purpose has been attained, the person information that you provided to us to join our membership is transferred to a separate database (a separate filing cabinet if it is in paper form), kept there for a certain period of time (see the information on retention/usage periods), and then disposed of according to our internal policy and other related laws and regulations for its protection.

- Once it has been transferred to a separate database, your personal information will not be used for purposes other than its retention, unless required by law.


② Disposal methods

a. Personal information printed on paper: Ground with a grinder or burned

b. Personal information stored in digital form: Deleted using a technical method that renders its restoration impossible.



Article 7 | What rights you and your legal representative have and how to exercise them

① You and your legal representative can view and modify your registered personal information at any time, as well as request to have your membership withdrawn.

a. Customer service center calls: after having your identity authenticated, you can view and modify your personal information, as well as cancel your membership.

b. At the Donginbi web store: after signing in, you can view and modify your personal information as well as cancel your membership by clicking “Edit Information”.

c. If you contact our personal information manager in writing, by phone, or by e-mail, we will take appropriate action without delay.

② After your personal information has been deleted or terminated at your or your legal representative’s request, the Company handles it in accordance with the retention/usage periods for personal information we collect and makes sure that it is not viewed or used for purposes other than those specified.



Article 8 | Use of cookies

① The Donginbi mall website and its social media pages (Facebook, Instagram, Kakao, QQ, Google, Twitter) use cookies, which recurrently locate and store information about you. A cookie is a small text file sent to your browser by the server that runs our website, and cookies are stored on your computer's hard disk.

② The Donginbi mall website and its social media pages (Facebook, Instagram, Kakao, QQ, Google, Twitter) use cookies for the following purposes:

a. As a tool with which to analyze data such as the access frequency and visiting times of members and non-members and figure out their tastes and interests.

b. To track information about you’re the items you have purchased and viewed so that we can provide you with personalized shopping services

c. To obtain data based on which we can figure out what events you have participated in and how many times you have visited our website and social media pages, thereby providing you with personalized information and differentiated opportunities to enter events.

d. You are free to choose whether or not to install cookies: you may choose to allow all cookies by configuring cookie settings in your web browser, or you may make it so that you are prompted for a choice every time a cookie is to be installed, or you can disable cookies altogether.

e. The Donginbi web store never identifies individuals based on the personal information we receive, and your personal information is deleted immediately after 6 months of its collection.

③ When you use our services via our mobile app, when there is a necessity to access your terminal information and so on, we notify you of that and ask for your consent. However, when you want to revoke your consent, you can do so by going to “Settings> Application Manager” in your app.


How to enable and disable cookies [based on Internet Explorer 6.0]


One. From the Tools menu, select Internet Options.

2. Click the Privacy tab.

3. Change the privacy settings to your desired level.

If you choose not to install cookies, you may find that certain sections of our website do not work properly.


1. Android: go to Settings> Google> Ads and disable Ads Personalization

2. iOS: go to Settings> Privacy> Advertising and enable Limit Ad Tracking.



Article 9 | Our personal information management department and managing personnel

For the protection of your personal information and for the handling of your personal information related complaints, the Company has designated relevant departments and managing personnel as follows:


① Donginbi official web store

- Personal information protection supervisor: Gidong Kwon (Security Center, Executive Director, 1588-2304)

- Personal information protection manager: Ingi Choi (Security Center, 1588-2304)

- Personal information protection handler: Juhee Park (Cosmetics Sales Department, Manager, 02-2189-3886 )


You can send all your personal information related complaints generated during your use of our services to the above personnel and departments. The Company assures you that we will respond promptly to your complaints. If you need to report or get advice regarding other privacy infringement cases, please contact the following organizations:

① Personal Dispute Resolution Committee (

② Information Protection Mark Certification Committee ( / 02-580-0533 ~ 4)

③ Supreme Prosecutors' Office’s Internet Crime Investigation Center (

④ National Police Agency's Cyber Terror Response Center (



Article 10 | Technological and administrative measures for personal information protection

① Technical measures

In handling your personal information, the Company takes the following technological measures to ensure its security, to prevent its loss, theft, leakage, and alteration, as well as damage to it.

a. We take preventive measures against the forgery or tampering of your access records.

b. We manages personal information via differential encryption: when we store or transmit a type of personal information, we apply the level of encryption required by relevant laws for that specific type.

c. We take measures to prevent damage from computer viruses by using vaccine programs. We also regularly update our vaccine programs to prevent infringement of your personal information.

d. We use security devices (SSL) that securely transmit the personal information on our network via cryptographic algorithms.

e. We seek to provide the security of your personal information by installing intrusion prevention systems on our network as a preventive measure against external intrusions.


② Administrative measures

a. The Company has established and is implementing internal management plans for the protection of your personal information.

b. The Company restricts access to personal information to the minimum necessary number of people. Such people include the following:

1. Those who deal directly with customers and perform consulting and CRM (marketing).

2. Those in charge of personal information management such as personal information supervisors and handlers.

3. Those who are inevitably required to handle personal information for work reasons.

c. The Company regularly conducts in-house training and outsourcing training on subjects such as acquirement of new security technologies and obligations to protect personal information for employees who handle personal information.

d. The Company has established internal procedures whereby new recruits to the Company are made to sign a confidentiality agreement to prevent human-induced leakage of personal information, and their observance of our privacy policy is monitored.

e. We ensures that when a personal information handler hands over their job to a replacement, it is done in a thoroughly secure manner and that our employees are clearly liable for any personal information related accidents happening after their joining or leaving the Company.

f. The Company has designated our computer room, data storage room, and the like as special protection zones to restrict access.

g. The Company is not responsible for anything that happens due to your mistakes or the nature of the Internet. For the protection of your personal information, you are responsible for properly managing your ID and password.

h. The Company will take appropriate measures and compensate you for any theft, leakage, alteration of or damage to your personal information caused by our internal manager's mistake or an accident on the part of technical management.


Article 11 Electronic disclosure of our privacy policy

In disclosing our privacy policy, the Company discloses it electronically in the manner prescribed by the Korea Communications Commission so that you can easily check its key points at any time via our website.



Article 12 | Duty of disclosure

As per government policy or company policy, when there has been an addition, deletion, or modification of our privacy policy, we will notify you of the change via our Donginbi official web store.

Privacy policy enforcement date: May 2, 2019