privacy policy
1. Personal information refers to information about a living individual that can identify the individual through information contained in the information, such as name and resident registration number (even if the information alone cannot identify a specific individual, it includes information that can be easily combined with other information to identify the individual).
2. Yanolja F&B Solution Co., Ltd. (hereinafter referred to as the "Company") places great importance on protecting your personal information and complies with the Personal Information Protection Regulations of the Personal Information Protection Act. Through its Personal Information Processing Policy, the Company informs you of how and for what purpose the personal information you provide is used, as well as the measures taken to protect your personal information.
3. This Privacy Policy may be subject to change due to changes in government laws or guidelines, or to provide better service. In such cases, the Company will post notices on its website or notify users via email.
4. The company has taken steps to ensure that users can easily view the personal information processing policy at any time by disclosing it on the website's home screen or a screen linked to the home screen.
5. The company has established procedures necessary to revise the personal information processing policy to continuously improve it.
Article 1 (Purpose)
Article 2 (Consent to and Method of Collection of Personal Information)
1. The Company has established a procedure where users can click "Agree" or "Disagree" regarding the Company's consent form or Terms of Use. Clicking "Agree" is considered consent to the collection of personal information. However, the Company may collect and use personal information without consent in any of the following cases:
1) In cases where it is clearly difficult to obtain consent for personal information necessary to fulfill a contract for the provision of information and communication services due to economic or technical reasons.
2) When necessary for billing purposes for provision of information and communication services.
3) In other cases where there are special provisions in the law
4) In cases where it is clearly difficult to obtain consent for personal information necessary to perform a contract due to economic or technical reasons.
- Service usage history, IP address, access log, browser version
5) If there is a reasonable connection to the purpose of collection, there is no disadvantage to the data subject, and safety measures have been applied.
- Relevance to the original collection purpose
- The predictability of further use of personal information in light of the circumstances of collection or processing practices.
- Whether the interests of the data subject have been violated
- All necessary measures to ensure security, such as pseudonymization or encryption, are taken into consideration when making a decision.
2. When the company collects personal information, it must notify the user in advance and obtain consent, and collect personal information through the following methods.
1) When a user agrees to the collection of personal information and directly enters information during the process of registering as a member or using the service on the website.
2) When personal information is provided from affiliated services or organizations, etc.
3) In case of consultation through customer center via KakaoTalk, phone, etc.
4) In case of events held online or offline
Article 3 (Purpose of collection/use of personal information, collected items, etc.)
1) Member
1. The company collects and uses the minimum amount of personal information necessary and legally processes and retains it.
classification
Purpose of collection and use consent
item
Retention and use period
Required information
Contract performance and service provision, consultation, complaint and civil affairs processing, notification and guidance delivery, service usage performance statistics and analysis, prevention of illegal and fraudulent use, development of new services and service improvement
(Required) Mobile phone number (e-mail address for foreigners), service usage information (when entered by user), name
Upon withdrawal of consent or withdrawal, the information will be destroyed without delay. However, if it is necessary to preserve the information in accordance with relevant laws and regulations, the information will be stored for the period required by the relevant laws and regulations.
Required information (for identity verification)
Contract performance and service provision, consultation, complaint and civil affairs processing, notification and guidance delivery, service usage performance statistics and analysis, prevention of illegal and fraudulent use, development of new services and service improvement
Name, email address, CI (linked information)
Upon withdrawal of consent or withdrawal, the information will be destroyed without delay. However, if it is necessary to preserve the information in accordance with relevant laws and regulations, the information will be stored for the period required by the relevant laws and regulations.
Optional information
Providing information on personalized product service benefits, combining and analyzing statistics, analytics, and usage history information, providing information at the request of the company or store, and sending promotions and events.
Mobile phone number (not applicable to foreigners), name, email address
Upon withdrawal of consent or withdrawal, the information will be destroyed without delay. However, if it is necessary to preserve the information in accordance with relevant laws and regulations, the information will be stored for the period required by the relevant laws and regulations.
2) Affiliate stores
classification
Purpose of collection and use consent
item
Retention period
Required information
Performance of contracts and provision of services, settlement, billing, collection, consultation, complaint handling, and notification
Business information (business name, representative name, business registration number, representative contact information, email address), store information (store name (branch name), contact name, store phone number, contact information, store address), tax invoice information (contact name, email address, contact information), consultation content and personal information required for consultation, name, gender, password, mobile phone number, email address, residence, date of birth, CI (linked information)
Until the end of the contract. However, if preservation is required by relevant laws and regulations, the information will be kept until the period required by the relevant laws and regulations.
Required information (when applying for Toss payment)
Performance of contracts and provision of services, settlement, billing, collection, consultation, complaint handling, and notification
Name, email address, payer number (date of birth or business registration number), credit card number, credit card expiration date, first two digits of password
Required information (when applying for CMS automatic payment)
Performance of contracts and provision of services, settlement, billing, collection, consultation, complaint handling, and notification
account transfer
Applicant information (name, business name, contact information, mobile phone number), financial information (bank name, depositor name, account number, business registration number, depositor mobile phone number)
Apply for credit card payment
Name, mobile phone number, payer number (date of birth or business registration number), credit card number, credit card expiration date, first two digits of password, email address
Stored for 5 years after cancellation of automatic transfer application
3) Member information collected and used in accordance with laws and regulations
Information held
보유 기간
근거 법령
계약 또는 청약철회 등에 관한 기록
5 년
전자상거래 등에서의 소비자보호에 관한 법률
대금결제 및 재화 등의 공급에 관한 기록
5 년
전자상거래 등에서의 소비자보호에 관한 법률
소비자의 불만 또�는 분쟁처리에 관한 기록
3년
전자상거래법 등에서의 소비자보호에 관한 법률
표시•광고에 관한 기록
6개월
전자상거래 등에서의 소비자보호에 관한 법률
웹사이트 방문 기록
3개월
Communications Secrets Protection Act
2. We do not collect sensitive personal information (race and ethnicity, ideology and beliefs, place of origin and residence, political orientation and criminal record, medical information, etc.) that may infringe upon the fundamental human rights of users.
3. User personal information is used only for the period of service provision, starting from the time of service use. If a user requests membership withdrawal (withdrawal of consent), withdraws consent to the collection and use of provided personal information, or if the purpose of collection and use is achieved or the retention and use period expires, the user's personal information will be destroyed without delay.
1) Personal information printed on paper: Shred or incinerate.
2) Personal information stored in electronic file format: Deleted using a technical method that renders the records unreusable.
4. If a user requests to view transaction information, etc. held with the user's consent, the company will take steps to enable the user to confirm the details without delay.
5. All personal information collected by the company for service provision is transmitted to a data center located in the Seoul region of AWS (Amazon Web Services) using secure encrypted communication from the collection stage, and is stored for the retention period specified in the privacy policy. Cloud security can be verified through international certification programs acquired by AWS, and the shared responsibility document between the company and its cloud provider, AWS, can be found at this link ( https://aws.amazon.com/ko/compliance/shared-responsibility-model/ ).
Article 4 (Matters concerning the installation and operation of automatic personal information collection devices and their refusal)
1. Cookies are small pieces of information that a website sends to a member's browser (Internet Explorer, Chrome, Firefox, or other mobile browsers). The company uses "cookies" to store and periodically retrieve information about members. Cookies identify a member's computer or mobile device, but do not personally identify the member. Members also have a choice regarding cookies.
2. Example of how to set cookies
1) Internet Explorer: Tools menu at the top of the web browser > Internet Options > Privacy > Settings
2) Chrome: Settings menu at the top right of the web browser > Show advanced settings at the bottom of the screen > Content settings button under Privacy > Cookies
3) Edge: Dotted menu (...) in the upper right corner of the web browser > Settings > Update & Security > Cookies
3. The company uses cookies to provide optimized information to users, such as visits and usage patterns of the website visited by the user.
Article 5 (Consent to Provision of Personal Information to Third Parties)
1. The Company uses members' personal information within the scope specified in Article 3 (Purpose of Collection/Use of Personal Information, Collection Items, etc.) and does not use it beyond this scope or provide it to other individuals, companies, or organizations. However, the Company will provide personal information to third parties only after notifying members of the recipients of the information, the purpose of provision, the items provided, and the period of use and retention, as described below.
Recipient
Purpose of provision
Items provided
Retention and use period
Stores that have signed up for the Now Waiting service
(member store)
Execution of contracts and provision of services, confirmation of user and usage information, resolution of consumer disputes such as complaint handling, and confirmation of sales statistics
(Required) Mobile phone number (e-mail address for foreigners), service usage information (when entered by user), name
Upon withdrawal of consent or withdrawal, the information will be destroyed without delay. However, if it is necessary to preserve the information in accordance with relevant laws and regulations, the information will be stored for the period required by the relevant laws and regulations.
Credit Finance Association
Check card sales and deposit information
ID, password
Until the purpose of use is achieved
2. Notwithstanding the preceding paragraph, the following cases are exceptions:
1) In cases where there are special provisions in the law or it is unavoidable to comply with statutory obligations.
2) In cases where the information subject or his/her legal representative is unable to express his/her intention or where prior consent cannot be obtained due to unknown address, etc., and it is clearly deemed necessary to protect the urgent life, body, or property interests of the information subject or a third party.
3) When necessary for billing purposes for the provision of information and communication services.
4) If there is a reasonable connection to the purpose of collection, there is no disadvantage to the data subject, and safety measures have been applied.
- Relevance to the original collection purpose
- The predictability of additional use or provision of personal information in light of the collection circumstances or processing practices.
- Whether the interests of the data subject have been violated
- All necessary measures to ensure security, such as pseudonymization or encryption, are taken into consideration when making a decision.
Article 6 (Access and correction of personal information)
1. Users may view or correct their registered personal information at any time. To correct personal information, please contact the Personal Information Protection Officer by phone or email, and we will take action without delay.
2. If a user requests correction of errors in personal information, the personal information will not be used or provided until the correction is complete.
3. If incorrect personal information has already been provided to a third party, we will promptly notify the third party of the results of the correction process and take steps to correct the information.
Article 7 (Withdrawal of consent)
1. Members may withdraw their consent to the collection, use, and provision of personal information, provided through membership registration or other means, at any time. To withdraw consent, visit the Now Waiting website > "Confirm Consent to Collection of Personal Information and Marketing" or contact the Personal Information Protection Officer. We will take necessary measures, including deleting your personal information. If you withdraw your consent and take other measures, such as destroying your personal information, we will notify you without delay.
2. The company will take necessary measures to make it easier to withdraw consent to the collection of personal information (cancel membership) than the method used to collect personal information.
1. Technical measures: When processing users' personal information, the company implements the following technical measures to ensure the security of personal information and prevent it from being lost, stolen, leaked, altered, or damaged.
1) The company uses antivirus software to prevent damage caused by computer viruses. Antivirus software is updated regularly, and in the event of a sudden virus outbreak, antivirus software is provided as soon as it becomes available, preventing personal information from being compromised.
2) The company uses a security device (SSL) that uses an encryption algorithm to safely transmit personal information over the network.
3) To prepare for external intrusions such as hacking, we are taking every precaution to ensure security by using intrusion prevention systems and vulnerability analysis systems on each server.
2. Management measures
1) The company limits access to your personal information to a minimum number of individuals. These individuals are as follows:
(1) A person who performs marketing work directly with users
(2) A person who handles customer complaints and inquiries
(3) Persons performing personal information management duties, such as personal information protection managers and staff members.
(4) Other persons for whom the processing of personal information is unavoidable for business purposes
2) We have established internal procedures to prevent information leaks in advance by requiring all employees to sign a security pledge upon joining the company, and to audit the implementation of the personal information processing policy and employee compliance.
3) The transfer of duties of personal information processors is carried out thoroughly while maintaining security, and responsibility for personal information accidents before and after employment is clearly defined.
4) We are striving to immediately correct and rectify any issues discovered by checking the implementation of the personal information processing policy and compliance of those in charge through the in-house personal information protection organization.
5) The company is not responsible for any incidents that occur due to user error or basic internet risks. Each member must properly manage their ID and password to protect their personal information and assume responsibility for doing so.
6) If personal information is lost, leaked, altered, or damaged due to an internal manager's mistake or a technical management accident, the company will immediately notify you of the fact and take appropriate measures and compensation.
Article 8 (Technical and administrative measures for personal information protection)
Article 9 (Link Site)
The Company may provide users with links to other companies' websites or resources. In such cases, the Company has no control over these external websites and resources, and therefore cannot be held responsible for or guarantee the usefulness of the services or resources provided. If you click on a link contained within the Company and are transferred to another site, the privacy policy of that site is unrelated to the Company, so please review the policy of the site you visit.
Article 10 (Entrustment of Personal Information Processing)
The company may entrust the collection, processing, management, etc. of users' personal information to external parties to improve its services.
1. When entrusting the processing of personal information, we will notify users in advance of the entrusted agency and the fact through our website. However, when entrusting work to promote or solicit sales of goods or services, we will notify users individually via email. However, if the company is unable to notify you of the details of the entrusted work and the entrustee through written or email methods due to no fault of our own, we will post the relevant information on our website for at least 30 days.
2. In the case of entrusting the processing of personal information, we will clearly stipulate through an entrustment contract, etc., the service provider's strict adherence to instructions related to personal information protection, confidentiality of personal information, prohibition of provision to third parties, liability in case of accidents, entrustment period, return or destruction of personal information after completion of processing, etc., and keep the contents of the contract in writing or electronically.
3. The company's personal information processing agencies and the details of the entrusted work are as follows.
Trustee (sub-trustee)
Entrusted work details (sub-entrusted work details)
Kakao, Sweet Tracker Inc.
Message sending related services
KG Inicis, Korea Information & Communication Corporation, KS Net, Hyosung FMS Co., Ltd., Toss Payments Co., Ltd.
Electronic payment service
Bigsolon Co., Ltd., OnDemand Solutions Co., Ltd., E-Furniture Woodworker Co., Ltd., My Warehouse Co., Ltd., Sungwon Adpia Co., Ltd., Jooeun Information Systems Co., Ltd., BGF Post Co., Ltd.
Product delivery, product installation, returns, refunds
K-Biz Market Co., Ltd.
Service introduction consultation and installation
Link Hub
Issuance of tax invoice
Yanolja Co., Ltd., Wall & Vision (Yanolja Co., Ltd. trustee)
Customer Service
Channel Corporation, Kakao Corporation (Channel Corporation trustee)
System operation for customer consultation (chat) service
Beeple Co., Ltd.
System operation for customer consultation (chat) service
1. Please ensure your personal information is accurate and up-to-date to prevent any unexpected accidents. You are solely responsible for any accidents resulting from inaccurate information. Entering false information, such as stealing someone else's information, may result in the loss of your membership.
2. Users have the right to have their personal information protected, but they also have a responsibility to protect themselves and not infringe on the information of others. Please be careful not to leak your personal information, including your password, and avoid damaging the personal information of others, including posts. Failure to fulfill this responsibility and damaging the information and dignity of others may result in punishment under the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., and the Personal Information Protection Act.
Article 11 (User Rights and Obligations)
Article 12 (Collection of opinions and handling of complaints)
1. The company values users' opinions, and users have the right to receive honest answers to their questions at all times.
2. The company operates a customer center to ensure smooth communication with users. Contact information is as follows.
[customer service center]
- Email: fnbsolution@yanolja.com
- Phone number: 1522-5954
3. If you need any other consultation regarding personal information, you may contact the company via the email address above. If you need to report or consult with a government agency, you may contact the contact information below for assistance.
1) Personal Information Infringement Report Center (http://privacy.kisa.or.kr / 118 without area code)
2) Supreme Prosecutors' Office Cyber Investigation Division (http://spo.go.kr / 1301 without area code)
3) National Police Agency Cyber Investigation Bureau (http://ecrm.cyber.go.kr / 182 without area code)
4) Personal Information Dispute Mediation Committee (http://www.kopico.go.kr / 1833-6972)
Article 13 (Personal Information Protection Manager)
The company is committed to ensuring users can safely access valuable information. In the event of an incident that violates the privacy notices provided to users, the personal information protection manager assumes full responsibility. However, despite technical measures taken, the company is not responsible for damage to information caused by unexpected incidents due to basic network risks, such as hacking, or for any disputes arising from posts made by visitors. The person responsible for processing your personal information and the person in charge are listed below, and we will respond promptly and diligently to any inquiries regarding personal information.
Personal Information Protection Manager: Kim Jeong-seop
Phone number: 1670-6463
Email address: cs_fnbsolution@yanolja.com
Article 14 (Processing of personal location information)
The company protects users' personal location information in compliance with the Act on the Protection and Use of Location Information. Detailed information regarding the processing of personal location information can be found in the Location Information Terms of Use .
-
The company uses personal location information to provide the following services to the personal location information subject, and does not store location information in the system during the personal location information processing process.
1) Waiting and ordering services using location information: When the location information of the individual location information subject or mobile device is provided, waiting or ordering services are provided at affiliated stores that can be accessed based on this location information.
2) Service providing search results using location information: When requesting information search or providing location information of the individual location information subject or mobile device, search results and nearby results (affiliated stores, etc.) using this location information are provided.
3) Provision of advertising information using user location: Presenting advertising materials using the location of the individual location information subject or mobile device during search results or other service use. -
Pursuant to Article 16, Paragraph 2 of the Act on the Protection and Use of Location Information, the Company automatically records location information use/provision confirmation data for personal location information subjects in the location information system and stores it for six months.
-
The company does not store personal location information, but if the purpose of processing personal location information is achieved and destruction becomes necessary in the future, the information will be destroyed in a way that makes it impossible to recover or reproduce, as described below.
1) Personal information printed on paper: Shred or incinerate.
2) Personal information stored in electronic file format: Deleted using a technical method that renders the records unreusable. -
The company does not provide personal location information to third parties. If it becomes necessary to provide personal location information to a third party designated by the individual, the company will take the following measures.
1) Notify the recipient and purpose of provision to the personal location information subject in advance and obtain consent.
2) Immediately notify the person receiving the personal location information, the date and time of provision, and the purpose of provision to the personal location information subject through the relevant communication terminal device that collected the personal location information.
3) If the subject of personal location information uses a communication terminal device that does not have a text, voice or video reception function, or requests in advance to be notified by a separate communication terminal device, e-mail or electronic message, notification will be made by a communication terminal device, e-mail or electronic message specifically designated in advance. -
The rights and obligations of the company's guardians of children under the age of 8 and the methods of exercising them are as follows.
1) If the person responsible for protecting a child under the age of 8 (hereinafter referred to as “children under the age of 8”) agrees to the use or provision of personal location information for the purpose of protecting the life or body of the child under the age of 8, the Company will consider the consent of the child to have been given.
- Children under 8 years old
- A person who is mentally unstable
- A person with a mental disability as defined in Article 2, Paragraph 2, Subparagraph 2 of the Disabled Persons Welfare Act and who is a severely disabled person as defined in Article 2, Subparagraph 2 of the Disabled Persons Employment Promotion and Vocational Rehabilitation Act (limited to a person registered as disabled as defined in Article 29 of the Disabled Persons Welfare Act)
2) A guardian who wishes to consent to the use or provision of personal location information for the protection of the life or body of a child under the age of 8 must submit a written consent form to the company along with a document proving that he or she is the guardian.
3) If the guardian consents to the use or provision of personal location information of a child under the age of 8, the guardian may exercise all of the rights of the personal location information subject. -
The company has appointed a location information manager to protect location information and handle complaints related to location information.
- Location Information Manager: Jaeheon Kim
- Phone number: 1670-6463
- Email address: cs_fnbsolution@yanolja.com
Article 15 (Revision of Personal Information Processing Policy and Notification thereof)
If the Company changes its personal information processing policy, it will notify users without delay through the notice section on the home page or a separate window, and will take steps to ensure that users can easily identify any changes at any time.
Supplementary provisions
Article 1 (Enforcement Date)
This Privacy Policy is effective from March 28, 2024.
Article 2 (Confirmation of the old personal information processing policy)
- Privacy Policy (effective October 16, 2023)
[Notice] Notice of Revision to Now Waiting's Privacy Policy (March 28, 2024)
Hello. This is Yanolja FNB Solution Co., Ltd.
To provide better service, we would like to inform you that Now Waiting Service's privacy policy has been changed as follows.
▶ Personal Information Processing Policy Change and Effective Date: March 28, 2024
▶ Major changes to the personal information processing policy
・For foreigners, mandatory items for personal information collection/use and provision to third parties have been added (e-mail address).
Yanolja FNB Solution Co., Ltd. will always do its best to provide better service.
We ask for your continued interest and use of our services.
thank you
If the Company changes its personal information processing policy, it will notify users without delay through the notice section on the home page or a separate window, and will take steps to ensure that users can easily identify any changes at any time.