MIRIDIH BizHows Privacy Policy
MIRIDIH BizHows(hereinafter ” MIRIDIH “) processes and securely manages personal information in compliance with the provisions of the 「Personal Information Protection Act」 and relevant laws and regulations to protect the freedom and rights of data subjects. To inform data subjects of the procedures and standards for the processing and protection of personal information in accordance with Article 30 of the 「Personal Information Protection Act」, and to ensure prompt and smooth resolution of related grievances, MIRIDHI has established and publicly disclosed the following Privacy Policy.
Article 1. Purpose of Personal Information Processing, Items, and Retention/Use Period
MIRIDIH collects and uses personal information to the minimum extent necessary for the provision of services, in accordance with 「Personal Information Protection Act」.
1. Cases Where Consent of the Data Subject is Not Obtained
MIRIDIH processes the following personal information items without the consent of the data subject:
| Legal Basis | Category | Purpose of Processing | Items Processed | Processing and Retention Period |
|---|---|---|---|---|
| 「Personal Information Protection Act」 Article 15, Paragraph 1, Subparagraph 4 (Conclusion and Fulfillment of a Contract) | Provision of Consultation Services | Providing consultation on matters such as delivery, order methods, product options, holds/changes/cancellations (refunds), data verification, receipts/documentation, quality complaints, website usage, partnership inquiries, and bulk order quotes. | BizHows ID, mobile phone number, inquiry content | 3 years after the inquiry is processed (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 4) |
| 「Personal Information Protection Act」 Article 15, Paragraph 1, Subparagraph 4 (Conclusion and Fulfillment of a Contract) | Delivery Service | Providing delivery for product orders. | Recipient’s name, contact information, address (country) | 5 years after delivery is completed (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 3) |
| 「Personal Information Protection Act」 Article 15, Paragraph 1, Subparagraph 4 (Conclusion and Fulfillment of a Contract) | Issuance of Cash Receipts or Tax Invoices | Issuing a cash receipt or tax invoice for the product order amount. | Applicant’s name, email, contact number, secondary contact number | 5 years after delivery is completed (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 3) |
2. Personal Information Processed with the Consent of the Data Subject
MIRIDIH processes the following personal information items after obtaining the data subject’s consent.
| Legal Basis | Category | Purpose of Processing | Items Processed | Processing and Retention Period |
|---|---|---|---|---|
| 「Personal Information Protection Act」 Article 15, Paragraph 1, Subparagraph 1 (‘Consent’) | Membership Service Operation | User identity verification for membership services, individual identification, prevention of fraudulent use by unauthorized members, confirmation of intent to join, limitations on membership sign-ups, record retention for dispute resolution, handling of grievances such as complaints, and delivery of notifications. | ・ Items collected and used when signing up with email: Name, email address, password ・ Items collected and used when signing up Naver: User identifier, name, email address ・ Optional Items collected and used when signing up Naver: Nickname, profile photo, gender, date of birth, age group ・ Items collected and used when signing up with Google: Name, email address, profile photo ・ Items collected and used when signing up with Kakao: Kakao account (email address), profile information (nickname/profile photo), mobile phone number ・ Items collected and used when signing up with Apple: Name, email address |
Until membership withdrawal (※ retained for 7 days prior to destruction in case of a request to cancel the withdrawal) |
| 「Personal Information Protection Act」 Article 15, Paragraph 1, Subparagraph 1 (‘Consent’) | Marketing Utilization | Development and specialization of new services (products), delivery of advertising information such as events, provision of services based on demographic characteristics, placement of advertisements, and statistical analysis of access frequency or member service usage. | Email address, mobile phone number | Until membership withdrawal or withdrawal of consent |
| 「Personal Information Protection Act」 Article 15, Paragraph 1, Subparagraph 1 (‘Consent’) | Corporate Quotation Request | Use for and notification of marketing activities, including events and advertisements related to BizHows services and affiliated services | Business entity name; name, phone number, and email address of the person in charge | Destroyed without delay after 5 years |
Article 2. Personal Information of Children Under 14 Years of Age
MIRIDIH does not collect or process personal information of children under 14 years of age for the provision of this service.
Article 3. Personal Information Processing and Retention Period
① MIRIDIH processes and retains personal information within the retention and usage period prescribed by relevant laws or the period consented to by the data subject at the time of collection.
② The processing and retention periods for each type of personal information are as follows:
1. Website Membership and Management: Until the member withdraws from the service.
However, if any of the following reasons apply, retention will continue until the reason is resolved:
- a. If an investigation or inquiry into a violation of related laws is in progress, until the conclusion of the investigation or inquiry.
- b. If there are remaining claims or debts arising from the use of the website, until said claims or debts are settled.
2. Provision of Goods or Services: Until the completion of goods/services delivery and settlement/payment. However, if any of the following reasons apply, retention will continue until the end of the specified period:
- Records on contracts or withdrawal of offers: 5 years (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 2)
- Records on payment and supply of goods: 5 years (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 3)
- Records on consumer complaints or dispute resolution: 3 years (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 4)
- Records on display and advertising: 6 months (「Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, etc.」 Article 6, Paragraph 1, Subparagraph 1)
3. Retention of communication confirmation data in accordance with Article 15-2, Paragraph 2 of the 「Protection of Communications Secrets Act」
- Computer communication, internet log records, access point tracking data: 3 months
Article 4. Procedure and Method of Personal Information Destruction
① When personal information becomes unnecessary due to the expiration of the retention period or the achievement of the purpose of processing, MIRIDIH will promptly destroy the personal information.
② If personal information must be retained in accordance with other laws, even after the retention period agreed upon by the data subject has expired or the processing purpose has been achieved, the said personal information will be transferred to a separate database (DB) or stored in a different location.
※ The items of personal information to be retained and the legal basis for retention can be found in ‘Article 1. Purpose of Processing, Items Processed, and Retention and Use Period of Personal Information’.
③ The procedures and methods for personal information destruction are as follows:
1. Destruction Procedure
MIRIDIH selects the personal information for which a reason for destruction has occurred and destroys the information after obtaining approval from the Privacy Officer of MIRIDIH.
2. Destruction Method
MIRIDIH destroys personal information recorded and stored in electronic file format in a way that the records cannot be reproduced. Personal information recorded and stored in paper documents is shredded with a shredder or incinerated.
Article 5. Provision of Personal Information to Third Parties
① MIRIDIH processes the personal information of data subjects only within the scope specified in the purpose of processing personal information. Personal information is provided to third parties only in cases falling under Articles 17 and 18 of the 「Personal Information Protection Act」, such as with the consent of the data subject or special provisions of the law. Otherwise, the data subject’s personal information is not provided to third parties.
② In the following cases, MIRIDIH provides personal information only to the minimum extent necessary, with the consent of the data subject, in accordance with Article 17, Paragraph 1, Sub paragraph 1 of the 「Personal Information Protection Act」, for the purpose of smooth service provision.
| Recipient | Purpose of Provision | Items Provided | Retention and Use Period |
|---|---|---|---|
| Family site partners | Customer management, including product delivery, customer support, handling of complaints, and prevention of fraudulent use | Purchaser’s information (name, contact number, email address), Shipping information (name, contact number, address (including country), postal code) | 5 years after completion of product delivery |
Article 6. Entrustment of Personal Information Processing
① For the smooth processing of personal information, MIRIDIH entrusts the personal information processing tasks, and provides this notice in accordance with Article 26, Paragraph 2 of the「Personal Information Protection Act」:
| Entrusted Party (Trustee) | Entrusted Task | Sub-Entrustment Status |
|---|---|---|
| KG INICIS Co., Ltd. | Credit card payment service | – |
| humusOn Inc. | Kakao AlimTalk (notification) delivery service | KakaoTalk – Kakao AlimTalk delivery |
| Channel Corporation | Customer Support Chat Service | – |
| AB180 Inc. | Braze usage guide and technical support | – |
| Salesmap Inc. | Operation of customer management systems and email delivery services | Barobill – SMS delivery system NHN corporation – AlimTalk delivery |
② When concluding an entrustment agreement, in accordance with Article 26 of the 「Personal Information Protection Act」, MIRIDIH specifies in documents such as the contract matters concerning the prohibition of processing personal information for purposes other than performing the entrusted task, technical and administrative protection measures, restrictions on re-entrustment, management and supervision of the trustee, and liability for damages, and supervises whether the trustee processes personal information securely.
③ In accordance with Article 26, Paragraph 6 of the 「Personal Information Protection Act」, if the trustee re-entrusts MIRIDIH’s personal information processing tasks, they must obtain MIRIDIH ‘s consent, and MIRIDIH disclose the re-trustee and the content of the re-entrusted tasks through this Privacy Policy.
④ If the content of the entrusted task or the trustee changes, MIRIDIH will disclose it through this Privacy Policy without delay.
Article 7. Cross-Border Transfer of Personal Information
MIRIDIH transfers personal information collected from data subjects overseas as set forth below, and hereby provides the following notice regarding cross-border transfers in accordance with Article 28-8, Paragraph 2 of the 「Personal Information Protection Act」. If you refuse cross-border transfers, you will not be able to use the services. If you do not wish to have your personal information transferred overseas, you may withdraw your membership through the website (top right: Member Name – Member Name – Delete Account) or the mobile application (My – Member Name – Delete Account), or request membership withdrawal by contacting the Biz Customer Satisfaction Team (☎ 1644-1374).
| Legal Basis & Category | Category | Details |
|---|---|---|
| 「Personal Information Protection Act」 Article 28-8, Paragraph 1, Subparagraph 3 (‘Entrusted processing∙Storage of Personal Information’) | Recipient | Braze |
| Destination Country of Transfer | United States | |
| Timing and Method of Transfer | Immediately upon sending emails, transmitted in encrypted form via the Internet | |
| Personal Information Transferred | Email address | |
| Purpose of Use | To send mandatory notices or marketing-related emails | |
| Retention and Use Period | Until termination of the entrustment agreement | |
| Contact Information | privacy@braze.com |
Article 8. Measures to Ensure the Security of Personal Information
MIRIDIH takes the following measures to ensure the security of personal information:
- Administrative Measures: Establishment and implementation of an internal management plan, regular employee training, operation of a dedicated organization.
- Technical Measures: Management of access rights to the personal information processing system, installation of an access control system and other related protective measures, internet network blocking measures, encryption of personal information, storage and inspection of access records, installation and updating of security programs, inspection and supplementation of vulnerabilities in the personal information processing system.
- Physical Measures: Access control for computer rooms and data storage rooms, etc., storage of documents and auxiliary storage media in secure location with locking devices, safety measures against disasters and calamities, control of the entry and exit of auxiliary storage media.
Article 9. Matters Concerning the Installation, Operation, and Refusal of Automated Personal Information Collection Mechanism
(1) Cookies
① To provide personalized services and convenience to data subjects, MIRIDIH uses ‘cookies’ that store and frequently retrieve usage information.
② A cookie is a small amount of information that the server (http) used to operate the website sends to the data subject’s browser. It is stored on the data subject’s computer or mobile device and is automatically transmitted to the server from the data subject’s browser when accessing the website.
③ Data subjects have the right to choose whether to allow the installation of cookies. Data subjects may refuse the use of cookies through browser settings, and the methods for blocking cookies may vary depending on the type of web browser.
▶ Cookie Settings by Web Browser
- Chrome Web Browser (View)
- Edge Web Browser (View)
- Safari Web Browser (View)
- Firefox Web Browser (View)
(2) Web Log Analysis
① MIRIDIH may use a web log analysis tool (Google Analytics) to analyze users’ service usage information (such as navigation, clicks, and conversions).
② If you wish to discontinue web log analysis, you may block it by following the instructions provided on the page below.
- Google Analytics Opt-out Browser Add-on (View)
Article 10. Processing and Opting out of Behavioral Information
① In the course of using the service, MIRIDIH processes behavioral information in a way that does not identify individuals, using automated collection mechanism such as cookies, to provide customized services, benefits, and personalized online advertisements optimized for the data subject.
② MIRIDIH collects behavioral information on the websites it operates as follows:
| Items Collected | Collection Method | Collection Purpose | Retention/Use Period |
|---|---|---|---|
| In-house App Access and Usage History | Automatic collection upon web/app access and usage | Provision of personalized advertising, analysis of advertising performance, analysis of service usage patterns, and service improvement | Destroyed 14 months from the date of collection |
③ MIRIDIH provides behavioral information to third parties as follows:
| Recipient | Items Provided | Purpose of Use by Recipient | Recipient’s Retention/Use Period |
|---|---|---|---|
| Google Ads (Google LLC) Naver (NAVER Corporation) Meta (Meta Platforms, Inc.) Channel Talk (Channel Corporation) Kakao (Kakao Corp.) Criteo (Criteo S.A.) A8 (FAN Communications, Inc.) |
In-house web/app usage history | Provision of personalized advertising and analysis of advertising performance | Destroyed 14 months from the date of provision |
| Microsoft Clarity (Microsoft Corporation) Braze (Braze, Inc.) Google Analytics (Google LLC) Airbridge (AB180 Inc.) |
In-house web/app usage history | Analysis of service usage patterns and service improvement | Destroyed 14 months from the date of provision |
④ MIRIDIH collects only the minimum amount of behavioral information necessary for optimized customized services, benefits, and personalized online advertisements, and does not collect sensitive behavioral information that could infringe on an individual’s rights, interests, or privacy, such as ideology, beliefs, or medical history.
⑤ Data subjects can collectively block or allow personalized advertising by changing the cookie settings of their web browser. However, changing cookie settings may restrict the use of some services, such as website auto-login.
▶ Blocking/Allowing Personalized Advertising via Web Browser
(1) Chrome
❶ How to delete cookies stored in the web browser
- In Chrome, click the ‘⋮’ icon at the top right, then click ‘Settings’.
- On the left side of the settings page, click ‘Privacy and security’, then click ‘Clear browsing data’ and select whether to clear browsing data.
❷ How to block third-party cookies in the web browser
- In Chrome, click the ‘⋮’ icon at the top right, then click ‘Settings’.
❸ How to block all cookies from being saved in the web browser
- Additionally, in Chrome, click the ‘⋮’ icon at the top right, then click ‘New Incognito window’. This will switch to Incognito mode, where your browsing history, cookies, site data, and information entered in forms will not be saved on your device.
(2) Edge
❶ How to delete cookies stored in the web browser
- Click the ‘…’ icon in the top right corner of Edge, then click Settings.
- On the left side of the settings page, click ‘Cookies and site permissions’, then click ‘Manage and delete cookies and site data’ and select whether to clear all cookies and site data.
❷ How to block third-party cookies in the web browser
- Click the ‘…’ icon in the top right corner of Edge.
- On the left side of the settings page, click ‘Privacy, search, and services’, and in the ‘Tracking prevention’ section, select whether to enable ‘Tracking prevention’ and the level (Balanced or Strict).
- Alternatively, on the left side of the settings page, click ‘Cookies and site permissions’, then click ‘Manage and delete cookies and site data’ and select ‘Block third-party cookies’.
❸ How to block all cookies from being saved in the web browser
- Click the ‘…’ icon in the top right corner of Edge, then click the New InPrivate window icon. In this mode, your browsing history, cookies and site data, and information entered into forms will not be saved on your device.
⑥ MIRIDIH collects and uses advertising identifiers in apps for personalized advertising. Data subjects can block or allow personalized advertising in apps by changing the settings on their mobile device.
▶ Allowing/Blocking Advertising Identifiers on a Smartphone
(1) Android
① Settings → ② Security and privacy → ③ Privacy → ④ Other privacy settings → ⑤ Ads → ⑥ Reset advertising ID or Delete advertising ID
(2) iPhone
① Settings → ② Privacy & Security → ③ Tracking → ④ Turn off “Allow Apps to Request to Track”
※ The menu and method may differ slightly depending on the mobile OS version.
⑦ Data subjects can inquire about matters related to behavioral information, exercise their right to refusal, and report damages by contacting the following department.
• Department Name: Biz Customer Satisfaction Team
• Contact Information: 1644-1374, bizhows@miridih.com
Article 11. Rights, Obligations, and Methods of Exercise for Data Subjects and Legal Representatives
① Data subjects can, at any time, exercise the right to request access, portability, correction, deletion, suspension of processing, or withdrawal of consent regarding their personal information (hereinafter “the exercise of rights”).
② The exercise of rights can be done in writing, by phone, email, fax (FAX), or online to MIRIDIH in accordance with Article 41, Paragraph 1 of the 「Enforcement Decree of the Personal Information Protection Act」, and MIRIDIH will take action without delay.
- Data subjects can directly view, correct, delete, suspend processing, or withdraw consent for their personal information at any time on the website by navigating to ‘My Name > Edit My Info’ at the top right corner of the website, or request access through the ‘question mark help icon’ in the bottom right corner.
- Data subjects may exercise their rights by contacting the department below. MIRIDIH will respond within 10 days from the date of receiving the request for the exercise of rights (immediately in the case of requests for data transfer).
• Department: Biz Customer Satisfaction Team
• Address: TP Tower, 8F, 13F, 14F, 17F, #1004, 12 Digital-ro 31-gil, Guro-gu, Seoul, Republic of Korea
• Contact: 1644-1374, bizhows@miridih.com
③ The exercise of rights can also be done through an agent, such as the data subject’s legal representative or a person who has been delegated authority. In this case, you must submit a power of attorney according to the [Form 11] of the “Notice on How to Process Personal Information”.
④ The data subject’s right to request access to and suspension of processing of personal information may be restricted by Article 35, Paragraph 4 and Article 37, Paragraph 2 of the 「Personal Information Protection Act」.
⑤ The data subject cannot request the deletion of personal information if it is specified as an object of collection in other laws.
⑥ MIRIDIH verifies whether the person exercising the rights is the data subject themselves or a legitimate agent.
Article 12. Privacy Officer
① MIRIDIH is has designated a Privacy Officer as follows to be responsible for the overall personal information processing and handle data subjects’ complaints and provide relief for damages related to personal information processing.
• Name: Heo Young-min
• Position: COO
• Contact: 1644-1374, bizhows@miridih.com
• Department Name: Biz Customer Satisfaction Team
• Contact: 1644-1374, bizhows@miridih.com
② Data subjects can inquire about all matters related to personal information protection, including complaints and damage relief, that arise while using MIRIDIH’s services (or business), with the Privacy Officer and the Personal Information Protection Department.
MIRIDIH will respond to and handle the data subject’s inquiries without delay.
Article 13. Remedies for Infringement of Rights
Data subjects may seek remedies and consultations for personal information infringement at the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency’s Personal Information Infringement Report Center, etc. For other reports and consultations on personal information infringement, please contact the institutions below.
- Personal Information Dispute Mediation Committee: (no area code) 1833-6972 (www.kopico.go.kr)
- Personal Information Infringement Report Center: (no area code) 118 (privacy.kisa.or.kr)
- National Police Agency: (no area code) 182 (ecrm.police.go.kr)
Article 14. Changes to the Personal Information Processing Policy
① This Privacy Policy will take effect on February 10, 2026.
② Previous versions of the Privacy Policy can be found below.
- Effective period: October 15, 2025 ~ February 09, 2026 (View more)