BizHows (www.bizhows.com) is operated by MIRI D.I.H Co. (hereinafter referred to as “the Company”).

The Company collects, uses, and manages the personal information of users (including both members and non-member customers) based on the following principles.
In relation to this, the Company adheres to the relevant laws and regulations of the Republic of Korea and personal information protection regulations and guidelines that information and communication service providers are required to comply with.

Article 1. Categories of Personal Information Collected and Methods of Collection

ishot_2024-04-23_19-47-39

The Company collects the following minimum personal information as mandatory items at the time of membership registration to facilitate customer support and provide various services:
– Personal information is collected during membership registration, shipping requests, and participation in promotional events through the Company website.
– Personal information may be collected through web pages, emails, faxes, and calls during the consulting process via the customer service center.
– A grace period of seven (7) days is provided after the request for membership withdrawal, and the membership is terminated after these seven (7) days.

Article 2. Purpose of Collecting Personal Information

The Company uses personal information for the following purposes:
1. Performance of Contract and Settlement of Charges for Service Provision
– Content provision, service purchase and fee payment, authentication of financial transactions and financial services, delivery services related to product orders, etc.
2. Member Management
a) Identity verification according to membership-based services, personal identification, prevention of misuse by problematic members and unauthorized use, confirmation of intent to join, limitation on the number and frequency of registrations, record keeping for dispute resolution, handling complaints, and delivery of notifications.
b) Used by non-member customers for smooth ordering and service receipt, delivery of goods, and payment processing in the use of services.
3. Development of New Services, Marketing, and Advertising Utilization
– Development and specialization of new services (products), delivery of advertising information such as events, provision of services and advertising placement according to demographic characteristics, determination of access frequency, or statistical analysis of member service usage.
– The email and mobile phone number provided at the time of membership registration can be used to deliver major announcements, information on new services, and various events and promotional information.
4.Integrated Management of Family Sites
-For the management of members on the family sites (“Miricanvas”, “Miricanvas Shop”), it is possible to check the membership status of the Company from the family sites. Upon member registration at a family site, registration information, shopping cart, and order history of the Company’s account are managed integrally.

Article 3. Consent to Collection of Personal Information
At the time of membership registration, the environment is established to ensure that members can thoroughly review and understand the privacy policy before giving their consent to proceed with registration. All members who complete their membership registration are considered to have consented to all the personal information collection procedures and purposes outlined above.

Article 4. Retention and Usage Period of Personal Information
The Company processes and retains personal information within the retention and usage period agreed upon at the time of collection from the data subject or as stipulated by the law.
The specific personal information retention and processing periods are as follows:
1. Records related to contracts or withdrawal of subscriptions: Five (5) years (in accordance with the Act on Consumer Protection in Electronic Commerce, etc.)
2. Records on payment and supply of goods: Five(5) years (in accordance with the Act on Consumer Protection in Electronic Commerce, etc.)
3. Records on consumer complaints or dispute resolution: Three (3) years (in accordance with the Act on Consumer Protection in Electronic Commerce, etc.)
4. Records related to advertising and display: Six (6) months (in accordance with the Act on Consumer Protection in Electronic Commerce, etc.)
5. Records of website visits: Three (3) months (in accordance with the Protection of Communications Secrets Act)

Article 5. Procedures and Methods for Destruction of Personal Information
The Company will promptly delete personal information when it is no longer necessary, such as upon the expiry of the retention period or once the purpose of its processing has been achieved.
1. Deletion Procedure:
Information provided for membership registration will be retained for a certain period according to internal policies and applicable legal regulations after its purpose has been achieved, and subsequently deleted.
2. Deletion Method:
a) Information in electronic file format is deleted using technical methods that prevent the records from being restored or reproduced.
b) Personal information printed on paper is destroyed by shredding or incineration.

Article 6. Provision of Personal Information to Third Parties
1.The Company uses personal information of the user within the scope disclosed at the time of collection and usage purposes and does not, in principle, provide it externally. However, the following exceptions apply:
1) When there is a demand from an authoritative agency for investigative purposes as stipulated by relevant laws.
2) When there is a request following the procedures prescribed by other relevant laws.
3) When users have given prior consent.

2.The Company provides your personal information within the necessary scope to payment service providers PayPal to facilitate your payment process. This information sharing occurs for the following purposes:
a)Payment Services: To carry out the payment for printing products offered by The Company, your payment information is shared with PayPal .
b)Payment Confirmation and Settlement: To confirm that your payment has been successfully completed and to gather necessary information for the settlement process, The Company receives detailed payment-related information from PayPal.
c)Customer Support and Dispute Resolution: In case you encounter any issues during the payment process, The Company, together with PayPal, uses this information to provide customer support and, if necessary, to assist in resolving disputes.

Article 7. Consignment of Personal Information
The Company does not entrust user’s personal information to external companies without consent of the user.

image-11

If the need arises in the future to do so, the Company shall notify the user of the consignee and the content of the consigned tasks, and if necessary, obtain prior consent.

Article 8. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
The Company uses “cookies” to store and retrieve usage information in order to provide customized services to each user. A cookie is a small piece of information sent by the server (http) running the website to the browser of the user’s computer and may be stored on the hard drive of the user’s computer
1. Purpose of Using Cookies: Cookies are used to understand visit and usage patterns of various services and websites, popular search terms, secure connection status, etc., to provide users with optimized information.
2. Installation, Operation, and Refusal of Cookies:
a) Internet Explorer: User can refuse to store cookies by going to Tools > Internet Options > Privacy, and adjusting the settings for cookie handling.
b) Chrome: Click the icon at the top right of the browser > Settings > Show advanced settings (at the bottom of the page) > Privacy section > Content settings > Cookies where the user can manage settings directly.
Please note, if the user refuse to allow the storage of cookies, he/she may experience difficulties in using the services.

Article 9. Rights of Users and Legal Representatives and How to Exercise Them
1. Users and legal representatives may access or modify the personal information of themselves or a child under the age of fourteen (14) at any time, and may also request termination of membership.
2. For users or children under the age of fourteen(14), accessing/modifying personal information or terminating membership can be done through the “Edit Information” section.
3. In accordance with the user’s request, the Company processes and handles the deletion or termination of personal information as specified in “Article 5: Retention and Use Period of Personal Information,” and ensures that such information is neither accessed nor used for purposes other than those specified.

Article 10. Measures to Ensure the Security of Personal Information
The Company implements the following measures to secure the safety of personal information:
1. Minimization and Training of Personal Information Handling Staff
– The Company designates specific staff responsible for handling personal information and limits their number to minimize access and manage personal information securely.
2. Technical Measures Against Hacking
– To prevent the leakage and damage of personal information due to hacking or computer viruses, the Company installs security programs, conducts regular updates and checks, installs systems in areas with restricted access from the outside, and monitors and blocks them technically and physically.
3. Encryption of Personal Information
– Users’ personal information and passwords are encrypted, stored, and managed so that only the individual can access them. Key data are protected using encryption for files and transmission data or by using file locking functions to enhance security.
4. Restriction of Access to Personal Information
– The Company implements necessary measures to control access to the personal information processing database system through the granting, modification, and deletion of access rights. The Company uses intrusion prevention systems to control unauthorized access from outside.

Article 11. Personal Information Management Officer
The Company is responsible for overseeing the processing of personal information and has designated a Personal Information Protection Officer to handle complaints and other issues related to the processing of personal information as follows:
Personal Information Management Officer and Department
– Department: BizHows Customer Happiness Team
– Personal Information Manager: Min-gyu Kim
– Phone Number: +82-1644-1374
– Fax: +82-6925-3692
– Email: bizhows@miridih.com
Members can contact the designated officer and department for any inquiries, complaints, or remedies related to the protection of personal information that arise while using the Company and its services.
For reports of personal information violations or for consultation, please contact the following institutions:
– Personal Information Infringement Report Center (https://privacy.kisa.or.kr/kor/main.jsp / Dial +82-118 without area code)
– Supreme Prosecutors’ Office Internet Crime Investigation Center (http://www.spo.go.kr / +82-3480-2000)
– National Police Agency Cyber Security Bureau (http://cyberbureau.police.go.kr / Dial +82-182 without area code)

Article 12. Duty to Notify Before Amendment
The abovementioned personal information processing policy will be applicable from the date of enforcement. Should there be any additions, deletions, or corrections to the contents of these changes due to changes in laws and policies, notice will be given via announcements at least seven (7) days prior to the implementation of the changes.

This policy will be implemented starting from May 2, 2024

Supplementary Terms
The following additional terms apply respectively to users having residence in or nationality of certain countries. In the event of any conflict between the following additional terms and the provisions of the main body of this Policy, the following terms shall prevail. The Company shall try to comply with any legal regulation of countries which may be applied to the User and the Company.

1. For Users Having Usual Residence in European Union
The purpose and basis of personal information processing

The Company uses the collected personal information only for the purposes stated in Article 3, gives the User advance notice of this fact, and seeks the User’s consent. Also, in accordance with the GDPR etc., the Company may process the User’s personal information if any one of the following applies:
(1) The data subject consented;
(2) It is for the conclusion and performance of a contract with the data subject;
(3) It is to comply with legal requirements;
(4) Processing is necessary for the crucial interest of the data subject; or
(5) It is for the pursuit of the Company’s legitimate interests (the foregoing does not apply where the data subject’s interests, rights, or freedoms are more important than the interests pursued by the Company).
The guarantee of the rights of the User who uses the Company’s services within the European Union (EU)

According to the GDPR etc., the User may request the Company to transfer their personal information to a different manager, and may also refuse the processing of their personal information. Furthermore, the User retains the right to bring grievances on the processing of their personal information before the personal information protection authorities.

Meanwhile, the Company may use personal information to provide marketing such as events or advertisement to the User and seeks the User’s consent in relation to the foregoing; the User may at any time withdraw their consent if such marketing is not desired.

The User may request the foregoing requests by means such as telephone, email, documents etc.; the Company will act on such request without delay once it is filed.

If modification or correction is requested for errors in the User’s personal information, the Company will not use or provide such personal information of the User until such matter is modified or corrected.

Personal Information of Children

For the Users having usual residence in EU (including UK, Switzerland), the Company’s services is designed for a general audience and is not directed towards children. In connection with the Company’s service, the Company does not knowingly collect or maintain personal information from anyone under the age of sixteen (16) or knowingly allow such persons to use the Company’s service. If you are under sixteen (16), please do not attempt to register for the Company’s service or provide the Company with any personal information. If the Company learns that a person under the age of sixteen (16) has provided the Company with any personal information, the Company shall promptly delete such personal information. If you believe that a child under age sixteen (16) may have provided the Company with personal information, please contact the Company using the information specified in the Policy.
2. For Users Having Usual Residence in California, and Virginia, United States

If the Users reside in California and Virginia, certain rights may be given. The Company shall prepare preventive measures necessary for protecting personal information of Users so that the Company may comply with California Privacy Rights Act of 2020 (hereinafter referred to as “CPRA”) and Virginia Consumer Data Protection Act (hereinafter referred to as “VCDPA”) when necessary.

3. For Users Having Usual Residence in Japan
Use of Personal Information of Users

The Company process the User’s personal information when this is necessary under the Company’s agreement with the User, to provide Users with the Company’s service, and specific features users select when using the Company’s service, which may require personalizing the content of the Company’s service mainly regulated in Article 3 of this Policy.
Provision and Outsourcing of Personal Information of Users

Article 7 and 8 of this Policy shall be applied on the provision and outsourcing of personal information of Users