통합회원 개인정보 처리방침_20260212 (중국어간체)
MakeStar Integrated Member Personal Information Processing Policy
MakeStar Co., Ltd. (hereinafter referred to as the "Company") processes personal information lawfully and manages it securely in compliance with the Personal Information Protection Act and related laws and regulations to protect the freedom and rights of data subjects. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, the Company establishes and discloses this Personal Information Processing Policy to inform data subjects of the procedures and standards for processing and protecting personal information and to ensure that related grievances are handled promptly and smoothly.
Table of Contents
Article 1 (Purpose of Personal Information Processing)
Article 2 (Items of Personal Information Collected and Collection Methods)
Article 3 (Retention and Use Period of Personal Information)
Article 4 (Provision of Personal Information to Third Parties)
Article 5 (Entrustment of Personal Information Processing)
Article 6 (Rights, Obligations, and Exercise Methods of the Data Subject)
Article 7 (Destruction of Personal Information)
Article 8 (Measures to Ensure the Security of Personal Information)
Article 9 (Matters Concerning Changes to the Personal Information Processing Policy)
Article 10 (Transfer of Personal Information Due to Business Transfer, etc.)
Article 11 (Matters Concerning the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
Article 12 (Personal Information Protection Officer)
Article 13 (Remedies for Infringement of Rights and Interests)
Article 1 (Purpose of Personal Information Processing)
The Company processes members' personal information for the purposes listed below and does not use it for any other purposes.
- Member Management: Member identification and verification, delivery of notices and announcements to members
- Member Consultation Processing: Receiving member consultations and complaints, notification of processing results
- Service Provision: Service provision and service quality improvement, prevention of fraudulent use within services, development of new services/technologies
- Marketing and Advertising Promotion: Provision of advertising information
- Reward or Product Delivery
- Payment, Settlement, and Refund Measures for Products, etc.
Article 2 (Items of Personal Information Collected and Collection Methods)
The Company collects only the minimum personal information necessary for service operation. If additional personal information is required for service use, it will be collected based on the legal grounds for personal information processing. The specific items of personal information collected and their purposes of use are as follows.
- Personal Information Items Processed Without the Data Subject's Consent
The Company processes the following personal information items without the data subject's consent.
[Mandatory Processing Items]
Legal Basis: Article 15(1)(4) of the 「Personal Information Protection Act」 ('Conclusion and Performance of a Contract')
| Service Name | Category | Collection Items | Purpose of Collection | Retention and Use Period |
| Integrated Members (MakeStar, Poca Album) | Sign Up (Email) | Email address, password | Member identification and verification, delivery of notices and announcements to members, handling member inquiries and complaints, and notification of resolution outcomes | Three months after membership termination or the period specified by relevant laws and regulations |
| MakeStar | Edit Member Information | Real name, Nickname, Date of birth, Gender, Country/Region of residence, Phone number | Edit Member Information | Three months after membership termination or the period specified by relevant laws and regulations |
| Product Ordering and Shipping | Buyer Information (Email) Payment Information (Payment Method, Payment Currency, Payment Amount, Payment Date/Time, Payment Authorization Number) Shipping Address (Shipping Country/Region, Recipient Name, Email, Phone Number, Address, Tax Identification Number) | Ordering, Payment, Product Delivery, and Returns | Three months after membership termination or the period specified by relevant laws and regulations | |
| Funding or product-related event entry | Name, Email Address, Applicant Nationality, Applicant Language, Contact Information, Date of Birth, Messenger Information | Product-related funding and event participation | For one year after the event ends, but participation information for non-winners will be retained for six months after the winners are announced. | |
| When processing refunds | Account Bank, Account Number, Account Holder Name | Refund Policy | Within 3 months after the refund is completed or within the period specified by relevant laws and regulations | |
| Winner Announcement and Prize Claim Information | Event Participant Name (Korean), Event Participant Name (English), Phone Number, Email Address for Notification of Winning, Date of Birth, Phone Number, Country and Address for Receiving Event Prize | Winner Announcement and Prize Claim Instructions | Winners will be announced, and prizes must be claimed within 6 months. | |
| Event/Partnership Inquiries | Name/Company Name, Email, Phone Number | Event Proposals and B2B Transactions | Period of three years as stipulated by relevant laws and regulations | |
| Contact Us | Email address, Order number | Contact Us | Period of three years as stipulated by relevant laws and regulations | |
| Poca Album | Contact Us | Email address | Contact Us | Period of three years as stipulated by relevant laws and regulations |
| Feed | Profile photo, nickname, feed content | Posting to the feed | Three months after membership termination or the period specified by relevant laws and regulations | |
| DreamStar Charging and Ordering | Buyer Information (Email) Payment Information (Payment Method, Payment Amount, Payment Date/Time, Payment Authorization Number) | Star Charging and Purchasing | Three months after membership termination or the period specified by relevant laws and regulations |
[필수 처리 항목] 정보주체 이외로부터 개인정보를 제공받는 경우
| Service Name | Category | Collection Items | Purpose of Collection | Retention and Use Period |
| Integrated Members (MakeStar, Poca Album) | Sign Up (SNS) | Kakao: Birthday, Kakao account (email), gender, year of birth, nickname, name Naver: User identifier, name, email address, alias, gender, birthday, year of birth Google: Name, profile photo, email Apple: Email | Member identification and verification, Delivery of notices and announcements to members, Member consultation and complaint handling, Notification of processing results | Three months after membership withdrawal or the period specified by relevant laws and regulations |
[선택 처리 항목]
| Service Name | Category | Collection Items | Purpose of Collection | Retention and Use Period |
| Integrated Members (MakeStar, Poca Album) | Marketing and Advertising Utilization | MakeStar: ID (email address), PUSH token Poca Album: PUSH token | Information, advertising, promotions, publicity, events, and benefit marketing notices related to the services provided by the company | Three months after membership termination or the period specified by relevant laws and regulations |
| When using the service | Service usage records, access logs, access IP addresses, device information | Service provision and service quality improvement, prevention of fraudulent use within services, development of new services/technologies, provision of personalized services | After account deletion, 3 months or when cookies are blocked |
Article 3 (Retention and Use Period of Personal Information)
① The Company shall process and retain personal information within the retention and use period prescribed by law or within the period specified by the Company.
② If a user agrees to the Terms of Service and registers as a member, the Company shall retain the member's personal information until the member terminates the service use agreement or withdraws membership. However, the Company may retain personal information until the relevant reason ceases to exist in the following cases:
- Until the conclusion of any ongoing investigation or inquiry due to a violation of relevant laws and regulations
- Until the settlement of any outstanding debt or credit relationship arising from the use of the site, etc.
③ The Company may retain personal information as follows in accordance with relevant laws and regulations.
| Storage Information | Holding Period | Legal Basis |
| Records concerning payment settlements and the supply of goods, etc. | 5 years | Consumer Protection Act in Electronic Commerce, etc. |
| Records concerning contracts or withdrawal of subscription offers | 5 years | Consumer Protection Act in Electronic Commerce, etc. |
| Records concerning consumer complaints or dispute resolution | 3 years | Consumer Protection Act in Electronic Commerce, etc. |
| Records Concerning Display Advertising | 6 months | Consumer Protection Act in Electronic Commerce, etc. |
| Records of Electronic Financial Transactions | 5 years | Electronic Financial Transactions Act |
| Website visit history | 3 months | 『Communications Secrecy Protection Act』 |
| Records concerning the collection, processing, and use of credit information | 3 years | 『Act on the Use and Protection of Credit Information』 |
Article 4 (Provision of Personal Information to Third Parties)
① The Company shall provide personal information only to the minimum extent necessary, with the consent of the data subject pursuant to Article 17(1)(i) of the Personal Information Protection Act, in the following cases to ensure smooth service provision.
Legal Basis: Personal Information Protection Act Article 17(1)(i) (When obtaining the consent of the data subject)
| Recipient | Purpose of Provision | Information provided | Retention and Use Period |
| Agency | Event Entry and Participation | Name, Email Address, Applicant Nationality, Applicant Language, Contact Information, Date of Birth, Messenger Information | For one year after the event ends, but participation information for non-winners will be retained for six months after the winners are announced. |
Article 5 (Entrustment of Personal Information Processing)
① The Company entrusts the processing of personal information to third parties as follows to ensure smooth processing of personal information and related data.
| Trustee | Outsourced Work |
| Toss Payments Co., Ltd., Eximbay Co., Ltd. | Electronic payment service |
| Hanjin Corporation, Korea Post (EMS), Federal Express Korea Co., Ltd. (FedEx), United Parcel Service Korea Co., Ltd. (UPS), SF Express | Reward or Product Delivery |
| Goodsflow Co., Ltd. | Delivery Tracking |
| Google Cloud | Infrastructure operation for service provision |
| Oracle Cloud | Infrastructure operation for goods delivery |
| Microsoft (Clarity), Thinking Data | Web Analytics/Behavioral Analytics |
② When entering into an outsourcing agreement, the company specifies the following items in the contract or other documents in accordance with Article 26 of the Personal Information Protection Act and supervises whether the contractor safely manages and processes personal information.
- Prohibition of processing personal information for purposes other than performing the outsourced tasks
- Technical and administrative protective measures
- Restriction on re-outsourcing
- Management and supervision of the contractor
- Matters concerning liability, including compensation for damages
Article 6 (Rights, Obligations, and Exercise Methods of the Data Subject)
① Members may exercise the following rights related to personal information protection with the Company at any time:
- Request access to personal information
- Request correction of errors in personal information
- Request deletion of personal information
- Request suspension of personal information processing
② Members may exercise their rights under Paragraph 1 by written notice, telephone, email, fax, or other means to the Company, which shall take prompt action in response.
③ If a member requests correction or deletion of errors in their personal information, the Company shall not use or provide such personal information until the correction or deletion is completed.
④ If a member is a child under the age of 14, their legal representative may request access to the child's personal information from the company.
⑤ Members shall not infringe upon the personal information or privacy of the data subject themselves or others processed by the company in violation of the Personal Information Protection Act or other relevant laws and regulations.
Article 7 (Destruction of Personal Information)
① The Company shall promptly destroy personal information when it is no longer necessary, such as upon expiration of the retention period or achievement of the processing purpose.
② If personal information must be retained under other laws or regulations even after the retention period agreed upon with the member has expired or the processing purpose has been achieved, the Company shall store such personal information in a separate database (DB) or at a different storage location.
③ The procedures and methods for destroying a member's personal information are as follows.
- Destruction Procedure: The Company selects personal information for which a reason for destruction has arisen and destroys it upon approval by the Company's Personal Information Protection Officer.
- Destruction Method: The Company destroys personal information recorded and stored in electronic file format using technical methods to prevent its reproduction. Personal information recorded and stored on paper documents is destroyed by shredding or incineration.
Article 8 (Measures to Ensure the Security of Personal Information)
① The company makes every effort to safely manage members' personal information and protects it at a level exceeding the requirements of the Information and Communications Network Act and the Personal Information Protection Act, in accordance with the methods stipulated in this Article.
② The Company manages the number of employees handling personal information to a minimum and continuously emphasizes that protecting members' personal information is the most important value through regular and ongoing training for personal information handlers.
③ To prevent the leakage or damage of personal information due to hacking or computer viruses, the Company installs security programs and conducts periodic updates and inspections. It installs systems in areas with controlled external access and monitors and blocks access through technical and physical means.
④ The Company stores documents and auxiliary storage media containing personal information in secure locations equipped with locking devices.
⑤ The Company maintains separate physical storage locations for personal information and controls access to these areas.
Article 9 (Matters Concerning Changes to the Personal Information Processing Policy)
① If there are additions, deletions, or modifications to the content of the Personal Information Processing Policy, the Company shall notify the revised content via the website or app at least 7 days prior to the effective date of the revised policy.
② If there are significant changes to members' rights related to the processing of personal information, such as provision to third parties, the Company shall notify the revised content via the website or app at least 30 days prior to the effective date of the revised policy.
\Article 10 (Transfer of Personal Information Due to Business Transfer, etc.)
When transferring personal information to another party due to the transfer or merger of all or part of the business, the Company shall notify the relevant member in advance by means such as notification, announcement, or disclosure of the following items:
- The fact that personal information will be transferred
- The name (or corporate name for legal entities), address, telephone number, and other contact information of the recipient of the personal information
- The method and procedure available to the data subject if they do not wish for their personal information to be transferred
Article 11 (Matters Concerning the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
The Company installs and operates cookies to provide customized services to users. The purpose of using cookies and matters concerning refusal are as follows.
① What is a Cookie: A cookie is a small piece of information sent by the server used to operate a website to the user's computer browser and stored on the user's computer.
② Purpose of Cookie Use: Cookies are used to analyze user access frequency and visit times, understand usage patterns and areas of interest, track user activity, gauge participation in various events, and determine visit counts. This enables the provision of personalized services such as targeted marketing.
③ Installation, Operation, and Rejection of Cookies
- Users have the option to choose whether to install cookies. Through browser-specific options, users can allow or reject all cookies, or set their browser to prompt for confirmation each time a cookie is stored. Methods for specifying cookie installation permissions are as follows:
▶ Allowing/Blocking Cookies in Web Browsers
・ Chrome: Select the '⁝' icon in the top-right corner of the browser > New Incognito Window (Shortcut: Ctrl+Shift+N)
・ Edge: Select the '…' icon in the top-right corner of the browser > New InPrivate Window (Shortcut: Ctrl+Shift+N)
▶ Allowing/Blocking Cookies in Mobile Browsers
・ Chrome: Tap the '⁝' icon in the top-right corner of the mobile browser > New Incognito Tab
・ Safari: Go to Settings on your mobile device > Safari > Advanced > Block All Cookies
・ Samsung Internet: Select the 'Tab' icon at the bottom of the mobile browser > Turn on Private Mode > Start
- However, if you refuse to save cookies, you may encounter difficulties using certain services, such as those requiring login.
Article 12 (Personal Information Protection Officer)
① The Company designates a Personal Information Protection Officer as follows to oversee all matters related to personal information processing, handle complaints from data subjects regarding such processing, and provide remedies for damages.
Personal Information Protection Officer
Name: Jongmyeong Oh
Phone: +82-70-5055-6068
E-MAIL: [oh@makestar.com]
Customer Service Center
Phone Number: +82-70-5055-6068
E-MAIL: [cx@makestar.com]
② Users may contact the Personal Information Protection Officer regarding all inquiries, complaint handling, and damage relief related to personal information protection arising from the use of the Company's services (or business). The Company shall respond to and handle user inquiries without delay.
Article 13 (Remedies for Rights Infringement)
Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Reporting Center, etc., to seek redress for personal information infringements. For other reports or consultations regarding personal information infringement, please contact the following institutions:
- Personal Information Dispute Mediation Committee: (Toll-free) 1833-6972 (www.kopico.go.kr)
- Personal Information Infringement Reporting Center: (No area code required) 118 (privacy.kisa.or.kr)
- Supreme Prosecutors' Office: (No area code required) 1301 (www.spo.go.kr)
- National Police Agency: (Dial 182) (ecrm.cyber.go.kr)
Supplementary Provisions
This Privacy Policy shall take effect on February 12, 2026.