acrossB, Inc. (hereinafter referred to as the "Company") establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act in order to protect the personal information and rights of data subjects and to promptly and smoothly handle any grievances related to personal information.
This Privacy Policy includes the following contents.
Effective Date of the Privacy Policy: April 18, 2026
The Company collects and uses personal information within the minimum scope necessary to provide services such as its website and delivery system. Personal information will not be used for any purpose other than the specified purpose. If the purpose changes, the Company will take necessary measures, such as obtaining prior consent.
| Category | Purpose of Collection and Use | Items Collected |
|---|---|---|
| Service introduction inquiry | Verification of the person in charge of the inquiry; response regarding the result of the service introduction inquiry | Name, Email, Phone Number |
| Job applications via website | Recruitment-related guidance, notice delivery, and acceptance/rejection notification | Name, Email, Phone Number |
| Membership registration and management | Confirming membership intent and verifying identity/authentication; maintaining/managing membership status; preventing fraudulent service use; delivering various notices/communications; grievance handling | Name, Email, Password |
| Provision of logistics services | International shipping, warehouse operations, export declaration, customs clearance; responding to inquiries and requests related to systems and delivery services | Name, Email, Phone Number, Address |
| Order processing via e-commerce platforms | To fulfill orders received through external e-commerce platforms (sales channels) and comply with related shipping and legal obligations. In accordance with the principle of data minimization, only the minimum information necessary for this purpose is collected. | Personally identifiable information (PII) provided by the sales channel for order processing, such as buyer name, address, contact information, and email |
| Analysis of service usage | Responding to technical support requests from customers and providing post-use supporting records of service usage history (e.g., settlement) | IP Address, Service Usage Records |
| Management of service usage records, security, and prevention of fraudulent use | Managing service usage records, enhancing security, and preventing abnormal or unauthorized service use | IP Address, Service Usage Records, Access Logs, Cookies, Device Information |
In principle, the Company retains personal information for the minimum period necessary after the purpose of collection and use has been achieved, and then destroys it. However, where the Company determines that retention is necessary under its internal policies or applicable laws and regulations, it will retain users' personal information for the periods set out below.
| Service Category | Legal Basis for Retention | Retention Period |
|---|---|---|
| Service introduction inquiry | Consent of the data subject | 1 year after the service introduction inquiry |
| Job applications via website | Act on Fair Hiring Procedure and consent of the data subject | Until the end of the period for requesting the return of recruitment documents (up to 180 days). However, if the applicant consents to inclusion in the talent pool, 3 years from the date of application (deleted immediately upon request) |
| Membership registration and management | Consent of the data subject and applicable laws and regulations | 3 years (provided that if retention is required under applicable laws, the information will be retained for such statutory period) |
| Provision of logistics services | Value-Added Tax Act, Commercial Act, and other applicable laws and regulations | 5 years (retention of important business documents such as delivery evidence) |
| Order processing via e-commerce platforms | External sales channel policies and the Act on Consumer Protection in Electronic Commerce, etc. | Personally identifiable information (PII) will be destroyed (masked) within 30 days after delivery completion. However, transaction records such as orders and payments will be retained for 5 years in accordance with applicable laws |
| Analysis of service usage | Consent of the data subject | Deleted immediately upon termination of the contract |
| Management of service usage records, security, and prevention of fraudulent use | Protection of Communications Secrets Act | 1 year (e.g., access logs) |
In principle, the Company does not provide personal information to third parties except where the data subject has consented or where such provision is required by applicable laws and regulations. However, in order to ensure smooth service provision, personal information may be provided within the minimum necessary scope in the following cases.