acrossB, Inc. (hereinafter referred to as the "Company") establishes and discloses the following Personal Information Processing Policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information and rights of data subjects and to promptly and smoothly handle any grievances related to personal information.
The Company's Personal Information Processing Policy includes the following contents.
Effective Date of the Personal Information Processing Policy: January 21, 2026
The Company collects and uses personal information within the minimum necessary scope for providing services such as its website and delivery system. Personal information will not be used for any purpose other than the specified purpose. Should the purpose change, the Company will take necessary measures, such as obtaining prior consent.
| Category | Purpose of Collection and Use | Items Collected |
|---|---|---|
| Service Implementation Inquiry | Verification of the person making the inquiry | |
| Response regarding the inquiry result | Name, Email, Phone Number | |
| Job Applications via Website | ||
| Recruitment-Related Notifications, Announcements, and Acceptance/Rejection Notifications | Recruitment-related guidance, notice delivery, and acceptance/rejection notification | Name, Email, Phone Number |
| Membership registration and management | Confirming membership intent and verifying identity, | |
| maintaining/managing membership status, preventing fraudulent service use | ||
| Various notices/communications, grievance handling | Name, Email, Password | |
| Provision of logistics services | International shipping, warehouse operations, export declaration, customs clearance | |
| Responding to inquiries and requests related to systems and delivery services | Name, Email, Phone Number, Address | |
| Order processing via e-commerce platforms | To fulfill orders received through external e-commerce platforms (sales channels) and comply with related shipping and legal obligations. Only the minimum information necessary for this purpose is collected in accordance with the principle of data minimization. | Personal Identifiable Information (PII) such as buyer name, address, contact information, and email provided by the sales channel for order processing |
| Service usage analysis | Information collected to analyze the utility and usability of the company's services | IP address, service usage history |
| Service usage history management, security, and prevention of fraudulent use | Service usage history management, security enhancement, and prevention of abnormal service usage (fraudulent use) | IP address, service usage records, access logs, cookies, device information |
The Company generally retains personal information for the minimum period necessary after the purpose of collection and use has been achieved, then destroys it. However, if the Company determines that retention is necessary based on internal policies or relevant laws and regulations, it will retain the user's personal information for the periods specified below.
| Service Category | Retention Basis | Retention Period |
|---|---|---|
| Service Introduction Inquiry | Consent of the data subject | 1 year after service inquiry |
| Job Application via Website | Data Subject's Consent | 3 years after application submission, but deleted immediately upon request |
| Membership registration and management | Consent of the data subject | Deleted immediately upon contract termination |
| Provision of Logistics Services | Consent of the data subject | 1 year after contract termination (CS processing) |
| Order processing via e-commerce platforms | Data protection policies of external sales channels, data subject's consent | Destroyed within 30 days after order delivery completion in principle. If there is a retention obligation under relevant laws and regulations, it is stored for the corresponding period and then destroyed. |
| Service usage analysis | Data subject's consent | Deletion upon contract termination |
| Service usage record management, security, and prevention of fraudulent use | Data subject's consent | Deletion upon contract termination |
The company does not provide personal information to third parties except where the data subject has consented or where required by relevant laws and regulations. However, to ensure smooth service provision, personal information is provided within the minimum necessary scope in the following cases.