Service Privacy Policy (Global)
This English translation is provided for reference only and is not legally binding. Only the Korean version of this Policy is legally binding.
Dealicious Inc. (referred to as “Company” or “Dealicious”) complies with Privacy Regulations under relevant statutes, such as the Communications Secret Protection Act, the Telecommunications Business Act, the Personal Information Protection Act, and the law regarding the promotion of information and communication network use and protection of information. Additionally, we are committed to protecting users' rights and interests by establishing policies for handling personal information in accordance with the relevant statutes.
This Privacy Policy applies to members who use the Sinsang Market services provided by the Company.
1. Collection of Personal Information: Purpose, Retention Period, and Items
① The Company classifies the minimum personal information required for membership registration and providing services as ‘Required items’ and other personal information as ‘Optional items.’ The Company does not refuse to provide services for the absence of optional personal information beyond the minimum required personal information.
② The Company processes and retains personal information within the purposes and periods consented to when collecting personal information from the information subject.
Case | Type of Personal Information | Purpose | Retention Period |
Required item When you register for Sinsang Market
| [Required] Country, Sinsang Market ID, Password, Subscriber Name, Subscriber Mobile Information (Country of Use, Mobile Phone Number), Email Address, Representative Name (English) | Confirmation of intent to join membership Identity verification and authentication Maintenance and management of membership status Prevention of unauthorized or fraudulent use of services Delivery of various notices, notifications, and handling of grievances Provision of customized services in accordance with the Terms of Use | Until withdrawal from membership |
| When you agree using personal information for marketing purposes | [Optional] Service Usage History, Payment records, Mobile phone number, E-mail, User identification information(Name, Sinsang Market ID), Cookies | Provide opportunities to participate in marketing and provide customized services | Until withdrawal from membership |
| When you contact customer service | [Required] Identity Verification Information (Country, Subscriber Name, Subscriber Mobile Phone Number, Sinsang Market ID), Email Address | User identification, customer service, and consultation, Handling of customer complaints and dispute resolution | 3 years from the receipt of inquiry (then destroyed) |
| Upon registration of shipping address | [Common Required] Country, Recipient Name (English), Recipient Contact Information, Shipping Address, City [Required for certain countries] Recipient Name (Local Language), Postal Code, Email Address | Product shipping service | Until withdrawal from membership or deletion of shipping information |
| Upon payment for products | [Common for payment] Email address, Contact information, Access IP, Purchased product information [For credit card payments] Card information (Card number, Expiration date, CVC/4DBC, Cardholder’s First/Last Name) [For UnionPay payments] Card number [After payment completion] Information on payment success/failure, Payment receipt URL * Payment information is not stored in the Sinsang Market system | Product payment | Until completion of product delivery |
| Upon application for defective products | [Required] Sinsang Market ID, Email address entered at the time of registration, Name and Email address on Google account | Application and processing of defective products | Information for the preservation of transaction records is stored for 5 years and then deleted |
| When you get refund in cash | [Required] Bank account information for refund (Bank name, Account number, Account holder), Address, Remittance country | Withdrawal Sinsang Cash | Information for the preservation of transaction records is stored for 5 years and then deleted |
| Information collected automatically when you use the service | [Required] Device information(OS, Device model, Screen size, Device ID), IP address, Cookies, Service usage record(Log data, IP, Bad usage record), ADID or IDFA [Required for App use] List of apps installed on the device, Android ID, Mobile phone number, (If the app is in use) Clipboard data, App installation and first launch information, App version, Language and Country, AppsFlyer ID, (When entering the app via search) Search terms | Identification user, Providing service usage statistics and customized service, Preventing fraud and unauthorized use | Until withdrawal from membership |
| Upon applying for partnership on the MoodSeoul website | [Required] Email address, Company name, Country [Optional] Business messenger ID | Business partnership application, Marketing and promotion, Sending of advertising messages | Until withdrawal of consent |
③ Notwithstanding Article 1, personal information may be retained and used until the end of the relevant investigation in case of an ongoing investigation, or until the settlement of any bond and debt relationships that remain due to the use of the service. Additionally, in the following cases, personal information may be retained and used for the period prescribed by law.
A. ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.
a. Records of payment and supply of goods, etc.: 5 years
b. Records of contract or withdrawal of subscription: 5 years
c. Records on the handling of consumer complaints or disputes : 3 years
d. Records on display and advertisement: 6 months
B. ELECTRONIC FINANCIAL TRANSACTIONS ACT
a. Records on electronic financial transactions: 5 years
C. Protection of Communications Secrets Act
a. System Visit record: 3 months
D. VALUE-ADDED TAX ACT, FRAMEWORK ACT ON NATIONAL TAXES
a. Tax base and tax amount report data of value-added tax: 5 years
④ Company collects personal information in the following ways and request for consent from user if company collect the personal information.
A. In the process of membership registration and service use, the user agrees to the collection of personal information and enters it themselves.
B. The process of consulting the customer center through apps, web pages, documents, phone calls, etc
C. On/offline events and the process of participating in the event
D. Collecting generated information through a log analysis program and information gathered through cookies.
⑤ The company does not process personal information of children under 14 years of age.
2. Sharing Personal Information with Third Parties
① In principle, the company does not provide members' personal information to third parties without the consent of the members. However, exceptions are made when government offices request the provision in accordance with the procedures and methods prescribed by law.
② The detailed personal information that the company provides to third parties is as follows.
Recipient | Method of Provision | Items Provided | Purpose of Provision | Retention and Use Period of the Recipient | Country of the Recipient |
Product Seller | Displayed through the Sinsang Market platform upon transaction | [Orderer Information] Global member's store contact information | Confirmation of order details, product sales, and verification of store transaction history | 1 year | Republic of Korea |
③ When an order or payment has been made, personal information must be provided to a third party in order for delivery and consultation to proceed smoothly. Members may withdraw their consent regarding the provision of personal information to a third party; however, in this case, the use of the service may be restricted.
A. If you want to restrict the provision of personal information to third parties, please refer to “Article 5. Matters regarding the rights, obligations, and exercise methods of information subjects and legal representatives.”
④ If there is a request from an investigative agency for investigation or investigative purposes, the information may be passed on to a third party in accordance with the procedures and methods prescribed by law.
3. Entrustment of Personal Information Processing (Consignment and Overseas Transfer of Personal Information)
① The Company entrusts the processing of personal information as follows to ensure the seamless provision of services. When entering into an entrustment agreement, the Company stipulates all necessary matters and takes required measures in accordance with relevant laws and regulations to ensure that the entrusted personal information is managed securely. Furthermore, the Company provides only the minimum amount of information necessary for the sub-processor to perform the entrusted tasks.
[Overseas Transfer of Personal Information (List of All Sub-processors for Global Services)]
Sub-processor | Contact Information | Purpose of Transfer | Data Items Provided | Country | Retention and Use Period |
International SMS dispatch | Mobile phone number | USA | 120 days after dispatch | ||
400-089-2617 / [email protected] | International SMS dispatch | Mobile phone number | China | Upon completion of authentication | |
+82-2-3496-7777 | Global shipping | Shipping information | Overseas | Until delivery is complete or statutory retention period | |
Logistics in Japan | Shipping & recipient information for Japan | South Korea | Until service contract termination or statutory period | ||
ETOMAS | Customer Support | Japanese logistics system operation | Shipping & recipient information for Japan | South Korea | Until service contract termination or statutory period |
https://www.eximbay.com/privacy.do | Payment processing | Payment information | USA, South Korea, etc. | Until service contract termination or statutory period | |
Payment processing | Payment information | South Korea | Until service contract termination or statutory period | ||
Cash refund processing of Sinsang Cash | Refund information | South Korea | Until service contract termination or statutory period | ||
Contact via Privacy Policy | Data storage & Cloud infrastructure management | Service operation data | USA, South Korea | Until service contract termination or statutory period | |
CRM system operation | Customer consultation data | South Korea | Until service contract termination or statutory period | ||
Marketing attribution, analytics, and personalization | App install/launch info, device info (OS, model), IP, ADID/IDFA, search terms, store ID | Israel, USA | 2 years | ||
Wix.com Ltd. | Global promotion page system (Web builder) | Email, Company name, Country, Messenger ID | Israel, USA | Up to 7 days after service termination | |
(650) 253-0000 | Customer support / Data storage / Survey storage | Consultation, Member & Survey participant ID | USA | 3 years (Member info: 14 days after application) | |
Customer Support | Customer center operation | Consultation data | Japan | 3 years | |
Customer Support | Consultation channel operation | Consultation data | China | Until service contract termination or statutory period | |
Email dispatch | Email delivery information | South Korea | 1 year after contract termination or statutory period | ||
Email dispatch | Email delivery information | India | Until service contract termination or statutory period |
※ Method of Transfer: The above information is provided to the sub-processor via encrypted network transmission at the time of service use.
※ If preservation is necessary pursuant to the provisions of relevant laws and regulations, it will be used and stored for the relevant period.
※ The contents of international entrustment are based on Korea.
② In accordance with Article 26 of the「Personal Information Protection Act」, the company stipulates in documents such as the prohibition of processing personal information, technical and administrative protection measures, re-entrustment restrictions, management and supervision of entrustment company, compensation, and etc. In addition, the company supervises whether the entrustment company handles personal information safely.
③ If there are details regarding the entrusted work or changes in the entrusted company, the company will disclose this through the personal information processing policy without delay.
④ In cases where membership registration, ordering, or payment occurs, the entrustment of personal data processing is essential to ensure smooth member information management, shipping, and consultation. Members have the right to refuse or withdraw their consent to the entrustment of personal data processing; however, in such cases, access to or use of the services may be restricted. ⓐ If you wish to restrict the entrustment of personal data processing, please refer to "5. Rights and Obligations of Data Subjects and Legal Representatives and How to Exercise Them."
4. Methods and Procedures to Destroy Personal Information
① When personal information becomes unnecessary, such as upon the expiration of the personal information retention period or the achievement of the purpose of collecting and using personal information, the company must destroy it without delay.
② If personal information must be preserved in accordance with other laws and regulations despite the expiration of the personal information retention period agreed upon by the data subject or the achievement of the purpose of processing, the personal information will be transferred to a separate database and stored safely for a certain period before being destroyed without delay.
③ Personal information transferred to the database pursuant to Paragraph 2 shall not be used for any purpose other than as required by law.
④ The methods and procedures for destroying personal information are outlined below.
A. Destruction Procedure
a. Personal information designated for destruction will be destroyed after being stored for a certain period in accordance with internal policies and related laws.
B. Destruction Method
a. Personal information recorded and stored in the form of an electronic file will be destroyed so that the record cannot be reproduced, and personal information recorded and stored in paper documents will be destroyed by incineration or grinding with a grinder.
5. The Rights of Users and How to Exercise Their Rights
① Users can exercise their personal information protection rights (inquiry, modification, suspension of processing, or deletion of their personal information) at any time. However, the withdrawal or deletion of consent may restrict the use of some or all of the services.
A. Users can add, inquire, and modify personal information by themselves.
a. Sinsang Market : My Page > Settings > My Information > Check and Modify
B. Users can request the suspension and deletion of personal information and the withdrawal of consent through the following channels:
a. Sinsang Market Customer Center([email protected]), Sinsang Market Global Customer Center([email protected]), Inquiry Privacy Center ([email protected]), as detailed in Article 8 regarding the privacy manager and the method of remedy in case of infringement of the rights and interests of the data subject.
② The exercise of rights may be requested in accordance with Paragraph 1 of Article 41 of the Personal Information Protection Act. At this time, you can fill out an application form for reading personal information, etc., and submit it by mail, email, or other equivalent methods, and the company will take action without delay. For requesting the application form for reading personal information and inquiries about procedures, please contact the department specified in Subparagraph 2 of the previous paragraph.
A. Items and contents of personal information
B. Purpose of collecting and using personal information
C. Period of retention and use of personal information
D. Provision of personal information to third parties
F. Facts and contents of consent to the processing of personal information
③ The rights pursuant to Paragraph 1 may be exercised through a legal representative or an authorized agent, such as a person who has been delegated the authority.
④ Requests for suspension of reading and processing personal information may be restricted under Paragraph 4 of Article 35 and Paragraph 2 of Article 37 of the Personal Information Protection Act.
⑤ Requests for correction and deletion of personal information cannot be requested if the personal information is specified as a collection target in other laws.
⑥ The company verifies that the person who made the request according to the user's rights, such as the request for access, correction or deletion, and the request for suspension of processing, is the legitimate user or their authorized agent
⑦ To submit a request as described in Paragraph 2, please complete the following items and submit them to [email protected]. If you are unable to download the forms, please request them via [email protected]. ([Link to Download Forms])
A. [Required] One copy of the Personal Information Inquiry Request Form
B. [Required] One copy of the Consent to Collection and Use of Personal Information
C. Supporting Documents
a. [Required] A copy of the member's passport (Only photo, name, and date of birth should be visible)
b. [Required for legal representative requests] A copy of the legal representative's passport (Only photo, name, and date of birth should be visible)
c. [Required for legal representative requests] Documents proving the relationship with the legal representative
6. Concerning Measures to Ensure the Safety of Personal Information
The company is implementing the following technical and administrative measures to ensure safety in handling users' personal information, so that personal information is not lost, stolen, leaked, tampered with, or damaged.
① The company establishes and operates countermeasures against hacking.
A. The company does its best to provide safe services by controlling unauthorized access from the outside using an intrusion prevention system and applying technical security measures to prevent leakage or damage of members' personal information by hacking or computer viruses.
B. The company backs up data regularly in preparation for potential leakage and damage of personal information and uses the latest antivirus programs to block the inflow of malicious software.
C. Personal information is safely transmitted and stored through encrypted communication and storage.
D. The company grants limited access to personal information and blocks unauthorized access by applying technical security measures.
E. Records of access to personal information are maintained and managed, and measures are taken to prevent forgery, alteration, and loss of these access records.
② The company is training employees who handle personal information to minimize risks and ensure safe handling.
A. Only designated staff members are authorized to handle related personal information.
B. All employees are required to update their passwords regularly.
C. Through training on personal information protection for those in charge, the company consistently emphasizes compliance with the personal information processing policy.
③ For equipment that can access the personal information processing system, the physical storage area is designated as a controlled area, and access control procedures are established and enforced.
7. Installation and Management of a Device That Allows Automatic Collection of Personal Information
① The company uses ‘cookies’ to collect information and store user online preferences frequently to provide customized services. Cookies are small text files sent from a web server to a web browser and are often saved on the hard drives of users' computers. The company uses cookies for the following reasons.
A. Target marketing and personalized services are provided by analyzing the frequency of access and visit times of both members and non-members, identifying users' preferences and areas of interest, tracking their behavior, and assessing participation in various events and the number of visits.
② Users have the option to manage cookies. They can allow all cookies by adjusting settings in their web browser, check each time a cookie is saved, or refuse to save all cookies. However, if cookies are refused, users may experience difficulties in using customized services, such as those requiring login.
③ Users can accept all cookies in the following ways, go through a check each time they save them, or refuse to save all cookies.
A. Internet Explorer: Toolbar > Internet Options > Privacy > Adjust the privacy level as needed
B. Chrome: Setting > Advanced > Privacy and Security > Content Settings > Adjust the Cookies settings
C. firefox: Options > Privacy & Security > History - Custom Settings > Cookies Settings
D. safari: Settings > Advanced > Adjust the settings for Cookies and Website Data
7-1. Matters Concerning the Processing of Behavioral Information and the Right to Refuse
① The Company processes behavioral information by identifying personal devices to provide users with optimized, customized services, benefits, and online personalized advertisements during the course of service use.
② The Company collects behavioral information from its websites and mobile apps as follows.
Items Collected | Method of Collection | Purpose of Collection | Retention and Use Period |
Usage information of Sinsang Market global retail member web/app, advertising identifiers | Automatically collected through Appsflyer's analysis tools upon web/app access and use | Visitor statistics, analysis for service improvement, and personalized advertising | 2 years from the date of collection |
③ The Company does not collect sensitive behavioral information that may infringe upon an individual's rights, interests, or privacy, such as ideology, beliefs, or medical history.
④ Data subjects may contact the office listed below for inquiries regarding behavioral information, the exercise of the right to refuse, and reports of any privacy violations or damages.
A. Personal Information Protection Department a. Department: Information Security Team
B. Contact: [email protected]
⑤ Data subjects may opt out of behavioral information analysis or personalized advertising display through the following methods. Please note that device setting instructions may vary depending on the device model and OS version.
A. How to Reset/Delete Advertising Identifiers on iPhone (iOS)
a. Settings → Privacy & Security → Tracking → Toggle "Allow Apps to Request to Track" to On or Off
B. How to Reset/Delete Advertising Identifiers on Android Devices
a. Settings → Security & Privacy → Privacy → Other Privacy Settings → Ads → Advertising ID → Reset or Delete Advertising ID
C. How to Opt-out of Behavioral Information Transfer to AppsFlyer
a. Access https://www.appsflyer.com/legal/opt-out/ → Select Device Type and enter your Advertising ID
8. The Privacy Manager and Methods of Remedy in Case of Infringement of Rights and Interests of the Data Subject
① For all complaints regarding personal information protection during the use of our services, users can report to the personal information manager or the department in charge. The company will promptly provide adequate responses to users' reports.
A. Chief Privacy Officer
a. Name : Hyeon-dong Jo
B. Privacy Center
a. Department : Information Security Team
b. Email : [email protected]
C. Customer Center
a. Internal : [email protected]
b. Global : [email protected]
9. Duty of Notice
If there are any additions, deletions, or modifications to the privacy policy, the company will inform users through a notice on the web
Notification date : 28th of April, 2026
Effective date : 28th of April, 2026
