Privacy Policy

iTMOULDs Privacy Policy


The websites of iTMOULDs Inc. ( including mobile web, hereinafter referred to as “Company”) complies with the personal information protection regulations of relevant laws, such as Act on Promotion of Information and Communication Network Utilization and Information Protection (hereinafter referred to as “Information and Communication Network Act”), Personal Information Protection Act, and others. We are doing our best to protect your rights by setting the Privacy Policy in accordance with the Information and Communication Network Act. This Privacy Policy applies to the Web/Mobile Web provided by Company and includes the following.  

1. Consent to personal information collection

2. Purpose of personal information collection and use

3. Personal information collection item and method

4. Retention and use period of personal information

5. Use for purposes other than personal information, and provision to third parties

6. Reading and correction of personal information

7. Withdrawal of consent to collection, use and provision of personal information

8. Personal information destruction procedure and method

9. Nonmember privacy protection

10. Children's privacy protection

11. Consignment of personal information processing

12. Notification or informing method of Privacy Policy

13. Technical/administrative measures for personal information protection

14. Link site

15. Posted contents

16. Matters concerning installation, operation and rejection of automatic personal information collecting device (cookies)

17. Rights and obligations of users

18. Gathering opinion and handling complaints

19. Personal information managers

20. Transmission of advertising information

21. Duty of notification


 1. Consent to personal information collection

Company prepares a procedure for consent to “Terms of Service” when signing up for membership. If explicit consent is indicated, it shall be regarded as the consent to personal information collection.

2. Purpose of personal information collection and use

Collection of personal information is to verify member’s identity through membership system and to confirm the willingness of service use, and Company intends to provide the best service to users. Company collects and uses personal information within a limited extent to provide e-commerce and various related services based on member's characteristics, preference and interest, and to solve problems caused by service use.

Company collects and uses the customer's personal information for following purposes.


Purpose of use

Management of membership

  • Member verification according to membership service use
  • Prevention of improper use, unauthorized use, and duplicate sign up by bad members
  • Confirmation of registration intent, restriction to sign up and sign up number of times
  • Minor verification
  • Record retention for customer consultation, receiving and handling customer complaints, and disputes conciliation
  • Delivery of notice
  • Prevention of improper ID use
  • Prevention of illegal transaction

Settlement of the amount due to contract implementation and services offering

  • Provision of transaction service between members
  • Contents offering, informing of event/giveaway winning result, and prize delivery
  • Verification and financial services regarding financial transactions
  • Billing, purchasing, paying, and collection of charges
  • Prevention of illegal transaction

Use for marketing and advertising

  • Provision of optimized service to customer
  • Development and specialization of new services (products)
  • Service offering and advertisement posting based on demographic characteristics
  • Figuring out webpage access frequency
  • Analysis on product and service usage
  • Regular newsletter dispatch, announcement of new product or service
  • Web service and event planning that meet customer interest
  • Delivery of congratulatory anniversary messages for customer
  • Delivery of advertising information such as sweepstakes and event, or operation of member participation space
  • Customer survey
  • Service and product announcement

3. Personal information collection item and method 

Company collects ID (Username), phone number, and email address at time of sign up, and may collect information about additional options depending on the choice made in order to provide various services to members. In addition, additional credit card and account number information can be requested to members and collected, in connection with various types of payments occurred by service use.

We do not collect sensitive personal information (race and ethnicity, thought and creed, places of origin and legal domicile, political inclination and criminal records, health status and sexual life, and others) that may violate basic human rights. In any case, the information provided will not be used for any purpose other than the purpose previously disclosed to users, and will not be leaked to the outside.

Member needs to enter following information for accessing membership system. Even if optional items are not chosen, there is no difference in service use. However, services provided as a maker is not available.

1) Scope of personal information collected at time of membership sign up

(1) Required item: ID (username), password, mobile phone number, email address

(2) Optional item: Presence of maker (seller)

2) Scope of personal information collected when using paid information

(1) Identity verification information including name, phone number, address, credit card information, bank account, and so on.

(2) Depending on payment method

- Bank name, account number, name of user

- Credit card type, card number, expiration date, password, and installment period

- Mobile phone number, email address

3) Company collects personal information through consultation, event or giveaways, as well as external maker’s job performance on websites. We also collect such information through the method (cookies) of information collection tool when using mobile phones and wired/wireless internet service.

4. Retention and use period of personal information

1) Company retains and uses member's personal information during notification and consent period. Collected personal information is destroyed for the prevention of further reading and use when the purpose of personal information collection and use is achieved, retention period expires, and member's consent to collection and use is withdrawn.

2) In accordance with relevant regulations such as the provisions of Commercial Law and Act on Consumer Protection in Electronic Commerce and others, Electronic Financial Transaction Act, Specialized Credit Financial Business Act, Basic Laws for National Taxes, Corporate Tax Act, Value-Added Tax Act, the personal information may be retained for a certain period of time to verify rights and obligations in transactions as follows, and reading and use of personal information retained in such case is limited to applicable reasons. The purpose of retention, period and retained personal information must be identified clearly in advance.

(1) Records regarding contract or subscription cancellation: 5 years

(2) Records regarding payment and supply of goods: 5 years

(3) Records regarding settlement of consumer complaints or disputes: 3 years

(4) However, for a member whose membership status is valid (the member who has not withdrawn) in accordance with Website Use Agreement (Terms of Service), the retention period can be extended further than the period of retention obligation. And for the record that elapsed in such period, it shall be destroyed upon the request of customer for consent withdrawal.

3) When a member requests for access to retained transaction information, Company shall take measures for the member to have such access immediately after obtaining member’s consent.

4) After membership withdrawal, Company shall retain member’s name, ID, password, email address, contact information for one month (two months for maker), and log records and IP access information for twelve months in order to block off the member, who takes financial advantage of points and event benefits offered by Company through repeated acts of joining after withdrawal of membership, and arbitrary cancellation, or who commits expediency and unlawful acts such as using the name without permission in the process. In addition, in the event of membership withdrawal, points such as filaments acquired through member activities is removed and refund is not provided. Existing filament points become invalid and cannot be restored even if the withdrawn member is registered as new member.

5) At time of membership withdrawal, posts and comments registered during service use may not be deleted from homepage DB. In order to remove posts, member should delete those posts first and then proceed with membership withdrawal.

6) If there is no record of service use for one year, member shall be notified of such status in advance and it be stored separately in accordance with Article 29 of Information and Communication Network Act. However, if retention of the records is required in accordance with the regulation of relevant laws such as above stated Section 2, it shall be kept for the period stipulated by related laws.

Dormant member conversion target 

Member with no login records for more than 1 year

Personal information destruction target 

Member with no login records for more than 2 years

Main content

  • Dormant member conversion target: Member with no login history for more than 1 year on homepage
  • ※ Once changed to dormant member, dormancy can be cancelled and login function be enabled through personal verification on website.
  • Personal information destruction target: Member with no login records for more than 2 years on homepage

※ You can login through membership registration process after destruction of personal information

  • Items to be processed: Member information (name, phone number, mobile phone number, email, address, and others)

Effective date

After Monday, March 16, 2020

Related laws

  • Article 29 of Information and Communication Network Act (Destruction of Personal Information)
  • Enforcement Ordinance Article 16 of the Information and Communication Network Act (Destruction of personal information, and others)

5. Use for purposes other than personal information, and provision to third parties 

1) Except for the information shown on internet service screen, Company shall not use member's personal information for any purpose other than the service initially intended, or provide it to a third party without member's consent. However, exceptions shall be made as follows.

(1) If special provisions are included in the laws, such as Act on Real Name Financial Transactions and Confidentiality, Act on Use and Protection of Credit Information, Telecommunications Framework Act, Telecommunication Business Act, Local Tax Act, Consumer Protection Act, Bank of Korea Act, Criminal Procedure Act, and others.

(2) If necessary for the settlement of charges by service provision

(3) If provided in the form impossible to identify specific individual when necessary for statistics preparation, study or market research, marketing use, and others and.

2) Company may provide personal information to maker, or share it with the maker in order to provide better service to members (until purpose of use is achieved). In case of providing or sharing personal information, each corresponding member shall be informed in advance about maker's name, what personal information items are provided or shared, reasons of sharing, period of provision, and how to manage protection for Company to obtain member’s consent. And it will not be provided or shared with the maker without member's consent. In addition, even if member agrees to provide personal information, such consent can be withdrawn at any time when requested by the member.

3) When transaction is completed through the service provided by Company, the information such as transactions and goods delivery between both parties shall be provided to the parties to the extent necessary.

4) The status of personal information provision may change depending on start or end of partnership, and will be posted on a list as soon as personal information is provided. When the affiliation ends, it will be removed from the list when personal information is destroyed.

Personal information Recipient

Recipient’s purpose of personal information use

Personal information items provided

Recipient’s  retention and use period of personal information

Seller (maker)

Delivery (contract), consultation and complaints handling for customized products

Name, address, contact information, personal customs clearance number (if selected), email address, and others

Up to 3 months after confirmation of purchase

○ If third-party service is required, member will be notified along with consent request when necessary.

○ You may refuse to provide your information to a third party, and such rejection does not affect membership sign up or service use.

6. Reading and correction of personal information

1) Member can read and correct their own personal information at any time. Reading or editing personal information is available directly from “Account Settings.” For additional changes, or information that is not possible to change, you can request for reading and correction functions through email.

2) If member requests for correction of errors found in personal information, Company will not use or provide such information until such correction is completed.

3) If wrong personal information has already been provided to a third party, we will notify the third party about accurate information immediately for their correction.

4) You can use email, fax, and other methods for processing the withdrawal of consent to personal information collection and use, and consent withdrawal provided to a third party. In this case, it is required to provide your ID and other information you provided at time of membership sign up to prove your identity.

7. Withdrawal of content to collection, use and provision of personal information

1) Regarding collection, use, and provision of personal information at time of membership sign up, you can withdraw your consent at any time. Consent withdrawal allows to withdraw your consent to collection, use, and provision of personal information through "Withdrawal" button on "Account Settings" of homepage. If you contact privacy officer in charge of personal information protection in written document, telephone, or email, Company will take necessary steps immediately for withdrawal. If we take actions such as consent withdrawal and destruction of personal information, we will notify you of the fact without delay.

2) Company takes necessary measures to make consent withdrawal (membership cancellation) easier than personal information collection.

3) After member’s voluntarily membership withdrawal, Company will destroy member's personal information after one month in order to block off members, who takes financial advantage of points and event benefits offered by Company through repeated acts of sing ups after member’s voluntary withdrawal, and arbitrary cancellation, or who commits expediency and unlawful acts such as using the name without permission in such process.


8. Personal information destruction procedure and method

After achieving purpose of using collected personal information, Company will destroy the information immediately according to retention and use period. The destruction procedure, method, and time are as follows.

1) Destruction procedure and timing

Once purpose of use is achieved, such as service termination, after expiration of retention period according to information protection reason based on internal policy and other relevant laws and regulations (refer to above retention and use period of personal information), the personal information provided by member for membership sign up is deleted or destroyed. In general, if no receivables-liabilities relationship exists, the personal information will be deleted immediately at time of withdrawal, which is collected during membership sign up and managed in electronic file format.

2) How to destroy

Personal information printed on paper is shredded or incinerated using a shredder, or dissolved and destroyed using chemicals. Personal information stored in a form of electronic file is removed using technical methods that are impossible to recover or reproduce records


9. Children's privacy protection

In order to protect personal information of children under 14 years old, Company only accepts only the members over 14 years of age and does not collect children's personal information. Company is not liable for any problems arising when children under 14 years of age use the service without consent of legal representative.


10. Consignment of personal information processing 

Company manages and consigns personal information processing to external companies for smooth service operation, such as basic service offering, superior service, and customer convenience.


Consignment and purpose

Retention and use period

NICE Information Service Co., Ltd.

Identification process for using service of membership system (mobile phone authentication, i_PIN authentication, universal authorization certificate and others)

No separate storage is necessary as it is the personal information already held by organizations that are identification processing agencies.

Korea Mobile Certification Inc.

Identification process for service use

Destroy immediately after achieving purpose


Account authentication at time of seller sign up

Until membership withdrawal and consignment contract expiration


Credit card payment approval and purchase operation agency

Kakao PG

Danal Co., Ltd.

Identification service


Account transfer service

By means of consignment contract and others, Company stipulates and manages observance of laws and regulations related to personal information protection, confidentiality of personal information, prohibition of personal information provision to third parties, bearing liability for accidents, and returning or destruction obligation of personal information after completion of processing and termination of consignment period.

11. Notification or informing method of Privacy Policy

1) When Company intends to obtain additional consent from member for using member's personal information or for providing such information to a third party beyond the same extent, Company informs the member of such fact separately by written document, email, telephone, and others.

2) When consigning others with collection, storage, processing, use, provision, management, and destruction of member’s personal information, Company shall obtain member’s consent by notifying the member of such fact through membership sign up screen, Terms of Service, and privacy policy on homepage.

3) When Company transfers all or part of sales business or its rights and obligations through merger, inheritance, and others, it shall notify customers individually in written form and e-mail, display clearly on first screen of homepage and notify for more than 30 days. However, if there are reasonable grounds, such as not knowing customer's contact information or the natural disaster without Company’s negligence, when notifying user with written document, email, or other means, Company shall notify more than once by daily newspaper or other means. 


12. Technical/administrative measures for personal information protection 

In order to prevent missing, theft, leak, falsification, or damage, Company takes following “technical measures” for your safety assurance when handling personal information.

1) Member's personal information is protected by password. However, the password and personal information are likely to be leaked to others through various ways, such as internet use in public places, so thorough protection for the information is more important than anything else. Member also should not disclose or provide such information to others and must manage their personal information responsibly. Company is not liable for the leakage of such password or personal information.

2) Member's personal information is basically protected by a password, and important data is protected through separate security functions by encrypting files and transmission data.

3) Company uses antivirus program in order to prevent damages by computer viruses.

4) Using cryptographic algorithm, Company adopts a security device that can safely transmit personal information on networks.

5) For the preparation of external intrusion such as hacking, we are doing our best for security management by using intrusion prevention system and vulnerability analysis system.

Company recognizes the importance of protecting member’s personal information through “Administrative Measures,” and as part of efforts, restricts the handling of personal information to a minimum, and our privacy manager is striving for the protection of personal information and regularly provides educational training to information handling personnel. In addition, for violations found through regular inspection to policy implementation and compliance of relevant employee, we correct such violations, make improvement, and take other necessary measures.

1) Takeover process of the person handling personal information is carried out thoroughly under tight security, and clear indication is provided about the responsibility concerning personal information accidents after joining and leaving the company.

2) When processing personal information of customers using computers, Company designates a person with authority for information access, and assigns ID and password to the person, and renew the password regularly.

3) Company prevents employees’ information leakage by taking their signatures on personal information protection pledges of newly hired employees, and to audit privacy policy execution and employee compliance, internal procedures have been established and continuously implemented.

4) When joining or leaving Company, employee needs to sign confidentiality agreement to ensure that the person who handled member's personal information does not damage, infringe, or leak the personal information learned while on business duty.

5) For conclusion of service contracts, or service offering, Company verifies member’s identity when collecting or providing payment information, such as member’s credit card number and bank account.

6) Company is not liable for any accidents caused by individual member's mistakes or basic Internet risks. Member should take responsibility and manage ID and password properly, to protect their own personal information.

7) Using a password easy to guess is not recommended. It is desirable to change password on regular basis.

8) While accessing and logging in Company's website from shared PCs, if you need to move to another site or terminate service use, please log out first and close the website. Otherwise, member's information can be easily leaked to others through that web browser.

9) In addition, if member's personal information is lost, leaked, altered or undermined due to internal manager's mistake or technical management accident, Company shall notify the member immediately and take appropriate measures.

13. Link Site 

Company may provide members with links to other companies' websites or materials. In this case, having no control over those external sites and data, Company is not responsible for truthfulness or usefulness of the service or data provided on corresponding websites and does not provide any guarantee. If you click on a link to go to webpage on other site, privacy policy of the site is not relevant to Company, so make sure to review the policy of newly visited site.


14. Posted contents 

Company value your posts, and do our best to prevent falsification, damage, or deletion of the posts. However, exceptions may apply in following cases.

1) Spam-like posts (e.g. ads for specific sites, ads and links to other sites, and others)

2) Articles that undermine others’ reputation by spreading false facts to slander others

3) Posts infringing others’ rights, such as disclosure of other’s personal information without consent, Company’s copyright or intellectual property right of a third party, or other posts different from topic of message board.

4) We prevent misunderstanding of the contents that can be moved to message board with different subjects by revealing moving routes in the posts.

5) In other cases, posts may be deleted after explicit or individual warning.

Basically, all rights and responsibilities associated with posts belong to individual author. In addition, as it is not easy to protect those information voluntarily disclosed through posts, such fact should be taken into consideration before revealing the information.

15 Matters concerning installation, operation and rejection of automatic personal information collecting device (cookies)

1) Company may install and operate cookies that store information about members and find them frequently in order to provide various and differentiated services to members. A cookie is a small amount of information that website server sends to web browser and stores, and then sends them back to server when the server makes additional request.

2) When a member access iTMOULDs website without additional name input for access, the member’s computer can read cookie contents stored in web browsers, find member's additional information on computer to provide service. Company can use customer information that are collected through cookies for following purposes.

(1) Provision of differentiated information based on personal interest

(2) Use for target marketing after analyzing the frequency of visits and time spent by members and non-members, and for figuring out users' taste and interest

(3) Provision of customized service for next connection by tracking traces of the contents of your interest.

(4) Announcement of use period when using paid services

(5) Use as a criterion for service reorganization by analyzing the habits of members

3) Cookies can identify member’s computer but do not personally identify the member. In addition, each member has a choice about cookies. By adjusting web browser, you can accept all cookies and receive notifications when cookies are installed, or can reject all cookies. However, if customer refuses to install cookies, there will be inconveniences in service use or difficulties to provide the service.

4) Cookies expire when you close browser, or when you log out.

※ Behavioral information collection and user guide 

Company strives to provide customized services and benefits optimized for members based on behavioral information such as records of website visits, search history, and use history. In addition to behavioral information collected by Company, affiliates (makers) may collect member’s website visit records, search history, use history, and others. The operation status is as follows.

Advertising business owner that collects and processes behavioral information


Collection items of behavioral information

  • User's website visit history
  • Your website use history
  • User’s search history
  • Advertisement identifier

How to collect behavioral information

  • Automatic collection when user visits/executes website

Purpose of collecting behavioral information

  • Provision of customized advertising based on user interests

Retention of behavioral information, use period, and post-information processing method

  • 1 year for website visit information
  • 1 year for product search information

How to exercise right to user control

1. For Web browsers

1) Internet Explorer

Tool (T) → Internet Option → Privacy → Advanced (V) → Allow / Block

2) Chrome

Settings (S) → Advanced → Privacy and Security → Content Settings → Cookies → Block third party cookies

2. For Smartphones

1) Android phone

Google Settings → Ads→ Customize Ads Unchecked

2) iPhone

Settings → Privacy → Ads → Restrict Ad Tracking

User remedy

Department in charge email: /



16. Rights and obligations of users

Please provide up-to-date and accurate personal information to prevent unexpected accidents. Members are responsible for accidents caused by entering inaccurate information, and may lose membership status when providing false information such as unauthorized use of others’ information. Members not only have rights to privacy protection, but also duties to protect themselves and not to infringe others’ information. Please take caution not to leak your personal information including your password and not to undermine others’ personal information including posts. When failing to fulfill this obligation and undermining others’ information, you are subject to punishment in accordance with the Information and Communication Network Act.


17. Gathering opinion and handling complaints

1) Company takes member’s opinion very seriously, and member always has the right for sincere answers to such questions. Administrator’s email address is posted for members to raise their opinion and complaints regarding privacy protection issues. If you send a feedback to our privacy officer, necessary actions will be taken and notification sent to you as soon as possible.

2) If you need consultation about other infringement to personal information, you may contact Personal Information Infringement Report Center at KISA (Korea Internet Security Agency) or Cyber Terrorism Response Center at National Police Agency.

(1) Personal Information Infringement Report Center:

118 (without area code) (

(2) Personal Information Dispute Mediation Committee:

1833-6972 (

(3) Cyber Crime Investigation Division at Supreme Prosecutors' Office:

(No area code required) 1301, (

(4) Cyber Security Bureau at National Police Agency:

182 (without station number) (

18. Personal information managers 

1) Company takes the protection of member’s personal information very seriously and makes every effort to prevent such information from being undermined, infringed or leaked. However, after technical supplementary measures are taken, we are not responsible for any information damages due to unexpected accidents caused by basic network risks such as hacking, or for various disputes due to visitors' posts.

2) Company’s customer center strives for providing quick and sincere response to member's inquiries of personal information protection. If you need to contact privacy protection officer of our company, please contact by email below. We will respond sincerely to your personal questions as soon as possible.

Chief Privacy Officer

Privacy Officer

Name: Han, Seung Hoon

Department: R&D

Position: Director


Name: Lee, Cheol Seung

Department: R&D

Position: Researcher


19. Transmission of advertising information

1) Company will not transmit advertising information for commercial purposes without member’s prior consent. However, advertising information may be transmitted without prior consent based on Article 50 of Information and Communication Network Act for following cases.

(1) If a person, who collected contact information directly from customer through trading relationship such as goods and other, intends to transmit for-profit advertising information about the transaction with customers after own processing, and within six months.

2) Company shall not transmit profit based commercial information if the member expresses intent of rejection or withdraws the prior consent. 


20. Duty of notification 

The current “Privacy Policy” was established on March 16, 2020. When necessary to add, delete, or modify contents according to changes made in government policy or security technology, general information will be informed through notice on homepage at least 7 days before the revision, and important content at least 30 days before the revision.

Cookies disclaimer
Our site saves small pieces of text information (cookies) on your device in order to deliver better content and for statistical purposes. You can disable the usage of cookies by changing the settings of your browser. By browsing our website without changing the browser settings you grant us permission to store that information on your device.