Consent to Collection and Use of Personal (Credit) Information
Toss Payments (hereinafter referred to as the "Company") is making its best efforts to protect the rights and interests of users by complying with the relevant laws such as the Act on the Use and Protection of Credit Information, the Electronic Financial Transactions Act, the Act on Consumer Protection in Electronic Commerce, etc., the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., and the Personal (Credit) Information Protection Act.
1. Purposes of collecting and using personal (credit) information
Providing Electronic Financial Transaction Services
- Electronic payment processing (transaction approval, cancellation, refund, etc.) and notification of results
- User authentication and identification during the payment process
- Send Payment Notification Mail/Text
- Issuance of cash receipts and tax invoices
- Providing e-commerce services such as product delivery
Service User Management and Complaint Response
- Handling customer complaints and requests
- Investigation of financial accidents, resolving disputes, performing legal obligations
- Delivering new information and public notices
Use of Statistics based on Demographic Characteristics
- Identify frequency of use, analyze statistical characteristics, and develop new services
- Validation of services, identification of access frequency, and utilization of statistical data on members' use of services
※ The Company shall process personal (credit) information for the above purposes and shall not process it for purposes other than those agreed upon.
2. Items of personal (credit) information collected and used
Electronic payment service users and purchase information
- Order id, name, buyer id, phone number, e-mail, purchased items, payment amounts
Electronic payment service users and purchase information
- Credit card: card number, expiration date, date of birth(or business registration number), first 2 digits of password
- Mobile phone: Cell phone number, date of birth, mobile carrier
- Virtual account: bank name, depositor name, date of birth(or business registration number)
- Gift certificate: Gift certificate number, gift certificate issuer ID, password
- Cash receipt issuance information: resident registration number, phone number, cash receipt card, other card, business registration number (select one)
- Payment information reception and payment deposit service: (optional) e-mail, phone number
※ Only items corresponding to the payment method selected by the user are processed.
3. Periods of retaining and use personal (credit) information
In principle, personal (Credit) information is destroyed immediately once the purpose of collecting and using personal (credit) information has been achieved, but it is retained for the period prescribed below if it needs to be retained under the relevant law, or the internal policy of the Company.
Records of payment use to prevent fraudulent use
- Basis: Fraud Prevention and Detection
- Period: five years
Records of use of mobile phone identity verification service
- Basis: ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION
- Period: six months
Records of contracts or subscription withdrawals, etc.
- Basis: ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE
- Period: five years
Records on payment of 10,000 won or more and supply of goods, etc.
- Basis: Act on Consumer Protection on Electronic Commercial Transactions etc.
- Period: Five years
Records on payment of less than 10,000 won and supply of goods, etc.
- Basis: Act on Consumer Protection on Electronic Commercial Transactions etc.
- Period: One year
Records on handling of customer complaints or disputes
- Basis: Act on Consumer Protection on Electronic Commercial Transactions, etc.
- Period: Three years
communication confirmation data: a record of a visit to a website
- Basis: Protection of Communications Secrets ACT
- Period: Three year