Privacy Policy

CROSS ENF INC. (‘www.crossenf.com’, “CROSS ENF INC.”) will protect the personal information, rights and interests of the users and in order to facilitate the problems the users might encounter with the privacy policy, the following policies has been set in place.

In case of amendment in the privacy policy, CROSS ENF INC. will announce it through the website (or individual announcements).

1. The purpose of privacy management

CROSS ENF INC. will handle the personal information for the following purposes. The handled personal information will not be used for any other uses and in case the usage purpose changes, a consent will be asked prior to its application.

  1. User subscription to homepage and management

    The personal information will be processed for the purpose of confirming subscription as a user, personal identification and certification for user’s service provision, self-identification for the restrictive identification system, prevention of misuse of the service, various notifications and announcements, difficulties treatment and the preservation of the records for dispute conciliation.

  2. Provision of goods and services

    The personal information will be processed for the purpose of service provision, billing, contents provision, suited service provision, self-identification, age certification, and payments.

  3. Usage in marketing as well as advertisements

    The personal information will be processed for the purpose of developing new service (product) and providing service, notification of events and provision of promotional information and participation opportunity, provision of service suited for the demographics and publication of advertisements, confirmation of the validity of the service, identification of connection frequencies or statistics of the usage of the service.

2. Processing and retention period of personal information

CROSS ENF INC. handles the following personal information items.

  1. Personal information items

    (Required for using Cross Remittance Service) Mobile phone number, log-in password, gender, date of birth, name, bank account information, unique identification number including CI(Connected Information), address, nationality, occupation

    (Required for using Cross Shop Service) Mobile phone number, log-in password, gender, date of birth, name, address, nationality

    (Information that is automatically generated during service use process or business process) Service use record, access log, cookie, access IP information, payment record

    (Identity Check) Copy of ID, bankbook, proof of remittance, PIN

    (For ID verification) Copy of ID, name, citizen registration number, issuance date, driver’s license number and its serial number, passport number

    (Information that is collected during service use process or business process) Employer information, annual income, shipping information

  2. Method of collection : Personal information is collected when users register on the website / check their identity
  3. Basis of retention : Consent of user (Children under 17 years old cannot be registered)
  4. Retention period : Personal information shall be retained and used for ‘the purpose of privacy management’ as delineated above starting from the date on which the user consents to the Privacy Policy, and then retained and used for 5 years after the termination of transaction(due to withdrawal of service membership, withdrawal of consent to the Privacy Policy, etc.) only for the purpose of financial accident investigation, dispute resolution, civil affairs, regulatory obligations, or the Company’s risk management.
  5. Notwithstanding CROSS ENF INC.’s policy on personal information processing, the information required to be retained pursuant to the relevant laws and regulations will be retained for the period set by the law.
    • ①  Record of display / advertisement

      Basis of retention : Act on consumer protection in e-commerce
      Retention period : 6 months

    • ②  Record of agreement or withdrawal

      Basis of retention : Act on consumer protection in e-commerce
      Retention period : 5 years

    • ③  Record of complaints or disputes

      Basis of retention : Act on consumer protection in e-commerce
      Retention period : 3 years

    • ④  Record of financial transaction (sender/recipient information, transaction data)

      Basis of retention : Specific Financial Transaction Information Act
      Retention period : 5 years

3.Consignment of personal information processing

  1. CROSS ENF INC. consigns the following personal information processing work for a better processing of personal information. Users have the right to refuse consent to personal information consignment(Provision). However, if a user refuse to consent, he or she may be restricted from using the service.
    1 Supplied to Korea Mobile Certification Inc.
    Purpose of sevice SMS authentication for confirming ownership of mobile phone
    Period of retention Do not store separately
    2 Supplied to Welcome Savings Bank
    Purpose of sevice Deposit (virtual account), payment
    Period of retention Until a user unsubscribes or ends a consignment contract, or as required by relevant laws
    3 Supplied to Kakao Corp.
    Purpose of sevice KakaoTalk, PlusFriends message sending service
    Period of retention Until a user unsubscribes or ends a consignment contract, or as required by relevant laws
    4 Supplied to Overseas financial institutions
    Purpose of sevice Cross-border remittance
    Period of retention Until a user unsubscribes or ends a consignment contract, or as required by relevant laws
    5 Supplied to Korea Financial Telecommunications & Clearing Institute
    Purpose of sevice Withdrawal of funds from bank accounts per payment instructions generated via Open Banking API
    Period of retention Until a user unsubscribes or ends a consignment contract, or as required by relevant laws
    6 Supplied to Channel Corp.
    Purpose of sevice Operating customer service and marketing
    Period of retention 2 years
    7 Supplied to Infobip
    Purpose of sevice SMS sending service
    Period of retention Until a user unsubscribes or ends a consignment contract, or as required by relevant laws
    8 Supplied to NAVER Cloud Corp.
    Purpose of sevice Improvement of ID verification processing
    Period of retention Delete immediately after processing
    9 Supplied to Fridays Lab
    Purpose of sevice Analyzing customer data
    Period of retention Until ends a consignment contract
    10 Supplied to Coocon
    Purpose of sevice Verify ID authenticity, investigate residency status
    Period of retention Delete immediately after processing
  2. CROSS ENF INC. is ensuring that the consignee processes the personal information safely and is clarifying the details related to responsibility such as the respect of the given purpose of consignment work, the technical and administrative protective action, limitation of re-consignment, and the management and supervision of the consignee in the contract in case of consignment agreement according to the article 25 of the Privacy Protection Act.
  3. If the contents of the consignment works or the consignee changes, it will be revealed through the privacy management policy without any hesitation.

4. According to the rights and duties of the subject of the information, the subject may manifest its rights as mentioned below

  1. The subject can exert the rights of privacy protection mentioned below to CROSS ENF INC. anytime
    • ①  Request to view the personal information
    • ②  Request to correct if there are errors
    • ③  Request to delete
    • ④  Request to cease the treatment
  2. The exertion of rights mentioned in clause 1 may be processed through written and electronic post, or FAX (site name under the ‘site URL’) according to the privacy protection enforcement regulation form No.8, and it will be taken into account without hesitation.
  3. Upon the request (site name under 'site URL') of correction or deletion of personal information by the subject, the personal information will not be used or provided until the correction or the deletion is completed.
  4. The exertion of the rights mentioned in clause 1 may be processed through a legal representative, a delegate, or a proxy of the subject. In this case, the proxy statement respecting the privacy protection enforcement regulation form No.11 must be handed in.

5. Destruction of personal information

By the principle, CROSS ENF INC. will destroy the corresponding personal information without delay once it has reached its purpose. The procedure and the deadline of the destruction are as follows.

  1. Destruction procedure:

    When the information inserted by the user has reached its purpose, it will be moved to a separate DB ( a separate document if it’s paper), and according to the inside policy as well as other related laws, it will be destroyed immediately or after being saved for a set period of time. In this case, the personal information moved to DB will not be used for other purpose unless it is required by law.

  2. Deadline of destruction:

    The personal information of the user will be destroyed within 5 days when the personal information has reached its purpose, the corresponding service has shut down, the business shut down, the personal information is no longer necessary or when the possession period of personal information has passed.

  3. Destruction method :

    Information in electronic files will be destroyed by technology method which does not allow the recovery of records. Personal information on papers will be destroyed by paper shredders or by incineration.

6. Safety of personal information securement measure

CROSS ENF INC. is taking technical/administrative as well as physical measure necessary mentioned below for the securement of safety in compliance to the article 29 of Privacy Protection Act.

  1. Technical measure against hacking

    CROSS ENF INC. will install and regularly renew/inspect a security software to prevent the hackers or the virus to leak or damage the personal information. CROSS ENF INC. will also install a system in an area restricted from outside approach and is inspecting and blocking technically/physically.

  2. Encryption of personal information

    The personal information and the password of the user is encrypted, saved and managed, and only the user can know it. Several safety functions such as encryption of files and transmission data of an important data, or the lock function of a file are being used.

  3. Restriction to personal information access

    By giving, altering, canceling the access rights to the database systems that manages the personal information, the necessary control of access to personal information is being processed and by using a trespass block system, the unauthorized access from outside is being controlled.

  4. Locking device for the security of documents

    Documents with personal information and additional storage mediums are well preserved in a secured place with a locking device.

  5. Access control to unauthorized personnel

    CROSS ENF INC. have set up a separate physical storage area for personal information and set up access control procedures.

7. Personal information security officer

  1. CROSS ENF INC. is responsible for the handling of personal information, and has designated the person responsible for the protection of personal information as follows to process complaints and personal information processing.
    Personal information security officer
    Name Kim, Taegyu
    Position CTO
    Number 1670-2624
    Email support@crossenf.com
  2. The information subject may inquire about personal information protection related to complaints, and damages relief as for the use of CROSS ENF INC.’s service (or business). Cross ENF will answer and handle inquiries of the information subjects without delay.
  3. Users have responsibilities to maintain the security of the user’s ID and password. CROSS ENF INC. does not ask the user directly about the password. Therefore, please be careful not to let the password leak to other person. Especially if you are online in a public place.
  4. Although CROSS ENF INC. has made technological improvements, it is not liable for damages to information due to unforeseen accidents caused by hacking.
  5. Users may inquire about personal information protection related complaints, damages remedies, etc. while using the service. CROSS ENF INC. will answer and handle inquiries of the information subject without delay.
  6. Notwithstanding the policy of this Privacy Policy, CROSS ENF INC. is obliged to provide personal information in accordance with the laws and regulations of the Republic of Korea.

8. Request for personal information

Please contact us if you are not satisfied with our personal information complaints, the relief of damages, or need further assistance.

  • Personal Information Infringement Notification Center (Operated by Korea Internet & Security Agency)
    •   •    Responsibilities: Reporting personal information infringement facts, requesting consultation
    •   •    Website: privacy.kisa.or.kr
    •   •    Telephone: (without Area code) 118
    •   •    Address: (58324) 9, Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea, Korea Internet & Security Agency Personal Information Infringement Notification Center
  • Personal Information Dispute Arbitration Committee (Operated by Korea Internet & Security Agency)
    •   •    Responsibilities: Personal information dispute settlement application, collective dispute settlement
    •   •    Website: www.kopico.go.kr
    •   •    Telephone: (without Area code) 1833-6972
    •   •    Address: (03171) 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea, Personal Information Dispute Arbitration Committee

9. Personal information process policy changes

This policy will be enforced on the start date. Notices of changes such as new policies or removal of old ones will be posted 7 days before the date of enforcement.

10. CROSS ENF INC. may install cookies and users may deny this.

Cookies are used to help users use the website faster and more conveniently and to provide customized services. However, users have right to install cookies. As a result, users can allow all cookies by setting options in their web browser, check each time a cookie is saved, or refuse to save all cookies. Moreover, refusing to install cookies may make the web browsing experience uncomfortable and difficult to access some services required users to sign in.

Addendum

(Effective Date) This Privacy Policy will be effective from 6 July 2023.

Top