Privacy Policy

Novavect Co., Ltd. (hereinafter referred to as the “Company”) complies with applicable personal data protection laws and regulations and establishes and discloses this Privacy Policy in order to protect users’ personal information.

Article 1 (Items of Personal Information Collected and Collection Methods)

  1. Items of Personal Information Collected

    The Company may collect the following personal information:

    1. When registering as a member or using services
      • Required: Name, Username, Password, Email Address, Mobile Phone Number
      • Optional: Address
    2. When purchasing and paying for products
      • Name, Shipping Address, Contact Information
      • Payment Information (payment details are processed by the payment gateway service)
    3. When submitting inquiries
      • Name, Company Name, Contact Information, Email Address, Inquiry Details
    4. Automatically collected during service use
      • IP Address, Cookies, Access Logs, Usage Records, Device Information
  2. Methods of Collection
    • User registration and order forms on the website
    • Inquiry and consultation request forms
    • Automated collection tools such as cookies

Article 2 (Purpose of Collecting and Using Personal Information)

The Company uses collected personal information for the following purposes:

  1. Member management and identity verification
  2. Product orders, payments, shipping, returns, and refunds
  3. Customer support and complaint handling
  4. Service improvement and statistical analysis
  5. Compliance with legal obligations and dispute resolution

Article 3 (Retention and Use Period of Personal Information)

After achieving the purpose of collection and use, the Company will destroy personal information without delay.
However, personal information may be retained as required by relevant laws for the following periods:

Retained InformationRetention PeriodLegal Basis
Records of contracts or withdrawal of contracts5 yearsE-Commerce Act
Records of payment and supply of goods5 yearsE-Commerce Act
Records of consumer complaints and dispute resolution3 yearsE-Commerce Act
Access logs (IP, etc.)3 monthsCommunications Privacy Protection Act

Article 4 (Provision of Personal Information to Third Parties)

The Company does not provide personal information to third parties without user consent,
except in the following cases:

  1. When prior consent has been obtained from the user
  2. When provision is required by law or regulations

Article 5 (Outsourcing of Personal Information Processing)

The Company may outsource personal information processing to third parties for smooth service operation.

Service ProviderOutsourced Service
[Courier Service TBD]Product Shipping
[Payment Gateway TBD]Payment Processing
Cafe24Server Operation and Management

The Company supervises outsourced service providers to ensure compliance with personal information protection laws.

Article 6 (Rights of Users and Methods of Exercise)

Users may exercise the following rights at any time:

  1. Request to access personal information
  2. Request to correct or delete personal information
  3. Request to suspend the processing of personal information

Requests may be made in writing or by email, and the Company will take necessary action without delay.

Article 7 (Destruction of Personal Information)

The Company destroys personal information without delay once the retention period expires or the processing purpose has been achieved:

  • Electronic files: Permanently deleted using irreversible methods
  • Paper documents: Shredded or incinerated

Article 8 (Cookies: Installation, Operation, and Rejection)

The Company may use cookies to provide personalized services.

  • Method of refusing cookies: Users may refuse cookies through browser privacy settings.
  • Refusal of cookies may result in limited service functionality.

Article 9 (Measures to Ensure Safety of Personal Information)

The Company implements the following measures to safeguard personal information:

  1. Access control and internal management
  2. Installation and periodic inspection of security programs
  3. Establishment of internal management plans and employee training

Article 10 (Personal Information Protection Officer)

The Company designates the following Personal Information Protection Officer:

  • Personal Information Protection Officer: Hwanjin Kim
  • Position: Manager
  • Contact: +82-10-7392-7382
  • Email: hjkim@novavect.com

Article 11 (Changes to the Privacy Policy)

This Privacy Policy may be revised due to changes in laws, policies, or security technologies, and such changes will be announced in advance through the Company’s website.

Supplementary Provision

This Privacy Policy is effective as of January 01, 2026.