MIRIDIH BizHows Privacy Policy

MIRIDIH BizHows processes and securely manages personal information in compliance with relevant laws and regulations to protect the freedom and rights of data subjects. To inform data subjects of the procedures and standards for the processing and protection of personal information and to ensure prompt and smooth resolution of related grievances, the company has established and publicly disclosed the following Privacy Policy.

Article 1: Purpose of Personal Information Processing, Items, and Retention/Use Period
MIRIDIH collects and uses personal information to the minimum extent necessary for the provision of services, in accordance with relevant laws and regulations.

  1. Cases Where Consent of the Data Subject is Not Required
    MIRIDIH processes the following personal information items without the consent of the data subject:

Category

Purpose of Processing

Items Processed

Processing and Retention Period

Consultation Service Provision

Providing consultation on matters such as delivery, order methods, product options, holds/changes/cancellations (refunds), data verification, receipts/documentation, quality complaints, website usage, partnership inquiries, and bulk order quotes.

BizHows ID, mobile phone number, inquiry content

3 years after the inquiry is resolved

Delivery Service

Providing delivery for product orders.

Recipient’s name, recipient’s contact information, recipient’s address (country)

5 years after delivery is completed

Issuance of Cash Receipts or Tax Invoices

Issuing a cash receipt or tax invoice for the product order amount.

Applicant’s name, applicant’s email, applicant’s contact number, applicant’s secondary contact number

5 years after delivery is completed

  1. Personal Information Items Processed with the Consent of the Data Subject
    MIRIDIH processes the following personal information items with the consent of the data subject.

Category

Purpose of Processing

Items Processed

Processing and Retention Period

Membership Service Operation

User identity verification for membership services, individual identification, prevention of fraudulent use by unauthorized members, confirmation of intent to join, limitations on membership sign-ups, record retention for dispute resolution, and handling of grievances such as complaints, and delivery of notifications.

  • Items collected and used when signing up with email: Name, email address, password

  • Items collected and used when signing up with Google: Name, email address, profile photo

  • Items collected and used when signing up with Apple: Name, email address

Until member withdrawal

Marketing Utilization

Development and specialization of new services (products), delivery of advertising information such as events, provision of services based on demographic characteristics, placement of advertisements, and statistical analysis of access frequency or member service usage.

Email address, mobile phone number

Until member withdrawal or consent is withdrawn

Article 2: Regarding the Processing of Personal Information of Children Under 14 Years of Age
MIRIDIH does not collect or process personal information of children under 14 years of age for the provision of this service.

Article 3: Personal Information Processing and Retention Period

① MIRIDIH processes and retains personal information within the retention and usage period prescribed by relevant laws or the period consented to by the data subject at the time of collection.

② The processing and retention periods for each type of personal information are as follows:

  • Website Membership and Management: Until the member withdraws from the service.
    However, if any of the following reasons apply, retention will continue until the reason is resolved:

    1. If an investigation or inquiry into a violation of related laws is in progress, until the conclusion of the investigation or inquiry.

    2. If there are remaining claims or debts arising from the use of the website, until said claims or debts are settled.

  • Provision of Goods or Services: Until the completion of goods/services delivery and settlement/payment. However, if any of the following reasons apply, retention will continue until the end of the specified period:

    • Records concerning contracts or subscription withdrawals: 5 years

    • Records concerning payment and the supply of goods: 5 years

    • Records concerning consumer complaints or dispute resolution: 3 years

    • Records concerning display or advertising: 6 months

  • Retention of Communication Confirmation Data in accordance with Relevant Laws:

    • Computer communication, internet log records, access location tracking data: 3 months

Article 4: Procedures and Methods for Personal Information Destruction

① When personal information becomes unnecessary due to the expiration of the retention period or the achievement of the purpose of processing, MIRIDIH will promptly destroy the personal information.

② If personal information must be retained for a period exceeding the consented retention period or after the purpose of processing has been achieved, in accordance with other laws, the personal information will be moved to a separate database (DB) or a different storage location for preservation.
※ The specific items of personal information and the legal basis for their preservation in accordance with other laws can be found in ‘Article 1: Purpose of Personal Information Processing, Items, and Retention/Use Period’.

③ The procedures and methods for personal information destruction are as follows:

  • Destruction Procedure:
    MIRIDIH selects the personal information for which a reason for destruction has occurred and destroys the information after obtaining approval from the personal information protection officer of MIRIDIH.

  • Destruction Method:
    Personal information recorded and stored in electronic file formats is destroyed in a way that the records cannot be reproduced. Personal information recorded and stored on paper documents is destroyed by shredding or incineration.

Article 5: Provision of Personal Information to Third Parties
MIRIDIH processes the personal information of data subjects only within the scope specified for the purpose of personal information processing. Personal information is provided to third parties only with the data subject’s consent, or in cases specified by relevant laws, such as special provisions of the law. Other than these cases, MIRIDIH does not provide personal information of data subjects to third parties.

Article 6: Consignment of Personal Information Processing

① For the smooth processing of personal information, MIRIDIH consigns personal information processing to the following entities:

Consignee (Recipient)

Consigned Work

MiriCanvas

Provision of design editor (membership information, registration information)

Paypal, Payple

Purchase and payment handling (credit card, mobile phone, BC Top points, Iniescrow)

CJ Logistics, Lotte Logistics, Logen Express, Hanjin Express

Product Delivery

Humuson Corp

Dispatch of Kakao Alimtalk (alarm) messages

Channel.io

Customer Center Chat Support

Stibee, Che-eom Soft

Email dispatch services

Criteo

Customized advertising for users

② When entering into a consignment agreement, MIRIDIH specifies in the contract, in accordance with relevant laws, matters concerning the prohibition of personal information processing beyond the purpose of the consigned work, technical and administrative protective measures, restrictions on re-consignment, management and supervision of the consignee, and liability for damages. MIRIDIH also supervises whether the consignee processes personal information securely.

③ In accordance with relevant laws, if a consignee re-consigns the company’s personal information processing tasks, MIRIDIH obtains their consent. The details of the re-consignee and the re-consigned tasks are disclosed through this Privacy Policy.

④ If there are any changes to the details of the consigned work or the consignee, we will promptly disclose the information through this Privacy Policy.

Article 7: Measures to Ensure the Security of Personal Information
MIRIDIH takes the following measures to ensure the security of personal information.

  1. Administrative Measures: Establishment and implementation of internal management plans, regular employee training, and operation of a dedicated organization.

  2. Technical Measures: Management of access rights to personal information processing systems, installation of access control systems and other related protective measures, internet network blocking measures, encryption of personal information, retention and inspection of access logs, installation and updating of security programs, and vulnerability checks and reinforcement of personal information processing systems.

  3. Physical Measures: Access control for computer rooms and data storage rooms, storage of documents and auxiliary storage media in secure locations with locking devices, safety measures against disasters and calamities, and control over the transfer of auxiliary storage media.

Article 8: Matters Concerning the Installation, Operation, and Refusal of Automated Behavioral Information Collection Devices

① MIRIDIH uses ‘cookies’ to store and retrieve usage information for the purpose of providing individualized services and convenience to data subjects.

② A cookie is a small piece of information sent by a server (http) used for website operation to the data subject’s browser. It is stored on the data subject’s computer or mobile device and is automatically sent back to the server from the data subject’s browser when accessing the website.

③ Data subjects can set their browser options to allow or block cookies.

▶ Allowing/Blocking Cookies on a Web Browser

  • Chrome: Select the ‘⋮’ icon in the top right corner of the web browser > New Incognito Window (Shortcut: Ctrl+Shift+N)

  • Edge: Select the ‘…’ icon in the top right corner of the web browser > New InPrivate Window (Shortcut: Ctrl+Shift+N)

▶ Allowing/Blocking Cookies on a Mobile Browser

  • Chrome: Select the ‘⋮’ icon in the top right corner of the mobile browser > New Incognito Tab

  • Safari: Mobile device settings > Safari > Advanced > Block All Cookies

  • Samsung Internet: Select the ‘Tabs’ icon at the bottom of the mobile browser > Turn on Secret mode > Start

Article 9: Matters Concerning the Processing and Refusal of Behavioral Information

① In the course of using the service, MIRIDIH processes behavioral information in a way that does not identify individuals, using automated collection devices such as cookies, to provide customized services, benefits, and personalized online advertisements optimized for the data subject.

<Regarding the Collection and Use of Behavioral Information>

② MIRIDIH collects behavioral information on its website as follows.

Legal Basis

Collection Method

Collection Purpose

Retention/Use Period

In-house App Access and Usage History

Automatic collection upon web/app access and usage

Providing personalized advertisements

Destroyed 140 days after the date of collection

<Regarding the Provision of Behavioral Information to Third Parties (e.g., Advertisers)>

③ MIRIDIH provides behavioral information to third parties as follows.

Recipient

Items Provided

Purpose of Use by Recipient

Recipient’s Retention/Use Period

Meta

In-house web/app usage history

Providing personalized advertisements

Destroyed 140 days after the date of provision

④ MIRIDIH collects only the minimum amount of behavioral information necessary for optimized customized services, benefits, and personalized online advertisements, and does not collect sensitive behavioral information that could infringe on an individual’s rights, interests, or privacy, such as ideology, beliefs, or medical history.

<When Using Collected Behavioral Information for Personalized Advertising>

⑤ Data subjects can collectively block or allow personalized advertising by changing the cookie settings of their web browser. However, changing cookie settings may restrict the use of some services, such as website auto-login.

  • Allowing/Blocking Personalized Advertising via Web Browser

    • (1) Chrome

      • How to delete cookies stored on the web browser: Click the ‘⋮’ icon in the top right corner of Chrome, then click the Settings icon. On the left side of the settings page, click Privacy and security, then click Clear browsing data and select whether to clear the browsing history.

      • How to block third-party cookies on the web browser: Click the ‘⋮’ icon in the top right corner of Chrome, then click the Settings icon. On the left side of the settings page, click Privacy and security, then click Third-party cookies and select whether to Block third-party cookies.

      • How to block all cookie storage on the web browser: Click the ‘⋮’ icon in the top right corner of Chrome, then click the New Incognito Window icon. In this mode, your browsing history, cookies and site data, and information entered into forms will not be saved on your device.

    • (2) Edge

      • How to delete cookies stored on the web browser: Click the ‘…’ icon in the top right corner of Edge, then click Settings. On the left side of the settings page, click Cookies and site permissions, then click Manage and delete cookies and site data and select whether to remove all cookies and site data.

      • How to block third-party cookies on the web browser: Click the ‘…’ icon in the top right corner of Edge, then click Settings. On the left side of the settings page, click Privacy, search, and services, and in the Tracking prevention section, select whether to enable Tracking prevention and the level (Balanced or Strict). Alternatively, on the left side of the settings page, click Cookies and site permissions, then click Manage and delete cookies and site data and select ‘Block third-party cookies’.

      • How to block all cookie storage on the web browser: Click the ‘…’ icon in the top right corner of Edge, then click the New InPrivate window icon. In this mode, your browsing history, cookies and site data, and information entered into forms will not be saved on your device.

⑥ MIRIDIH collects and uses advertising identifiers in apps for personalized advertising. Data subjects can block or allow personalized advertising in apps by changing the settings on their mobile device.

  • Allowing/Blocking Advertising Identifiers on a Smartphone

    • (1) (Android) ① Settings → ② Security and privacy → ③ Privacy → ④ Other privacy settings → ⑤ Ads → ⑥ Reset advertising ID or Delete advertising ID

    • (2) (iPhone) ① Settings → ② Privacy & Security → ③ Tracking → ④ Turn off Allow Apps to Request to Track

    • ※ The menu and method may differ slightly depending on the mobile OS version.

⑦ Data subjects can inquire about matters related to behavioral information, exercise their right to refuse, or report damages using the contact information below.

  • Personal Information Protection Department

Article 10: Rights, Obligations, and Methods of Exercise for Data Subjects and Legal Representatives

① Data subjects may at any time request access, data portability, correction, deletion, suspension of processing, and withdrawal of consent regarding their personal information from MIRIDIH (hereinafter referred to as “Exercising Rights”).

  • ※ The rights of children under 14 years of age must be exercised directly by their legal representative. Data subjects who are minors aged 14 or older may exercise their rights regarding their personal information themselves or through their legal representative.

② Rights can be exercised via written document, phone, email, fax, or the internet in accordance with relevant laws, and MIRIDIH will take action without delay.

  • Data subjects may directly view, correct, delete, suspend processing, or withdraw consent for their personal information at any time via ‘My Name > Edit My Info’ in the top right corner of the website, or request access through the ‘question mark help icon’ in the bottom right corner.

  • Data subjects can request refusal and explanation of automated decisions at any time through the ‘question mark help icon’ in the bottom right corner of the website.

③ Rights can also be exercised through a legal representative or an authorized agent. In this case, a power of attorney must be submitted.

④ The right of a data subject to request access and suspension of personal information processing may be limited by relevant laws.

⑤ If personal information is specified as a collection target in other laws, the data subject may not request its deletion.

⑥ MIRIDIH verifies whether the person exercising the rights is the data subject themselves or a legitimate representative.

⑦ Data subjects can exercise their rights with the department below. MIRIDIH will respond within 10 days of receiving a request to exercise rights (without delay in the case of a data portability request).

  • Personal Information Rights Claim Reception and Processing Department

    • Department Name: Biz Customer Satisfaction Team

    • Address: 8th, 13th, 14th, 17th Floors, 1004 TP Tower, 12 Digital-ro 31-gil, Guro-gu, Seoul, Republic of Korea

    • Contact Information: contact@bizhows.com

Article 11: Personal Information Protection Officer

① MIRIDIH is responsible for the overall personal information processing, and has designated a Personal Information Protection Officer as follows to handle data subjects’ complaints and provide relief for damages related to personal information processing.

  • Personal Information Protection Officer

  • Personal Information Protection Department

② Data subjects can inquire about all matters related to personal information protection, including complaints and damage relief, that arise while using MIRIDIH’s services (or business), with the Personal Information Protection Officer and the Personal Information Protection Department. MIRIDIH will respond to and handle the data subject’s inquiries without delay.

Article 12: Changes to the Privacy Policy
This Privacy Policy will be effective as of 15 OCT 2025.