TradeSynx Privacy Policy

Effective Date: January 2, 2025

TradeSynx (the "Company") establishes and discloses the following Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to promptly and smoothly handle related grievances.

Article 1 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes. Personal information being processed is not used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act will be implemented.

1. Member Registration and Management

• Confirmation of intention to join as a member
• Identification and authentication of members in connection with providing membership services
• Maintenance and management of member qualifications
• Prevention of fraudulent use of services
• Various notices and notifications
• Grievance handling

2. Provision of Goods or Services

• Service provision
• Content provision
• Customized service provision
• Payment and settlement
• Debt collection

3. Trade Operations Processing

• RFQ (Request for Quotation) processing and Quotation generation
• Generation of trade documents including Proforma Invoice, Commercial Invoice, Packing List
• Order management and tracking
• L/C (Letter of Credit) and B/L (Bill of Lading) management
• Sharing of transaction information through Buyer and Forwarder Portals
• Management of Shipper, Consignee, and Notify Party information

4. Marketing and Advertising

• Development of new services and provision of customized services
• Provision of event and advertising information and participation opportunities
• Verification of service effectiveness
• Analysis of access frequency or statistics on members' service use

Article 2 (Processing and Retention Period of Personal Information)

1. Member Information

The Company processes and retains personal information within the period of retention and use of personal information under laws or the period of retention and use of personal information consented to when collecting personal information from data subjects.

• Retention Period: Until membership withdrawal
• After Withdrawal: Immediate destruction (however, if there is a need to preserve according to relevant laws, it is retained for the corresponding period)

2. Transaction and Payment Information

The following information is retained in accordance with relevant laws such as the Act on Consumer Protection in Electronic Commerce, the Framework Act on National Taxes:

• Records on contracts or withdrawal of subscription: 5 years
• Records on payment and supply of goods: 5 years
• Records on consumer complaints or dispute resolution: 3 years
• Records on labeling and advertising: 6 months
• Books and supporting documents on all transactions stipulated by tax laws: 5 years

3. Trade Transaction Data

The following information is retained in accordance with trade-related laws such as the Foreign Trade Act and the Customs Act:

• Records on export/import declaration and customs clearance: 5 years
• Records on foreign exchange transactions: 5 years
• Trade documents including Order, Invoice, Packing List, L/C, B/L: 5 years

Even if a member withdraws, the information is retained for the above statutory retention period and is destroyed without delay after the retention period expires.

4. Invited User (Non-Member) Information

• Retention Period: 5 years after completion of the transaction (in accordance with the Electronic Commerce Act and trade-related laws)
• If an Invited User requests deletion, information is immediately destroyed except for information subject to statutory retention obligations.

Article 3 (Items of Personal Information Being Processed)

1. Member Registration and Service Use

Required Items:

• Name
• Email address
• Password
• Mobile phone number
• Company name
• Company address
• Business registration number or Tax registration number

Optional Items:

• Profile photo

2. Paid Service Payment

Required Items:

• Payment information (credit card information, account information, etc.)
• Billing address

3. Trade Operations Processing

Required Items (information that must be entered to use the service):

• Shipper information: Name, company name, address, contact information, email
• Consignee information: Name, company name, address, contact information
• Notify Party information: Name, company name, address, contact information
• Buyer information: Name, company name, address, contact information, email
• Forwarder information: Company name, person in charge, contact information, email
• Product information, quantity, amount
• Port of Loading, Port of Discharge
• Incoterms, Payment Terms
• Bank information (for payment)

4. Invited Users (when using Buyer Portal, Forwarder Portal)

Required Items:

• Name
• Email address
• Mobile phone number
• Company name
• Company address
• Consignee information (for buyers)
• Notify Party information (for buyers)
• Forwarder information (for forwarders)

5. Automatically Collected Information

The following information may be automatically generated and collected during the process of using the Service:

• IP address
• Cookies
• Service use records
• Access logs
• Device information

Article 4 (Provision of Personal Information to Third Parties)

The Company processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information), and provides personal information to third parties only when it falls under Articles 17 and 18 of the Personal Information Protection Act, such as consent from the data subject or special provisions of law.

1. Provision of Information to Forwarders (Logistics Companies)

Recipient: Forwarder (logistics company) designated by the Member

Purpose of Provision: Provision of logistics services, shipping operations, B/L issuance, customs clearance, etc.

Items Provided:

• Shipper information (name, company name, address, contact information, email)
• Consignee information (name, company name, address, contact information)
• Notify Party information (name, company name, address, contact information)
• Cargo information (product name, quantity, weight, volume, HS Code, etc.)
• Port of Loading, Port of Discharge
• Shipping-related information (Vessel, Voyage, Container information, etc.)
• Shipper's Letter of Instruction contents

Retention and Use Period: 5 years after completion of logistics service (in accordance with relevant laws such as the Customs Act)

Right to Refuse and Disadvantages: Data subjects have the right not to consent to the provision of personal information, but if consent is refused, the use of logistics services may be restricted.

2. Provision of Information to Buyers

Recipient: Buyers transacting with the Member

Purpose of Provision: Quotation provision, order confirmation, trade document provision

Items Provided:

• Shipper information (name, company name, address, contact information, email)
• Product information, price, quantity
• Proforma Invoice, Commercial Invoice, Packing List contents
• Bank information (for remittance)

Retention and Use Period: 5 years after completion of transaction (in accordance with relevant laws such as the Electronic Commerce Act)

3. Provision of Information to Payment Gateway Companies

Recipient: Payment gateway companies (PG companies)

Purpose of Provision: Processing of service usage fee payments

Items Provided:

• Name
• Payment information (credit card information, account information, etc.)
• Billing address

Retention and Use Period: 5 years after payment completion (in accordance with the Electronic Commerce Act)

Article 5 (Consignment of Personal Information Processing)

The Company consigns personal information processing tasks as follows for smooth personal information processing.

1. Cloud Service

• Consignee: Supabase (located overseas)
• Consigned Task: Data storage and management
• Retention and Use Period: Until membership withdrawal or termination of consignment contract

2. Payment Processing

• Consignee: [Payment gateway company name]
• Consigned Task: Credit card payment, bank transfer processing
• Retention and Use Period: 5 years after payment completion

When entering into a consignment contract, the Company specifies in documents such as contracts matters concerning the prohibition of processing personal information for purposes other than the performance of consigned tasks, technical and managerial protection measures, restrictions on re-consignment, management and supervision of consignees, and responsibilities for damages in accordance with Article 26 of the Personal Information Protection Act, and supervises whether consignees safely process personal information.

If the content of consigned tasks or consignees change, we will disclose it without delay through this Privacy Policy.

Article 6 (Rights and Obligations of Data Subjects and How to Exercise Them)

1. Rights of Data Subjects

Data subjects may exercise the following rights related to personal information protection against the Company at any time:

• Request to view personal information
• Request for correction if there are errors
• Request for deletion
• Request for suspension of processing

2. How to Exercise Rights

The exercise of rights under Paragraph 1 can be made to the Company in writing, by email, by facsimile (FAX), etc., in accordance with the form set forth in Annex 8 of the Enforcement Rules of the Personal Information Protection Act, and the Company will take action without delay.

If a data subject requests correction or deletion of errors in personal information, the Company will not use or provide the personal information until the correction or deletion is completed.

The exercise of rights under Paragraph 1 can be made through a legal representative of the data subject or an authorized agent. In this case, a power of attorney in accordance with the form set forth in Annex 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.

3. Protection of Personal Information of Children Under 14

The Company does not collect personal information of children under 14 years of age in principle. However, collection is possible with the consent of a legal representative.

Article 7 (Destruction of Personal Information)

1. Destruction Procedure

The Company destroys personal information without delay when personal information becomes unnecessary, such as when the retention period of personal information has elapsed or the purpose of processing has been achieved.

Even if the retention period of personal information consented to by the data subject has elapsed or the purpose of processing has been achieved, if personal information must continue to be preserved according to other laws, the personal information is moved to a separate database (DB) or stored in a different storage location.

2. Destruction Deadline

When a data subject requests membership withdrawal, information is immediately destroyed except for information subject to legal retention obligations.

In the case of information that must be retained according to laws, it is destroyed without delay after the corresponding retention period has elapsed.

3. Destruction Method

• Information in electronic file format: Deletion using technical methods that make recovery and reproduction impossible
• Personal information printed on paper: Shredding or incineration

Article 8 (Measures to Ensure the Safety of Personal Information)

The Company takes the following measures to ensure the safety of personal information:

1. Administrative Measures

• Establishment and implementation of internal management plans
• Regular employee training

2. Technical Measures

• Personal information encryption
• Technical countermeasures against hacking
• Access authority management
• Retention and inspection of access records

3. Physical Measures

• Access control to server rooms, data storage rooms, etc.

Article 9 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)

1. Purpose of Using Cookies

The Company uses 'cookies' that store and frequently retrieve usage information to provide customized services to users.

2. Installation, Operation, and Rejection of Cookies

• How to refuse cookie settings: Can set cookie permission, cookie blocking, etc. through web browser option settings
• If you refuse to save cookies, difficulties may occur in using customized services.

Article 10 (Personal Information Protection Officer)

The Company designates a Personal Information Protection Officer as follows to take overall responsibility for matters related to personal information processing and to handle complaints and provide relief for data subjects related to personal information processing.

Personal Information Protection Officer

• Name: Lee Yongjun
• Position: CEO
• Email: privacy@tradesynx.com
• Phone: +82-70-0000-0000

Data subjects may contact the Personal Information Protection Officer regarding all matters related to personal information protection, including inquiries, complaint handling, and damage relief that occur while using the Company's services. The Company will respond to and process inquiries from data subjects without delay.

Article 11 (Request to View Personal Information)

Data subjects may request to view personal information in accordance with Article 35 of the Personal Information Protection Act to the department below. The Company will strive to ensure that requests from data subjects to view personal information are processed promptly.

Department for Receiving and Processing Requests to View Personal Information

• Department Name: Customer Support Team
• Email: privacy@tradesynx.com
• Phone: +82-70-0000-0000

Article 12 (Methods for Relief of Rights Violations)

Data subjects may inquire about damage relief and consultation regarding personal information infringement to the following institutions:

• Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
  • Phone: (without area code) 118
  • Website: privacy.kisa.or.kr
• Personal Information Dispute Mediation Committee
  • Phone: (without area code) 1833-6972
  • Website: www.kopico.go.kr
• Supreme Prosecutors' Office Cyber Crime Investigation Division
  • Phone: +82-2-3480-3573
  • Website: www.spo.go.kr
• National Police Agency Cyber Safety Bureau
  • Phone: (without area code) 182
  • Website: cyberbureau.police.go.kr

Article 13 (Changes to Privacy Policy)

This Privacy Policy is effective from January 2, 2025, and if there are additions, deletions, or corrections to changes in content according to laws and policies, they will be notified through the service notice at least 7 days prior to the implementation of the changes.