Privacy policy

Enkowithus Co., Ltd. (“the Company”, “Enkowithus”, or “we”), accessible at ‘https://stay.enko.kr/’, establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect users’ personal information and to ensure prompt and smooth handling of related grievances.

Article 1 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes. Processed personal information will not be used for purposes other than the following, and if the purposes are changed, the Company will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1. Membership Registration and Management: Verification of membership intent, identity authentication for member-only services, maintenance and management of membership status, prevention of fraudulent use of services, verification of legal guardian’s consent for processing of personal information of members aged 14 or older but under legal adulthood, provision of notices and announcements.
2. Provision of Goods or Services: Service provision, issuance of contracts and invoices, provision of content, provision of customized services, payment and settlement of fees, management of overdue payments and defaults.
3. Marketing and Advertising: Development of new services (products) and provision of customized services, provision of event and promotional information and opportunities to participate, provision of services and advertisements based on demographic characteristics, verification of service validity, analysis of service usage frequency or statistics on member service usage.

Article 2 (Processing and Retention Period of Personal Information)

The Company processes and retains personal information within the retention and usage period prescribed by law or within the period agreed to by the data subject at the time of collection.

1. Membership Registration and Management: Until membership withdrawal. However, in cases where investigations are in progress due to violation of laws, until such investigations are concluded; and in cases of outstanding claims or obligations, until such settlement is completed.
2. Records of Payment and Settlement: 5 years, in accordance with Article 6(1) of the Act on the Consumer Protection in Electronic Commerce (including settlement data and payment transaction records with payment gateways such as Toss Payments and Stripe).
3. Records of Consumer Complaints and Dispute Resolution: 3 years, in accordance with Article 6(1) of the Act on the Consumer Protection in Electronic Commerce.
4. Web/App Service Usage Logs and Access Tracking Data (e.g., IP address): 1 year, in accordance with Article 15-2 of the Protection of Communications Secrets Act.
5. Customer Service and Grievance Records: 3 years, for dispute resolution purposes.

Article 3 (Items of Personal Information Processed)

The Company processes personal information depending on the type of membership (Tenant or Host) as follows:

1. Membership Registration and Management
   • Tenant: Required (email, password, nationality, name) / Optional (mobile phone number, date of birth, gender)
   • Host: Required (email, password, name, mobile phone number) / Optional (gender)