1. WHO WE ARE
KORORIN is a platform that enables local delivery of food items, particularly onigiri, in the metropolitan Chicago area. KORORIN’s services include: online food delivery, product purchase, and market and use analysis to optimize products and services. You may order KORORIN’s food through the Website to be delivered to KORORIN-specified group delivery locations or directly to the customer.
2. PERSONAL DATA WE PROCESS
As set forth below, KORORIN collects Personal Data that (a) you actively submit to us as a customer and (b) that we retrieve from customers. We may process your Personal Data with or without automatic means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of your Personal Data.
(a) Actively submitted data. You submit Personal Data to us when you engage with our Website, purchase our services, or engage in other interactions or communications with KORORIN. KORORIN generally processes name, physical address, telephone number, e-mail address, and payment information.
When you use KORORIN, we may collect precise location data. For instance, if you allow KORORIN to access location services through the permission system used by your device's mobile operating system or browser, we may collect the precise location of your device. We use your location information to facilitate the prompt delivery of your orders. You can choose whether or not to enable the location tracking feature through the settings on your device or browser. We may also infer your general location information, for example by using your internet protocol (IP) address.
KORORIN may also process identification information such as your email address in order to verify your identity in the event that there is a risk of fraud or a regulatory requirement to verify such.
You may also provide us with additional information to participate at your own initiative in surveys, feedback comments, promotions, or other activities. Participation in surveys, feedback comments, promotion or other similar activities is optional. If you do not wish to participate in, or provide Personal Data in connection with such activities, this will not affect your ability to use available services. In each such case you will know what Personal Data you provide us with because you actively and voluntarily submit the data.
(b) Data received from our customers. Customers identify a delivery destination for food items KORORIN delivers at their request. The delivery address does not need to match the personal information provided by the customer upon registration. Where a customer provides Personal Data of another person, the customer assumes the role of a data Controller and KORORIN acts in the role of a data processor. The personal information collected generally includes the name, physical address and phone number of the party to which the item(s) will be delivered. Processing of this Personal Data is performed on behalf of the customer and for the purpose of providing the services requested by the customer. No active marketing is performed on Personal Data of the ‘deliver-to’ party.
(c) Data obtained for marketing purposes for potential clients, customers or others. We obtain marketing data that we use to reach out to inform potential clients, customers, and others of the services offered by our organization. The Personal Data collected generally includes the email address of a potential client, customer or contact and may also include their name and phone number.
(d) Personal Data not actively collected or processed. KORORIN does not actively collect or otherwise process Personal Data from minors. The age of a minor varies by country. For the purposes of Personal Data collected from the United States of America, the age of a minor is under age eighteen (18).
KORORIN does not actively collect or otherwise process special categories of data including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation.
We do not actively collect or otherwise process Personal Data relating to criminal convictions and offenses.
3. PURPOSES FOR PROCESSING PERSONAL DATA
We process Personal Data for logistics, payment, insurance, customs, tax, other regulatory requirements, communication, customer service, marketing, web analytics, system monitoring, data security and other operational and administrative purposes.
We use Personal Data to provide logistics and other related services to enable international product purchase and delivery for our customers while meeting the regulatory requirements of the relevant countries. We may use Personal Data to: (a) purchase product for you; (b) package and inventory product for you; (c) deliver product to you; (d) contact you; (e) create and maintain an account profile; (f) fulfill requests you make; (g) seek your voluntary feedback; (h) customize features or content on our Website and software; (i) evaluate eligibility to participate in promotions; (j) verify identity; or (k) administer our services, including through use of third party service providers.
In this context, the legal basis for our processing of your Personal Data is either the necessity to perform contractual and other obligations that we have towards you or carrying out our legitimate activities as a logistics organization.
KORORIN may also use your data to comply with applicable laws and exercise legal rights as the basis for our data processing.
KORORIN may also use your Personal Data for internal purposes, including auditing, data analysis, system troubleshooting, and research. In these cases, we base our processing on legitimate interests in performing the activities of the organization.
4. SHARING OF PERSONAL DATA
KORORIN shares your Personal Data with other parties in the following circumstances:
a. Third Party Providers. We may share your information with third party providers to perform tasks on our behalf. These companies include, for example, meal delivery companies (e.g. DoorDash, Grubhub, Uber Eats), our payment processing providers (e.g. Stripe, PayPal, Square), website analytics companies (e.g. Google Analytics), and e-commerce platforms. Other tasks such as data analysis, surveys, and customer service are completed in-house by our staff and do not require the sharing of your Personal Data with other parties. In instances where your Personal Data is shared with third party providers, the providers will be contractually required to protect Personal Data from additional processing (including for marketing purposes) and transfer.
b. Legal Requirements. We may access and disclose your Personal Data to regulatory bodies if we have a good-faith belief that doing so is required under regulation. This may also include submitting Personal Data required by local customs authorities and tax authorities. Additionally, we may disclose your Personal Data and other information as required by law, including in response to lawful requests by public authorities or to meet national security or law enforcement requirements. We may also disclose your Personal Data to exercise or defend legal rights; to take precautions against liability; to protect the rights, property, or safety of the resource, of any individual, or of the general public; to maintain and protect the security and integrity of our services or infrastructure; to protect ourselves and our services from fraudulent, abusive, or unlawful uses; or to investigate and defend ourselves against third party claims or allegations.
5. STORAGE OF PERSONAL DATA
6. PERSONAL DATA SECURITY
KORORIN uses technical and organizational measures to protect the Personal Data received against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise processed. We regularly consider appropriate new security technology and methods as we maintain and develop our software and systems. Security measures implemented may include:
1. Secure Sockets Layer (SSL) is used on all pages where Personal Data is collected;
2. Data requiring a higher level of protection, such as payment card account numbers, is encrypted prior to transmission to the database for storage;
3. Web and database servers are protected using firewalls;
4. Passwords used for account registration cannot be ‘defaulted’;
5. User access is tracked;
6. Role-based security is applied to system access;
7. All employees are contractually obligated to maintain the confidentiality of Personal Data accessible through their employment;
8. Regular system backups are made;
9. Regular maintenance is performed on systems; and
10. Systems are monitored for security.
7. RETENTION OF PERSONAL DATA
KORORIN retains Personal Data collected through its Website for a reasonable period of time to fulfill the processing purposes mentioned above. Personal Data is then archived for time periods required or necessitated by law or legal considerations. When archival is no longer required, Personal Data is deleted from our records.
8. PERSONAL DATA RIGHTS
Please note that we rely upon our customers maintaining the accuracy of the Personal Data they provide through our Website, including the ability to add, edit and delete contact, payment and delivery information.
California Privacy Rights:
9. TRACKING TECHNOLOGIES, COOKIES, AND CLEAR GIFs
We use tracking technologies, cookies and clear GIFs to collect information. Tracking technologies are used to collect information from your web browser through our servers or filtering systems when you visit our Website. Cookies are small bits of data used to transfer information to your computer’s hard drive or your web browser for record-keeping purposes, including recognizing your web browser when you return to our Website. A clear GIF is a transparent graphic image placed on a website. The use of clear GIFs allows us to monitor your actions when you open a web page and makes it easier for us to follow and record the activities of recognized browsers. Clear GIFs are used in combination with cookies to obtain information on how visitors interact with our Website.
Information collected may include but is not limited to your browser type, your operating system, your language preference, any referring web page you were visiting before you came to our Website, the date and time of each visitor request, and information you search for on our Website. We can also track the path of page visits on a website and monitor aggregate usage and web traffic routing on our sites. We collect this information to better understand how you use and interact with our Website in order to improve your experience. We also collect this information to better understand what services and marketing promotions may be more relevant to you. We may also share this information with our employees, service providers and customer affiliates as well as between affiliated entities.
You can change your web browser settings to stop accepting cookies or to prompt you before accepting a cookie from the sites you visit. If you do not accept cookies, however, you may not be able to use some sections or functions of our Website.
KORORIN takes reasonable steps to protect your Personal Data from loss, misuse and unauthorized access, alteration, disclosure or destruction in accordance with applicable law. No Internet, e-mail or electronic operating system is ever fully secure or error free, so please take care in deciding what information you give to us.
KORORIN takes steps to reasonably ensure that the privacy of your non-public information remains secure even in the event of the disposal of information that is no longer required to be maintained. Such steps shall include whenever possible, shredding paper documents and records prior to disposal, requiring off-site storage vendors to shred documents maintained in such locations prior to disposal, and erasing and/or obliterating any data contained on electronic media in such a manner that the information can no longer be read or reconstructed.
11. THIRD PARTY WEBSITES
WHEN YOU VISIT OTHER SITES VIA THIRD PARTY CONTENT, OR PARTICIPATE IN PROMOTIONS OR BUSINESS DEALINGS WITH THIRD PARTIES, YOU SHOULD UNDERSTAND THAT OUR TERMS AND POLICIES NO LONGER GOVERN, AND THAT THE TERMS AND POLICIES OF THOSE THIRD PARTY SITES SHALL APPLY. YOU SHOULD REVIEW THEIR APPLICABLE TERMS AND POLICIES, INCLUDING THE PRIVACY AND DATA GATHERING PRACTICES, OF ANY SITE TO WHICH YOU NAVIGATE FROM OUR WEBSITE. YOU MUST COMPLY WITH ANY APPLICABLE THIRD PARTY TERMS WHEN USING OUR WEBSITE.
14. EFFECTIVE DATE