1. Items of Personal Information to be Collected and Collection Method
2. Collection and Usage Purpose of Personal Information
3. Sharing and Provision of Personal Information
4. Outsourcing the Handling of Personal Information to Third Parties
5. Retention and Usage Period of Personal Information
6. Destruction Procedure and Method of Personal Information
7. Rights of Users and their Legal Representatives & Exercise of the Rights
8. Installation and Operation of Automatic Personal Information Collecting Tools
9. Technical and Administrative Measures for Protection of Personal Information
10. Contact Numbers of Personal Information Manager and Person in Charge
12. Duty of Notification
• The Company collects personal information required to provide the Services of the company (for instance, to provide responses to inquiries and newsletters), such as 'email addresses', and 'names.'
• The Company collects such personal information through Q&A bulletin board and newsletter subscription on the website.
The Company collects and uses personal information for the purposes of checking the content and additional details of an online inquiry and notifying the handling results to the concerned user.
The Company shall utilize personal information of its website users within the notified scope in "Article 2. Collection and Usage Purpose of Personal Information". It shall not reveal personal information beyond the notified scope to the outside third parties. However, exceptions can be made for the following cases;
• if a user agreed on the disclosure beforehand;
• if a user agreed on the disclosure beforehand;
The Company currently does not outsource the handling of personal information to a third party. If it becomes necessary to do so in the future, the Company will notify the change on the website and revise contents of this "Personal Information Collection and Usage Agreement."
The Company in principle destroys personal information without any delay once the purpose for collecting and using personal information has been achieved. However, if the Company is required to retain the following information for the period specified in accordance with its bylaws, for instance, for the purpose of handling a complaint and confirming the identity of a user;
• Items to be Retained: names, email addresses, phone numbers
• Grounds for retention: Use and Protection of Credit Information Act
• Retention Period: three years
• Records regarding collection, handling and use of credit information: three years (Use and Protection of Credit Information Act).
The Company in principle destroys personal information without any delay once the purpose for collecting and using personal information has been achieved. The Company's destruction procedure and method of personal information are as follows;
• (Destruction Procedure) The information input for an inquiry by a website user shall be transferred to a separate DB and be destroyed for information protection reasons prescribed in the company's internal policies and other related laws (refer to "Retention and Usage Period of Personal Information") after a certain period of retention. The aforementioned personal information shall not be used for other purpose than maintaining records in accordance with the relevant laws.
• (Destruction Method) Personal information in hardcopy (printed on paper) shall be destroyed with a paper shredder or through incineration. Personal information in softcopy shall be deleted technically to prevent any restoration.
Users and their legal representatives may exercise their rights to request for deletion of their personal information input for inquiry at any time.
If they request for checking and deleting personal information input by mail, phone or email, the Company will destroy it without any further delay.
The personal information deleted as requested by users or their legal representatives shall be handled in accordance with "5. Retention and Usage Period of Personal Information" and shall not be browsed or used for other purposes.
The Company runs ‘cookies’ that store and search user information. Cookies are tiny text files which the server (HTTP) uses to run the company's website, sends to user's browser, and stores on user's computer's hard disk.
• (Purpose of Using Cookies) Cookie is used to provide optimized information for users by catching all services from the Company, the type of visit and use, Top search word, Security access, News editing, Marketing, User size, etc.
• (How to reject cookie setting) Users have the option of installing cookies. Therefore, users can choose to accept all cookies or to verify that cookies are stored every time, or to refuse to store all cookies by setting options in a web browser. As ways to reject cookies, users may set the options on their web browsers to allow all cookies, to ask whenever cookies are stored, or to decline storing of all cookies.
In dealing with user’s personal information, the Company considers the following technological and administrative countermeasures to secure your personal information from being lost, stolen, leaked, fabricated, or damaged.
• Measures against hacking
The Company will do its best to prevent users' personal information from being divulged or tampered with through hacking, computer viruses, etc. The Company makes regular back-up in case that personal information is tempered. It uses the latest vaccine program to prevent personal information being leaked or falsified. The Company transmits personal information on its network in a safe and secured way by using encrypted algorithm. The Company operates a system for blocking intrusions to block external unauthorized access to personal information. It is committed to installing all technical equipment as much as possible to secure system safety.
• Minimizing the Number of Personal Information Handlers and Conducting Training
The Company grants permission to only those authorized handlers, provides them with separate passwords for this purpose, and updates them regularly. The Company conducts training for personal information handlers on a regular basis and always stresses the importance of abiding by the personal information handling policy.
• Operation of the Designated Personal Information Handling Organization
The Company operates an internal team dedicated to handling personal information which addresses and fixes any problems with its compliance of the personal information handling policy and with the handler's compliance. However, the company is in no event responsible for any issues or problems arising out of the leak of personal information caused by users' own negligence, inherent problems on the Internet, and the like.
You can file any complaints which you may encounter in relation to personal information protection to the Company's responsible manager and person.The company is committed to fast and satisfactory reply regarding such matters.
Personal Information Management and Operation Manager: Lee Soo-Jin / Phone: (+82) 02-6925-6570 / email: firstname.lastname@example.orgIf you need to report or consult other personal information infringement, please contact the following institutions.
• Personal Information Infringement Reporting Center: http://privacy.kisa.or.kr / Phone number: (+82) 02.405.5118
Information Protection Mark Certification Committee: www.eprivacy.or.kr / Phone number: (+82) 02.580.0533~4
Cybercrime Investigation Division of the Supreme Prosecutors’ Office: www.ctrc.go.kr / Phone numbers: 02.3150.2659
Please note that this "Personal Information Protection Policy" shall not be applicable to the collection of personal information by websites linked to the Company's website.
Any amendment to the current Personal Information Handling Policy hereto (such as any addition or deletion or correction of any part hereof) will be published in the Notice Board of the Company's website at least 7 days prior to the effective date of such amendment.
Notification Date: 2020.01.01
Implementation Date: 2020.01.01