- 1. General Provisions
- 1. The personal information is information of a surviving individual, which can be identified by name, resident registration number, and others. (Including information that can be easily combined with other information even if the information alone cannot identify a particular individual)
- 2. The Company is committed to protect the customers’ personal information, and complies with the Personal Information Protection Guidelines under the Personal Information Protection Act enacted by the Ministry of the Interior and Safety.
- 4. The Company discloses the Personal Information Protection Guidelines on the first screen of the homepage, making it easy for its customers to view.
- 5. The Company will revise and amend its Personal Information Protection Guidelines under certain procedures.
- 2. Purpose, Items, Method of Personal Information Collection
- 1. The Company collects the following personal information to provide various convenient services such as customer inquiry, after-sale service application, and verification purpose. The personal information can be collected for recruitment, research support, event, and other purposes as well.
2. Only a minimal amount of personal information is collected. The required information and optional items are distinguished on the consent form.
- ① Required information must be entered, and there may be disadvantages if not entered such as not being applied.
- ② There is no disadvantages for not entering optional items.
- ③ The unique identification information required separate consent separately from the general personal information.
- ※ Any sensitive personal information (race and ethnicity, ideology and creed, birth origin and legal domicile, political orientation, criminal record, physical condition, and sexual matters etc.) that may infringe customers’ basic right is not collected.
3. The method of personal information collection is as followed:
- ① Homepage, membership registration, document submission, collection through PDA, giveaway entry, event participation etc.
- ② Collection through generation information collection tool.
- 4. The Company prepares a procedure for customers to select either “agree” or “disagree” on each terms and conditions of the Company’s personal information collection agreement. The Company views that the customers have agreed upon the terms and condition of the Company’s personal information collection agreement once “agree” has been selected.
- 3. Provision and Sharing of Personal Information
In principle, unless the consent is obtained in advance or due to under the provisions of relevant Acts and subordinate regulations, the Company does not disclose personal information of customers to outside parties. However, the Company takes precautions to use and provide the personal information in the following cases.
- ① If the rights and obligations of the service provider are fully succeeded or transferred, such as sale, merger and acquisition, the Company will notify the customers in advance of the justifiable reasons and procedures in detail and give the customers the option to withdraw consent to the personal information.
- ② In the case of providing or sharing the personal information of the customers, the Company notifies the customers of those who received and shared from the customers in advance, the purpose of use of those who received and shared from the customers in advance, the personal information item provided or shared, the right to refuse consent, and the disadvantages in case of consent disagreement by a written letter or E-mail and requests for agreement.
2. In the following cases, the Company is able to provide personal information without the consent of the customers according to the provisions of the relevant regulations.
- ① Consent execution of the service provision
- ② Provisions of the relevant statues, or in accordance with the procedures and methods prescribed by the Acts and subordinate statutes for the purpose of investigation
- ③ Purpose of statistical preparation, academic research, or market research where a specific individual cannot be identified
- In principle, unless the consent is obtained in advance or due to under the provisions of relevant Acts and subordinate regulations, the Company does not disclose personal information of customers to outside parties. However, the Company takes precautions to use and provide the personal information in the following cases.
- 4. Outsourcing
1. The Company consigns some tasks to an outside service provider for providing service purpose.
Outsourcing Company Outsourced Work
- Homepage System: Development and Maintain Service
- 2. In case of personal information consignment, to ensure the safety of personal information, the strict observance of instructions, the privacy of personal information protection, the prohibition of third party provision and the responsibility of accident, the period of consignment, the return or destruction of personal information after processing, and the contents of the contract are prescribed precisely and are kept in writing or electronically.
- 3. In case of the outsourcing company or the work is modified, the Company will notify the consignee by letter, e-mail, phone, SMS or any other contact method.
- 1. The Company consigns some tasks to an outside service provider for providing service purpose.
- 5. Retention, Usage and Destruction Term of Personal Information
- 1. In principle, personal information is destroyed without delay when the purpose of collecting and using the information is fulfilled.
2. However, in accordance with the regulations and internal policies of related laws, the following information is preserved during the prescribed period of time due to the confirmation of the transaction related rights and obligation.
- ※ Information retained due to the related laws and regulations (Commercial Law, Basic Law for National Taxes, Corporate Tax Act, Consumer Protection Laws in E-commerce and others)
Retained Items Term
- Records on the agreement or withdrawal
- 5 Years
- Records on charges or asset payment
- 5 Years
- Records on customer complaints or dispute resolution
- 3 Years
3. Procedures and methods of destroying personal information are as follows.
- Once the purpose has been fulfilled, information entered by you is transferred to a separate DB (separate document in case information is in paper form) and saved for the prescribed period of time according to the reasons of information protection (Refer to Retention Term) based on internal rules and other related laws before it is destroyed. Unless otherwise specified by law, personal information transferred to a separate DB is not used for purposes other than the original purpose of collection.
- Personal information on a printed material will be shredded using a shredder or destructed in incineration. Personal information saved in the form of electronic file is deleted by using technical methods to prevent reproduction of records.
- ① Procedures
- 6. Rights of User and Legal Representative and the Methods of Exercising the Right
1. The customers can modify and delete personal information by writing to, calling or e-mailing personal information management officer. The information will be modified or deleted after id-entity confirmation process.
- However, in the following cases, the customers may be refused to access, modify, or delete all or part of personal information.
- ① If prohibited or restricted by law
- ② If likely to harm the life or body of another person or to unfairly infringe on others’ property and other interests
- 2. In the event you have requested modification or deletion of errors in personal information, the information will not be used or provided until the requested modification or deletion is completed. In the event when the wrong personal information is provided to a third party, the Company will notify the third party and correct with the appropriate personal information without any delay.
- 3. Personal information deleted upon request by user or legal representative is processed pursuant to specifications in ‘Retention, Usage and Destruction Term of Personal Information’ and will not be available or used for other purposes.
- 4. The customers are required to input the latest state of personal information correctly in order to prevent any unnecessary accidents. The responsibility for the accident caused by the incorrect information entered by a customer is one the customer him/herself, and if the customer enters false information on purpose, such as theft of others’ personal information, the customer may lose the membership.
- 5. The customers have the right to protect their personal information, as well as the obligation to protect themselves and not infringe others’ information. The customers must take precautions in personal information disclosure, and in prevention of damaging others’ personal information. A customer may be penalized by related laws (Act on Promotion of Information and Communication Network Utilization and Information Protection and Personal Information Protection Act) in case of damaging other people’s personal information and dignity.
6. Protection of personal information of a minor
- ① In principle, the Company does not collect personal information from minor.
- ② If the personal information of a minor is required due to the necessity of payment or delivery, the Company will obtain the consent from the legal representative in advance. The personal information of a minor will be managed with precautions during the process, and will destruct the information without a delay once the work is complete.
- 7. Refusal of unauthorized E-mail collection
- 1. The customers can modify and delete personal information by writing to, calling or e-mailing personal information management officer. The information will be modified or deleted after id-entity confirmation process.
- 7. Civil Service on Personal Information
- The Company designates a division and a personal information management officer in charge as of the following in order to protect personal information of our customers and to handle complaints related to personal information.
- You can make reports and civil applications on the matters of personal information protection that occur while using services of the Company to the personal information management officer or the division in charge. The Company will provide you with sufficient responses promptly in relation to the reports made.
- Please inquire at the following organizations if you should require consultations or to make reports in relation to personal information infringement.
- Personal Dispute Mediation Committee (www.1336.or.kr / 1336)
- Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
- Internet Crime Investigation Center, Prosecutors' Office (http://icic.spo.go.kr / 02-3480-3600)
- Cyber Terror Response Center, National Police Agency (www.ctrc.go.kr / 02-392-0330)
- 8. Security Measures
- The Company takes the following technical, administrative, and physical measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in handling.
- 1. The Company encrypts important personal information to store and manage.
2. Measures against hacking
- ① The Company is doing its best to prevent any leakage or damage of personal information from hacking or computer viruses.
- ② The Company backs up the data frequently in preparation for the damage of personal information, and uses the latest vaccine program to prevent any personal information leakage or damage. The Company also transmits personal information safely on the network through encryption communication.
- ③ The Company utilizes the intrusion prevention system and controls any unauthorized access from outside. The Company makes its best effort to prepare all possible technical devices to achieve secure security.
3. Minimizing and educating handling personnel
- ① The Company minimizes the personal information management officer, and the officer is responsible for managing information safely though occasional training.
- ② The transition of the personal information management officer is thoroughly carried out with the security maintained, and the responsibility for personal information accidents after joining and leaving the Company is clarified.
- ③ The computer room and the data storage room are set as special protection areas to control access.
4. Operation of an exclusive organization responsible for the protection of personal information;
- Through the organization dedicated to protection of personal information, the Company reviews the personal information measures and compliance of the personal information management officer, and corrects any issues without a delay.
- However, the Company is not responsible for the problem caused by the leakage of personal information due to customers’ carelessness or internet problems.
- 9. Advertisement Purpose
- 1. The Company does not send any advertising information for profit without the prior consent of the customers.
2. The Company sends advertising information by E-mail for online marketing purpose such as production information guide, so that the customers can easily recognize the E-mail titled and text as followed.
- ① E-mail Subject: If the text, (Ad), is not inserted in the subject line, the main content is displayed in the E-mail text.
- ② E-mail Text: The text specifies, the name, E-mail address, phone number and address of the sender who can indicate the customers’ intention to refuse receiving E-mails. It includes how the customers can easily express their intention to refuse receiving E-mails.
- 10. Notification upon Amendment
- This personal information policy was enacted on September 30, 2011, and if there is an addition, deletion, or modification of the contents due to the amendment of the law, the change of the government policy, the change of the internal policy of the Company or the change of security technology, the Company will announce the reasons and contents of the change through the homepage at least 7 days before the revision. However, if important matters such as the provision of personal information to a third party, the change of the purpose of collection and use, and the change of the holding period are changed, the Company will obtain the consent of the customers.
- Effective Date: September 30, 2011
- Revised Date: January 2, 2020