Chapter 1: Scope of Personal Information Collection
2. In principle, the Company shall not collect any sensitive personal information which may significantly infringe on the basic human rights of a user (Information about ideas and beliefs, union and political party membership and withdrawal, political views, health, sex life, place of birth and domicile, criminal records...). However, an exception shall be made in cases where the personal information to be collected is specified in the law or it is necessary as it is directly related to the provision of the service with the user's consent.
Chapter 2: Purpose of Collection and Use of Personal Information
This site uses analytics provided by Google for service analysis and service level improvement. Accordingly, the following information may be automatically generated and collected while the website service is used. The user has the right to object to the collection of information. However, such objection to the consent may restrict use of certain services.
• Collected items: service use records, access logs, cookies, access IP information
※ For details such as the purpose of using cookies, please refer to [Chapter 7: Matters concerning the installation, operation and rejection of devices for automatic collection of personal information].
Chapter 3: Processing and Retention Period of Personal Information
1. The Company shall process the personal information within the period of retention and use of personal information in accordance with laws and regulations or the period of such agreed upon when collecting personal information from the information subject, and destroy it without delay when the purpose of use is achieved.
2. The following information shall be retained for the period specified for the following reasons:
(1) Website visit history
- Retention ground: Communication Confidentiality Protection Act
- Retention period: 3 months
(2) Records related to display and advertisement
- Retention ground: Consumer Protection Act in Electronic Commerce
- Retention period: 6 months
Chapter 4: Procedure and Method for Destroying Personal Information
1. In principle, the Company destroys the applicable personal information without delay when the period of use has elapsed or information destruction has been requested.
2. The electronic files shall be completely deleted using a technical method so that they cannot be recovered or reproduced. Other records, printed materials, written documents shall be destroyed in a crushing or incineration bin.
3. . If no information and communication service is used for one year, the Company takes a necessary measure such as destroying the personal information. However, any necessary action such as destruction shall be taken after the period has elapsed if a separate period is specified by law or a different period is specified at user's request.
Provision of Personal Information to Third Parties
The Company provides no personal information to any third parties without the user's prior consent.
Chapter 6: Consignment of System Processing
1. The Company entrusts the system as follows for smooth operation such as providing better service and providing customer convenience.
2. The Company shall provide no user's personal information to any other company if the related service is not used during the business entrusted to the company.
|Custody company||Custody task|
|Hankook Networks Co., Ltd.||Computer system operation and maintenance|
|Concentrix Corporation||Website system development and operation management|
Chapter 7: Matters concerning the installation, operation and rejection of automatic personal information collection devices
The Company uses 'cookie' information which frequently stores and retrieves user information to provide personalized services. A cookie is a very small text file where the server which is used to operate the website sends to the user's browser and is stored on the user's computer hard disk.
Cookies never automatically or actively collect personally identifiable information, and a use may refuse to store or delete these cookies at any time.
The Company uses Google Analytics, a web analysis service provided by Google, Inc. (hereinafter 'Google') for the purpose of providing better service to customers to provide anonymous cookie information (i.e., demographic data) to analyze and evaluate how customers use the company's services, identify customer needs, and improve and customize services and products to provide efficient services.
The Company does not collect personally identifiable information through Google Analytics, and not combine any information we collect with personally identifiable information obtained through other sources.
2. How to reject cookie setting
The user has the option to install cookies. Therefore, the user may opt-out of automated cookie information collection through the methods below.
(1) How to set browser to reject cookies
– Select [Internet Options] from the [Tools] menu.
– Select [Advanced] in the [Privacy] tab.
– Set ‘Block’ in [How to handle cookies].
– Choose [Settings] from the [Tools] menu.
– [Site and permission management]
– Select [Manage and delete cookies and site data].
– Select [Block] to manage.
– Select [Settings] from the More menu in the upper right corner.
– Select [Advanced] at the bottom.
– Select [Content Settings] in [Privacy & Security].
– Select [Cookies] to ‘disable’ [Allow sites to store and read cookie data].
(2) Install Google Analytics blocking browser add-on: https://tools.google.com/dlpage/gaoptout
Find out more
Chapter 8: Technical/Administrative Measures for Personal Information Protection
1. Technical countermeasures
The Company protects users' personal information safely through security functions in accordance with relevant legal regulations and internal policies. The Company is taking measures to prevent damage caused by computer viruses by using a vaccine program. Vaccine programs are updated regularly, and the update is applied as soon as the vaccine is released to prevent infringement of personal information if a virus suddenly appears. The company encrypts, stores and manages the user's password, and employs a security device which can transmit personal information safely on the network. To prevent leakage of your personal information from being hacked, the Company uses a device which blocks intrusions from outside and monitors any intrusion 24 hours a day X 365 days a year.
2. Administrative measures
The Company strictly limits the personal information handling personnel to those who perform personal information management tasks and those who need to handle personal information for business purposes, and emphasizes the observance of the personal information handling policy through frequent training for the person in charge.
Chapter 9: Right of User/Legal Representative and How to Exercise
1. If a user requests correction of errors in personal information by writing, telephone, e-mail or fax, the personal information shall not be used or provided until the correction is completed. In addition, the third party of the result of the correction will be notified without delay so that correction can be made if incorrect personal information has already been provided to a third party.
2. The Company may request to view and provide transaction information held by user with his/her consent, where the company will take necessary measures so that it can be read without delay.
3. As for children under the age of 14, the legal representative has the right to view or correct the child's personal information, and the right to withdraw consent to collection and use.
4. It is possible to request access to personal information in accordance with Article 35 of the Personal Information Protection Act, and the Company will endeavor to promptly process the user's request for access to such personal information.
Chapter 10: Personal Information Protection Officer and Consultation/Report
1. To protect users' personal information and handle complaints related to personal information, the Company has designated a person in charge of personal information protection. For any questions regarding user personal information, please contact a personal information protection officer or the relevant department below.
Personal Information Protection Officer
Department Name: Information Security Team
Person in charge: Ji-hyung Lee
Customer Service Representative
2. If you need to report or consult on other personal information infringement, please contact the following organizations:
(1) Personal Information Infringement Report Center (http://privacy.kisa.or.kr / 118 without area code)
(2) Cyber Investigation Division of Prosecution Service (http://www.spo.go.kr / 1301 without area code)
(3) Cyber Security Bureau of National Police Agency (http://cyberbureau.police.go.kr / 182 without area code)
(4) Personal Information Dispute Mediation Committee (http://kopico.go.kr / 1833-6972)