1. Purpose of processing personal information
[Inquiries on project within home page]
- Correspondence of reply to inquiries on project
2. Personal Information Items for Collection and Methods of Collection
[Inquiries on project within home page]
- Required Items: name, name of company working for, job title, phone number, email address
- Optional Items: none
- Method of Collection: Submission of inquiries on project within Contact page
3. Period for Processing and Storage of Personal Information
1) Records regarding job application : 5 years
2) Records regarding inquiries on project : 1 year
3) Other records : 3 years
4. Process and Method of Destructing Personal Information
When the purpose of processing personal information is attained, or the period of storage has expired, Company will destruct the personal information through the following methods in a way that cannot be restored.
1) in case of an electronic files: permanently deleting in a way that cannot be restored
2) In cases of records, printed materials, papers, or other recording media other than electronic files: crushing or incineration
5. Measures to Secure the Safety of Personal Information
Company takes the following measures to secure the safety of personal information in order to prevent loss, theft, leakage, alteration, or damage of personal information when processing Data Subjects' personal information.
- to establish the process necessary for access to and management of personal information; to educate employees regularly to comply with this policy; to do efforts to fix and correct any related issues if found
- to restrict the number of employees who has access to personal information to those who perform the task of management of personal information or who need processing of personal information for their work; to educate and train such employees.
- to use vaccine programs to minimize harm caused by computer virus;
- to operate breach prevention systems to prevent hacking or external breach
- to control entry into the head office of only limited internal employees through fingerprint recognition and employee ID authentication; to accept external personnel’s visit only when accompanied by authorized employees;
- If there are no employees in the head office, to use system security service to prevent intrusion from outside
6. Provision of Personal Information to Third Parties
Company uses collected personal information within the scope as noted in ‘Section 1. Purpose of processing personal information’ and does not use nor disclose/provide the personal information beyond such scope. However, the following are the exceptions:
1) In case the Data Subject has consented in advance to providing or sharing with a third party
2) In cases requested by the provisions of laws or requested by an investigating agency for the purpose of investigation in accordance with procedures and methods as provided by the laws.
7. Rights and Obligations of Data Subjects; How to Exercise
Data Subjects or their legal representatives may at any time request to view or correct their own personal information or of a person under 14 years old and to withdraw from their membership. Data Subjects or legal representatives of a person under 14 years old shall have, with regard to the processing of personal information Company stores, the following rights and obligations, which may be exercised as follows:
1) Data Subject may, at any time through in writing, telephone, e-mail, or fax, request Company to view, correct, delete, and suspend the processing of personal information and Company will take action in this regard without delay.
2) If Data Subject requests correction or deletion of personal information, Company will not use or provide such personal information until the correction or deletion is completed.
3) The rights, such as viewing and correcting personal information, may be exercised through a legal representative of Data Subject or an agent such as a person who has been delegated. In this case, a power of attorney shall be submitted in accordance with Form 11 of the Enforcement Rule of the Personal Information Protection Act.
4) Data Subject shall not infringe on the personal information of him/herself, or others processed by the Company and privacy of others in violation of relevant laws such as the Personal Information Protection Act.
- email : email@example.com
- telephone : 02-702-5527
- FAX : 02-702-5528
8. Privacy Officer
In order to protect customers' personal information and to handle complaints related to personal information, Company has designated Privacy Officer/the person in charge of personal information protection as follows:
Privacy Officer : Representative Direct Jang Woo-Yong [장우용 대표] (firstname.lastname@example.org)
Manager in charge of personal information protection: Team Leader Oh Jung-Yeop [오정엽 팀장] (email@example.com)
Data Subject may report any complaints related to personal information protection that occur while using Company's services to the person in charge of personal information protection and Privacy Officer. The Company will promptly and fully respond to such reports.
9. Operation and Management Policy of Visual Data Processing Devices
1) Statutory Ground and Purpose of Installation: Monitoring and filming for head office internal security, crime prevention, facility safety, fire prevention, etc.
2) Number of Devices Installed: 3 in total
3) Locations : Head office exterior entrance, office interior, company affiliated research institute interior
4) Scope of filming: Head office entrance and main facilities
5) Hours of operation : 24 hours
6) Retention period : up to 30 days
7) Manager in charge : Team Leader Park Kyung-Pil [박경필 팀장] (firstname.lastname@example.org)
8) Person who is entitled to access the Visual Data: Privacy Officer, Manager in charge of personal information protection, Manager in charge visual data management
9) Visual Data retention place: Server Room
10) Processing method : Automatic deletion upon expiry of retention period
11) Method and place to check visual data: Upon request to Manager in charge
12) Measures taken to deal with Data Subject’s request to access the Visual Data: Data Subject may request the Manage in charge of managing Visual Data Processing Devices to view, check its existence or delete his/her Visual Data. However, such access shall be limited to the Visual Data captured of him/herself and the personal Visual Data that is clearly necessary for the immediate interest of life, body, and property of the Data Subject.
13) Measures of safeguards to protect the visual data:
- to establish internal management process
- Access control and Authority control
- Safe storage of Visual Data
- to keep processing records