This policy will go into effect on August 25, 2014.
Privacy & Information Handling Policy items
1. Personal information items and collection method
1) Personal information items collected
Name, phone number(cell phone number), e-mail, connection IP information, service use record, access log, cookie, MAC address
2) Methods of collecting personal information
The Company collects personal information in the following ways:
Responding to user inquiries received on the homepage, dealing with civil complaints including suggestions, complaints and service requests, giveaway entries, shipment requests and generated information collection tool
2. Purpose of collecting and using personal information
The Company utilizes collected personal information for the following purposes:
- 1) Responding to user inquiries
- 2) Dealing with civil complaints including suggestions, complaints and service requests
- 3) Providing stable service and improving quality by analyzing connection frequency, collecting service use statistics, and analyzing users’ service use
- 4) Market research, marketing or advertising
- 5) Providing stable service and improving quality by analyzing connection frequency, collecting service use statistics, and analyzing users’ service use
3. Personal information retention and use period
The Company will immediately destroy the personal information collected once the personal information retention period expires or else the purpose of processing thereof has been achieved. However, the following information will be retained for the following reasons for a specified period of time:
1) Items collected on the website
- - Retained items : Name, phone number(cell phone number), e-mail
- - Retention period: 1 year (until the consent is withdrawn, however, if the consent of the information principal was obtained for the purpose of marketing or advertising)
- - Retention reasons : user identification, responding to user inquiries, dealing with civil complaints including suggestions, complaints and service requests
2) Items that are automatically generated and can be collected in the process of using the website
- - Retained items: connection IP information, service use record, access log, cookie, MAC address
- - Retention period: 3 months or less
- - Retention reasons: checking connection frequency and collecting service use statistics
4. Procedure for and method of destroying personal information
The Company will immediately destroy personal information when the personal information becomes unnecessary as the personal information retention period expires, or the purpose of processing thereof is achieved. The procedure for and method of destroying personal information are as follows:
1) Destruction procedure
The information you enter will be moved to a separate DB (a separate filing cabinet for paper) after the purposes are achieved, and destroyed after it is stored for a certain period of time according to information protection clauses pursuant to internal policies and other related laws (see the retention and use period). The personal information moved to a separate DB will not be used for any purpose other than retention unless necessitated by law.
2) Destruction method
- - Personal information stored in the form of electronic files must be deleted using a technical method ensuring that the records cannot be reproduced.
- - Personal information printed on paper must be shredded in a paper shredder or incinerated.
5. Provision of personal information
The Company will not offer users’ personal information to outside in principle. However, exceptions will be made in the following events:
- 1) In the event that the prior consent of users was obtained;
- 2) In the event that an investigative agency requests it according to laws, or according to legal procedures and methods for the purpose of investigation;
- 3) In the event that prior consent cannot be obtained because the information principal or his/her legal guardian cannot express his/her intention, or his/her address is unknown, and it is clearly deemed urgently necessary for the life, body or pecuniary benefit of the information principal or a third party; and
- 4) In the event that it is necessary for statistics and academic research, and personal information is provide in a way that cannot identify individuals.
6. Consignment of collected personal information
The Company consigns personal information processing as follows for the sake of efficiency:
1) Website operations
- - Consignee: Nautilus Hyosung
- - Details of consignment: homepage maintenance, system management, etc.
7. Rights of users and their legal guardians, and how to exercise these rights
Users and their legal guardians may view or modify their own registered personal information or the personal information of children under 14 years of age at any time, and demand to withdraw their consent.
If errors in personal information are requested to be corrected, the Company will not use or provide the personal information until the requested correction has been completed. Also, if the wrong personal information has already been provided to a third party, the Company will immediately notify the results of any corrections to a third party so that the corrections can be made properly.
In the following events, the Company may refuse the viewing or correction of all of part of personal information:
- 1) in the event that it is highly likely to harm the life, property or rights of themselves or a third party;
- 2) in the event that it is likely to significantly hinder the business the Company; and
- 3) in the event that it violates laws.
The Company will process the personal information cancelled or deleted at the request of users or their legal guardians as stipulated in "the retention and use period of personal information collected by the Company," and make sure that it cannot be viewed or use for any other purpose beyond the permitted scope defined.
8. Technical/administrative measures to protect personal information
To prevent personal information from being lost, stolen, leaked, altered or damaged and ensure safety when handling the personal information of information principals, the Company takes the following technical measures:
- 1) Personal information is password-protected, and important data is protected by separate security (encryption) functions.
- 2) The Company uses vaccine programs to prevent damages from computer viruses.
- 3) The Company adopts a security mechanism (SSL) that uses encryption algorithms to safely transmit personal information on the network.
- 4) The Company is operating an intrusion prevention system in provision against external intrusion like hacking.
- 5) The Company strictly limits employees handing personal information to those who manage personal information and those who must handle personal information inevitably, and emphasizes the importance of compliance with this policy by providing regular education for employees in charge. If related problems are detected, the Company will immediately take corrective measures.
The Company will not be responsible for any problem caused by the leak of personal information, such as ID, password and e-mail, due to users’ negligence or Internet problems.
9. Matters concerning the installation and operation of an automatic personal information collection system, and the rejection thereof
The Company uses ‘cookies’ that frequently save and retrieve your information. A cookie is a very small text file that the server, used to operate the Company’s website, sends to your browser. It is saved in the hard disk of your computer.
- 1) Analyzing connection frequencies and visit time to understand users’ preferences and interests and track users’ footprints.
- 2) Carrying out target marketing and providing customized service by checking level of participation in various events and number of visits.
You may choose not to install cookies. Accordingly, you may allow all cookies by setting the option in the web browser, go through a confirmation process whenever a cookie is saved, or refuse to have all cookies saved.
You may reject cookies by selecting an option in your web browser to allow all cookies, going through a confirmation process each time a cookie is saved, or refusing to have all cookies saved.
How to set up (Internet Explorer): Tools > Internet options > Personal information at the top of the web browser If you refused to have cookies installed, however, there may be difficulties with service provision.
10. Civil petition service regarding personal information
To protect your personal information and deal with complaints related to personal information, the Company has the following department and chief privacy officer. Some homepages may have a separate customer service department and person in charge of personal information management.
You may report all complaints related to personal information protection in using the Company’s service to the chief privacy officer or department in charge. The Company will provide prompt and sufficient answers to your reports.
1. Chief Privacy Officer
- - Name : Yeon-ho Kim
- - Position : Manager
- - Contact info: +82-2-3477-6392, email@example.com
(※ You will be connected to the department in charge of personal information.)
2. Department in charge of personal information
- - Department name : Sales Support Team
- - Person in charge : Kyung-young Kwon
- - Phone : +82-2-3477-6395
- - e-mail : firstname.lastname@example.org
If you need to report personal information intrusion or need consultation, you may contact the following agencies: