Kumho HT
Kumho HT Co., Ltd. (hereinafter referred to as the “Company”) complies with the personal information protection regulations under the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter referred to as the “Information and Communications Network Act”), the Personal Information Protection Act and the Communication Secret Protection Act. To this end, the company protects the personal information of the information subject in accordance with Article 30 of the Personal Information Protection Act and provides the following personal information processing policy (hereinafter referred to as “this processing policy”) in order to promptly and smoothly handle related grievances to establish and disclose.
When this policy is revised, the company will notify the revision through the company website.
This policy will be effective from January 1, 2022.
Article 1 (Purpose of processing personal information)
The company processes personal information for the following purposes. However, the company will not use the processed personal information for purposes other than the following purposes, and when the purpose of use is changed, it will take necessary measures, such as obtaining separate consent in accordance with the provisions of relevant laws.
Article 2 (Processing and Retention Period of Personal Information)
When collecting personal information from the subject of personal information retention and use in accordance with laws and regulations, the company shall provide for at least 3 days from the date of consent to the retention, use period or collection and use of the agreed personal information until the purpose of processing personal information is achieved. Retained and used for years. However, after the retention period has elapsed, it is retained and used only for the purpose of resolving disputes, handling civil complaints, and fulfilling statutory obligations, and will be destroyed without delay after the purpose of use is achieved. In principle, each personal information is processed and retained until the completion of supply of products and services and the completion of settlement of receivables and debts. However, if an investigation or investigation is in progress due to a violation of relevant laws and regulations, it is processed and retained until the investigation or investigation is completed, and the specific period of time is in accordance with the company's personal information protection regulations.
Article 3 (Matters concerning provision of personal information to third parties)
In principle, the company processes the personal information of the information subject only within the scope of the purpose specified in Article 1 of this policy, and, except in cases where prior consent is obtained from the information subject or in accordance with special provisions of the law, processing exceeds the original scope or provide it to a third party.
The company provides personal information to third parties as follows.
1. If there is consent of the relevant information
2. subject Article 1 In case the company provides to a third party within the necessary range in order to realize the specified purpose
3. when using statistical data processed without specifying the individual information subject
4. When disclosure is requested by law or a valid court order
5. When it is urgently necessary to protect a person's life, body, or property, etc.
Article 4 (Items of personal information to be processed)
The company handles the following personal information items.
1. Provision of goods or services
Name, company name, ID, password, address, phone number, mobile phone number, e-mail address, payment information such as bank account information, business registration number
2. Report
Name of the informant, password to confirm the information, e-mail address, phone number
3. Marketing and promotional activities
subject's name, company name, position, email address, company phone number, mobile phone number
4. Employee recruitment
Name, resident registration number, address, phone number, mobile phone number, e-mail, educational background, military service information, veterans information, disability, health status, foreign language ability, other self-introduction, etc.)
5. Other generated information
Access IP, service use record, access log, bad use record, etc.
6. Management of employees
Personal information provided at the time of recruitment and changes thereto, department, position, personnel evaluation, etc.
7. The smooth performance of the company's business
Company name, affiliation, position, name, contact information, address, mobile phone number, email address, date of birth, etc.
Article 5 (Matters related to entrustment of processing of personal information)
The company does not entrust the handling of the personal information of the information subject to an external company without the prior consent of the information subject. If such a need arises in the future, the information subject will be notified of the consignee and the details of the consigned work and, if necessary, prior consent will be obtained. When the company concludes a consignment contract with a third party for the processing of personal information, in accordance with Article 25 of the Personal Information Protection Act, the prohibition of processing of personal information other than for the purpose of performing the entrusted work, technical and administrative protection measures, restrictions on re-entrustment, Responsibilities such as management/supervision, compensation for damages, etc. will be specified in documents such as contracts, and the trustee will supervise whether it is handled safely. In the event that the processing of personal information is entrusted or the contents of the entrusted work or the consignee are changed, we will disclose it through this policy without delay and obtain the necessary consent.
Article 6 (Matters concerning measures to ensure the safety of personal information)
The company will manage the personal information of the information subject appropriately and carefully. Accordingly, the company is taking technical, administrative, and physical protection measures necessary to secure stability as follows.
1. Administrative measures: establishment and enforcement of personal information protection regulations, minimization of personal information handling and education
2. Technical measures: Management of access rights to personal information processing systems, installation of an access control system, security measures using encryption technology such as encryption of unique identification information, installation of security programs, measures to prevent forgery and falsification of access records, protection of vaccine software Measures to prevent infringement by computer viruses such as installation and operation
3. Physical measures: Control access to computer rooms, archives, etc.
The company establishes measures for security maintenance such as encryption or file lock function to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in handling personal information of information subjects, and I will do my best. The company will limit the number of employees handling personal information to a minimum and provide frequent training to employees in charge to comply with the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and this Handling Guidelines.
Article 7 (Matters concerning rights and obligations of information subjects and methods of exercising them)
The information subject can exercise the rights related to the protection of personal information in each of the following subparagraphs against the company at any time.
1. Request for viewing of personal information
2. Request for correction in case of errors, etc.
3. Delete
4. Request to stop processing.
5. If you do not agree to the processing of personal information by the company, refuse consent (However, in this case, the use of some or all of the services provided by the company may be restricted.)
The rights of the information subject stipulated in Paragraph 1 of this Article can be exercised in writing, by phone, e-mail, fax, etc., and the company will take necessary measures without delay after going through the identity verification process. If the information subject requests correction or deletion of personal information, the company will not use or provide the personal information until the correction and deletion are completed. If the company becomes aware of the use or provision of erroneous personal information, it will correct the wrong use and provision without delay. In addition, if incorrect personal information has already been provided to a third party, we will notify the third party of the result of the correction without delay so that the correction can be made. The information subject may exercise the rights under Paragraph 1 through his/her legal representative or an agent such as a person who has been delegated. In this case, the information subject must submit the power of attorney in accordance with Form 11 of the Enforcement Rule of the Personal Information Protection Act to the company. The information subject must not infringe on the personal information and privacy of the information subject himself or others processed by the company in violation of the Personal Information Protection Act and related laws.
Article 8 (Destruction of personal information)
The company destroys the personal information without delay from the end of the retention period if the retention period of personal information has elapsed, unless there is a justifiable reason such as retention in accordance with related laws. If the personal information retention period agreed by the information subject has elapsed or the purpose of processing has been achieved, if personal information needs to be kept in accordance with relevant laws, the personal information may be moved to a separate database (DB) or stored in a different location preserve. The company selects the personal information for which the reason for destruction occurred, and destroys the personal information with the approval of the company's personal information protection officer Information in the form of electronic files is destroyed using a technical method that cannot reproduce records, and personal information printed on paper is destroyed by shredding or incineration.
Article 9 (Personal Information Protection Department)
The company designates the following departments in charge of handling personal information, such as protecting personal information and handling complaints related to personal information in accordance with Article 30, Paragraph 1, No. 6 of the Personal Information Protection act
1. Department: Human Resources Team, Management Headquarters
2. Phone number: 062-958-2770
3. Fax: 062-958-2710
Article 10 (Installation and operation of image information processing equipment)
The company installs and operates image information processing equipment as follows.
Article 11 (Remedies for Infringement of Rights)
The information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency Personal Information Infringement Report Center, etc. In addition, please contact the following organizations for reporting and consultation on other personal information infringement.
1. Personal Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
2. Privacy Infringement Report Center: (without area code) 118 (www.privacy.kisa.or.kr)
3. Supreme Prosecutors' Office Cyber Crime Investigation Team: (without area code) 1301 (www.spo.go.kr)
4. National Police Agency Cyber Security Bureau: (without area code) 182 ( http://cyberbureau.police.go.kr)
Article 12 (Change of Privacy Policy)
This policy is effective from the effective date. If the contents of this policy are added, deleted, or corrected due to changes in related laws and policies, the company will notify you through the company website 7 days before the change takes effect.