The personal information protection policy of the Internet service on the LDCC website contains the following items.
- 01. Purpose of the Collection and Use of Personal Information
- 02. Collection Items and Method of Collecting Personal Information
- 03. Personal Information Handling and Retention Period
- 04. Matters Concerning the Provision of Personal Information
- 05. Matters Concerning the Consignment of Personal Information
- 06. Rights, Obligations and Exercise Method of the Information Subject and Legal Representative
- 07. Destruction Procedures and Method for Personal Information
- 08. Operation of Cookies
- 09. Measures Taken to Secure Safety for Personal Information
- 10. Affiliation / Name and Contact Information of Those Responsible for the Personal Information Management of the Service and Person in Charge
- 11. Obligation of Notice
1. Purpose of the Collection and Use of Personal Information
a. Handling of Civil Affairs
- - The Company handles personal information for the purposes of verifying civil complaints and notification of handling results.
2. Collection Items and Method of Collecting Personal Information
The Company collects the following personal information to facilitate the handling of business and the provision of various services.
a. Required Collection Items
- - Name, email address
b. Selected Collection Items
- - Contact information, company name (bulletin board is required for inquiring on mutual growth), department
c. Collection Method
- The Company collects personal information in the following manner.
- · Website
- - The Company collects personal information in the following manner.
3. Personal Information Handling and Retention Period
The Company handles and retains personal information within the period of retention and the period of use of personal information in accordance with the laws and regulations or within the period of retention and the period of use of personal information (3 months) for which consent is secured when collecting personal information from the information subject.
4. Matters Concerning the Provision of Personal Information
The Company shall use the personal information of the users within the scope provided under "1. Purpose of the Collection and Use of Personal Information" and shall not use the user's personal information beyond the scope without the prior consent of the users, nor disclose the users’ personal information to the outside as a matter of principle.
5. Matters Concerning the Consignment of Personal Information
The Company does not consign the customers' personal information.
6. Rights, Obligations and Exercise Method of the Information Subject and Legal Representative
a. The information subject may, at any time, exercise the personal information protection-related rights as provided under each of the following with regard to the Company.
- - Demand for a review of personal information
- - Demand for corrections in the event of errors
- - Demand for deletion
- - Demand for the suspension of handling
b. The exercise of rights under the provisions of Paragraph a. may be performed in writing, or via phone, email, or facsimile (FAX) to those responsible for personal information protection and management as well as the department in charge or the Company, to which the Company will respond and take actions accordingly without delay.
c. If the information subject demands the correction or deletion of any errors in personal information, the Company will not use or provide the personal information until the correction or deletion is made and completed.
d. The exercise of rights under the provisions of Paragraph a. may be performed by the legal representative of the information subject or agent authorized for the delegation of the rights, etc. In this event, a power of attorney shall be submitted in line with Form 11 annexed under the Enforcement Rules of the Personal Information Protection Act.
7. Destruction Procedures and Method for Personal Information
The Company shall immediately destroy personal information when it becomes unnecessary, such as the elapse of the retention period of personal information and the achievement of the purposes of handling it.
a. Destruction Procedures
- - The information entered by the users will be destroyed immediately upon the achievement of the purpose. However, if storage of it is required according to other laws and regulations, it will be separated and stored in a separate DB (or separate documents in the case of paper) for storage for a certain period of time, and will not be used for any other purposes whatsoever.
b. Destruction Method
- - The personal information printed on paper will be destroyed by shredding or incineration.
- - The personal information stored in the form of electronic files will be deleted by using a technical method which cannot reproduce the records.
8. Operation of Cookies
With the aim of providing customized services to users, “cookies” are used to frequently store and retrieve information from service users. Cookies are a small quantity of information sent by a server (HTTP) to a user’s computer browser and are also stored on the user’s computer hard disk. By using cookies, the Company is able to provide more convenient services by identifying the types of visits and forms of use of each service, the websites visited by users, the number of users, etc., and the user can choose whether to accept cookies. By setting options in the user’s web browser, the user can allow all cookies, check each time cookies are saved, or refuse to save all cookies.
9. Measures Taken to Secure Safety for Personal Information
The Company takes the following actions to ensure the safety of personal information.
a. Administrative Action
- Training of the employees who handle personal information
- · The Company designates the employees who handle personal information, limits handling to the person in charge for minimization purposes, and frequently trains the person in charge, thereby stressing compliance with the personal information handling policy at all times.
- - Training of the employees who handle personal information
b. Technical measures
- - The Company installs security programs, periodically updates, tests, and installs system in areas where access from the outside is controlled, and technically/physically monitors and blocks to prevent any leakage of or damages against personal information by hacking or computer viruses.
c. Physical Measures
- - Unauthorized access control. The Company operates a separate physical storage location for personal information and also has access control procedures in place.
10. Matters Concerning Those Responsible for the Personal Information Protection of the Service
The Company is responsible for the handling of personal information, and designates the following persons in charge of personal information protection to handle complaints and damages of the information subject in connection with the handling of personal information.
Personal Information Protection Supervisor
- · Name: Park Jong-pyo
- · Affiliation / Position: Head of Convergence Security Division (CPO)
- · E-mail : email@example.com
- · Phone : +82-2-2626-4100
Personal Information Protection Manager
- · Name: Park Sun-oh
- · Affiliation / Position: Assistant Manager of Compliance Division
- · E-mail : firstname.lastname@example.org
- · Phone : +82-2-2626-6096
Users may file a report with the personal information management supervisor or the department in charge regarding any personal information-related complaints that arise while using the Company's services. The Company will promptly and adequately respond to the users’ reports.
For filing a report or consultation concerning other infringements of personal information, please contact the following agencies.
- - Personal Information Infringement Report Center: www.privacy.kisa.or.kr (dial 118 without area code)
- - Supreme Prosecutors' Office Cyber Investigation Division: www.spo.go.kr (dial 1301 without area code)
- - National Police Agency Cyber Safety Bureau: cyberbureau.police.go.kr (dial 182 without area code)
11 Obligation of Notice
In the event of any additions, deletions, or modifications to the current personal information handling policy, the Company will notify them via the “Notice” section on its website from at least 7 days before the revision. However, if there is a significant change in the users’ rights, such as in regard to the collection and use of personal information and provision to a third party, the Company will so notify at least 30 days in advance.
- - Date of public announcement: July 1, 2019
- - Date of enforcement: July 8, 2019
- - Version number: V3.3