Privacy Policy
(hereinafter referred to as ‘Company’) executes following policies to protect personal information, right, and interests of users and to deal with user’s issues regarding personal information in accordance with Personal Information Protection Act.
In amendment of Privacy Policy, the Company will make an announcement via website notice (or separate notice)
○ This Privacy Policy shall be effective from January 1st, 2020.
1. Purpose of Personal Information Processing
The Company processes personal information for following purposes. The processed personal information will be used only for following purposes. In case of change in purpose of use, the Company will ask for consent in advance.
A. Provision of Goods and Supply
The Company processes personal information to provide service.
2. Status of Personal Information File
1. Personal Information File Name : Status of Consulting and Contracting Customers
– Collecting Items : E-mail, cellphone number, gender, name, company contact, position, department, company name, service usage record, access log
– Collecting Method : Homepage, in writing, phone/FAX, collection by using created information collecting tool
– Period of Retention : 5 years for record on payment and supply of goods, 5 years for record on contract or withdrawal
– Related Legislation : Act on Consumer Protection in Electronic Commerce Transaction
3. Period of Processing and Keeping Personal Information
① The company processes and keeps personal information within the period of personal information retention and utilization in accordance with legislation or period agreed by the subject of information.
② The period of processing and keeping personal information shall be as follows.
1. Personal information related to shall be kept and utilized for up to <5 years> from agreed date on collection and utilization for the purposes above.
-Basis of Retention : Customer consulting and contracting
-Related Legislation : Act on Consumer Protection in Electronic Commerce Transaction
4. Subject of Information, Rights and Duties of Legal Representative, and Method of Exercise User may exercise following rights as a subject of personal information.
① The subject of information may exercise rights such as request for access, revise, delete, suspend processing of personal information at any time.
② The exercise of rights from Paragraph 1 can be made via in writing, e-mail, and FAX in accordance with Paragraph 1, Article 41 of the Enforcement Ordinance of Personal Information Protection Act and the company will take immediate measure.
③ The exercise of rights from Paragraph 1 may be made by a legal representative or agent of the subject of information. In this case, the subject of information needs to submit Power of Attorney in accordance with Annex 11 Format, Enforcement Regulation of Personal Information Protection Act.
④ In regard to request on access and suspension on processing of personal information, the rights of subject of information may be limited in accordance with Paragraph 2, Article 37 and Paragraph 5, Article 35 of Personal Information Protection Act.
⑤ In regard to request on revision and delete of personal information, the subject of information may not request on deleting the information when the personal information is specified as a collectible item in accordance with other legislations.
⑥ If the subject of information requests on access, revise, delete, or suspension on processing for personal information, the Company shall check whether the request is made by the subject of information or legal agent.
5. Preparation of Personal Information to be Processed
① The Company processes following personal information items.
1. – Mandatory : E-Mail, Name
– Optional : Cellphone number, gender, company contact, position, department, company name, service usage record, access log
6.Disposal of Personal Information
The Company disposes of personal information immediately after accomplishing the purpose of personal information processing in principle. The procedure, period, and method of disposal shall be as follows.
-Procedure of Disposal
After accomplishing the purpose, user’s input information is moved to separate database (separate document in case of paper) and stored for certain period or immediately disposed in accordance with internal policy or other related legislations. The personal information moved to database is not used for other purposes unless otherwise regulated by the law.
– Period or Disposal
If personal information isn’t necessary anymore for reasons such as accomplishing the purpose of processing personal information, closing of service, and closing of project within 5 days until expiration of personal information retention period, the personal information shall be disposed within 5 days from the day when processing of personal information isn’t necessary any longer.
-Method of disposal
Personal information in electronic file format shall be disposed by using technical method that cannot be recovered.
Personal information printed on a paper shall be shredded in a shredder or disposed by incineration.
7. Installation and Operation of Automatic Personal Information Collector and Disagreement
① To provide customized service for each user, the Company uses ‘Cookie’ that saves and loads user information.
② Cookie is a small amount of information sent from website operating server (http) to computer browser and cookie is saved on user computer’s hard disk.
A. Purpose of Using Cookie : Cookie is used to provide the optimized information to users by identifying the visit and usage type, popular search word, and security access in each service and website that user visited.
B. Installation and Operation of Cookie and Disagreement : The user may disagree with cookie saving in web browser’s Tool> Internet Option > Personal Information Menu’s Option Setting.
C. If the user disagrees with cookie saving, the user may be restricted in using the customized service.
8. Designation of Personal Information Security Officer
① The Company designates personal information security officer as follows to be in charge of works related to personal information processing, deal with complaints, and relief damages of subject of information.
Personal Information Security Officer
Name: Jang Ilseo
Position: CEO
Contact : info@jsavt.co.kr
※ Link to Personal Information Security Department
Personal Information Security Department
Department Name: New Business Team
Contact: info@jsavt.co.kr
② Subject of information may make an inquiry on personal information protection, complaint handling, and damage relief in using the service (or business) of the Company.
The Company will answer and handle the inquiry immediately.
9. Change in Privacy Policy
① This Privacy Policy shall be effective from the enforcement date. If there occur any addition, deletion, or amendment on Privacy Policy in accordance with legislation and policy, the Company will make announcement via notice at least 7 days before the enforcement of changes.
10. Measures for Securing Safety in Personal Information
In accordance with Article 29 of Personal Information Protection Act, the Company takes following technical, administrative, and physical measures to secure safety.
1. Minimization and Education on Staff in Charge of Personal Information
The Company designates staff in charge of personal information and limits such work to staff in charge to manage personal information
2. Technical Measures in Preparation of Hacking
To prevent leakage and damage of personal information due to hacking or computer virus, the Company installs security program, regularly renews and checks on the program. The Company also installs the system on the access control area to monitor and block access technically and physically.
3. Access Control to Personal Information
The Company takes measures necessary for control access to personal information by authorizing, changing, and expiring access to database system that processes personal information. The Company also uses firewall system to control unauthorized access from outside.
4. Access Control to Unauthorized Person
The Company arranges a separate physical storage for personal information and the Company establishes and operates access control procedures for the storage place.