Hyosung Group (hereinafter called the "Company") treats its customers' personal information with the utmost importance, steadfastly observing the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.
With its privacy policy (the "privacy policy") in place, the company informs its customers of the purpose of and methods for using all personal information provided by our customers, as well as details of the measures it takes to protect this information.
In the event of revising its privacy policy, the company will post announcements via its corporate website (or individually).
This policy will be implemented starting January 28, 2010
Our privacy policy addresses the following issues
- - Consignment of Personal Information Collected
- - Rights of Users and Guardians and How to Exercise those Rights
- - Technical/Administrative Protection Measures for Personal Information
- - Installation, Operation and Refusal of Automated. Personal Information
Collection Program - - Civil Services for Personal Information
- Personal Information Collected
- Name, date of birth, sex, Log-in ID, PIN, Q&A to confirm PIN, home phone number, home address, mobile phone number, e-mail address, profession, name of employer, division/department, position, work phone number, favorite pastime, marriage status, anniversary, information on legal guardians, national ID number, religion, academic background, physical description, service use record, access logs, cookies, access IP information
- Collection Methods
- Hyosung ("the Company") collects personal information from its customers using the following methods : membership recruitment drives, consultation bulletins, gift/event applications, delivery requests, information-collecting tools
The company uses the collected personal information for the following purposes.
- Service Contract Implementation and Fee Calculation
- offering contents, delivering products, issuing invoices, etc.
- Membership Management
- identification verification required for using membership services, personal identification, prevention of illegal use by unqualified members and unauthorized use of services, confirmation of membership application intention, membership application and limitation in the number of trials, confirmation of the agreement of guardians for children under 14, subsequent identification verification of guardians, archiving of information for mediation, handling complaints including customer dissatisfaction, delivery of notices
- Using Personal Information for Marketing and Advertisement
- development and specialization of new services (products), offering services and posting ads reflecting demographic characteristics, identifying log-in frequency, statistics for service use by members, delivery of promotional information including PR events
Personal information of users will be destroyed immediately upon achieving the purpose of collecting personal information.
However, for certain items, the personal information collected will be retained for a specific period of time for the following reasons listed below.
- Personal Information to be Retained of Exiting Members
- - Information retained : name, national ID number, user ID, e-mail address, home address, phone number
- - Grounds for retention : preventing unqualified members' re-application, cooperating for mediation or investigation(defamation of character, etc.)
- - Retention period : one (1) year until after membership cancellation
- Retention of Personal Information as Related to Business Transaction
- - Information retained : history of business transaction
- - Grounds for retention : Commercial Act; Act on the Consumer Protection in the Electronic Commerce Transactions, Etc.
- - Retention period : records for contract or membership cancellation - five (5) years
records for payment and provision of goods and services - five (5) years
records for consumer complaint or dispute handling - three (3) years
Personal information will be destroyed immediately upon achieving the purpose of collecting personal information.
Procedures and methods for destroying personal information are as follows.
- Procedures for Destroying Personal Information
- The personal information you have provided will be transferred to separate databases (or to separate files using non-digital data) after the purpose of collecting and using the information is met. Afterward, the information will be stored for a specific period of time as required by the company's internal privacy policy and other related laws and regulations. Subsequently, it will be destroyed upon the expiration of the said period. (See the retention and use periods.)
The information that was transferred to separate DB's will not be used for purposes other than retention, unless otherwise mandated by law. - Methods for Destroying Personal Information
- - The personal information stored in electronic files will be deleted using techniques that forbid re-production.
- - The personal information printed on paper will be destroyed with shredders or burned in incinerators.
Basically, the company does not release its users' personal information to the public. However, there are cases that will be accepted depending upon the following exceptions.
- - Users have given their prior consent
- - Laws and regulations have mandated the release of personal information, or there have been requests by the investigating
authorities for the purpose of investing crimes according to the procedures and methods specified by the concerned laws
The company consigns the services to be implemented to an external outsourcing company as summarized below.
- Consigned party
- Nautilus Hyosung
- Details of the Consigned Work
- provision of civil services such as handling customer complaints regarding service use; delivery of notices; management of the website and system
Users and their legal guardians are allowed to have access to and revise their own personal information or the personal information of their children age 14 or under at all times and may request membership cancellation.
In the case where you have requested to correct any inaccuracies in your personal information, the company will not use or provide the inaccurate personal information until the correction is completed. In the case where such inaccurate information has already been provided to a third party or parties, the company will immediately notify such party or parties of the results of the correction to ensure the said information is corrected properly.
The user's personal information that was cancelled or destroyed as requested by the user him/herself or his/her legal guardian shall be handled as specified in the "Personal Information Retention and Retention Period" of the privacy policy. The company ensures such information will not be viewed or used for purposes other than retention.
In handling users' personal information, the company implements technical measures as listed below to protect against loss, theft, leakage or falsification of, or damage to, such information.
- - Personal information is protected via a personal identification number ("PIN") and related critical data are guarded by
additional security features (codification). - - By using anti-virus programs, the company is taking protective measures against damages caused by viruses.
- - The company is using Secure Sockets Layer (SSL), which helps it use codification algorithms to ensure safe online
transmission of personal information. - - The company strictly limits personal information access to its employees who are in charge of carrying out personal
information management and who, due to work responsibilities, are required to handle such personal information.
Frequent scheduled training is offered to such employees to emphasize their compliance with this policy.
In the event of encountering related problems, the company does its best to amend or correct them.
The company shall not take responsibility for any problems arising from personal information leakage caused by the user's own neglect or by the problems related to the
Internet (e.g., leakage of user ID, PIN, national ID number, etc.)
The company utilizes cookies and other tools to store and locate your personal information on demand. Cookies are small text files that the server used to operate the corporate website sends to your web browsers and are stored on the hard disk of your computer.
The company uses cookies for the following purposes.
- Purpose of Using Cookies, Etc.
- To analyze the log-in frequency, log-in time and duration, etc. of the site's members and non-members; to identify and trace users' tastes and areas of interest; to implement target-marketing and offer custom-tailored services to users by identifying users' level of participation in various events, frequency of log-in, etc.
You have the right to choose whether or not to install cookies. Thus, you may set up your web browser's options in such a way that all cookies are allowed, or each and every cookie to be stored in your computer hard disk is subjected to authorization, or any and all cookies are refused storage. - Methods for Refusing Cookie Set-Up
- You may choose options available in your web browsers, setting them up in such a way that all cookies are allowed, or each and every cookie is subjected to authorization, or any and all cookies are refused for storage.
- Methods for setting up options: (e.g. with Internet Explorer) tools at the top of web browser Internet options personal information You may experience some difficulties
receiving all available services if you choose to refuse the installation of cookies.
- The company designates the exclusive customer service division and personal information manager as shown below, to protect its customers' personal information and handle complaints involving such information.
- For certain websites, a separate customer service division and personal information managers may be available.
You may contact our personal information manager or customer service division to report any and all complaints related to personal information protection that may arise while using our services. We will try to promptly reply to your report/complaint and answer it in a sufficient manner. For other reporting or consulting involving personal information infiltration, please contact the following organizations.
- - Korea Internet & Security Agency http://www.cyberprivacy.or.kr
- - Prosecution Service : Internet Crime Investigation Center http://www.spo.go.kr
- - National Policy Agency : Cyber Terror Response Center http://www.ctrc.go.kr
