|
“Vieworks Co., Ltd.” (hereinafter referred to as "Company") highly regards personal information of its users and accordingly does its best to comply with relevant laws and regulations including the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and the Personal Information Protection Act.
The Company has the processing policy hereunder to protect personal information and rights of its users and smoothly process personal information related complaints. The Company informs users of how and for what purposes it collects personal information of users and what measures it takes to protect it.
This personal information processing policy is subject to change according to amendment of relevant laws and regulations and the revision of the Company policy. Should it be revised, the Company will post it under the notice page on the website of the Company (www.vieworks.com) or notify each user in writing, e-mail, phone call, SMS, etc. This policy shall go into effect as of January 1st, 2018.
1. Purposes of Processing Personal Information
The Company uses and processes collected personal information for the following purposes: The Company won’t use the processed personal information for purposes other than those specified below. Should the Company change any of them, the Company will acquire prior consent of each information provider.
A. Response to Customer Inquiry: The Company processes personal information for the purpose of contacting customers in order to check and respond to inquiries as follows and to notify the processing result.
ᆞ Product and service related inquiries
ᆞ Product purchase inquiries and quotation requests
B. Service Provision: The Company processes personal information for the purpose of providing services and contents as follows.
ᆞ Product catalog
ᆞ Product user’s manual
2. Personal Information Items to Be Collected and How to Collect
The Company prohibits the collection, use, and storage of personal information through the membership subscription in order to protect the personal information of users and to prevent information leakage. The Company separately collects the minimum information required for the website service and destroys the collected information after processing.
A. Collected Items: Name, company, country, and email address
B. How Personal Information is Collected
ᆞ Each user directly enters information on the website of the Company.
ᆞ Collection by phone call, fax, e-mail, etc.
ᆞ Automatic collection by the log analysis program, etc. (access logs such as access IPs, cookies, use records, etc.)
3. Personal Information Retention and Usage Period
The Company destroys personal information without delay after the purposes of its collection and use are achieved. However, if it is necessary to retain personal information of users according to the relevant laws and regulations, the Company retains it for the period set in the said laws and regulations as specified below:
Items to Retain
Retention Period
Legal Basis
Records of contracts, subscription withdrawals, etc.
5 years
Act on the Consumer Protection in Electronic Commerce, etc.
Records of payments, supply of goods, etc.
5 years
Act on the Consumer Protection in Electronic Commerce, etc.
Processing records of consumer complaints or disputes
3 years
Act on the Consumer Protection in Electronic Commerce, etc.
Records related to the collection, processing, and usage consent of credit information
3 years
Credit Information Use and Protection Act
Display and advertisement related records
6 months
Act on the Consumer Protection in Electronic Commerce, etc.
Log records of users including the Internet, tracking data on access points of users, and other communication check data
3 months / 12 months
Protection of Communications Secrets Act
Preservation of records on user identity authentication
6 months
Act on the Promotion of Information and Communications Network Utilization and Information Protection, etc.
※ However, if a member agrees to extend the period, his/her records will be retained for the period agreed.
4. Matters on Provision of Personal Information to Third Parties
In principle, the Company does not provide personal information of users to external parties. However, exceptions apply as follows:
ᆞ A user provides prior consent on disclosure or provision to third parties.
ᆞ An investigative authority requests in accordance with the provisions, procedures, and methods specified in relevant laws and regulations for the purpose of investigation.
ᆞ Personal information is provided for purposes of statistics, academic studies, etc. in the form by which specific individuals cannot be identified.
5. Rights of Users and Their Legal Representatives and How to Exercise the Rights
A user and his/her legal representative are entitled to exercise their rights to make requests to view, correct, delete, cease processing the registered data on his/her personal information at any time. Send an e-mail request to the Personal Information Protection Manager if you want to exercise any of the above stated rights, and the Company will take action immediately.
If a user requests to correct his/her personal information, the Company shall not use or provide it to third parties until it is entirely corrected.
However, the Company may refuse to allow the viewing of or correct personal information as a whole or in part in the following cases:
ᆞ There is a risk of significant damage to life, body, property, or interest of the user himself/herself or others.
ᆞ There is a risk of interfering with the Company’s business significantly.
ᆞ Granting the request would be in violation of the relevant laws and regulations.
The Company processes personal information that has been deleted/has ceased to be processed upon the request of the user or his/her legal representative in the manner described in “Article 3. Personal Information Retention and Usage Period” and renders it so that it cannot be viewed or used for any other purpose.
Each user is requested to keep his/her personal information up-to-date and correct. A user shall be responsible for incidents that occur due to incorrect information he/she entered. If he/she enters fraudulent information, including the misappropriated information of others, his/her service use may be restricted.
Together with the right to personal information protection, a user and his/her legal representative are obliged to protect his/her own information and not to infringe upon the information of others. A user and his/her legal representative are requested to be careful not to leak his/her personal information and not to damage personal information of others, including postings. If such responsibilities are not fulfilled and information and dignity of others are damaged, the offending party may be subject to punishment according to the Act on the Promotion of Information and Communications Network Utilization and Information Protection, etc. or other relevant laws and regulations.
6. Personal Information Destruction Procedure and Method
In principle, the Company destroys personal information without delay after the purpose of its processing is achieved. The destruction procedure, due date, and method are as follows:
A. Destruction Procedure
After the purpose of the information entered by a user is achieved, the Company destroys it immediately or moves it to a separate DB (transfer to a separate document if written on paper), retains it for a certain period, and then destroys it according to the Company policy or other relevant laws and regulations. At this point, personal information moved to the DB shall not be used for purposes other than legal compliance.
B. Destruction Due Date
The Company destroys personal information of a user within 5 days from the expiry date of its retention period or within 5 days from the date when its processing is recognized as not required no longer needed because its processing purpose is achieved, the applicable service is abolished, or the applicable business is terminated.
C. Destruction Method
The Company erases personal information stored in the form of electronic file using a technical method so that the record cannot be restored. The Company destroys printed hard copies of personal information by shredding or incinerating it.
7. Matters on Installation, Operation, and Rejection of Automatic Personal Information Collection System
The Company operates tools such as cookies that store and retrieve personal information of users. A cookie is a tiny amount of data which the http server that is used to operate the Company’s website transmits to the browser of users. Sometimes it is stored in the user’s computer hard disk.
A. Purpose of Using Cookies, etc.
ᆞ It is used to analyze access types, visit times, access frequencies, etc. of users to provide optimal information to the users.
ᆞ It is used for various marketing services, statistical analysis, etc.
B. How to Reject Cookie Setting
ᆞ Users have the right to block or allow cookies. Therefore, users can set the option on their web browsers to choose whether to allow all cookies, allow cookies after confirmation, or block all cookies. However, if a user chooses to block cookies, he/she may experience difficulties in using certain services.
ᆞ If you want to change the cookie related setting, check Tools > Internet Option > Personal Information from the top of your web browser.
8. Personal Information Protection Manager
The Company designates Personal Information Protection Manager, who is responsible for fully managing personal information processing works, including handling of personal information related complaints and damage relief of information subjects, as follows:
Personal Information Protection Manager
ᆞ Name: Huyngtai Kim, Managing Director
ᆞ Phone: +82-70-7011-6166
ᆞ Fax: +82-31-386-8631
ᆞ E-mail: [email protected]
※ Your inquiry will be directed to the Personal Information Protection Department. The Company will promptly respond to complaints of users.
9. Security Measures for Protecting Personal Information
To protect personal information against loss, theft, leakage, falsification, and damage during the handling personal information as per the Personal Information Protection Act, the Company takes security measures as follows:
1. Regular In-house Audit
The Company regularly holds in-house audit to ensure security of personal information handling.
2. Minimization and Training of Personal Information Handling Employees
The Company designates a number of employees for handling personal information and taking control measures and keeps that number to a minimum.
3. Establishment and Execution of Internal Management Plan
The Company establishes and executes the internal management plan for securing personal information processing.
4. Technical Measures against Hacking, etc.
The Company regularly updates and inspects security software to prevent leakage of or damage to personal information by hacking or viruses. The data storage systems are installed in areas with limited access from the outside and are under physical and technical surveillance and monitoring.
5. Storage and Tampering Prevention of Access Logs
The Company stores and manages the logs of access to the personal information processing system for at least six months and have security features in place to prevent the access logs from being tampered with, stolen, or lost.
6. Restricted Access to Personal Information
The Company takes necessary measures such as authorizing, changing, and canceling access to the personal information database to restrict access to personal information and deploys an intrusion protection system to prevent any unauthorized access from the outside.
7. Use of Locking Device for Document Security
The Company keeps paper materials, secondary storage media, etc. containing personal information in secure places with locking devices.
8. Restricted Access for Unauthorized Personnel
The Company has set up separate physical storage facilities for the personal information system that stores personal information and implemented and operates access control procedures for the facilities.
10. Revision of Personal Information Processing Policy
The Company applies this personal information processing policy from the effective date stated above. If the Company has to add, delete, or correct any of this policy due to changes in the relevant laws and regulations or the Company’s policy, the Company shall post it under the notice page on its website 7 days before the change takes place.
A user provides prior consent on disclosure or provision to third parties.
ᆞ An investigative authority requests in accordance with the provisions, procedures, and methods specified in relevant laws and regulations for the purpose of investigation.
ᆞ Personal information is provided for purposes of statistics, academic studies, etc. in the form by which specific individuals cannot be identified.
|