In order to protect the user’s personal information and rights in accordance with the Personal Information Protection Act and to address user complaints related to personal information, <회사명칭> (hereunder “company”) applies the policy it established as described below.
“company” notifies updates of the Privacy Policy, if any, through the noticeboard of its website (or personal notification).


ο This policy is effective as of January 1, 2021.


1. Purpose of Personal Information Processing “company”utilizes the personal information collected for the purposes described below. Personal information that is handled is not used for purposes other than those stated below. If there is any change to the purpose of use, prior consent will be sought.
A. Website membership management
Identification• authentication for service provision, membership maintenance, identification in accordance with the limited verification of identity system, and prevention of illegal use of service.


B. Handling of civil applications
Personal information may be used for the purpose of identifying applicants, checking application details, contacting for fact checking, and notifying the results.
C. Provision of materials or services
Personal information may be used for service provision purposes.
D. Use for marketing and advertisement
Personal information may be used for the purpose of checking of validity of services, grasping of access frequency, and statistical reference of members’ service use.
2. Present status of personal information files
• 1. Personal information file name: Personal information
• Personal information items: E-mail, mobile phone no., company telephone no., title, department, company name, access log, access IP info., and legal representative’s name
• How to collect info.: Website
• Reason for retention: Agreement to personal information use
• Retention period: 3
• Related laws: Records regarding the collection, processing, and use of credit information: 3 years, Records of consumer complaints or dispute settlements: 3 years, Records of contracts or application withdrawal: 5


3. Period of personal information processing and retention① “company” processes and retains personal information during the designated period of use as agreed upon with the information object and according to laws concerning the retention and use period of personal information.
② The period of personal information processing and retention depending on the service type is as follows:
• 1.<Civic service>
• Personal information related to <civic service provision> is retained and used for the aforesaid purposes for 3 years from the date of agreement to the collection and use of personal information.
• Reason for retention: Agreement to personal information use
• Related laws: 1) Records of consumer complaints or dispute settlements: 3 years, 2) Records of contracts or application withdrawal: 5
• Reason for exception:


4. Provision of personal information to a third party① “company” may provide a third party with personal information only when the personal information object agrees to it and such is in accordance with specific laws or regulations such as Articles 17 and 18 of the Personal Information Protection Act.
② “company” may provide personal information to a third party in the following cases:
• 1. “company”
• Those who are provided with personal information: “company”
• Purpose of the receiver’s use of personal information: E-mail, mobile phone no., company telephone no., title, department, company name, and legal representative’s name
• Purpose of the receiver’s retention and use of personal information: 3


5. Rights and duties of the information object and legal representative as well as how to exercise the rights As a personal information object, a user may exercise the following rights:
① An information object may exercise the right to request “company” for opening, correction, deletion, and suspension of use of personal information anytime.
② The act of exercising the rights stated in Paragraph 1 above may be implemented in writing or via e-mail or fax in accordance with Article 41-1 of the Enforcement Ordinance of the Personal Information Protection Act. In response, “company” will take measures accordingly without delay.
③ An information object may exercise the rights stated in Paragraph 1 above through a legal representative or an entrusted individual. In this case, the user shall submit a letter of attorney using Annex Form No. 11 of the Enforcement Regulations of the Personal Information Protection Act.
④ The information object’s right to request opening or suspension of use of personal information may be restricted in accordance with Articles 35-5 and 37-2 of the Personal Information Protection Act.
⑤ As for the correction and deletion of certain personal information items, in case the relevant law specifies such items as a basic requirement, the request for deletion may not be accepted.
⑥ As for the correction and deletion of certain personal information items, in case the relevant law specifies such items as a basic requirement, the request for deletion may not be accepted.


6. Personal information items to be handled① “company” handles the following personal information items:
• 1<Civic service>
• Required items: E-mail, mobile phone no., company telephone no., title, department, company name, and legal representative’s name and mobile phone no.
• - Optional items:


7. Disposal of Personal Information Once the purpose of handling personal information is fulfilled, “company” destroys the personal information without delay, in principle. Personal information is deleted using the following procedure and method:
-Deletion Procedures
Information that is entered by a user is transferred to a separate database once its purpose is fulfilled (in the case of paper, a separate filing cabinet), and then destroyed after the designated period in accordance with internal directions or related laws on privacy protection. Personal information transferred to a DB is not used for any other purpose unless required by law.-Information DisposalA user’s personal information is destroyed within 5 days of the final date of retention if the retention period expires and within 5 days of the date when the handling of personal information is judged as unnecessary for reasons such as fulfillment of handling personal information, termination of service, completion of business, etc.
-Disposal Method
Personal information saved in electronic file format is deleted by means of a technical method that makes opening the file impossible.


8. Installation, operation, and denial of devices automatically collecting personal information
“company” does not use “cookies” that save and frequently load an information object’s use logs.


9. Person in charge of protecting personal information
① In order to manage duties regarding personal information as well as handle complaints and remedies, “company” designates the following person in charge of protecting personal information:
• ▶ Person in charge of protecting personal information
• Name: 
• Title: 
• Position: 
• Contact Info.: 
② An information object may inquire with the personal information protection manager and responsible department about personal information protection, unsatisfactory service, remedies for damage, etc. regarding the service (business) offered by “company” “company” will provide an answer to such inquiries without delay.


10. Change to privacy policy
①The present privacy policy comes into effect on the enforcement date. When there is any addition, deletion, or correction of a provision according to related laws or regulations, such shall be notified at least 7 days before its application.


11. Measures for personal information security According to Article 29 of the Personal Information Protection Act, “company” takes technical, managerial, and physical measures for information security as follows:
1. “company” designates the minimal number of employees in charge of handling personal information so that personal information is handled only by the designated individual(s) in charge.2. Technical measures for hacking, etc.
In order to prevent personal information leak or damage due to hacking, computer viruses, etc., “company” installs and regularly updates and checks security programs. “company” installs a security system in a restricted area and supervises it technically and physically.
3. Personal information encryption
A user’s password is encrypted when stored and managed and is known to the user only. For files including vital data, additional security functions such as encryption and file locking are applied.


4. Retention of access logs and forgery prevention
Logs of access to the personal information processing system are kept and managed for at least 6 months. Security functions are applied to prevent log forgery, leak, or loss.


5. Control of unauthorized individuals’ access
Personal information is kept in a physically separate place, and access control procedures are established and operated.

“OOO” (hereinafter referred to as the “Company”) values your personal information and complies with the “Act on the Promotion of Information and Communications Network Utilization and Information Protection.”
The company will inform customers of the purpose and method of personal information use through the Privacy Policy as well as the measures being taken to protect personal information.

In case the Company revises the Privacy Policy, such will be notified through the website notice (or individual notice).

ο This policy: Will be effective from oooo/oo/oo

■ Personal Information to be Collected

The Company is collecting personal information as follows for member registration, consultation, service request, etc.:

ο Items of collection: Name, gender, mobile phone number, email, company name, company phone number, credit card information, bank account information, service use history, access logs, access IP information, payment history

ο Personal information collection method: Website (member registration), paper forms

■ Purpose of Collection and Use of Personal Information

The Company will use the collected personal information for the following purposes:

ο Fulfillment of contracts and billing content in accordance with the provision of services, purchase and payment, delivery of goods sending invoices, authentication of financial transactions, and financial services

ο Member Management

Personal identification, individual identification, prevention of improper use by members and unauthorized use, complaint processing, and delivery of notices according to the use of membership services

ο Use in marketing and advertisements

Development and specialization of new services (products)

■ Period of Retention and Use of Personal Information

After fulfilling the purpose of collecting and using personal information, the Company will destroy such information without delay and without exception.

■ Procedure and Method for the Destruction of Personal Information

After fulfilling the purpose of collecting and using personal information, the Company will destroy such information without delay.

The procedure and method of destruction are as follows.

ο Destruction procedure 

Information that members enter for registration, etc. will be moved to a separate DB after fulfilling the purpose of use (separate cabinet for paper) where it is stored for a certain period and destroyed in accordance with internal policy and other privacy protection reasons (See Retention and Use Period) following related regulations.

Personal information moved to a separate DB will not be used for any other purpose unless required by law.

ο How to destroy - Personal information stored in the form of electronic file is to be deleted by using technical methods that make the records unrecoverable.

- Personal information outputted on paper is to be destroyed through shredding or incineration.

■ The company that provides the personal information does not provide the user's personal information externally, in principle.

However, the following exceptions apply: - If users have agreed beforehand - When it is demanded by an investigative agency as per the provisions of the law, or through procedures and methods set by the law for the purpose of investigation ■ The company consigned with the collected personal information will not consign customers' information to an external company without the customers’ consent.

If there is a need for consignment in the future, customers will be notified of the target and scope of the consignment, and informed consent will be requested if necessary. ■ Rights of users and their legal representatives and how to exercise them
Users and their legal representatives can always view or modify their information or that of their children below 14 years at any time, or request the termination of membership. To view or modify the personal information of users or children below 14 years, click “Change Personal Information” (or “Modify Member Information”). To cancel membership (withdraw consent), click “Cancel Membership” to proceed with personal identification and then view, modify, or withdraw directly. Additionally, you may contact the Privacy Officer in writing, phone, or email, and we will process it without delay. If you request correction of an error in your personal information, we will not use or provide the personal information until we have completed the correction.

Additionally, if the incorrect personal information was already provided to a third party, we will notify the third party of the results of the correction without delay so that the correction can be made. Personal information terminated or deleted by the user or legal representative is processed according to the “Retention and Use Period of Personal Information Collected by oo” and in such a way that viewing or use for any other purposes by oo is not allowed.

■ Matters on the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices

We do not operate devices collecting personal information that is automatically collected when using Internet services such as cookies, etc.

■ Complaint Handling Services on Personal Information

The Company designates the relevant department and privacy officer to protect customers’ personal information and process complaints related to privacy.

Name of Privacy Officer: ooo

Telephone Number: oo-oooo-oooo

E-mail: oooo@oooo

While using the services provided by our Company, you may report all privacy-related complaints to the privacy officer or the relevant department.

The Company will provide you with prompt and complete response to your report.

Please consult the following institutions if you need to report or receive consultation on other privacy violations:

1. KISA (www.1336.or.kr/118 without area code) 2. OPA Privacy (www.eprivacy.or.kr/82-2-580-0533, 0534) 3. Supreme Prosecutors' Office Cybercrime Investigation Division (http://icic.sppo.go.kr/82-2-3480-3600) 4. Korean National Police Agency Cyber Terror Response Center (www.ctrc.go.kr/82-2-392-0330)