1. Purpose of Collection/Use of Personal Information, Collected Items, Method of Collection
A. Collected Items
– Name, cell phone number, e-mail address
B. Method of Collection
Company will collect the personal information through the following method:
– Users will be required to give consent to collection of personal information when making online inquiries at the web site, and asked to directly enter the relevant information.
C. Purpose of Collection and Use
Company will use the users’ personal information to receive and process customer inquiries and complaints. Company will not use the information for any other purpose, and will take necessary measures such as obtain a separate consent in case of any changes to the purpose of use.
2. Provision of Personal Information to a Third Party
Company will not disclose the personal information to any third party without prior consent of the relevant user.
3. Outsourcing of Personal Information Processing
Currently, Company does not outsource processing of users’ personal information to any third party. If it is outsourced to a third party in the future, it will be disclosed without delay through this Privacy Policy.
4. Period of Retention/Use of Personal Information and Destruction thereof
A. Period of Retention/Use
Company will destroy the relevant personal information without delay upon lapse of period of retention/use of personal information; achievement of the purpose of retention/use; closedown of business; user’s request for destruction of personal information; and/or withdrawal of consent on collection/use.
In the meantime, personal information will be retained if required to be retained for a certain period under the applicable laws, and will not be used for any other purpose.
– Act on the Consumer Protection in Electronic Commerce, etc.
Record on cancellation of contract or order, etc.: 5 years
Record on payment and supply of goods, etc.: 5 years
Record on resolution of consumer complaints or disputes: 3 years
– Electronic Financial Transactions Act
Record on electronic financing: 5 years
– Protection of Communications Secrets Act
Log-in record: 3 months
B. Procedure and Method for Destruction of Personal Information
The procedure and method for destruction of personal information are as follows:
(1) Destruction procedure
Company will select the personal information for which the cause for destruction has occurred, and destroy the relevant information with authorization of the privacy officer.
(2) Destruction method
Personal information recorded/stored in electronic file formats will be destroyed in the way to disable reproduction, and those recorded/stored in paper will be shredded or incinerated.
5. Rights of a User and His/Her Legal Representative and Method of Exercise thereof
A user may not give consent to the Company’s collection, use or provision of his/her personal information, in which case it may not be possible for the user to use all or a part of the related services. A user can withdraw his/her consent given on collection, use or provision, etc. of personal information at any time.
In addition, a user is entitled to demand the Company to grant access to or to provide the following information, or to correct any errors therein:
– Personal information of the user retained by the Company;
– Status of the Company’s use of the user’s personal information or provision thereof to a third party;
– Status of the user’s consent on the Company’s collection/use/provision of the personal information.
Such rights can be exercised by writing, e-mail or fax to the Company, upon which the Company will take the necessary measures without delay. If the user requests for correction of any error, etc. in the personal information, the Company will not use or provide the relevant information until the correction has been completed, unless such personal information is required to be used or provided under any other applicable laws. If any erroneous personal information has been provided already to a third party, the result of correction will notified to the relevant third party without delay to ensure correction.
The users’ such rights can also be exercised through his/her legal representative or a proxy, in which case the Company may require documentary evidence thereof, such as a power of attorney.
6. Installation/Operation of Cookies and Refusal thereto
A cookie is a small quantity of information transmitted from the website server to the user’s computer, which contains information of the visited website and personal information of the user necessary for identification when providing the services. A user may change the configuration of the web browser in his/her computer to disable or warn against cookies. Company may transmit cookies to the user’s computer if necessary for use of the web services as follows:
(1) Purpose of use of cookies
To provide customized information according to the interests of individuals; to identify the preferences and interest areas of members by analyzing access frequency and hours of members and non-members, and to use such information on target marketing; to provide customized services to individuals by tracking items viewed with interest; to use as criteria for improving services through analysis of members’ habits; and to collect writings posted on the bulletin board.
(2) Installation/operation of cookies and refusal thereto
Users have the option to enable or disable cookies, can enable all cookies by configuring the options in the web browser, make decisions every time cookies are stored, or refuse to save all cookies.
7. Technical/Managerial Measures for Protection of Personal information
Company takes the following technical, managerial measures to ensure security so as to prevent any loss, theft, leakage, falsification or damage in handling the personal information of users. Personal information is encrypted for safe transmission on the network. Company uses a firewall system to prevent any unauthorized access, and endeavors to install every possible technical equipment to otherwise ensure system security.
Company restricts access to personal information only to the employees-in-charge, and has established a separate password and changes it regularly to safeguard the users’ personal information. It also emphasizes compliance with its privacy policy by frequently training the staff-in-charge on new security technologies and reminder on obligation to protect personal information.
8. Privacy Officer and Responsible Department
Users can report any complaints related to protection of personal information arising while using the Company’s services to the privacy officer or to the responsible department:
→ Privacy Officer
Name: Beomsu Lee
Contact Info (telephone, e-mail, fax)
telephone: +82-2-6927-0419
email: info@asterasys.com
fax: +82-2-499-6888
→ Responsible Department
Department: Marketing team
Name: sangjong lee
Contact Info (telephone, e-mail, fax)
telephone: +82-2-0628-5381
email: info@asterasys.com
fax: +82-2-499-6888
Users can also inquire with the following institutions if they need to report or otherwise consult any personal information infringement cases:
→ Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
– Duties: report and consultation on infringement of personal information
– URL: privacy.kisa.or.kr
– Telephone: 118 (w/o area code)
– Address: 3F, 9, Jinheung-gil, Naju-si, Jeollanam-do (58324)
→ Personal Information Dispute Mediation Committee
– Duties: personal information dispute mediation, group dispute mediation (civil resolution)
– URL: www.kopico.go.kr
– Telephone: 1833-6972 (w/o area code)
– Address: 4F, Government Complex Seoul, 209, Sejong-daero, Jongno-gu, Seoul (03171)
→ Cyber Crime Investigation Unit under the Supreme Prosecutors’ Office: 02-3480-3573 (www.spo.go.kr)
→ National Police Agency Cyber Bureau: 182 (http://cyberbureau.police.go.kr)
9. Amendment
This Privacy Policy will take effect from January 16, 2019.