- The Korean Register (hereinafter referred to as "Korean Register") is the Personal Information Protection Act in order to protect the personal information of the data subject pursuant to Article 30 and to quickly and smoothly handle related grievances, the personal information processing policy is established and disclosed as follows.
- ○ This Privacy Policy shall enter into force on November 15 2021
1. Purpose of processing personal information
-
Korean Register processes personal information for the purposes stated in the following. Personal information thus processed will not be used for a purpose other than what is stated below. If there is a change in the said purposes, we will ask for your consent in advance. We process personal information for the following purposes:
- A. Homepage membership subscription and management
- Checking if users actually want to subscribe for membership, verifying identification information concerning provision of service for members, membership management, personal identification in accordance with the system of Limited Verification of Identity, preventing dishonest use of service, sending notifications and announcements, handling complaints, and preserving records such as notices or records for dispute mediation.
- B. Handling users’ complaints and requests
- Verifying complaint/request submitters’ identities, checking the content of complaints/requests, communicating for fact-finding, and having them informed of the result of our processing.
- C. Provision of goods or services
- Processing personal information for provision of services, content, and customized services, and for personal identification
- D. Use in marketing and advertising
- Development of new services (goods), provision of customized services, provision of information on special events/promotional information, provision of opportunities for participation, verifying service validity, finding out access frequency or drawing up statistics on the status of members’ use of services, etc.
2. Personal information items collected and period of retention
-
Korean Register collects, retains, and uses information stated below that is required for membership subscription, smooth customer consultation, provision of services, and hiring of employees, etc.
- A. Name of personal information file:Membership Registration Information
- Personal information items collected, retained, and used by us
- Required items: name, login ID, password, DOB, password-related Q&A, language selection (Korean/English), cell phone number, email address, etc.
- Optional items: mailing service selection (our Korean webzine/our English webzine /technical information/screening information), technical information recommendation, business name/phone number/fax number
- Collection method: homepage membership subscription
- Purpose of collection: provision of the content, provision of customized services, verification of identification, provision of information delivery service, etc.
- Period of retention:to be destroyed upon membership withdrawal
- B. Name of personal information file: Online Application Information
- Personal information items: name of employer, position, name, email address, home phone number, cell phone number, etc.
- Collection method: homepage
- Purpose of collection: to be used for our online inspection/screening application
- Period of retention: to be destroyed within 5 years per our quality system record management procedure
- C. Name of personal information file: Whistleblowing Information
- Personal information items: name, email address, cell phone number, etc.
- Collection method: homepage
- Purpose of collection: to be used in whistleblowing
- Period of retention: to be destroyed within one year after use
- D. Name of personal information file: Q & A Information
- Personal information items: name, contact number, name of employer
- Collection method: homepage
- Purpose of collection: to be used when receiving application for our service
- Period of retention: to be destroyed upon membership withdrawal
- E. Name of personal information file: Customers’ Complaints Information
- Personal information items: name, address, phone number, cell phone number, email address
- Purpose of collection: to be used when receiving application for our service
- Period of retention: to be destroyed within one year after use
3. How to process sensitive information (special categories of personal data)
-
Korean Register makes it a rule not to process sensitive information unless explicitly consented by the subject of information or required by the law of an EU member state.
- A. Scope of sensitive information: personal information associated with race/ethnicity, political view, religious/philosophical belief, labor union membership, gene/bio/heath information, information on sex life and sexual orientation
- B. Sensitive information that can be processed
- 1) The subject of information giving explicit consent
- 2) Where required to fulfill obligations under the laws related to employment, social security or collective agreement
- 3) Information that the subject of information has clearly disclosed to the public.
4. The subject of information’s rights and how to exercise them
-
As subjects of personal information, service users may exercise the following rights.
- A. The subjects of personal information may exercise the following rights regarding the protection of personal information to the Korean Register.
- 1) The right to ask us for accessing their personal information retained by us
- 2) The right to ask us to correct errors included in their personal information retained by us
- 3) The right to ask us to delete their personal information retained by us
- 4) The right to ask us to stop processing their personal information retained by us
- 5) The right to ask us to transmit their personal information kept by us to themselves or a third party
- 6) The right to object to profiling (the subject may refuse to let personally important matters to be decided by automated process such as profiling)
- B. Service users may exercise their rights stated in the foregoing 1, using a written form, email or fax as stipulated in Schedule No. 8, the Enforcement Riles to Personal Information Protection Act. We will comply with their requests in due course.
- C. If the subject of information has asked for correction of an error in, or deletion of, his/her personal information retained by us, we shall not use the personal information until the completion of the requested action.
- D. If the exercise of the rights stated in the foregoing 1 is done through a legal agent or trustee, a power of attorney shall be submitted, using the form provided in Schedule No. 11, Enforcement Rule of the Personal Information Protection Act.
- E. An application for our online service from a minor aged under 16 shall be processed with the consent of a person with parental rights.
5. Destruction of personal information
-
Korean Register shall destroy personal information upon attaining the purpose of processing it as follows. We shall destroy service users’ personal information upon attaining the purpose of collecting and using it.
- A. Destruction procedure
- Upon attaining the purpose, the personal information provided by service users for membership subscription, etc. shall be transferred to a separate database (or a document file in the case of a paper document) and retained there until destruction under the in-house guidelines and the law (Ref. Period of Retention and Using in this Privacy Policy). The said personal information shall not be used for any other purpose unless required by the laws.
- B. Destruction method
- Printouts containing personal information shall be shredded or incinerated.
- Electronic files containing personal information shall be deleted in a non-recoverable way.
6. Measures taken to keep personal information safe
-
Korean Register takes technical/administrative/physical protective measures as follows to keep personal information safe in compliance with Article 29 of the Personal Information Protection Act.
- A. Keeping the number of personal information processing employees to a minimum and providing education
- We let only designated employees process personal information, keep their number to a minimum, and have them manage personal information adequately.
- B. Periodic in-house inspection
- We carry out periodic in-house inspection to ensure that personal information is processed adequately.
- C. Carrying out in-house management plan
- We carry out in-house management plan to keep personal information safe.
- D. Encoding passwords
- Our homepage membership IDs and passwords are encoded when transmitted, stored, and managed. Access to, or change of, personal information can only be done by the subject of information, who knows the password.
- E. Technical measures against hacking, etc.
- To protect personal information from hacking or computer virus, we operate security programs, renew them periodically, keep the relevant system in an off-limits area, and monitor it technically and physically.
- F. Access control to personal information
- We control access to our database system processing personal information by granting, changing, and expiring such authorization, check the status of access rights allowed periodically, and operate the intrusion detection system to keep the users’ personal information safe from unauthorized access.
- G. Keeping documents in a locked place
- We keep documents or auxiliary storage devices containing personal information in a locked place for safety.
- H. Off-limits to unauthorized personnel
- We keep personal information in a physically separate place and control unauthorized access by establishing and operating access control system.
7. Matters pertaining to operation of a device automatically collecting personal information and refusal to accept it
-
Cookies, which are very small text files sent to your browser by the server used to operate our website, are used to help you connect to our homepage and stored in your computer hard drive. We use cookies for the following purposes.
- ▶ Purpose for using cookies: User ID information
- To check user login information
- To disable popup windows
- You may use an option in the web browser to accept all cookies or block all cookies or make it required to ask for your acceptance each time when a cookie is stored.
- ▶ How to block all cookies
- Example: You may use an option in the web browser to accept all cookies or block all cookies or make it required to ask for your acceptance each time when a cookie is stored.
8. Designation of personal information manager
- A. Korean Register designates a personal information manager as follows to handle complaints from the subjects of personal information and make up loss incurred by them concerning our processing of their personal information.
-
- ▶ Personal Information Manager (Security Officer)
- Name: CHOI Sungsik
- Department: General Affairs Team
- Position: General Manager
- Contact number: +82-70-8799-8600, sschoi@krs.co.kr, FAX: +82-70-8799-8629
- ▶ Computer Personal Information Manager (Information Security Officer)
- Name: LEE Yunhan
- Department: Information Technology Team
- Position: General Manager
- Contact number: +82-70-8799-8664, leeyh@krs.co.kr, FAX: +82-70-8799-8674
- B. For inquiries about our personal information protection, your complaints, and your requests for making up loss incurred by you while using our services, please contact the Personal Information Manager and the relevant team. Korean Register will handle your inquiries and get back to you promptly.
9. Image information processing devices operation and management
- Korean Register installs and operates image information processing devices as follows.
- A. Basis for operation of image information processing devices: Korean Register operates image information processing devices for the following purposes in compliance with the Personal Information Protection Act, Article 25 (1):
- Facility security/safety; fire prevention
- Crime prevention for customers’ safety
- Prevention of vehicle theft and damage
- B. Number of devices installed, locations of installation, objects covered: 105 devices covering major facilities such as the lobby and the information desk, etc.
No. |
Installation locations |
Purpose |
Number installed |
1 |
The lobby and corridor of each floor |
Facility security/safety |
45 |
2 |
Parking lot |
Prevention of vehicle theft and damage |
35 |
3 |
The outside of the corporate building |
Customers’ safety; fire prevention |
11 |
4 |
Elevators |
Customers’ safety; facility safety |
8 |
5 |
Mechanical/electrical rooms |
Facility safety; fire prevention |
6 |
- C. Personnel and department in charge; authorization officer for accessing image information
Department |
Personnel |
Contact number |
Department in charge of building management |
General Manager of General Affairs Team |
+82-70-8799-8600 |
Department in charge |
General Affairs Team |
+82-70-8799-9114 |
Those authorized to access image information |
General Manager of General Affairs Team |
+82-70-8799-8600 |
Employees in charge of facilities |
+82-70-8799-8620 |
Employees of the entrusted business |
+82-70-8799-8975 |
Manager entrusted with building management |
Manager of Wonbong |
+82-70-8799-8975 |
- E. How to check image information
- Please contact the department in charge of building management and ask them to let you check the images.
- They can be checked at Emergency Room.
- F. Measures taken concerning requests made by the subjects of information for accessing image information: We allow them to access such information based on the application submitted to us where they were covered by our device and such access is clearly necessary to keep the safety of themselves or their property.
- G. Our technical/administrative measures taken to protect image information: setting up an in-house management plan, access control, use of the skills for safe storing/transmission of image information, operation of an adequate storage facility, and installation of locking the facility, etc.
10. Changes in the content of these Guidelines
- These Guidelines shall enter into force on the date of enforcement stated in the following. Addition to, or deletion/correction of, the content in accordance with revision of the law will be posted at least 7 (seven) days in advance.
- Date of posting: November 05 2021
- Date of enforcement: November 15 2021