2. Period of Collection-Use and Retention of Personal Information
3. Destruction of Personal Information
Any personal information collected will be destroyed immediately once the retention period expires. Electronic files which contain personal information will permanently be deleted using a technical method which makes the files irrecoverable and any other records, print-outs, documents or any other recording media will be shredded or incinerated.
4. Provision of Personal Information to a Third Party
The Company will provide the following personal information to a third party.
5. Delegation of the Processing of Personal Information
The Company delegates the processing of personal information as described below.
|Delegatee||Descriptions of Delegated Services|
|ZENITH&Company Co., Ltd.||System maintenance and management|
|TwinS&C Co., Ltd.||System development|
|Agents of EUKOR||Communication with shipper and supplier, supplier acquisition|
6. Rights and Obligations of Customers and the Method of Exercising thereof
A Customer may make the following requests as an information principal: (i) access to his/her personal information, (ii) correction or deletion of his/her personal information, or (iii) suspension of processing of his/her personal information.
The rights and obligations set forth above may be exercised by the legal representative of the information principal or an authorized representative. For details of the personnel who may be contacted regarding viewing, correction, suspension of processing and deletion of personal information, please refer to the section titled “the personnel and department in charge of personal information protection”.
7. Measures to Ensure the Security of Personal Information
The company implements the following technical, managerial and physical measures to ensure the security of personal information pursuant to Article 29 of the Personal Information Protection Act
1) Conduct Regular Security Inspection
The Company conducts regular security inspection to ensure the security of personal information processing (once every 6 months).
2) Establish and Implement Internal Management Plan
The Company has established and implemented an internal management plan for secure processing of personal information
3) Technical Measures against Hacking, etc.
To prevent leakage and damage due to hacking and computer viruses, etc. the Company has implemented security programs. The Company renews and inspects the security programs on a regular basis and watches and controls areas with restricted external access through a surveillance system.
4) Encryption of Personal Information
Passwords are stored and managed by being encrypted. Only the data subject can know his/her own password and special security measures such as encryption of files or transmitted data and file locking function, etc. are used for important data.
5) Maintenance of Access Log and Prevention of Fabrication or Falsification
Access logs for the personal information processing system are stored and maintained for a minimum period of 6 months and security measures have been implemented to prevent fabrication, falsification, theft or loss of the logs.
6) Restriction of Access by Unauthorized Persons
There is a physical storage space where personal information is stored and access restriction measures have been implemented and executed.
8. Implementation and Management of Devices for Automatic Collection of Personal Information including Online Access Information Files, and Refusal Thereof
– What is a cookie?
A cookie is a very small text file which the server used to operate the website sends to the user’s browser. It is stored on the user’s computer.
– What is the purpose of using a cookie?
A cookie is used to provide personalized and targeted services as a cookie saves and recalls the user’s information. When the user visits the website, the website server reads the information saved in the cookie stored on the user’s device and maintains the settings and provides customized services. When the user visits the website, the cookie helps the user to access the website as previously set and hence use the website conveniently. Moreover, a cookie is used to provide targeted marketing services or personalized services, etc. by analyzing frequency of access, visit time, etc., tracing the user.
– Right to Refuse Cookie Installation
A cookie does not automatically and autonomously collect information which identifies individuals. A user has an option to install cookies. Therefore, a user may accept all cookies, or instruct the web browser to send notice at the time of installation of cookies, or refuse to accept all cookies by adjusting the relevant function in the web browser of their own computer. However, if refusing the installation of cookies, there may be a problem in using certain services which require logging in.
– [Example of Adjusting Function]
* Internet Explorer: Tools menu at the top of web browser > Internet options > Personal Information > Settings
** Chrome: Settings menu on the right-hand side > Advanced settings at the bottom > Settings button for personal information contents > Cookies
9. Department in charge of Protecting Personal Information and Handling Complaints of Customers
The Company has designated the following personnel a Chief Privacy Officer to be in charge of the Company’s processing of personal information and to handle data subjects’ complaints and damages related to such processing of personal information.
|Name of Chief Privacy Officer|
|CPO: Ms. Kyoung-Joo Park||Departments in Charge: HR & GA
Telephone Number: +82-2–3468–5411
|CPO: Mr. Hong-Ju Chung||Departments in Charge: Information & Technology
Telephone Number: +82-2–3468–5287
Moreover, if you want to report a breach of personal information or need consultation regarding such breach, please contact any of the institutions listed below.
Date of Notification: November 3, 2017
Date of Implementation: November 3, 2017
Date of Implementation of the 1st Amendment: June 1, 2018
If you are EU/EEA citizen, further details about the rights from the GDPR can be found here.