HDC Co., Ltd. (hereinafter referred to as the “Company”) values its customers’ personal information and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection.
In accordance with Article 30 of the Personal Information Protection Act, the company informs customers of the purposes and methods for which their personal information is used and the measures taken to protect their personal information.
If the purpose of use changes, the company will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
■ Personal information items collected
The company collects the following personal information to respond to customer inquiries.
1. Required collection items: name, position, company/department, contact information, email, cookies
2. Optional collection items: Areas of interest
3. Personal information collection method: Website (Contact Us)
Additionally, the following personal information items may be automatically generated and collected during the use of Internet services.
(IP address, cookies, MAC address, service usage history, visit history, bad usage history, etc.)
■ Purpose of collection and use of personal information
The company processes personal information for the following purposes. The personal information being processed will not be used for any other purposes. If the purpose of use changes, the company will take necessary measures, including obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
– Receiving and processing customer inquiries
- Personal information is processed for the purposes of product delivery, service provision, contract/invoice sending, content provision, customized service provision, fee payment/settlement, debt collection, etc.
- Use for marketing and advertising, to determine access frequency or to obtain statistics on members' use of the service.
■ Personal information retention and use period
In principle, personal information is destroyed without delay once the purpose of collection and use has been achieved. However, if retention is required by applicable laws and regulations, the company retains member information for a specified period of time as stipulated by applicable laws and regulations.
– Preserved items: name, contact information, email
– Basis for preservation: Crackdown on duplicate and fraudulent customer inquiries
– Retention Period: 5 years. If retention is required by applicable laws, such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, etc., the Company retains member information for a specified period of time as stipulated by such laws. In such cases, the Company uses the retained information solely for the purpose of retention, and the retention period is as follows.
– Records of contracts or subscription cancellations, etc.: 5 years (Act on Consumer Protection in E-commerce, etc.)
– Records of payment and supply of goods, etc.: 5 years (Act on Consumer Protection in E-commerce, etc.)
– Records of consumer complaints or dispute resolution: 3 years (Act on Consumer Protection in E-commerce, etc.)
– Records of collection/processing and use of credit information: 3 years (Act on the Use and Protection of Credit Information)
■ Provision of personal information
In principle, the company does not provide users' personal information to external parties. However, exceptions may be made in the following cases.
– If users have agreed in advance
– When there is a request from an investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods stipulated by the law for investigative purposes.
■ Destruction of personal information
The company destroys personal information without delay when it becomes no longer necessary, such as when the retention period expires or the processing purpose is achieved. If the retention period agreed upon by the customer expires or the processing purpose is achieved, but personal information must be retained pursuant to other laws and regulations, the company will transfer the personal information to a separate database (DB) or store it in a different location.
The procedures and methods for destroying personal information are as follows:
1. Destruction procedure
The company selects personal information for which a reason for destruction has arisen and destroys the personal information with the approval of the company's personal information protection officer.
2. Destruction method
The company destroys personal information recorded and stored in electronic file formats using methods such as low-level formatting to render the records unrecoverable. Personal information recorded and stored in paper documents is destroyed by shredding or incineration.
■ Entrustment of collected personal information
The company does not entrust customer information to external companies without their consent. Should such a need arise in the future, we will notify customers of the entrusted party and the details of the entrusted work and, if necessary, obtain prior consent.
■ Measures to ensure the security of personal information
The company is taking the following measures to ensure the security of personal information.
1. Management measures: Establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures: Management of access rights to personal information processing systems, installation of access control systems, and unique identification information.
Install encryption and security programs
3. Physical measures: Access control to computer rooms, archives, etc.
■ Matters concerning the installation, operation, and refusal of automatic personal information collection devices
The company uses "cookies" to store and retrieve your information from time to time. Cookies are very small text files that the server used to operate the oo website sends to your browser and are stored on your computer's hard drive. The company uses cookies for the following purposes.
▶ Purpose of use of cookies, etc.
- Target marketing and personalized services provided through analysis of access frequency and visit time of members and non-members, identification of user preferences and areas of interest, tracking of user activity, and identification of participation in various events and number of visits.
You have choices regarding cookie installation. Therefore, you can configure your web browser to accept all cookies, notify you when a cookie is set, or reject all cookies.
▶ How to reject cookie settings
Example: To reject cookie settings, you can select options on your web browser to allow all cookies, to confirm each time a cookie is saved, or to reject all cookies.
Example of how to set up (for Internet Explorer)
: Tools > Internet Options > Privacy at the top of your web browser
However, if you refuse to install cookies, you may have difficulty receiving services.
■ Personal Information Protection Manager
The company is responsible for overall management of personal information processing and has designated a personal information protection officer as follows to handle complaints and provide remedies to data subjects related to personal information processing.
▶ Personal Information Protection Manager
Name: Seo Jin-cheol
Position: Team Leader
Contact: 031-817-6210 / support@hdcinfo.co.kr
※ You will be connected to the personal information protection department.
Customers may inquire about any personal information protection-related issues, complaints, or damage relief that arise while using the company's services (or business) by contacting the Personal Information Protection Officer or the relevant department. The company will promptly respond and address any inquiries from data subjects.
■ Methods of relief for infringement of rights
Data subjects may inquire about remedies for personal information infringement and consultations to the following organizations.
▶ Personal Information Infringement Reporting Center (operated by the Korea Internet & Security Agency)
- Responsibilities: Reporting personal information infringement, requesting consultation
– Website: privacy.kisa.or.kr
– Phone: 118 (without area code)
– Address: (58324) 3rd floor, Personal Information Infringement Report Center, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)
▶ Personal Information Dispute Mediation Committee
- Responsibilities: Personal information dispute mediation applications, collective dispute mediation (civil resolution)
– Website: www.kopico.go.kr
– Phone: (without area code) 1833-6972
– Address: 4th floor, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul (03171)
Supreme Prosecutors' Office Cybercrime Investigation Division: +82-2-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Security Bureau: 182 (http://cyberbureau.police.go.kr)
■ Implementation of Personal Information Processing Policy
You may report any privacy-related complaints arising while using the company's services to the Personal Information Manager or the relevant department. The company will provide a prompt and sufficient response to users' reports.
If you need to report or inquire about other personal information infringements, please contact the organizations below.
1. Personal Information Infringement Reporting Company (http://privacy.kisa.or.kr/118 without area code)
2. Information Protection Mark Certification Committee (http://www.eprivacy.or.kr/+82-2-580-0533~4)
3. Supreme Prosecutors' Office Internet Crime Investigation Agency (http://icic.sppo.go.kr/+82-2-3480-3600)
