HDC Co., Ltd. (hereinafter referred to as the “Company”) values customers’ personal information and complies with the “Act on Promotion of Information and Communications Network Utilization and Information Protection.”
In accordance with Article 30 of the Personal Information Protection Act, the Company informs you of the purpose and manner in which the personal information you provide is used, and the measures being taken to protect your personal information.
If the purpose of use changes, the Company plans to take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
■ Items of personal information collected
The company collects the following personal information to receive customer inquiries.
1. Required items collected: Name, job title, company/department, contact number, email, cookies
2. Selected Collection Items: Areas of Interest
3. Method of collecting personal information: Website (Inquiry)
In addition, the following personal information items may be automatically generated and collected during the use of internet services.
(IP address, cookies, MAC address, service usage records, visit records, records of improper use, etc.)
■ Purpose of Collection and Use of Personal Information
The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those listed below, and if the purpose of use changes, the Company plans to take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
– Receipt and processing of customer inquiries
- Processing personal information for the purposes of product delivery, service provision, sending of contracts and invoices, provision of content, provision of customized services, payment and settlement of fees, debt collection, etc.
- Used for marketing and advertising, tracking access frequency, or statistics on members' service usage
■ Retention and Usage Period of Personal Information
In principle, personal information is destroyed without delay once the purpose of its collection and use has been achieved. However, if preservation is required by the provisions of relevant laws, the Company retains member information for a specific period stipulated by such laws as follows.
– Items retained: Name, contact number, email
– Basis for Retention: Enforcement against duplicate and fraudulent customer inquiries
– Retention Period: 5 years. In cases where retention is necessary pursuant to the provisions of relevant laws, such as the Commercial Act and the Act on the Consumer Protection in Electronic Commerce, etc., the Company retains member information for a certain period prescribed by the relevant laws. In such cases, the Company uses the retained information solely for the purpose of retention, and the retention period is as follows.
– Records regarding contracts or withdrawal of subscription, etc.: 5 years (Act on the Consumer Protection in Electronic Commerce, etc.)
– Records regarding payment settlement and supply of goods, etc.: 5 years (Act on the Consumer Protection in Electronic Commerce, etc.)
– Records regarding consumer complaints or dispute resolution: 3 years (Act on the Consumer Protection in Electronic Commerce, etc.)
– Records regarding the collection, processing, and use of credit information: 3 years (Credit Information Use and Protection Act)
■ Provision of Personal Information
In principle, the Company does not provide users' personal information to external parties. However, exceptions apply in the following cases.
– Cases where users have consented in advance
– In accordance with the provisions of laws and regulations, or when requested by an investigative agency for investigative purposes in accordance with the procedures and methods prescribed by law.
■ Destruction of personal information
The Company destroys personal information without delay when it becomes unnecessary, such as when the retention period has expired or the purpose of processing has been achieved. However, if personal information must continue to be preserved in accordance with other laws despite the expiration of the retention period agreed upon by the customer or the achievement of the purpose of processing, the Company transfers the relevant personal information to a separate database (DB) or stores it in a different location.
The procedures and methods for the destruction of personal information are as follows.
1. Dissolution procedure
The company selects personal information for which grounds for destruction have arisen and destroys the personal information upon obtaining approval from the company's Chief Privacy Officer.
2. Method of destruction
The company destroys personal information recorded and stored in the form of electronic files using methods such as Low Level Format so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents by shredding or incinerating.
■ Entrustment of Collected Personal Information
The Company does not entrust your information to external companies without your consent. Should such a need arise in the future, we will notify you of the recipient and the details of the entrusted work, and obtain your prior consent if necessary.
■ Measures to Ensure the Safety of Personal Information
The company is taking the following measures to ensure the safety of personal information.
1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures: Management of access rights to personal information processing systems, installation of access control systems, unique identification information
Encryption of etc., installation of security programs
3. Physical measures: Access control to computer rooms, data storage rooms, etc.
■ Matters concerning the installation, operation, and refusal of automatic personal information collection devices
The Company operates ‘cookies,’ etc., which store and retrieve your information from time to time. A cookie is a very small text file sent to your browser by the server used to operate the oo website and stored on your computer's hard disk. The Company uses cookies for the following purposes.
▶ Purpose of using cookies, etc.
– Providing targeted marketing and personalized services by analyzing the access frequency and duration of visits by members and non-members, identifying user preferences and interests, tracking browsing history, and determining participation levels in various events and visit counts.
You have the option to control the installation of cookies. Therefore, by setting options in your web browser, you can choose to allow all cookies, be prompted for confirmation whenever a cookie is saved, or refuse to save all cookies.
▶ How to refuse cookie settings
Example: To refuse cookie settings, you can choose options in your web browser to allow all cookies, be prompted for confirmation whenever a cookie is saved, or refuse the storage of all cookies.
Example of setup method (for Internet Explorer)
Tools at the top of the web browser > Internet Options > Privacy
However, if you refuse to install cookies, there may be difficulties in providing the service.
■ Chief Privacy Officer
The Company assumes overall responsibility for the processing of personal information and designates a Personal Information Protection Officer as follows to handle complaints and provide relief for damages to data subjects regarding the processing of personal information.
▶ Chief Privacy Officer
Name: Seo Jin-cheol
Position: Team Leader
Contact: 031-817-6210 / support@hdcinfo.co.kr
※ You will be connected to the Personal Information Protection Department.
Customers may contact the Chief Privacy Officer and the relevant department regarding all inquiries, complaints, and damage relief matters related to personal information protection arising from the use of the Company's services (or business). The Company will respond to and process inquiries from data subjects without delay.
■ Remedies for Infringement of Rights
Data subjects may contact the following organizations for remedies, consultations, etc. regarding personal information infringement.
▶ Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
– Scope of duties: Reporting personal information infringement, requesting consultation
– Website: privacy.kisa.or.kr
– Phone: 118 (without area code)
– Address: Personal Information Infringement Reporting Center, 3F, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong), 58324
▶ Personal Information Dispute Mediation Committee
– Scope of duties: Application for personal information dispute mediation, collective dispute mediation (civil settlement)
– Homepage: www.kopico.go.kr
– Phone: 1833-6972 (without area code)
– Address: 4F, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul (03171)
▶ Supreme Prosecutors' Office Cybercrime Investigation Division: +82-2-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Bureau: 182 (http://cyberbureau.police.go.kr)
■ Implementation of Privacy Policy
You may report all privacy-related complaints arising from your use of the Company's services to the Chief Privacy Officer or the relevant department. The Company will provide prompt and sufficient responses to users' reports.
If you need to report or seek consultation regarding other personal information infringements, please contact the organizations below.
1. Personal Information Infringement Reporting Company (http://privacy.kisa.or.kr/ 118 without area code)
2. Information Protection Mark Certification Committee (http://www.eprivacy.or.kr/+82-2-580-0533~4)
3. Supreme Prosecutors' Office Internet Crime Investigation Company (http://icic.sppo.go.kr/+82-2-3480-3600)
