Hyosung ITX (hereafter referred to as ‘Company’) values the personal information of data subjects, and complies with the related laws such as “Personal Information Protection Laws.’ Also, the Company establishes the <Policy for the Treatment of Personal Information>, notifying the data subjects on the method of use of personal information and what measures are taken for the protection of personal information. The Company will make it known through notices on its website or through individual notices if there are any amendments to the <Policy for the Treatment of Personal Information>.
The Policy for the Treatment of Personal Information contains the following contents.
Article 1 General Provisions
“Personal information,” as information related to a living individual, refers to information with which one can identify an individual through matters, such as family and given name, resident registration number, etc. (includes yearly information which by itself cannot be used to identify an individual, but which can be combined with other information for identification).
“Data subject” is the person that is verified through the treatment of information, and the person is the subject of the data.
The Company discloses the Policy for the Treatment of Personal Information on the first screen of its website so that confirmation is made easy.
Article 2 The Items of Personal Information Collected and the Method of Collection
The Company handles the minimum of personal information necessary for the providing of services.
1) The items collected
- -If anonymity is not requested: Name, contact info., e-mail address
- -If anonymity is requested: contact info., e-mail address
- Customer inquiries
The following personal information items can be generated and collected during the process of use of the Internet service.
- -IP address, record of use of the service, visitation record, cookies
- The following personal information items can be generated and collected during the process of use of the Internet service.
Article 3 The Purpose for the Treatment of Personal Information
- -Identification of the user, responding to inquiries, and the treatment of civil complaints such as proposals and complaints
- Customer inquiries
Article 4 The Treatment and Holding Period for Personal Information
- -Immediate discarding after the sending of inquiry e-mail
- Customer inquiries
Article 5 The Discarding of Personal Information
The Company in principle destroys personal information without delay if the purpose for the collection and use of personal information are met. The methods and procedure for destruction are as follows.
The procedure for discarding
- -The Company selects the personal information where the reason for discarding has been generated, and after receiving the authorization from the officer in charge of the protection of personal information, destroys the information.
- The procedure for discarding
The method of discarding
- -If the personal information is printed on paper, the paper is shredded or incinerated.
- -For stored personal information in the form of electronic files, the technological methods are used so that the information cannot be recovered but deleted for good.
- The method of discarding
Article 6 The Provision of Personal Information to Third Parties
The Company does not provide personal information in its website to third parties.
Article 7 The Consignment of the Treatment of Personal Information
The Company does not have any consignment for the treatment of personal information related to its website.
If consignment work becomes necessary, we shall without delay inform the users through our Policy for the Treatment of Personal Information.
Article 8 The Rights, Obligations, and Methods for Exercising these Rights, of the Data Subjects
Whenever, the data subjects can exercise the following rights related to the protection of personal information concerning the Company.
1. The demand for perusing personal information
2. The demand for the fixing of errors
3. The demand for deletion
4. The demand for the cessation of treatment
The exercise of the rights related to the protection of personal information opposite the Company can be made by document, electronic mail, or FAX, and the Company shall without delay handle the situation. [Downloadable Form 1]
If the data subject is requesting the correction of errors to personal information or for its deletion, the Company will not use or hand over the personal information until its correction or deletion.
For personal information where the user requested its annulment or deletion, the Company shall handle the information according to ‘Article 4 The Treatment and Holding Period for Personal Information’, and the Company is making it sure that the information cannot be read or used for any other purposes. Also, the exercise of rights can be made in the person of the legal representative of the data subject, or those that received the authorization. In this case, the authorization form must be submitted. [Downloadable Form 2]
Article 9 The Securing of the Security of Personal Information
The Company is making the following measures for the securing of security so that personal information is not lost, stolen, leaked, forged, or damaged during the treatment of personal information of the data subject.
* Management measures
- - The Company is securing the necessary procedures for the accessing and management of personal information, emphasizing these policies with periodic education of the employees, and if problems related to these emerge, the Company will make corrections.
- - The Company makes strict restrictions on those who conduct management work related to personal information, and those for whom the treatment of personal information as a matter of work are unavoidable.
* Technological measures
- - Personal information is secured with passwords, and important data are further protected with encryption functions.
- - Measures are taken for the prevention of damages due to computer viruses with the use of vaccine programs.
- - The Company is using encryption algorithms and using SSLs for the safe transmission of personal information across networks.
- - The Company is operating the firewall to prevent hackings or outside invasions.
* Physical measures
- - Collected personal information follows internal management plans for the restriction of physical access.
- - The access control area and the minimum of control personnel are designated for the enhancement of the security of personal information.
Article 10 Matters Related to the Installation, Operation, and the Refusal of Automated Collecting Equipment for Personal Information
The Company employs ‘cookies,’ which store and bring up information of use upon demand.
1. What is a cookie:
- - The cookie is a small amount of information that is sent to the computer browser of the user by the server (http) used to operate the website, and the information can also be stored in the hard drive of the personal computer of the user.
- - The cookies used by the Company are composed of technical cookies and functionality cookies. Technical cookies are browsing, session cookies that are necessary for the operation of the site for that year, the use of the contents and services of that site for that year, while the functionality cookies are used to activate certain functions in the website for that year to provide convenience to the users.
2. The purpose of use for cookies:
- - They are used for session management and the providing of convenient functions.
3. The installation, operation, and refusal of cookies:
The user holds the right to install or reject cookies. Therefore, the user can control the setup of the web browser so that all cookies are accepted, or they are accepted in individual instances, or they are all rejected. However, if the cookies are rejected, there might be difficulties for the company in providing certain services.
The method for designating whether to allow cookies are as follows.
A. Internet Explorer: [Tools] → [Internet Options] → [the Personal Information tab] → [Advanced] Change
B. Chrome: [Setup] → [Security and Protection of Personal Information] → [Cookie and Other Site Data] Setup
4. The lists of used cookies
|Technical name||The functions and types of cookies||Effective period|
|JSESSIONID||Technical cookie for the management of sessions||Until the termination of the cookie|
|itxpop_||Technical cookie that is set so that the user does not see the popup display again||1 day|
Article 11 The Contact Information for the Officer Responsible for and the Officer in Charge of Personal Information
For the protection of personal information, the handling of personal information and related complaints, the following officers responsible for the protection of and the department in charge of personal information are designated.
▣ Officer responsible for the protection of personal information in the area of human resources
- - Name : Kwon, Soon-ik
- - Position : director
- - Contact info. : 02-2102-8400 / firstname.lastname@example.org
▣ Officer in charge of the protection of personal information in the area of human resources
- - Dept. : the Human Resources Team
- - Officer in charge : team leader Jang, Mi-yeon
- - Contact info. : 02-2102-8408 / email@example.com
▣ Officer responsible for the protection of personal information in the area of Contact Center
- - Name : Bae, Man-seop
- - Position : director
- - Contact info. : 02-2102-8521 / firstname.lastname@example.org
▣ Officer in charge of the protection of personal information in the area of Contact Center
- - Dept. : Business Management Team
- - Officer in charge : deputy section chief Kim, Hye-rim
- - Contact info. : 02-2102-8153 / email@example.com
The data subjects can refer to the officers responsible for and department in charge of the protection of personal information if in the use of the Company services, inquiries, complaints, or applications for damage relief arise concerning all matters related to the protection of personal information.
The company will make a swift and accurate response regarding the inquiries of the data subjects. For notifications or consultations of other violations of personal information, please confer with the following agencies.
- - Personal Information Infringement Report Center (privacy.kisa.or.kr / Contact: 118)
- - Personal Information Dispute Mediation Committee (www.kopico.go.kr / Contact: 1833-6972)
- - Cyber Investigation Division of the Supreme Prosecutors’ Office (www.spo.go.kr / Contact: 1301)
- - Cybersecurity Bureau of the National Police Agency (cyberbureau.police.go.kr / Contact: 182)
Article 12 Installation and Operation of the Equipment for the Treatment of Video Information
The Company is installing and operating the video information treatment equipment as follows.
- 1. Basis for installation and purpose of video information treatment equipment
2. Number installed, installing location, and scope of shooting [Spread out]
Number installed, installing location, and scope of shooting Location of installation and scope of shooting No. installed Ire Bldg. headquarters (Fl. 2, 13~17), each entrance 8 Ire Bldg. computer room (Fl. 4), each entrance 14 Ire Bldg. storage room (Fl. B1), each entrance 5 Bundang IDC (Fl. 2, 5), each entrance 11 Ire Bldg. headquarters center, each entrance 12 Dangsan Fubon Hyundai Life Insurance Seongwon Bldg., each entrance 3 Seoul Stn. Fubon Hyundai Life Insurance Changhwa Bldg., each entrance 2 Hongik Univ. KakaoBank Good People Bldg. Center, each entrance 4 Busan AIA Buri Bldg. Center, each entrance 4 Busan AIA Finance Bldg. Center, each entrance 4 Busan AIA NH Investment & Securities Bldg. Center, each entrance 4 Busan AIA Ogi Bldg. Center, each entrance 2 Bupyeong KB Financial Tower Center, each entrance 4 Bupyeong Seongjin Bldg. Center, each entrance 2 Bucheon AIA Hallim Bldg. Center, each entrance 3 Gwangju AIA BM Tower Center, each entrance 3 Gwangju AIA CM Tower Center, each entrance 2 Namyangju Yedaham Brix Tower Center, each entrance 2 Gongju Coway Juhana Bldg. Center, each entrance 3 Daejeon AIA Teachers’ Credit Union Center, each entrance 2 Chungmuro AIA KT&G Tower Center, each entrance 5 Cheongparo KB Life Insurance Korea Economic News Daily Bldg. Center, each entrance 2 Yeongdeungpo Times Square Center, each entrance 59 Bupyeong Hyundai Motors VOC KB Financial Tower Center, each entrance 6 Daejeon AIA Small and Medium Business Center, each entrance 2 Daejeon KB Financial Center Sei Dept. Store Center, each entrance 4 Daejeon Preed/Chubb Life Daegyo Bldg. Center, each entrance 3 Metro Tower D-Brain Center, each entrance 1 Hallim Bldg. Scholarship Foundation Center, each entrance 2 Gyewon Bldg. Scholarship Foundation Center, each entrance 2 KB Securities Bldg. KB Life Center, each entrance 1 Gwangju AIA Mudeung Tower Center, each entrance 5 Gwangju AIA Times Square Center, each entrance 2 Gwangju AIA Jongsan Tower Center, each entrance 2 Chungmuro AIA Chungjeong Bldg. Center, each entrance 2 Songnae AIA Daemyung World Tower Center, each entrance 3 Seosomun AIA ENA Tower Center, each entrance 8
3. Officer responsible for management and officer with access authority [Spread out]
Officer responsible for management and officer with access authority Category Dept./ Description Contact info. Ire Bldg. Headquarters (excl. the Center) Officer responsible for management General Affairs Team/ Kim, Cheol-hwan 02-2102-8421 Ire Bldg. Headquarters (excl. Center) Officer with access authority General Affairs Team/ Oh, In-taek 02-2102-8423 Ire Bldg. Computer Room Officer responsible for management System Operation Team/ Im, Guk-jin 02-2102-8511 Ire Bldg. Computer Room Officer with access authority System Operation Team/ Kim, Yeong-nam 02-2102-8142 Officer responsible for management Infrastructure Operation Team/ Jang, Bong-soon 02-6288-6519 Bundang IDC Officer with access authority Infrastructure Operation Team/ Byeon, Jae-woong 02-6288-6504 Center Officer responsible for management General Affairs Team/ Kim, Cheol-hwan 02-2102-8421 Center Officer with access rights General affairs dept. of each center Officer in charge of computer management -
- - The officer responsible for management, for the seamless operation and management of the video information treatment equipment, can give access authority to separately designated business agents (such as firms with consignment of maintenance and repair work).
4. The shooting period, storage period, storage location, and treatment method
The shooting period, storage period, storage location, and treatment method Category Shooting period Storage period Storage location Ire Bldg. headquarters 24 hours 1 mo. ~ 1 year Fl. 15 Ire Bldg. computer room 24 hours Fl. 4 computer room Bundang IDC 24 hours Fl. 5 IDC, internal offices of Fl. 2 Center 24 hours Computer room and machine room Of each center
- - Treatment method: Records are kept for the use other than the purpose for the individual video information, providing to third parties, discarding, reading, etc., and once the storage period arrives, they are destroyed/deleted in an irreversible and irretrievable manner.
- ※ The storage period depends on situations such as the policy of the center, the installation purpose of the CCTV equipment, and specifications, but shall be no shorter than 1 month and no longer than 1 year.
5. Matters related to the consignment of the installation of the video information treatment equipment and management
The Company is consigning the installation and management of the video information treatment equipment as follows, and according to related laws makes the necessary regulations for the safe management of personal information when making the consignment contract.
Matters related to the consignment of the installation of the video information treatment equipment and management Contractor Work Officer in charge Contact info. S1 CCTV maintenance and repair Director Park, Namsoon 1588-3112
6. Matters related to the verification of video information and location
- - Method of verification: after receiving authorization from the officer responsible for the management of video information, if you visit the Company, verification can be made.
- - Location of verification: Ire Bldg. Headquarters, Bundang IDC, each center
7. Measures for the demand for the perusing of video information of the data subjects, etc.
If the perusal of individual video information, the confirmation of existence, or deletion is desired, one can make the request to the officer responsible for video information whenever possible. However, the shot images need is restricted to the clear case of the life of the data subject, his body, or financial property in terms of the personal information, and the video information is strictly controlled for use other than the installation purposes.
However, in the following cases, the perusal, confirmation of existence, and deletion of the requested personal video information can be rejected.
- - If serious problems occur to the criminal investigation, sustainment of a public prosecution, or the carrying out of a trial
- - If it is noticeably difficult to delete only the video information that pertains to the data subject.
- - If the private life or personal information of other persons can be violated
- - If there are justifiable reasons for the rejection of the requests
8. The protection of video information
For the protection of video information, the Company is making the following technical, managerial, and physical protection measures.
The protection of video information Category Content Technical protection measures
- · Giving graded access rights to the users and controlling access of unauthorized users, encoding management of storage equipment of video information
Managerial protection measures
- · Compliance to protection measures according to the operation and management guidelines of video information treatment equipment
- · For the prevention of forgery, if access should be made to the storage media for personal video information, confirmation of an accompanying person with access authority
Physical protection measures
- · Designating as higher than [restricted area] of those locations where the storage of the video information treatment equipment is operated, managing with controls
9. The obligation for the maintaining of confidentiality
Those who manage, handle and operate video information shall not leak information obtained during the process of work, nor pass it on to another person.
Article 13 The Changing of the Policy for the Treatment of Personal Information
This Policy for the Treatment of Personal Information shall go into effect on May 2, 2022.