The Company collects and uses personal information to provide products and services, to identify and authenticate persons for membership-based services, to prevent the illegal use of services, to check persons under 14 years of age, to secure contact for customer support, to process complaints, to analyze members’ use of services statistically, to provide advertising information, and to provide services specific to statistical characteristics.
① Information collected for customer inquiry and support includes name, phone number, email, and company name(required).
② Information collected for reports: email(required), telephone, company name(optional).
③ Information collected for newsletter subscription includes email(required).
④ Information collected for events and seminars includes company name, name, department name, position, phone number(required), and email(optional).
⑤ Information collected for membership sign up includes name, email, password, ID, phone number, company name(required), occupation(optional)
⑥ The information that may be collected during service use includes the service use records, login logs, cookie, IP, unauthorized use records, customer inquiry records, and event participation records.
Personal information is collected during the membership service sign-up process, product use, service use, phone consultation, email consultation, product inquiry, and quotation inquiry.
① Information retention according to policy of the Company
- The Company retains the information provided by users those use membership-based services from the time of enrollment to the time of membership withdrawal. If the membership service is not used for one year or the usage period expires, the user's personal information is immediately destroyed.
- In the case of services other than membership, after achieving the purpose of using personal information, the information is immediately destroyed or retained according to the indicated retain period for each service.
② Information retention according to relevant laws and regulations
If there is a need to preserve personal information according to the provisions in laws such as the Commercial Act, however, the Company retains such in accordance with the laws and regulation.
- Records concerning the contract or subscription withdrawal, etc.: 5 years
- Records concerning payment and supply of goods, etc.: 5 years
- Records concerning consumer complaints or dispute settlement: 3 years
After achieving the purpose of collecting and using personal information or the retention period expires, the information is immediately destroyed. The procedure and method for destruction are as below.
<Procedure for destroying personal information>
- Collected personal information is immediately destroyed after achieving the purpose of collecting or the retention period expires. If there is a need to preserve personal information according to relevant laws and regulations, the information is moved to and stored in a separate DB and destroyed after the retention period expires.
<Method for destroying personal information>
① Personal information printed on a paper is destroyed with a shredder.
② Personal information saved in electronic file format is destroyed using a technical method that does not allow regeneration.
- Inquiry on product use and customer consultation
- Marketing events and presentation of gifts
- HR work including hiring
The user can withdraw his/her consent to the use of the provided personal information by requesting cancellation of the service.
The Company guarantees the legal rights (rights to read, correct, and delete the child's personal information and right to suspend processing of personal information) of the legal representatives of children below 14 years, and it may collect the minimum personal information of the legal representative from the child.
The Company takes following technical, administrative, and physical measures to ensure safety when processing personal information.
① Administrative measures: establishing and implementing internal management plans, regular training on personal information protection for employees, etc.
② Technical measures: Management of access permission to personal information processing system, installation of encrypt and security programs, etc.
③ Physical countermeasures: Access control to the storage for personal information such as server room and data storage room, etc.
Chief Privacy Officer: ESRC Director
Responsible department for privacy: ESTsecurity Security Response Center
If you have any questions about your personal information, please contact us anytime.
For other questions about reporting or consulting on privacy violation, please contact the following institutions:
1) Cyber Bureau, National Police Agency cyberbureau.police.go.kr / 182 without an exchange number
2) Cybercrime Investigation Division, Supreme Prosecutors’ Office www.spo.go.kr / 1301 without an exchange number
3) Privacy Infringement Report Center (operated by KISA) privacy.kisa.or.kr / 118 without an exchange number
4) Personal Information Dispute Mediation Committee (operated by KISA) privacy.kisa.or.kr / 118 without an exchange number