Privacy Policy(1.0.6)

ESTsecurity (hereinafter referred to as “the Company”) strives to protect users’ personal information and complies with the relevant laws such as Act on promotion of Information and Communications Network Utilization and Information Protection, Etc. and the Personal Information Protection Act. The Company discloses this Privacy Policy pursuant to the relevant laws so that users can easily check how the Company handles their personal information.


1. Purpose of collecting and using personal information

The Company collects and uses personal information to provide products and services, to identify and authenticate persons for membership-based services, to prevent the illegal use of services, to check persons under 14 years of age, to secure contact for customer support, to process complaints, to analyze members’ use of services statistically, to provide advertising information, and to provide services specific to statistical characteristics.


2. Types of personal information collected

Information collected for customer inquiry and support includes name, phone number, email, and company name(required).

Information collected for reports: email(required), telephone, company name(optional).

Information collected for newsletter subscription includes email(required).

Information collected for events and seminars includes company name, name, department name, position, phone number(required), and email(optional).

Information collected for membership sign up includes name, email, password, ID, phone number, company name(required), occupation(optional)

The information that may be collected during service use includes the service use records, login logs, cookie, IP, unauthorized use records, customer inquiry records, and event participation records.


3. Method of collecting personal information

Personal information is collected during the membership service sign-up process, product use, service use, phone consultation, email consultation, product inquiry, and quotation inquiry.


4. Providing personal information to a third party

None


5. Retention and use period of personal information

Information retention according to policy of the Company

- The Company retains the information provided by users those use membership-based services from the time of enrollment to the time of membership withdrawal. If the membership service is not used for one year or the usage period expires, the user's personal information is immediately destroyed.

- In the case of services other than membership, after achieving the purpose of using personal information, the information is immediately destroyed or retained according to the indicated retain period for each service.

Information retention according to relevant laws and regulations

If there is a need to preserve personal information according to the provisions in laws such as the Commercial Act, however, the Company retains such in accordance with the laws and regulation.

- Records concerning the contract or subscription withdrawal, etc.: 5 years

- Records concerning payment and supply of goods, etc.: 5 years

- Records concerning consumer complaints or dispute settlement: 3 years


6. Procedure and method for destroying personal information

After achieving the purpose of collecting and using personal information or the retention period expires, the information is immediately destroyed. The procedure and method for destruction are as below.


<Procedure for destroying personal information>

- Collected personal information is immediately destroyed after achieving the purpose of collecting or the retention period expires. If there is a need to preserve personal information according to relevant laws and regulations, the information is moved to and stored in a separate DB and destroyed after the retention period expires.

<Method for destroying personal information>

Personal information printed on a paper is destroyed with a shredder.

Personal information saved in electronic file format is destroyed using a technical method that does not allow regeneration.


7. Consigned work for personal information handling and consignee
Consignee Consigned work
ESTsoft - Inquiry on product use and customer consultation
- Marketing events and presentation of gifts
- HR work including hiring

8. Rights of the users and their legal representatives and exercise of rights

The user can withdraw his/her consent to the use of the provided personal information by requesting cancellation of the service. The Company performs the necessary action immediately when there is a request for withdrawal of consent, access, or modification and refrains from using the information until the information is corrected when there is a request for information modification in particular. Any complaints related to privacy protection arose while using the service of ESTsecurity can be sent to the contact provided in this Privacy Policy document.
The Company guarantees the legal rights (rights to read, correct, and delete the child's personal information and right to suspend processing of personal information) of the legal representatives of children below 14 years, and it may collect the minimum personal information of the legal representative from the child.


9. Measures to secure personal information

The Company takes following technical, administrative, and physical measures to ensure safety when processing personal information.

Administrative measures: establishing and implementing internal management plans, regular training on personal information protection for employees, etc.

Technical measures: Management of access permission to personal information processing system, installation of encrypt and security programs, etc.

Physical countermeasures: Access control to the storage for personal information such as server room and data storage room, etc.


10. Installation and operation of programs that automatically collect personal information and rejection of such programs

The Company uses cookies to provide personalized services to users. As the data file sent by an HTTP server to the user’s browser and stored in the user’s device, a cookie may contain information on the websites used by the user and personal information of the user. Users can choose to accept all cookies, receive a notification when a cookie is installed, or reject all cookies by adjusting the options of the Internet web browser.


11. Personal information manager and grievance department

Chief Privacy Officer: ESRC Director

Responsible department for privacy: ESTsecurity Security Response Center

Contact for privacy related inquiry: 02-583-4620, privacy@estsecurity.com

If you have any questions about your personal information, please contact us anytime.


For other questions about reporting or consulting on privacy violation, please contact the following institutions:

1) Cyber Bureau, National Police Agency cyberbureau.police.go.kr / 182 without an exchange number

2) Cybercrime Investigation Division, Supreme Prosecutors’ Office www.spo.go.kr / 1301 without an exchange number

3) Privacy Infringement Report Center (operated by KISA) privacy.kisa.or.kr / 118 without an exchange number

4) Personal Information Dispute Mediation Committee (operated by KISA) privacy.kisa.or.kr / 118 without an exchange number


Certification : Good Software / OPSWAT / ICSA / Virus Bulletin ...
사이트맵 메뉴 닫기

Product & Service

End-Point Security

Android Security

Threat Intelligence