Personal information refers to information about a living person, including information that can identify an individual through a name, date of birth, and images (including information that can be easily identified by combining other information even if the individual can not be identified by the information alone). The 'Ace Platform' (hereinafter referred to as the 'Company') shall respect the personal information of the user and shall be provided to the service provider such as the Personal Information Protection Act, the Information Communication Network Promotion and Information Protection Act (the "Related Law" In accordance with the relevant laws and regulations on personal information protection. The Mutual Aid Association stipulates the following policy in order to protect the personal information of the user and protect the rights and interests of users in accordance with the relevant laws and smoothly handle the user's complaints related to personal information. The Mutual Aid Association will notify you through the website announcement (or individual notice) when revising the personal information processing policy.
※ This policy is effective from July 20, 2015.
Article 1 (Object Purpose of Personal Information)
The Company processes personal information for the following purposes: The processed personal information will not be used for any purpose other than the following purposes.
① Compensation for consumer damage and service provision, consumer management and complaint handling
- Purpose related to compensation of consumer damage and service provision such as sending consumer damage compensation, consumer guarantee certificate (consumer damage compensation certificate), consumer counseling, free bulletin board writing on homepage, etc.
- The purpose of statistics such as identification of access frequency, service utilization of members
Article 2 (Items of Personal Information to be Processed, Processing and Retention Period)
The items of the personal information processed by the Mutual Aid Association for registration and various services are as follows. In principle, the user's personal information will be destroyed without delay when the purpose of processing the personal information is achieved. However, the following information will be retained for the period specified below.
① Personal information file name: Warranty and compensation information by case
1. Personal information items: Items necessary for compensation and guarantee of consumer damages such as name, date of birth, home telephone number, mobile phone number, home address, postal code, email, certificate number (consumer contract number)
2. How to collect: Membership received, written form, telephone, fax, email, homepage, cookie
3. Retention period: from the date on which it is provided until the purpose achieved. However, after the accomplishment of the purpose, it shall be held and used only in accordance with the following grounds to the extent necessary for the investigation of the accident related to the above-mentioned purpose, dispute resolution, complaint handling, and compliance with the statutory duty.
4. Conservation ground: Company internal policy
- A. Records of consumer complaints or disputes: 3 years
- Me. Records on contract or withdrawal: 5 years
- All. Record of payment and goods supply: 5 years
② Personal information file name: Counseling card information
1. Personal information items: name, mobile phone number, affiliation company name
2. Collection method: Telephone, fax, visit, mail, e-mail, homepage, SNS consultation
3. Retention period: 5 years
③ Personal Information Filename: Homepage Free Board (Q & A) Author Information
1. Personal information items: name, date of birth, email
2. How to collect: When you create a free bulletin board on the company website
3. Retention period: 5 years
Article 3 (Providing Personal Information to a Third Party)
In principle, the Company processes personal information of the user within the scope specified in Article 1 (Purpose of Personal Information), and does not process or provide it to a third party without giving prior consent of the user. Exceptions to the following cases:
① If the user agrees to provide and disclose third parties in advance
② When it is required to provide by laws, etc.
③ When it is considerably difficult to obtain normal consent for economic / technical reasons as personal information necessary for the fulfillment of contracts concerning the provision of services.
④ When you use it by processing it into a state that can not be specified to identify an individual
Article 4 (Personal Information Processing Trust)
① The Company shall specify in the contract documents such matters as the prohibition of the processing of personal information except for the purpose of carrying out the entrusted business, the technical / administrative protection measures, the restriction of re-entrustment, management / supervision of the trustee and compensation for damages. Supervises the processing of personal information securely.
② The Company entrusts collecting, storing and processing of customer's personal information to a limited extent in order to provide better service and customer convenience. The status of the company entrusting the customer's personal information is as follows.
Article 5 (Rights and Obligations of Information Authorities and How to Act)
You may exercise the following rights as an information entity:
1. Personal information inquiries can be made after checking your identity such as telephone or fax.
2. Since the company receives personal information from members, it can only be viewed in addition to correction and deletion.
3. Corrections and deletions will be reflected upon request from the company.
Article 6 (Destruction of personal information)
In principle, after the purpose of collecting and using personal information is achieved, the company will immediately destroy the information. However, this is not the case when it is necessary to preserve it in accordance with other laws. The procedures, deadlines and methods of destruction are as follows:
① Destruction Procedure
- The information entered by the user is transferred to a separate DB after the completion of the purpose (separate documents for paper) and stored or temporarily destroyed after a certain period of time according to internal policies and other related laws. At this time, personal information transferred to DB will not be used for other purposes unless it is subject to laws and policies.
② Destruction period
- In the event that the personal information of the user becomes unnecessary after the retention period of the personal information has elapsed from the end of the retention period without any delay and the purpose of processing the personal information becomes unnecessary, We will destroy the personal information without it.
③ Destruction Method
- Information in the form of electronic files uses a technical method that can not reproduce the record.
- Personal information printed on paper is crushed by a crusher and destroyed.
Article 7 (Installation / Operation and Rejection of Automatic Collection Device of Personal Information)
① Purpose such as cookies
- Analysis of user's access frequency and time of visit, identification of user's taste and interest, tracing of trace, identification of number of visits, registration of bulletin board, etc.
② User has the option to install cookies.
As a result, you can allow all cookies by setting options in your web browser, check each time a cookie is saved, or refuse to save all cookies.
③ How to decline cookies
To decline cookies, you can choose to accept all cookies, check each time you save cookies, or refuse to save all cookies.
- Example of setting method (for Internet explorer): Click Tools> Internet Options> Privacy>
- However, if the user refuses to install cookies, it may be difficult to provide the service.
Article 8 (Measures to Ensure the Stability of Personal Information)
The Company, pursuant to Article 29 of the 「Personal Information Protection Act」, carries out the following technical, administrative and physical measures necessary for securing safety.
① Establish and implement internal management plan
- Establishment and implementation of the company's internal management plan shall be carried out in accordance with the internal management guidelines of the Ministry of Public Administration and Security.
② Regular self-audit conducted
- We conduct our own audits regularly (quarterly) to ensure the safety of handling personal information.
③ Minimization and education of personnel handling personal information
- We designate and minimize the person who handles personal information, and take measures to manage personal information.
④ Restrict access to personal information
- We take necessary measures to control access to personal information through granting, alteration and deletion of access rights to the database system handling personal information, and we control unauthorized access from outside by using an intrusion prevention system. br>
⑤ Preventing storage and tampering of connection records
- We keep and manage the records (web logs, summary information, etc.) connected to the personal information processing system for at least 6 months and use the security function to prevent the log records from being altered, stolen or lost.
⑥ Encryption of personal information
- User's personal information is encrypted and stored and managed. We also use sensitive security features such as encrypting sensitive data during storage and transmission, or using file locking.
⑦ Technical measures against hacking
- The Company installs a security program, periodically updates and checks the system, installs the system in a controlled area from outside and technically and physically monitors and blocks it to prevent leakage and damage of personal information by hacking or computer virus . We are also monitoring network traffic as well as detecting illegal attempts to change information.
⑧ Access control to unauthorized persons
- Separate physical storage of the personal information system that stores personal information, establishing access control procedures and operating them.
⑨ Use locking device for document security
- Documents containing personal information and auxiliary storage media are stored in a safe place with lock.
Article 9 (Posts)
① The company site takes care of your post and protects it from being tampered, damaged or deleted. However, this is not the case in the following cases:
1. Spammy posts (e.g., lucky letters, 800 million emails, specific site ads, etc.)
2. To spread the false facts to defame others and to undermine the honor of others.
3. Posting of other person's personal information without permission, copyright infringement such as third party's copyright, other posting topics and other contents
4. In order to activate the desirable bulletin board culture, the company site can delete certain parts or post them by modifying them, etc.
5. If it is possible to move to a bulletin board of another topic, we will not misunderstand the path to the post.
6. In other cases, you may take action after an explicit or separate warning.
② Fundamentally, all the rights and responsibilities related to the post belong to the author. In addition, since information that is voluntarily disclosed through the post is hard to be protected, please consider it before the information disclosure.
Article 10 (Personal information manager and contact person)
① In order to protect personal information and to deal with complaints related to personal information, the Company has designated the person in charge of personal information protection and the person in charge as below. (Person in charge of personal information protection pursuant to Article 31 (1) of Personal Information Protection Act)
Name: Top Gear
② The person in charge of personal information protection of the company is also the person in charge of "Personal image information protection."
You may report all complaints related to the protection of personal information that occur when you use the Company's services to the person in charge of personal information management or the department in charge. The Mutual Aid Association will respond promptly and adequately to your complaints.
Article 11 (Changes to Personal Information Processing Policy)
This personal information policy will be applied from the effective date. If there are additions, deletions and corrections of the changes in accordance with the laws and policies, we will notify them through announcements 7 days before the possible change.
- Announcement date: December 10, 2015
- Effective date: December 20, 2015
Article 12 (Infringement Remedy Method)
In order to receive relief from personal information infringement, the information subject may apply for dispute resolution or consultation to the Personal Information Dispute Resolution Committee or the Korea Internet Information Agency. In addition, please contact the following organizations for reporting and consultation of other personal information infringement.
- Personal Information Dispute Arbitration Committee: www.118.or.kr (without the number 118)
- Information Protection Mark Certification Committee: www.eprivacy.or.kr (02-580-0533 ~ 4)
- Supreme Prosecutors' Office, Advanced Criminal Investigation Division: www.spo.go.kr (02-3480-2000)
- Cyber Terror Response Center, National Police Agency: www.netan.go.kr (1566-0112)
Personal Information Processing Policy Change Notice Date: December 5, 2015