According to Article 30 of the Personal Information Protection Act, the Personnel Gallery (hereinafter referred to as the “Company”) establishes and discloses personal information processing guidelines as follows to protect the personal information of the information subject and to handle such grievances quickly and smoothly.Article 1 (Purpose of processing personal information)
The company processes personal information for the following purposes. The personal information being processed will not be used for any purpose other than the following, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
1. Subscribe to and manage homepage membership
Personal information is processed for the purpose of confirming membership intention, identifying and authenticating oneself according to the provision of membership services, maintaining and managing membership, preventing fraudulent use of services, and processing complaints.
2. Provision of goods or services
Personal information is processed for the purpose of delivering goods, providing services, sending contracts and bills, providing content, providing customized services, identification, age certification, payment and settlement of charges, and collection of bonds.
3. Complaint handling
Personal information is processed for the purpose of identifying civil petitioners, checking civil complaints, contacting and notifying them for fact-finding, and notifying them of processing results.
Article 2 (Processing and Retention Period of Personal Information)
① The company processes and holds personal information within the period of retention and use of personal information under laws and regulations or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
② Each personal information processing and retention period is as follows.
1. Membership and management of the website: Until withdrawal from the website of business operators/organizations
However, in the case of the following reasons, until the end of the relevant reason
1) Where an investigation, investigation, etc. is in progress due to violation of relevant laws and regulations, the relevant investigation and investigation shall be completed until the end of the investigation
2) If the bond or debt relationship remains due to the use of the website, the relevant bond or debt relationship shall be settled
2. Provision of goods or services: Until the completion of supply of goods and services and the completion of payment and settlement of charges
However, in the case of the following reasons, until the end of the relevant period
1) Records on transactions, such as labeling, advertising, contract details, performance, etc. under the Act on Consumer Protection in Electronic Commerce, etc.
– Marking and advertising records: June
– withdrawal of contract or subscriptionSupply record of payments, goods, etc.: 5 years
– Record of consumer complaints or dispute settlement: 3 years
2) Storage of communication fact-checking data under Article 41 of the Communications Secrets Protection Act
– Subscriber telecommunication date, start and end time, counterparty subscriber number, frequency of use, and location tracking data of the originating station: 1 year
– Computer communication, Internet log record data, access point tracking data: 3 months
Article 5 (Rights of users and legal representatives and methods of exercising them)
① The data subject may exercise the following personal information protection rights against the company at any time.
1. Personal information access request
2. Request correction if there is an error, etc
3. Deletion request
4. Request to stop processing
② The exercise of rights under paragraph 1 may be made in writing, by phone, e-mail, fax, etc. to the company, and the company will take action without delay.
③ If the data subject requests correction or deletion of personal information errors, etc., the company will not use or provide the personal information until the correction or deletion is completed.
④ The exercise of rights under paragraph (1) may be carried out through an agent, such as a legal representative of the information subject or a person delegated. In this case, you must submit a power of attorney in accordance with attached Form 11 of the Enforcement Rules of the Personal Information Protection Act.
⑤ The data subject shall not infringe on the personal information and privacy of the information subject himself or others handled by the company in violation of related laws such as the Personal Information Protection Act.
Article 6 (Personal Information Items Processed)
The company is handling the following personal information items.
1. Subscribe to and manage homepage membership
Required items: Name, email address
Selection: Not applicable.
2. Provision of goods or services
Required items: Name, phone number, and address
Selection: Not applicable.
3. The following personal information items can be automatically created and collected during the process of using the Internet service.
IP address, cookie, MAC address, service usage record, visit record, defective usage record, etc
Article 7 (Destruction of Personal Information)
① When personal information becomes unnecessary, such as the lapse of the personal information retention period or the achievement of the purpose of processing, the company shall destroy the personal information without delay.
② If the personal information retention period agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information shall be transferred to a separate database (DB) or stored in a different storage location.
③ The procedure and method for destroying personal information are as follows.
1. Revocation procedure
The company selects personal information in which the reason for destruction has occurred and destroys personal information with the approval of the company’s personal information protection manager.
2. Method of destruction
The company destroys personal information recorded and stored in the form of electronic files using low level format, etc., and shreds or incinerates personal information recorded and stored in paper documents with a shredder.
Article 8 (Measures to ensure the safety of personal information)
The company is taking the following measures to ensure the safety of personal information.
1. Management measures: Establishment and implementation of internal management plans, regular employee training, etc
2. Technical measures: access authority management of personal information processing systems, installation of access control systems, and unique identification information
Encryption of the back, installation of security programs
3. Physical Measures: Access Control of Computer Room, Data Storage Room, etc
Article 9 (Matters concerning the installation, operation, and rejection of an automatic personal information collection device)
① The company uses ‘cookies’ that store usage information and bring it up from time to time to provide individual customized services to users.
② Cookies are a small amount of information that a server (http) that is used to run a website sends to a user’s computer browser and are sometimes stored on a hard disk inside the user’s PC computer.
go.
urpose of use of cookies: To provide optimized information to users by identifying the type of visit and use of each service and website visited by users, popular search terms, security access, etc
will be used.
B. Installation, operation, and rejection of cookies: You can refuse to save cookies by setting options on the Tools > Internet Options > Privacy Menu at the top of your web browser.
C. Refusing to save cookies can cause difficulties in using customized services.
Article 10 (Personal Information Protection Manager)
① The company is in charge of handling personal information and designates a person in charge of personal information protection as follows to handle complaints and remedy damages of information subjects related to personal information processing.
Personal Information Protection Manager
Name: 김동현
Position: 팀장
Contact: 02-735-2655
※ You will be connected to the privacy department.
Personal Information Protection Department
Department name: 김동현
Person in charge: 팀장
Contact: 02-735-2655
② The information subject can contact the person in charge of personal information protection and the department in charge of personal information protection for all inquiries, complaints, and damage relief that occurred while using the company’s service (or business). The company will respond and process inquiries from the information subject without delay.
Article 11 (Request for access to personal information)
The data subject may request the following departments to view personal information under Article 35 of the Personal Information Protection Act. The company will try to expedite the request for access to personal information of the data subject.
Personal information access request reception and processing department
Department name: insa gallery
Person in charge: 팀장
Contact information: 02-735-2655
Article 12 (Method of remedy for infringement of rights and interests)
The information subject can inquire about damage relief and counseling for personal information infringement to the institution below.
Personal Information Infringement Reporting Center (run by the Korea Internet & Security Agency)
– Duties under his/her jurisdiction: Report the infringement of personal information and apply for counseling
– Home page: privacy.kisa.or.kr
– Phone: (without country code) 118
– Address: (58324) Personal Information Infringement Reporting Center on the 3rd floor of 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)
Personal Information Dispute Mediation Committee
– Affairs under the jurisdiction: Application for dispute settlement of personal information, collective dispute settlement (civil settlement)
– Home page: www.kopico.go.kr
– Phone: (without country code) 1833-6972
– Address: (03171) 4th floor of the Government Complex Seoul, 209, Sejong-daero, Jongno-gu, Seoul
Supreme Prosecutors’ Office Cyber Crime Investigation Team: 02-3480-3573 (www.spo.go.kr )
the National Police Agency Cyber Security Agency: 182 (http://cyberbureau.police.go.kr )
Article 13 (Implementation and change of personal information processing policy)
This personal information processing policy will be applied from September 11, 2023.
