Personal Information Processing Policy
Last Update: January 1.2024.
We, Ecobridge Co.Ltd., ('http://www.ecobridge.kr' or hereinafter it is referred to as 'The Company') shall protect the personal information of information subjects under Article 30 of the 「Personal Information Protection Act」 and establish and disclose the following personal information processing policy in order to promptly and smoothly process complaints related to it.
○ 이 개인정보처리방침은 2024년 1월 1부터 적용됩니다.
Article 1. Purpose of collection and use of Personal Information
The company collects the minimum amount of personal information for the following purposes. Personal information being processed will not be used for purposes other than the following purposes, and necessary measures will be taken, such as obtaining separate consent under Article 18 of the 「Personal Information Protection Act」in the event that the purpose of the use is changed.
1. Items to be collected and purpose of use of personal information
A. Customer requirement : e-mail address, name, Country, Job, interested products
B. Processing of Civil Complaint Affairs : Personal information is processed for the purpose of the identity verification of the complainant, confirming complaint affairs, communications for fact-finding, and notifying processed results
Article 2 (Processing and Retention Period of Personal Information)
① < THE COMPANY shall process and hold personal information within its retention and use period according to the law or within its retention and use period consented by the information subject at the collecting time of it
② Each processing and retention period of personal information is as follows
1.<Processing of Civil Complaint Affairs>
Personal information related to <processing of civil affairs> may be retained and used for the above purpose until <three years> from the consent date of collection and use.
Retention basis: Processing of civil affairs
Relevant laws: Recording consumer complaints or dispute handling for three years
Article 3 (Destruction Procedure and Method of Personal Information)
① <THE COMPANY> shall destroy the personal information without delay when such personal information becomes unnecessary, such as the expiration of the personal information retention period and the achievement of the purpose of processing
② If personal information must be kept by other laws and regulations even after the personal information retention period consented by the information subject has elapsed or the purpose of processing has been achieved, the personal information will be moved to a separate database (DB) or preserved in a different storage location
③ The procedure and method of destroying personal information are as follows:
1. Destruction procedure
< THE COMPANY > shall select the personal information for which the reason for destruction occurred and destroy it after being approved by the responsible person for personal information protection of < THE COMPANY >.
2. Destruction method
Personal information printed on paper will be shredded with a shredder or destroyed by incineration.
Personal information in the electronic file form will be used for a technical method that cannot reproduce the record
Article 4 (Rights and Obligations of Information Subjects and their Legal Representatives, and Matters Regarding the Method of Exercising)
① The information subject may exercise its right to read, correct, delete, or suspend the processing of personal information at any time to THE COMPANY
② The exercise of rights by Paragraph 1 can be done in writing, e-mail, fax, etc., according to Article 41 (1) of the Enforcement Decree of the 「Personal Information Protection Act」 to THE COMPANY, and THE COMPANY will take action on this without delay
③ The exercise of rights by Paragraph 1 can be done through the legal representative of the information subject or agent who has been delegated. In this case, a power of attorney should be submitted according to the form annexed to “Notification on Personal Information Processing Method
④ The information subject's rights to request reading and suspending the processing of personal information may be restricted under Article 35 Paragraph 4 and Article 37 Paragraph 2 of the 「Personal Information Protection Act」.
⑤ Requests for correction and deletion of personal information cannot be requested if specified as the object of collection in other laws and regulations.
⑥ THE COMPANY shall check whether the person who requested reading, correction or deletion, or suspension of processing according to the rights of the information subject is the person or a legitimate agent.
Article 5 (Matters Regarding Matters for Ensuring the Safety of Personal Information)
< THE COMPANY > takes the following measures to ensure the safety of personal information.
1. Restriction of access to personal information
Necessary measures are taken to control access to personal information by granting, changing, or canceling access rights to the database system that handles personal information, and an intrusion prevention system is used to control unauthorized access from outside.
2. Storage of access records and prevention of forgery
The access record to the personal information processing system is stored and managed for at least one year, however, when adding personal information for over 50,000 information subjects or processing unique identifying or sensitive information, it is kept and managed for over two years.
In addition, a security function is used to prevent forgery, theft, and loss of access records.
Article 6 (Matters Concerning the Installation, Operation, and Refusal of Devices That Automatically Collect Personal Information)
THE COMPANY does not use 'cookies' that store and retrieve information subject's usage information from time to time.
Article 8 (Matters on Responsible Person in Charge of Personal Information Protection)
① THE COMPANY has the following designated person who is responsible for the overall works for personal information processing, and for personal information processing and the relevant complaints processing and damage relief of information subjects:
▶ Person responsible for personal information protection
Name: Kang Eun Joo
Contact: +82 -31-973-6125, THE email@example.com, 031-973-6126
※ You will get connected to the department responsible for personal information protection.
② The information subject may ask the person and department responsible for personal information protection for personal information protection-related inquiries, complaint handling, damage relief, etc. that occurred while using THE COMPANY's service (or business). THE COMPANY will answer and process inquiries from information subjects without delay.
Article 9 (Department that Receives and Processes Personal Information Inspection Requests)
The information subject may request the inspection of personal information under Article 35 of the Personal Information Protection Act to the following departments.
▶ The reception and processing department of Personal information inspection requests
Responsible staff: Managing Team
Contact: +82 -31-973-6125, THE firstname.lastname@example.org, 031-973-6126
Article 10 (Relief Method for Infringement of Rights and Interests of Information Subjects)
The information subject can apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee and the Personal Information Infringement Report Center of the Korea Internet & Security Agency in order to receive relief from personal information infringement. In addition, please inquire with the following organizations for reporting or consulting of other personal information infringement:
1. Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
3. Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr)
4. National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)
A person whose rights or interests have been infringed upon due to a disposition or omission of the head of a public institution upon the request for the provisions of Article 35 (Reading to Personal Information), Article 36 (Correction and Deletion of Personal Information) and Article 37 (Procession Suspension of Personal Information, etc.) of the 「Personal Information Protection Act」 may request an administrative appeal in accordance with the Administrative Appeals Act.
※ Please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr) for details on administrative appeal.
Article 11 (Change of Personal Information Processing Policy)