- 01. Purpose of Processing Personal Information
-
Business Post (https://www.koreawho.com, hereinafter "Business Post")
processes personal information for the following purposes and does
not use it for any purpose other than those listed:
- Recruitment, article submissions, advertising inquiries, inconvenience reports, etc.
- 02. Processing and Retention Period of Personal Information
-
- 1. Business Post processes and retains personal information within the period agreed upon when collecting personal information from the information subject or within the period specified by law.
- 2. Specific processing and retention periods for personal information are as follows:
- • Customer registration and management: Until the service contract is terminated or membership is withdrawn; however, if there are remaining creditor-debtor relationships, until those relationships are settled.
- • Records of contracts, withdrawals, payments, and supply of goods in electronic commerce: 5 years.
- 03. Rights and Duties of Information Subjects and Legal Representatives and How to Exercise Them
-
-
1. Information subjects can exercise the following rights regarding personal information protection with Business Post at any time:
- • Request to view personal information
- • Request for correction if there are errors
- • Request for deletion
- • Request to stop processing
-
2. For children under 14 years old, legal representatives have the right to view or correct the child's personal information and to withdraw consent for collection and use.
- 04. Items of Personal Information Processed
-
Business Post processes the following personal information:
-
- • Required items: Name
- • Optional items: Company name, email, mobile phone number, company phone number, position, department, homepage
- 05. Destruction of Personal Information
-
-
- • Destruction Procedure: Information entered by users is transferred to a separate database (DB) after achieving its purpose (or a separate document in the case of paper) and stored for a certain period according to internal policies and other related laws before being destroyed. Personal information transferred to the DB is not used for other purposes unless required by law.
- • Destruction Period: Personal information is destroyed within 5 days after the retention period has expired or when it is deemed unnecessary, such as when the processing purpose is achieved, the service is terminated, or the business ends.
- 06. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
-
Business Post does not use "cookies" that store and retrieve user information.
- 07. Personal Information Protection Officer
-
-
1. Business Post has designated a Personal Information Protection Officer to oversee the overall responsibility for personal information processing and to handle complaints and damage relief from information subjects.
- Personal Information Protection Officer
- • Name: Kang Seok-woon, CEO
- • Contact: 1800-6522, bspost@businesspost.co.kr
- • This contact connects to the department in charge of personal information protection.
- Department in Charge of Personal Information Protection
- • Department: IT Support Team
- • Contact: 1800-6522, bspost@businesspost.co.kr
- • Contact: 070-4010-8512, subzo@businesspost.co.kr
-
2. Information subjects can contact the Personal Information Protection Officer and the department in charge for all personal information protection inquiries, complaints, and damage relief that occurred while using Business Post's services. Business Post will respond and handle inquiries promptly and sincerely.
- 08. Changes to the Privacy Policy
-
This Privacy Policy applies from the effective date, and any changes, additions, deletions, or corrections according to laws and policies will be announced through notifications at least 7 days before the changes take effect.
- 09. Measures to Ensure the Security of Personal Information
-
-
1. Regular Self-Audits: Conduct regular self-audits (quarterly) to ensure the security of personal information.
-
2. Minimization and Training of Personal Information Handling Staff: Designate and limit the number of personnel handling personal information and implement management measures through training.
-
3. Establishment and Implementation of Internal Management Plan: Establish and implement an internal management plan for the secure handling of personal information.
-
4. Technical Measures Against Hacking: Install security programs, update, and check them regularly, and install systems in controlled areas to prevent personal information leakage and damage from hacking or viruses.
-
5. Encryption of Personal Information: Store and manage user passwords encrypted, with access limited to the user only. Important data is encrypted or protected using separate security features such as file locking.
-
6. Storage and Prevention of Alteration of Access Records: Keep records of access to the personal information processing system for at least 6 months and use security features to prevent tampering, theft, or loss.
-
7. Access Restriction to Personal Information: Take necessary measures to control access to personal information through granting, changing, and deleting access rights to the database system and use intrusion prevention systems to control unauthorized access from outside.
-
8. Using Locks for Document Security: Store documents and auxiliary storage media containing personal information in secure places with locks.
-
9. Control of Unauthorized Access: Establish and operate access control procedures for physical storage places containing personal information.