Article 1 [Purposes of Processing of Personal Information]
1. Processing InquiriesPersonal information is processed for such purposes as verifying the identity of the inquirer, verifying the content of the inquiry, contacting or sending notice to the inquirer for a fact check, and answering the inquiry.
2. HiringPersonal information is processed for hiring purposes.
Article 2 [Use and Retention Periods of Personal Information]
① The Company processes and retains personal information during the retention and use periods prescribed by applicable laws, or during the retention and use periods agreed upon when said personal information was collected from the data subject.
② The personal information will be used and retained until the inquiry in question has been verified, answered, and processed completely.
③ An application submitted by a candidate will be retained from the date of collection until the final hiring decision is made
Article 3 [Rights, Duties and Exercise of Rights of Data Subject and Their Legal Representative]
① Data subjects are entitled to exercise their rights at any time, including requesting access to, correction or deletion of, or refusal of use of their personal information.
② The rights referred to in ① may be exercised in writing, electronically, or via fax, in accordance with paragraph 1 of Article 41 of the Enforcement Decree of the Personal Information Protection Act, and the Company will promptly take such steps as may be deemed necessary.
③ The rights referred to in ① may be exercised by the data subject through their legal representative or otherwise duly authorized person, in which case a power of attorney must be provided in the form specified in Exhibit 11 of the Enforcement Rules of the Personal Information Protection Act.
④ A request for access to or refusal of use of personal information may restrict the data subject’s rights in accordance with paragraph 5 of Article 35 and paragraph 2 of Article 37 of the Personal Information Protection Act.
⑤ When a request for correction or deletion of personal information is made, a request for deletion cannot be made if said information is to be collected in accordance with other applicable laws.
⑥ When the data subject makes a request for access to, correction or deletion of, and refusal of use by exercise of their rights, the Company shall determine if said request is made by the data subject himself/herself, or by their duly authorized representative.
Article 4 [Types of Personal Information Processed]
Below are the types of personal information processed by the Company:
1. Processing inquiries-Required: Company name/department, name/job title, direct line, email address, inquiry
2. Hiring-Required: Email address, mobile phone number, home address, home phone number, gender, date of birth, name, job title, department, company name, marital status, education, and any other information provided on the resume.
Article 5 [Destruction of Personal Information]
① The Company destroys any personal information without delay when the purpose for which said information was collected is no longer being served because the retention period has expired, or because the purpose of processing has been fulfilled.
② Should retaining said personal information be required by other applicable laws even though the retention period agreed upon by the data subject has expired or the purpose of processing has been fulfilled, said personal information shall be transferred to another database or kept in a separate place.
③ Personal information will be destroyed through the procedure and method described below:
1. Destruction procedureThe Company selects personal information to be destroyed for any legitimate reason and destroys said information with the approval of the Company’s Chief Privacy Officer.
2. Destruction methodIf the personal information was recorded and stored electronically in a digital file, it will be destroyed irrecoverably; if said information was recorded and stored on paper documents, it will be destroyed by shredding or incineration.
Article 6 [Safeguarding Personal Information]
① The Company takes the following measures to safeguard privacy:
1. Administrative safeguards: Establishing and implementing in-house management plans, periodic employee training, etc.
2. Technical safeguards: Managing access to personal information systems, installing an access control system
3. Physical safeguards: Restricting access to computer rooms and archives
Article 7 [Enabling, Operating, and Refusal of Automatic Collection of Personal Information]
Article 8 [Chief Privacy Officer]
① The Company has appointed the Chief Privacy Officer and the Privacy Office as described below, who are responsible for overseeing the processing of personal information, as well as handling grievances from data subjects and remedies for breaches in relation to the processing of personal information:
▶ Chief Privacy OfficerName: Moon Ki-ho Title: Head of Administrative Division Call or email: 02-391-2348
▶ Privacy OfficeDepartment: Administrative Division Officer: Kim Sung-jin Call or email: 02-391-2348, firstname.lastname@example.org
② All data subjects are welcome to contact the Chief Privacy Officer or the Privacy Office if they have any questions about privacy, grievances, or concerns about remedies that arise during their use of the Company’s service. The Company will respond to and process any inquiries from data subjects without delay.
Article 9 [Request for Access to Personal Information]
Data subjects are entitled to request the following department for access to personal information in accordance with Article 35 of the Personal Information Protection Act. At the Company, we will do the best we can to grant said data subject’s request for access.
▶ Department responsible for receiving and processing personal information access requestsName: Administrative Division Officer: Kim Sung-jin Call or email: 02-391-2348, email@example.com
Article 10 [Remedies for Infringement of Data Subjects Rights]
The following organization operates independently of the Company, but you can contact the organization if you are not satisfied with the handling of privacy grievances or the remedy provided by MEDIUM (“https://www.themedium.io” or “MEDIUM Website”), or if you want help or detailed information.
Personal Information Infringement Report Center (operated by Korea Internet & Security Agency) -Responsibilities: Reports on personal information infringements and consultations -Website: www.privacy.kisa.or.kr -Telephone: 118 (with no area code) -Address: Personal Information Infringement Report Center, 3rd floor, 9, Jinheung-gil, Naju-si, Jeollanam-do (301-2, Bitgaram-dong) (58324)
Personal Information Dispute Mediation Committee -Responsibilities: Requests for mediation of personal information disputes, mediation of collective disputes (civil mediation) -Website: www.kopico.go.kr -Telephone: 1833-6972 (with no area code) -Address: 4th floor, Government Complex Seoul, 209, Sejong-daero, Jongno-gu, Seoul (03171)
Cybercrime Investigation Division of Supreme Prosecutors’ Office: 02-3480-3573 (www.spo.go.kr)
Korean National Police Agency Cyber Bureau: 182 (http://cyberbureau.police.go.kr)