AOS Korea Corporation (http://www.incircle.kr, hereafter referred to as “AOS Korea) set up the following policies to protect the users’ personal information, rights, and interests under the Protection of Personal Information Act and to facilitate smooth resolution of users’ complains.
※This policy will take effect starting January 1, 2016.
1. Objective of Personal Information Processing
AOS Korea processes personal information for the following objectives. Processed information will not be used for any purpose other than the stated objectives, and in case of changes to the policy, we will ask your consent in advance.
- • Personal information isprocessed with the objectives to: confirm and manage membership to the website; to follow up the intention of joining as a member; and to verify and authorize users who are eligible to use membership-based services.
• Personal information is processed with the objectives to confirm customer complaints, and to contact customers to verify complaint details,send them notices, and notify them the results when cases are resolved.
• Personal information is processed with objectives to provide materials or services, send bills, provide contents, and receive and process payments.
• Personal information is processed with the objectives to utilize for marketing and advertisement, development of new service (or product), provide customized service, send information for advertisement, and notify events and opportunities to participate.
2. Overview of the Personal Information File
Name of the personal information file: privacy.xlsx
Items of personal information: email address, name, cell phone number, work telephone number, department, company name, login history, access IP information
Collecting method: website (homepage)
Ground for Retention: contact information for customer to apply for service
Retention Period: 3 years
Related Statute: Period of retention of records about customer complaint or dispute processing: 3 years
3. Personal Information Processing and Retention Period
①AOS Korea processes and retains personal information within the retention and use period mandated by law, or agreed upon by the owner of the information at the time of collection.
②Personal information processing and retention periods are as follows:
<Homepage membership subscription and management>
Personal information associated with “homepage membership subscription and management” will be retained and used for the above mentioned objectives for three years starting from the day client agrees to the collection and use of personal information.
Grounds for retention: Personal Information Protection Act for homepage users
Period of retention of records about customer complaint or dispute processing: 3 years
4. Sharing of collected personal information with third party
① 1. AOS Korea share collected personal information with third party only when the client consents to it, or when it is allowed under applicable statues, such as Article 17 and 18 of the Personal Information Protection Act.
②AOS Korea share personal information with others as follows:
<Details about Sharing Collected Personal Information with Third Party>
-Personal information receiver: AOL Mobile
-Receiver’s objectives to use personal information: name of the client company and department to install the service.
-Period of retention and use of received information: 3 years
5. Consignment of personal information
① AOS Korea consigns personal information as follows for the efficient personal information processing.
<Consignment of Personal Information>
-Consignee: AOS Mobile
-Consigned task: installation of corporate customer’s service
-Period of Consignment: 3 years
② In accordance to Article 25 of the Personal Information Protection Act, AOS stipulates on the contract provisions on the prohibition of using personal information for purposes other than the execution of consigned tasks, technical and administrative protection, restriction of re-consignment, and the management, supervision, and liability of consignee, and is supervising to ensure consignee is processing personal information safely.
③In case of changes to the consignee or consignment details, it will be made public without delay through personal information processing policies.
6. Rights and Responsibilities of the Information Owner and Method of Exercise
① The personal information owner can request AOS Korea to execute following rights under the Protection of Personal Information Act at any time.
- Request to view personal information
- Request correction of errors
- Request deletion
- Request stop processing
② When executing the rights in accordance to the first clause, user can make request in writing, email, or fax according to the template form provided in the Annex 8: Enforcement Rules of Personal Information Protection Act, and AOS Korea will process the request without delay.
③ When the personal information owner requests correction or deletion of errors in personal information, AOS Korea will not use or transfer the personal information in dispute until the correction or deletion is completed.
④When executing rights in accordance to the first clause, the personal information owner can submit the request through a legal representative of authorized person. In this case, the information owner has to submit a power of attorney in accordance to the template form provided in the Annex 11 : Enforcement Rules of the Personal Information Protection Act.
7. Collected and Processed Personal Information Items
AOS Korea controls the following private data.
<Customer Complaints Processing>
-Mandatory: email, name, work telephone number, department, company name – Selection: None
8. Destruction of Personal Information
In principle, AOS Korea destroys personal information without delay when the collected personal information had fully served its intended objective. Destruction process, period, and method are as follows:
– Destruction Procedures: After achieving the objective of the information registered by users, the information is transferred to a separate database (separate document in case of paper records) and stored for a certain period of time or immediately destroyed according to internal policies and related regulations. In this case, personal information transferred to the separate database will not be used for any purpose other than instructed otherwise by law.
– Destruction Deadline: In case of personal information whose retention period is expired, it is destroyed within 5 days from the final retention date. In case of personal information that has become unnecessary because either the objective has been achieved, or the relevant service has been terminated, or the enterprise has closed, it is destroyed within 5 days of the date that the information is deemed unnecessary.
– Destruction Method: A technical method is utilized to destroy information kept in electronic files so the records cannot be restored.
9. Personal Information Safety Assurance MeasuresAOS Korea
AOS Korea takes following technical, administrative, and physical actions to ensure safety assurance in accordance to Article 29 of the Protection of Personal Information Act.
1. Training and Keeping the Minimal Number of Employees Authorized to Access Personal Information
AOS Korea restricts access to personal information only to a limited number of designate employees to protect and manage personal information.
2. Technical measures against hacking
AOS Korea installs security program, implements periodical update and inspections, andinstalls system in restricted location to technically and physically supervise and restrict access to personal information to protect personal information from leaking or becoming damaged by hacking or computer virus.
3. Encrypted private data
The personal information of users is stored and managed under password protection and only the user may know their password. AOS Korea also takes additional safety measures to protect important information by encrypting files and transferred data or using the locking functions.
10. Designation of Personal Information Protection Manager
① AOS Korea designates a Personal Information Protection Manager as follows. The manager is responsible for overall personal information handling, including the resolution of user’s complaints and loss in association with personal information.
Personal Information Protection Manager
Name: Hwang Jeong-taek
Position: Team Leader
Contact Info: 02-565-5055, email@example.com, 02-563-5055
※ You will be connected to the privacy protection department.
Privacy Protection Team
Name of the Team: Development Team
Manager: Hwang Jeong-taek
Contact Info: 02-565-5055, firstname.lastname@example.org, 02-563-5055
② Information owners can contact the personal information protection manager and department and make inquiries about personal information related questions, complaints, loss, and damages that occurred while using the service (or the enterprise) provided by AOS Korea.
AOS Korea will reply and process user inquiries without delay.
11. Changes to Personal Information Processing Policy
This personal information processing policy takes effect the day it is implemented, and a notice will be sent out 7 days before modifications such as additions, deletions, and corrections are implemented in accordance to the regulations and policies.