• After getting approval from the user, collects location information of a terminal Collects only personal information whose collection was approved after getting approval for personal information collection to answer customer’s other inquiries.
• The Company utilizes collected personal information for following goals. Personal information handled by the Company is not used for other purposes than followings and in case a use purpose is changed, the Company is scheduled to take necessary action including obtaining separate consent, etc. according to Article 18 of Personal Information Protection Act, provided that in case a customer in advance agrees to disclosure of a personal information or under laws and regulations, if at the request of an investigative agency according to prescribed procedures, the personal information may be disclosed to the outside.
• The Company handles/possesses personal information within the personal information possession/use period under laws and regulations or the personal information possession/use period approved from the information subject when it collects such information, if necessary under provisions of relevant laws and regulations, the Company stores member information for a certain period as prescribed in relevant laws and regulations as follows. The handling and possession period of each of personal information are as follows.
• – Customer information voluntarily provided according to customer inquiry: 3 years (Period related to the handling of customer’s complaint or disputes)
The Company basically destroys relevant information immediately after it completes collection of personal information and the use purpose. Destruction procedures and methods are as follows.
• Destruction procedures: The Company selects personal information for which a cause of destruction arises, and destroys personal information after getting approval of the person of the Company in charge of personal information protection.
• Destruction method: Personal information stored in an electronic file form shall be deleted using a technical method by which records can’t be reproductive. Personal information output in paper is pulverized by a pulverizer or destroyed by incineration.
The Company takes following action for securing safety of personal information:
• Management action: Internal management plan establishment/enforcement, regular employee education, etc.
• Technical action: Management of right to have an access to personal information system, etc., access control system installation, encoding of identification information, etc., installation of recent vaccine and security program, data backup.
• Physical action: Control of access to a computer room, a data storage room, etc.
The Company basically doesn’t provide personal information of customers to the outside, except for following cases:
• In case the Company gets prior approval;
• In case it is necessary under relevant laws and regulations or an investigative agency makes a request for the purpose of investigation according to the procedures and method stipulated in the laws and regulations; and
• In case it is necessary for preparation of statistics, academic research or market investigation, etc. and where the information is treated so that a certain person can’t be identified.
• In case the Company amends personal information handling policies, it will announce the amendment through public notice(private notice). When anything is added to the present Personal Information Handling Policies or the policies is deleted or revised, the Company will give notice from at least 7 days before the policies are amended, provided that in case there is a significant change in the right of the user such as collection and utilization of personal information and providing personal information to a third party, etc., the Company will give notice not later than 30 days before the change.