BH Acoustel Corp. (hereafter, “the Company”) shall value members’ personal information and observe the Act on the Promotion of Information and Communications Network Utilization and Information Protection. Through its Personal Information Handling Policy, the Company shall inform members of how and for what purpose their personal information provided is used as well as the safeguarding measures it has in place.
Any amendment to the Company’s Personal Information Handling Policy shall be announced through its website or through individual notices.
1. Personal Information Items to Be Collected and Collection Method
A. Personal information items to be collected
The Company shall collect the following personal information items to handle membership applications, service applications, etc.
- Essential items: Name, ID, password, nickname, e-mail, and a question and reply for password search
B. Personal information collection method
The Company shall collect your personal information using the following method.
- Membership application through our website
2. Purpose of Collection and Use of Personal Information/p>
The Company shall use your personal information for the following purposes.
A. Management of members
Your personal information shall be used to identify you according to the use of membership service and the limited identification of the person concerned, to identify individuals, to prevent the illegal use by disqualified members and unauthorized use, to confirm the applicant’s intention for membership application, to limit the membership application and the count thereof, to confirm their legal proxy’s agreement when collecting the personal information of children aged under 14 years and to identify the proxy’s ID later, to preserve recording for the arbitration of disputes, to deal with complaints and other petitions, and to send you notices.
B. Use of personal information for marketing and advertisements
To notify you of events and other advertising information, to identify access frequency, and/or to create members’ use of our services
To implement the citizen reporter system and to use communities
3. Period of Retention and Use of Personal Information
In principle, the Company shall promptly destroy relevant information after achieving the purpose of collecting and using personal information. However, the Company shall retain the following information for the specified reasons during the specified period.
- Item: Name, log-in ID, password, question and reply for password search, home phone, home address, mobile phone, and e-mail
- Reason for retention: For cooperation with investigative authorities conducting investigations
- Retention period: 5 years
4. Procedure and Method of Destruction of Personal Information
Company shall promptly destroy the relevant information after achieving the purpose for which the personal information was collected and used. The information destruction procedure and method shall be as follows.
- Destruction procedure
The information that members have entered for membership application, etc. shall be moved to a separate database (a separate file cabinet for paper documents), and shall be stored for a certain period before being destroyed according to reasons for the protection of information based on our policy and laws (please refer to the retention and use period). Personal information that has been moved to the separate database shall not be used for purposes other than its original purpose except by law.
- Destruction method
Personal information on paper shall be destroyed by shredding or incineration. Personal information, recorded in the form of electronic files, shall be deleted using a technical method to make reproduction impossible.
5. Provision of Personal Information
In principle, the Company shall not provide the user’s personal information to third parties. However, the following shall be the exceptions:
- In case users make a prior agreement
- In case provided by law, or in case requested by investigative authorities according to the procedure and method set forth in laws
6. Commissioning Handling of Collected Personal Information
The Company shall not commission external firms to handle your information without your agreement. If such a need arises in the future, the Company shall notify you of the target and work subject being commissioned and receive your prior agreement if necessary.
7. User’s and His Legal Proxy’s Rights and the Method of Exercising Thereof
Users can inquire about or amend their registered personal information or request for membership cancellation anytime.
To inquire about or amend personal information, users can click 'Change Personal Information' (or ‘Amend Member Information’, etc.). To terminate their membership (Withdraw from Agreement), they can click "Leave Membership” and follow the identification procedure to directly access, correct or leave membership.
Regarding your personal information matters, please contact our staff for the personal information control in writing, by phone or via e-mail. Then, we will promptly take appropriate action accordingly.
If you have requested to correct errors in your personal information, we shall not use it or provide it to relevant parties prior to amending it. In addition, if we have already provided your incorrect personal information to a third party, we shall promptly notify your corrected information to that third party.
We shall handle your personal information as requested to be terminated or deleted by you according to the “Period of Retention and Use of Personal Information Collected by the Company”, and shall not allow the information to be accessed or used for other purposes.
8. Installation and Operation of Personal Information Automatic Collection System and the Refusal Thereof
A. Purpose of Using Cookies
We analyze the access frequency, visit time, etc. of members and non-members so that we can identify the users’ tastes and areas of interest, trace their tracks, identify the degree of their participation in various events and their visit frequency, etc. to conduct target marketing and to provide individually tailored services.
B. Installation and Operation of Cookie and Refusal Thereof
- You shall have the right to choose the installation or non-installation of cookies. Thus, by installing options for the web browser, you can allow all cookies to be stored or allow cookies being stored to be checked, or refuse to store cookies.
C. Method of Refusing Cookie Installation
- e.g.: the method of refusing the installation of cookies involves selecting options for the web browser that you use so as to allow all cookies to be stored or to allow cookies being stored to be checked, or to refuse to store all cookies.
- Installation method (e.g., in case of Internet Explorer): Tools> Internet Options> Privacy at the top of your web browser
- However, if you refuse to store cookies, some services that require login may be difficult to use.
9. Technical and Administrative Measures for Protecting Personal Information
The Company shall take technical, administrative and physical measures to secure the safety of personal information according to Article 29, etc. of the Personal Information Protection Act.
1) Minimization and education of staff for handling of personal information
The Company shall designate, limit and minimize the staff handling personal information to implement its policy on personal information management.
2) Establishment and implementation of internal management plan
For safe handling of personal information, the Company shall establish and implement its internal control plan.
3) Encryption of personal information
The personal information of users and their passwords shall be encrypted, stored and managed so that only the concerned person can know his/her information. For important data, their files and transmission data shall be encrypted or protected using a file locking function or other security functions.
4) Technical measures against hacking, etc.
In order to prevent leakage and damage of personal information caused by hacking or computer virus, we shall install, periodically renew, and check security programs. We shall also install systems in the unauthorized-access control area, and conduct technical and physical monitoring and blocking.
5) Restriction of access to personal information
We shall take measures necessary to control access to personal information by providing, changing and cancelling rights to access the personal information handling database. We shall control unauthorized external access using intrusion-blocking systems.
6) Blocking of physical access to data servers
Only server administrators shall be allowed access to the server storage location. Also, unauthorized physical access shall be controlled by monitoring and automatically tracing visitors through closed circuit monitors, by recognizing their fingerprints, and by using card readers and warning systems.
7) Use of locking systems for document security
We shall store documents, auxiliary storage media, etc. –which contain personal information - in a safe location with locking systems.
membership application and information revision web pages, the login information shall all be encrypted. In addition, the administrator’s function of handling a large amount of personal information shall not be provided on our website.
10. Civil Service on Personal Information
- Manager for control of personal information
Name : Kim YoonHo
Phone : 010-8265-5683
e-mail : firstname.lastname@example.org
- Staff for control of personal information
Name : Kim Younghui
Phone : 010-4059-7899
e-mail : email@example.com
You can report all petitions concerning your personal information while using our services to our manager or the relevant department responsible for control of personal information. We shall promptly respond to your reports. For report and consultation concerning privacy complaints, please contact the following agencies.
- Privacy Complaints Center (http://www.118.or.kr / 118)
- Personal Information Dispute Arbitration Committee (http://www.kopico.or.kr / 02-405-4747)
- Information Protection Mark Certification Committee (http://www.eprivacy.or.kr / 02-580-0533~4)
- Advanced Criminal Investigation Division, Supreme Public Prosecutors' Office (http://www.spo.go.kr / 02-3480-2000)
- National Police Agency Cyber Terror Response Center (http://www.ctrc.go.kr / 02-392-0330)
11. Amendment of Personal Information Handling Policy
This Personal Information Handling Policy shall take effect on the enforcement date. Any changes, addition or deletion of contents or correction thereof according to laws and policy shall be announced at least 7 days earlier.
Announcement date: April 1, 2015
Enforcement date: April 1, 2015