1. Information we collect
First, we collect the following personal information to recruit employees, to respond to inquiries related to employment, and to identify the persons covered by employment protection.
- Name, password for confirmation, email address, contact information, date of birth, gender, nationality, educational background (school name, month and year of entrance/graduation, major, specialized major, grade, graduation status), career background (company name, job, position, department name, duration of employment), language and other certifications (certification type, level, date of certification), military service information, veterans information (if applicable), disability information (if applicable), additional required materials (if applicable), coding test results (if applicable), interview results (if applicable), personality test results (if applicable), health check result for employment (only for the qualified candidate)
Second, we collect the following personal information to receive partnership proposals.
- Proposer’s name, email address
Third, the Company collects the following personal information for receiving the consultation request/report to Corporate Ethics Center.
- Name, contact information, email address, password for checking the process result (if you submit anonymously, your personal information will not be collected.)
The following information may be automatically generated and collected in the course of using our services or handling businesses.
- Browser type and OS, visit record (IP address, log-in time), device information, cookies
2. Purposes of handling personal information
- A. To conduct recruitment process, to review qualifications, to communicate with applicants, and to promote employment for applicants with disabilities based on "Act on the Employment Promotion and Vocational Rehabiltation of Persons with Disabilities"
- B. To deal with the partnership proposals
- C. To respond to consultation requests/reports to Corporate Ethics Center and to communicate with the requestor/reporter.
3. Information we provide to third party
The company must use the data subject’s personal information within the range specified in “2. Purpose of Processing Personal Information”, and as a principal rule, not disclose the personal information to third parties. However, the following are exceptions.
- - When Data subject has granted prior approval
- - When requested by an investigative agency, through procedures and methods defined by law, for investigative purposes, in accordance with legal regulations.
In some cases, we offer jobs to applicants at the companies we have a particular relation to (subsidiaries, affiliate companies, etc.), and in these cases, we always obtain consent from the applicants by contacting them individually before we transfer applications to the respective companies.
4. Entrusting the Handling of Personal Information
The following personal information is entrusted for a process of work at the Company, and the necessary provisions have been prepared for the safety of data subject’s personal information when executing an agreement to entrust personal information in accordance with related laws.
Organizations entrusted to handle the company’s personal information and the entrusted tasks are as shown below;
NAVER Cloud Corp.
Website development & maintenance / System operation & management
Corporate Ethics Center operation & management
Assesta HRC corp.
5. Period of Handling and Retention of Personal Information
The Company processes and retains the personal information during the retention/use period as agreed by the data subject while collecting the personal information or as required under related laws, and the personal information is discarded immediately after the purpose of its collection and use has been achieved.
- - Job application: 5 years (if the applicant wants us to delete personal information, the personal information is discarded immediately)
- - 1:1 inquiry for job application: 6 months
- - Partnership proposal: Discarded after the response to proposal is completed
- - Consultation requests/reports to Corporate Ethics Center: 6 months after the purpose of its collection and use has been achieved
6. Procedure and methods of Personal Information Destruction
A. Destruction procedure
The Company deletes personal information immediately after the purpose of its use has been achieved. When the Company is obliged to retain, rather tan destory, personal information for a specific period of time as stipulated by related laws even after the purpose of its use has been achieved, the personal information is stored and managed separately from other personal information.
B. Destruction method
- Personal information printed on paper is destroyed with a paper shredder or incinerator.
- Personal information stored in electronic files is deleted using technical methods that prevent its restoration.
7. Rights of Data Subjects and Methods of Exercising Those Rights
The data subjects can view and modify his/her registered personal information at any time and may request for deletion or suspension of handling of the information. In the event the data subject requires deletion of information or suspension of handling, he/she shall contact the Chief Privacy Officer in writing, phone or email and the necessary measure will be taken without delay. Exercise of rights can be restricted when the exercise of rights are prohibited or limited by Acts.
A legal representative or a person delegated by the data subject can exercise those rights. The Company shall confirm whether the person who has submitted those rights is the principal or the duly authorized representative.
8. Additional Information on automatically generated information
The Company uses 'Cookies' for providing the web services. Cookies are very small-sized files that are stored on the PC through the web browser and used to provide services.
A. Purpose of using cookies
- Cookies are used to analyze the information on visits, services used and secure access.
B. Rights of choice regarding cookies
You can refuse to save cookies through web browsers setting, and there is no disadvantage of it.
- - Chrome: Settings > Privacy and Security > Cookies
- - Microsoft Edge: Settings > Site permissions > Cookies and site data
9. Measures to ensure the safety of personal information
The company has come up with the following measures to ensure that the personal information is safely secured;
A. Organizational safeguards
Establishment and implementation of the internal management plan, and periodical training for the personal information handlers etc.
B. Technical safeguards
Management of the access to the personal information processing system, operation of access control system, encryption of personal information and operation of vaccine software.
C. Physical safeguards
Restriction of access to the server rooms and data archive etc.
10. Chief Privacy Officer information
You may file all privacy-related complaints, which arise during the use of the homepage to the chief privacy officer. The Company will provide you with an immediate and sufficient response to your inquiry.
|Chief Privacy Officer for Recruitment, Proposal||Chief Privacy Officer for Corporate Ethics Center|
11. Consult on the Privacy Infringements
You can report or consult about privacy infringement to 'Personal Information Dispute Mediation Committee', 'Privacy Infringement Report Center' of Korea Internet&Security Agency. If you need to report or consult on other privacy infringements, please contact the following organizations;
- Personal Information Dispute Mediation Committee (kopico.go.kr / Phone no. 1833-6972)
- Privacy Infringement Report Center (privacy.kisa.or.kr / Phone no. 118)
- Cyber Crime Investigation Unit, Supreme Prosecutor’s Office (spo.go.kr / Phone no. 1301)
- Cyber Bureau of Investigation, National Police Agency (ecrm.cyber.go.kr / Phone no. 182)
- Notification date : 9 December 2021
- Enforcement date : 16 December 2021