[Dreamtech Co., Ltd.] (hereinafter referred to as “the Company”) hereby establishes and discloses its personal information processing policies in the following. The personal information processing policies aim to protect the personal information of information subjects in accordance with Article 30 of the 「Personal Information Protection Act」 and to quickly and smoothly handle any related complaints.
Article 1 (Purpose of Processing Personal Information)
The company processes the personal information of its users for the following purposes. If the purpose of use changes, the company will take necessary measures, such as obtaining a separate consent in accordance with Article 18 of the Personal Information Protection Act.
Reporting ethical management (Real name, anonymous)
Using the website
User's browser type and OS, access record (IP Address, access time)
- 1. Personal information is processed for the purpose of answering inquiries about questions on the company (Contact)
- 2. Personal information is processed for the purpose of handling grievances in relation to “reporting ethical management.”
- 3. The company does not process personal information that may clearly infringe the privacy of users in ways that are outside the provisions of laws or the user's consent.
Article 2 (Processing and Retention Period of Personal Information)
- 1. The company processes and retains personal information for the period of retention and use of personal information that has been specified by the related laws, or the period of retention and use of personal information agreed upon when the personal information is collected.
- 2. The processing and retention period of personal information is as follows.
- ① The company retains and uses personal information until the purpose of its collection and use has been fulfilled (final answer to customer inquiries).
- ② If the user wants to delete his or her personal information, the company will delete the personal information without delay.
Article 3 (Providing Personal Information to a Third party)
- 1. In principle, the company processes the user's personal information within the range specified for the purpose of collection and use, and except in cases falling under Articles 17 and 18 of the Personal Information Protection Act, such as the user's consent and special provisions of the law, the company will not process the information in a manner that goes beyond the scope of the original purpose, or provide it to a third party without the prior consent of the user.
Article 4 (Information Subject’s Rights and Duties and Method of Exercise)
- 1. The user may view or modify the personal information registered with the company at any time, and may request to withdraw his or her consent to its collection. If users wishing to view/modify their personal information or to withdraw consent contact the person in charge of personal information protection or the department in charge of the company in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act, the company will take action without delay.
- 2. If a user requests the correction of errors in personal information, the personal information will not be used or provided until such correction has been made. In addition, if incorrect personal information has already been provided to a third party, the correction will be reported to the third party without delay. The Company handles personal information that has been voided or deleted at the request of a user as specified in ‘Article 2 Processing and Retention Period of Personal Information,’ and processes it so that it cannot be viewed or used for any other purpose.
- 3. The company will attempt to determine that the person who makes a request related to personal information, such as a request for access, a request for correction or deletion, or a request for access when requesting suspension of processing according to the rights of the user, is the verified individual member or their legitimate representative. When a request is made by an agent, the agent must submit a power of attorney in accordance with the form provided in Appendix 11 of the Enforcement Regulations of the Personal Information Protection Act.
- 4. If a request to view and suspend personal information is made, the user’s rights may be restricted as per Article 35(5) and Article 37(2) of the Personal Information Protection Act.
- 5. For some personal information, deletion cannot be requested if the personal information is specified as a mandatory target of collection in other laws.
Article 5 (Personal Information Items to be Processed)
The company processes the following personal information items.
- 1. Personal information collection items: Name, email address, phone number
- 2. Grounds and laws for collecting, using, and retaining personal information: Related laws such as the 「Personal Information Protection Act」 and guidelines for personal information protection under the enforcement decree of the same
- 3. In the process of using the service, the following information may be automatically generated and collected: Service usage record (access date and time), connection IP information, etc.
Article 6 (Destruction of Personal Information)
- 1. The company will destroy the personal information without delay when it is no longer necessary, such as when the personal information retention period has elapsed or the purpose of its collection has been achieved.
- 2. When the personal information must to be kept in accordance with other decrees even though the personal information retention period agreed upon by the user has elapsed or the purpose of its collection has been achieved, the personal information is preserved by moving to a separate database (DB) or by changing the storage location.
- 3. The procedure and method of personal information destruction are as follows.
- ① Destruction procedure: The company selects the personal information for which the reason for destruction has occurred, and destroys the personal information with the approval of the company’s personal information protection officer.
- ② Destruction method: The company destroys personal information recorded and stored in the form of electronic files using a method such as a low level formatting so that the records cannot be reproduced, while personal information recorded and stored in paper documents is destroyed by crushing it with a grinder or through incineration.
Article 7(Measures to Ensure the Safety of Personal Information)
The company takes the following measures to ensure the safety of personal information.
- 1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.
- 2. Technical measures: Management of access rights to information such as through personal information processing system, installation of access control system, encryption of unique identification information, installation of security programs, etc.
- 3. Physical measures: Access control in the computer room, data storage room, etc.
Article 8 (Person in Charge of Personal Information Protection)
- 1. The company has designated the following person in charge of personal information protection, to take full responsibility for the work of personal information processing and to handle user complaints and remedies for damage related to personal information processing.
Personal Information Protection Officer Department In Charge of Personal Information Protection Name Byun Hyochang Department Planning Team Position Team Leader Person in charge Byun Hyochang Contact (T) 031-620-1534/ (F) 031-620-1599 Contact (T) 031-620-1534/ (F) 031-620-1599
- 2. Users can contact the information protection officer and the department in charge of personal information protection with any inquiries related to personal information protection, complaint handling, damage relief, etc. The company will respond and handle user inquiries without delay.
Article 9 (Remedy for Infringement of Rights and Interests)
Users can make inquiries regarding damage relief, consultation, etc. for personal information infringement to the following organizations.
The following organizations are separate from the company. Please feel free to contact them if you are not satisfied with the company's own handling of a personal information complaint or a request for damage relief, or if you need more detailed assistance.
|Personal Information Infringement Reporting Center||Report personal information infringement, request consultation||privacy.kisa.or.kr||(No area code) 118|
|Personal Information Dispute Mediation Committee||Personal information dispute mediation (Individual / collective)||kopico.go.kr||02-2100-2499|
|Personal Information Protection Comprehensive Portal||Inquiries on personal information related laws and consulting, providing data||privacy.go.kr||02-2100-4047|
|National Police Cyber Security Agency||Inquiries and reports on criminal cases related to personal information infringement||cyberbureau.police.go.kr||(No area code) 182|
Article 10 (Change of personal information processing policy)