VREDU Co. Ltd. (referred to as “Company” or “VREDU”) is related to information and communications service providers that information and communications service providers must comply with, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, Personal Information Protection Act, Communication Secret Protection Act, and Telecommunications Business Act. We are doing our best to protect the rights and interests of users by complying with the personal information protection regulations stipulated in the laws and by establishing a personal information processing policy in accordance with the relevant laws.
1. Lists of personal information to be collected and methods of collection
2. Purpose of collection and use of personal information
3. Sharing and providing personal information
4. Retention and use period of personal information
5. Personal information destruction procedure and method
6. Rights of users and their legal representatives and how to implement them
7. Policy concerning the installation / operation and rejection of the automatic personal information collection device
8. Technical / administrative protection measures for personal information
9. Contact information of the person in charge of personal information management and the person in charge
11. Duty of notice
First, the company collects the following minimum customer personal information to provide services to users.
– Collection information: Emails and inquiries are collected.
Second, in the process of accessing the company’s website, the following information may be automatically generated and collected.
– IP address, cookie, visit date and time, service use record, bad use record
b) Methods of privacy information collection
The company collects personal information in the following ways:
– Collection of Emails and inquiries through web pages
Statistics on the company’s service use, such as delivering advertising information, events, customized services, providing services and posting advertisements according to statistical characteristics, verifying service effectiveness, and identifying access frequency
However, exceptions are made in the following cases.
a) If the user consents in advance
b) When providing an individual in a form that cannot be identified for statistical purposes, academic research, or market research
d) In accordance with the provisions of laws and regulations, or if there is a request from the investigative officer in accordance with the procedures and methods stipulated in the laws for the purpose of investigation
a) Information retention period according to company internal policy
– After the purpose of collecting and using the user’s information is achieved, the inquiry contents and personal information input items are retained for 48 months to manage the inquiry history.
b) Information retention period according to related laws
If it is necessary to preserve information in accordance with the provisions of related laws, such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter referred to as the “Information and Communications Network Act”), the company keeps member information for a certain period of time as stipulated by the relevant laws and regulations. In this case, the company uses the stored information only for the purpose of storage, and the retention period is as follows:
– Website visit history
Reason for retention: Enforcement Decree of the Communications Secrets Protection Act
Retention period: 3 months
The company’s personal information destruction procedures and methods are as follows:
a) destruction procedure
– The information entered by the user for membership registration, etc. is transferred to a separate DB after the purpose is achieved (separate filing cabinet in the case of paper) and in accordance with internal policies and information protection reasons according to other relevant laws (refer to retention and use period) It is destroyed after being stored for a certain period of time.
– This personal information will not be used for any other purpose other than being retained unless it is required by law.
b) Destruction method
– Personal information printed on paper is shredded with a shredder or destroyed through incineration.
– Personal information stored in the form of electronic files will be deleted using a technical method that cannot reproduce the record.
– If there is a user error, the company will correct it without delay upon request for correction.
– When a user requests to delete personal information, the company will delete it without delay.
– If you contact the person in charge of personal information protection in writing, by phone or by e-mail, we will take action without delay.
– If a user requests correction of errors in personal information, the personal information will not be used or provided until it is completed.
– The company handles personal information that has been canceled or deleted at the request of the user as specified in Paragraph 4. ‘Period of Retention and Use of Personal Information’, and it is processed so that it cannot be viewed or used for any other purpose.
– The company uses ‘cookies’ to store and retrieve user information from time to time to provide personalized and customized services.
– Cookies are very small text files that the server used to operate the website sends to the user’s browser and are stored on the hard disk of the user’s computer. Then, when the user visits the website, the website server reads the contents of the cookie stored on the user’s hard disk and is used to maintain the user’s environment settings and provide customized services.
– Cookies do not automatically / actively collect information that identifies individuals, and users can refuse to store or delete these cookies at any time.
It is used to provide targeted marketing and personalized services by analyzing users’ access frequency and visit time, identifying users’ tastes and interests, tracking traces, and identifying the degree of participation in various events and number of visits.
c) Installation/operation and rejection of cookies
– Users have the option to install cookies. Therefore, the user can allow all cookies by setting options in the web browser, check each time a cookie is saved, or refuse to save all cookies.
– How to specify whether to allow the installation of cookies (for Internet Explorer) is as follows:
① From the [Tools] menu, choose [Internet Options].
② Click [Privacy tab].
③ You can set the [Personal information processing level].
a) Personal information encryption
Personal information of users and customers is kept through separate security rules.
b) Countermeasures against hacking, etc.
The company is doing its best to prevent leakage or damage to members’ personal information by hacking or computer viruses. Data are frequently backed up in preparation for damage to personal information, and the latest vaccine program is used to prevent leakage or damage to users’ personal information or data.
c) Minimization and training of handling staff
The company’s personal information handling staff is limited to the person in charge, and for this purpose, we always emphasize compliance with the personal information handling policy through frequent training for the person in charge.
d) Operation of a private information protection organization
In addition, through the in-house personal information protection department, etc., we check the implementation of the personal information processing policy and whether the person in charge is complied with, and if any problems are found, we are working hard to correct them immediately.
However, even though the company has fulfilled its obligation to protect personal information, the company is not responsible for any damage not attributable to the company, such as the user’s negligence or accidents in areas not managed by the company.
The company will provide prompt and sufficient explanation to reports from users, etc.
[Personal information protection office]
Name : Kim JaeheonJaeheon Ki
Company : VREDU Co. Ltd
Phone : 070-8221-1839
Email : firstname.lastname@example.org
If you need to report or consult on other personal information infringement, please contact the following organizations.
– Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code)
– Supreme Prosecutors’ Office Cyber Crime Investigation Team (www.spo.go.kr / 02-3480-3571)
– National Police Agency Cyber Security Bureau (www.ctrc.go.kr / 182 without area code)
– Personal Information Mark Certification Committee (www.epivacy.or.kr / 02-580-0533 ~ 4)