SeAH Holdings Corporation("Company"), which manages the SeAH Group Ethical Management Proposal Center("Ethical Management Proposal Center"), attaches great importance to the protection of your personal information and complies with the 「Personal Information Protection Act」, the Act on 「Promotion of Information and Communications Network Utilization and Information Protection」, and other laws and subordinate regulations related to personal information protection.
The Company has the following processing policy to protect the privacy and rights of customers and to facilitate the smooth handling of customer grievances related to personal information.
The Company's privacy policy may be changed according to the Company's needs or amendments to relevant laws and subordinate laws. If the privacy policy is revised, it will be notified through the Ethical Management Proposal Center notice (or individual notice) in advance.
1. What personal information we process
The personal information we collect on the website is described below.
| Collections | Collection Method |
|---|---|
| Name, Phone Number, E-mail Address | Customer consent to collect personal information items and collection via customer-filled forms |
2. Purposes of processing personal information
We collect and use your personal information to the minimum extent possible for the following purposes the following purposes.
The personal information processed will not be used for any purpose other than the following purposes and prior consent will be obtained if the purpose of use is changed.
| Purpose of Collection and Use |
|---|
| Used for identity verification procedures, consultation, inquiries and complaints, fact-finding, contact and notification Contact and notification, response to customers, and notification of processing results |
3. Processing and retention period of personal information
(1)
The Company shall destroy the Customer's personal information when the purpose of collecting and using the personal information is achieved or when the period of retention and use of the personal information agreed to by the Customer has expired, and when the Customer withdraws his/her consent to the Company's collection of personal information.
(2)
The Company shall process and retain personal information within the period of personal information retention pursuant to laws and regulations or the period of personal information retention and use agreed upon when collecting personal information from the information subject.
| Retention information | Retention period |
|---|---|
| Name, Phone Number, E-mail Address | 3 years |
(3)
Notwithstanding Paragraphs 1 and 2, the Company may retain all or part of the personal information collected by the Company for a certain period of time in accordance with the provisions of the relevant laws and regulations if the Company is required to retain the personal information of the Customer for a certain period of time in accordance with the provisions of the relevant laws and regulations.
4. Provision to third parties
In principle, the Company does not provide your personal information to outside parties, except in the following cases.
A.
If the customer's consultation or complaint concerns another affiliated company of the SeAH Group, we may provide the customer's personal information to that affiliated company in order to provide smooth service to the customer. In this case, we will obtain the customer's consent in advance.
| Recipients of information | Purposes of using personal information | Personal information to be provided | Retention and use of personal information |
|---|---|---|---|
| Subsidiary company | To provide seamless handling of customer inquiries related to SeAH Group's subsidiary companies | Name, Phone Number, E-mail Address | Content required |
B.
We may provide your personal information to an investigative agency without your consent if requested by the investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods prescribed by the law for the purpose of investigation.
5. Rights of the Information Subject and Methods of Exercise
(1)
Customers may exercise the following rights regarding the protection of their personal information at any time.
∙
Request to view personal information
∙
Request for correction of errors, etc.
∙
Request for deletion
∙
Request for suspension of processing
(2)
The rights under Paragraph (1) may be exercised via e-mail or telephone, and the Company will take action without delay.
(3)
If the customer requests the correction or deletion of errors in personal information, the Company shall not use or provide the personal information until the correction or deletion is completed.
(4)
The rights under Paragraph (1) may be exercised through an agent, such as a legal representative or a person authorized by the customer. In this case, a power of attorney in the form of Appendix No. 11 to the Enforcement Rules of the Personal Information Protection Act must be submitted.
(5)
The Customer shall not infringe on the personal information and privacy of the information subject or others processed by the Company in violation of the 「Personal Information Protection Act」 and other related laws.
6. Procedures and methods for destroying personal information
In principle, the Company shall destroy personal information without delay when the purpose of processing personal information has been achieved. The procedure, deadline, and method of destruction are as follows.
A.
Procedure for destruction
The information entered by the customer is transferred to a separate DB after the purpose is achieved (separate documents in case of paper) and stored for a certain period of time in accordance with internal policies and other relevant laws and regulations, or destroyed immediately. In this case, the personal information transferred to the DB will not be used for any other purpose unless required by law.
B.
Destruction Period
The personal information of the customer shall be destroyed within 5 days from the end of the retention period if the retention period of the personal information has elapsed, or within 5 days from the date the personal information is recognized as unnecessary, such as the achievement of the purpose of processing the personal information, the abolition of the service, or the termination of the business.
C.
Method of Destruction
Personal information in the form of electronic files will be destroyed using technical methods that do not allow the records to be reproduced. Personal information printed on paper shall be destroyed by shredding or incineration.
7. Measures to ensure the safety of personal information
In accordance with the Personal Information Protection Act, the Company takes the necessary measures to ensure safety as follows.
A.
Establishment and implementation of internal management plan
The Company establishes and implements an internal management plan for the safe processing of personal information.
B.
Encryption of personal information, etc.
Customer's personal information is protected by encrypting files and transmission data or using a file lock function, and important data is protected through a separate security function.
C.
Minimization and training of personal information handling staff
The Company limits the number of employees who handle personal information to a minimum, and conducts regular and occasional training for those in charge.
8. Policy on the use of cookies
The Company handles the use of cookies as follows.
Cookies are not collected and used on this website.
9. Personal Information Manager
(1)
The Company has designated the person in charge of personal information protection as follows to be responsible for the overall handling of personal information and to handle customer complaints and damage relief related to the handling of personal information.
| Personal Information Protection Officer | Department that receives/processes requests for access to personal information |
|---|---|
|
Name | Seung Lee
Position | Chief Privacy Officer (CPO)
Telephone | 02-6970-2180
Email | selee@seah.co.kr
|
Department | Audit Team
Person in charge | Chan Gyu Lee
Telephone | 02-6970-0145
Email | changyu.lee@seah.co.kr
|
(2)
Customers may contact the person in charge of personal information protection and the department in charge for all personal information protection-related inquiries, complaints, damage relief, etc. arising from using the Company's services (or business). The Company will respond to and handle customer inquiries without delay.
10. Consultation and Reporting of Personal Information Infringement
If you need to consult or report personal information infringement, please contact the Company's personal information manager or the department in charge of personal information management, or contact the following organizations.
∙
General Support Portal for Personal Information Protection www.privacy.go.kr (02-2100-3043)
∙
Privacy Complaint Center privacy.kisa.or.kr (118 without area code)
∙
Cybercrime Investigation Division of the Supreme Prosecutors' Office www.spo.go.kr (1301 without area code)
∙
National Police Agency Cyber Investigation Bureau ecrm.cyber.go.kr (Tel. 182)
11. Duty to Notify
The Privacy Policy will be applied from the effective date, and any additions, deletions, and corrections to the Privacy Policy in accordance with laws and policies will be notified at least 7 days prior to the effective date of the changes.
Announcement Date | February 24, 2024
Effective Date | Effective February 24, 2024