Privacy Policy

Article 1
(Purposes of Processing Personal Information)

HL Klemove Website processes personal information for the following purposes. The personal information processed shall not be used for other purposes, and a prior consent will be obtained pursuant to Article 18 of the Personal Information Protection Act when the purpose of the use is changed.

• A. Processing Complaints
  • - Personal information is processed for the purpose of verifying the identity of the person making the complaint, verifying the complaint, contact/notice for fact-finding, notice of the processing result, etc..

Article 2
(Period of Processing and Retaining Personal Information)

• A. HL Klemove Website processes and retains the personal information for the duration provided for by the relevant statutes for the retention and use of personal information or the period to which each data subject consents when the personal information is collected.
• B. The period during which personal information is processed and retained is as follows:
  • - Processing Complaints: 30 days (prior consent of the user)

Article 3
(Matters Pertaining to the Provision of Personal Information to Third Parties)

• A. HL Klemove Website processes the personal information of the Users only within the purpose stipulated in Article 1, as a rule, and does not process beyond the original scope nor provide to a third party. Provided, the personal information may be provided to a third party for the following:
  • - When the User consents to providing and/or disclosing to a third party in advance
  • - When required by law
  • - For personal information needed to fulfill the contract related to the provision of the Service and is difficult to obtain consent for economic or technical reasons
  • - When used by processing in a format that cannot be individually identifiable

Article 4
(Outsourcing of Personal Information Processing)

• A. HL Klemove Website outsources the processing of personal information as follows:

  <Maintenance of the HL Klemove Website>

  - Company (Outsourcer) : biznetpia

  - Outsourced Function : System management, etc..

  - Outsourcing Period : Until the termination of the outsourcing contract

• B. HL Klemove Website stipulates the terms, including prohibition on processing personal information outside the purpose of the outsourced work, technical and managerial protective measures, restriction on re-outsourcing, management and supervision on the outsourcer, indemnification, etc.., on the contract pursuant to Article 25 of the Personal Information Act when executing the outsourcing contract, and supervises the outsourcer to securely process the personal information.
• C. Any changes in the above commissioned tasks or the contractor will be publicly announced through the privacy policy without any delay.

Article 5
(Rights and Obligations of Data Subjects and the Exercise of the Rights and Obligations)

The user may exercise the following rights as the data subject.

• A. The data subject may exercise each of the following personal information protection-related rights against HL Klemove at any time.
  • ① Request for accessing personal information
  • ② Request for correcting any errors, if any
  • ③ Request for deleting personal information
  • ④ Request for suspending processing
• B. The rights provided in Paragraph A may be exercised by completing the form specified in the attached Form 8 of the Enforcement Rule of the Personal Information Protection Act and submitting it by post, e-mail or fax. In such cases, HL Klemove will take the necessary measures promptly.
• C. Where a data subject requests the correction or deletion of any error, etc.., to his/her personal information, the relevant information will not be used or provided until such information is corrected or deleted.
• D. A data subject may exercise the rights provided in Paragraph A through an agent, including a legal representative and a power of attorney.
• In such a case, the data subject is required to submit a letter of delegation as specified in the attached form 11 of the Enforcement Rule of the Personal Information Protection Act.

Article 6
(Personal Information to be Processed)

• A. HL Klemove Website processes the following personal information.

  <Processing of Complaints>

  - Required Items : Name, e-mail, telephone, details of the complaint

• B. The following personal information may be automatically created and collected in the process of using the internet service:

  - IP Address, cookies, MAC address, service use record, visiting log, etc..

Article 7
(Destruction of Personal Information)

HL Klemove Website dispose of records containing personal information immediately after achieving the purpose of processing the personal information, as a rule. The procedures, deadlines and methods for destroying personal information are as follows:

• A. Procedure for Destruction

  - The information entered by the User is moved to a separate DB after achieving the purpose (a separate document, in case of a paper document) and destroyed after being retained for a fixed period pursuant to the internal policy and other relevant laws, or immediately. At such a time, the personal information moved to a separate DB is not used for other purposes, unless required by law.

• B. Deadline for Destruction

  - The personal information of the Users is destroyed within 5 days after the expiration of the retention period, when the retention period has elapsed, and within 5 days from becoming unnecessary when such personal information becomes unnecessary, such as achieving the purpose of processing the personal information, abolition of the concerned service and the end of the business, etc..

• C. Method of Destruction

  - The information stored in electronic files will be destroyed through technical methods to prevent the recovery of the records. The personal information recorded and preserved in paper documents will be destroyed by a shredder or incinerated.

Article 8
(Measures for Ensuring the Safety of Personal Information)

HL Klemove Website, in accordance with Articles 24(2) and 29 of the Personal Information Protection Act and Article 30 of the Enforcement Decree, takes the following technical, administrative and physical measures to ensure safety.

• A. Conducting Self-Audit on a Regular Basis

  - To ensure safety related to the handling of personal information, a self-audit is conducted on a regular basis (quarterly).

• B. Minimizing and Educating Personnel Authorized to Handle Personal Information

  - HL Klemove designate and minimize the personnel handling of the personal information to manage the personal information.

• C. Establish and Implement an Internal Management Plan

  - HL Klemove establish and implement internal management plans to safely process the personal information.

• D. Technical Measures Against Hacking, etc..

  - HL Klemove Website has installed a security program and updates and inspects the programs to protect personal information from being leaked externally or destroyed by hacking or computer viruses, and the systems have been installed in an area with restricted access to technically and physically monitor and block external access.

• E. Encryption of Personal Information

  - Passwords and identification numbers for the personal information of each User are encoded for storage and management. Furthermore, additional means, such as encrypting essential data for storage and transmission, are used for security.

• F. Preserving Access Logs and Preventing any Forgery and Alteration

  - Log data about access to the personal information processing system are retained for at least 6 months, and the access logs are maintained properly to prevent any forgery, theft and losses.

• G. Restrictions on Access to Personal Information

  - Access to personal information is controlled by granting, amending or cancelling the authority to access the database system that processes personal information. Unauthorized external access is controlled by operating firewalls.

• H. Use of Locking Devices to Protect Documents

  - Documents and storage media with personal information are stored in a secure location with locking devices.

• I. Controlling Access by Unauthorized Persons

  - The area for the physical storage of the personal information is separated from other areas and a procedure for controlling access to this area is established and implemented.

Article 9
(Designation of a Privacy Officer)

• A. HL Klemove Website designates a privacy officer to supervise and be responsible for the personal information processing duties and for the processing of any complaints by the data subjects on the personal information processing.

  ▶ HL Klemove Website Privacy Officer

  - Name : hong, SungWan

  - Position : Team Leader

  - Contact : +82-031-5179-8051, sungwan.hong@hlcompany.com

  ※ Will be connected to the department in charge of personal information protection

  ▶ HL Klemove Website Personal Information Department

  - Team : Business Strategy

  - Manager : Park, Heera Supervisor

  - Contact : +82-031-5179-8049, heera.park@hlcompany.com

• B. Any inquiries related to personal information protection, complaints processing, damage relief from using the Service (or business) of HL Klemove can be directed to the privacy officer or the managing department. HL Klemove Website will answer and process any inquiries regarding a data subject without delay.

Article 10
(Remedial Measures on Personal Information Infringement)

A data subject may request assistance from the following agencies to seek remedies for the breach of personal information.

▶ Personal Information Infringement Reporting Center (Korea Internet and Security Agency)

- Responsible Duties : reporting personal information infringement, request consultation

- Website : privacy.kisa.or.kr

- Telephone : 118 (without dialing an area code)

- Address : (58324) Personal Information Infringement Reporting Center, 3rd Floor, 9, Jinheung-gil, Naju-si, Jeollanamdo (301-2 Bitgaram-dong)

▶ Personal Information Dispute Mediation Committee

- Responsible Duties : application for mediation on personal information dispute, mediation on group dispute (civil resolution)

- Website : www.kopico.go.kr

- Telephone : 1833-6972 (without dialing an area code)

- Address : (03171) Seoul Government Complex 4F, 209, Sejong-daero, Jongno-gu, Seoul

▶ The Cyber Crime Investigation Team of the Supreme Prosecutors’ Office : +82-2-3480-3573 (www.spo.go.kr)

▶ Korean National Policy Agency Cyber Bureau : 182 (cyberbureau.police.go.kr)

Article 11
(Changes to the Privacy Policy)

• A. This privacy policy is effective from the implementation date, and any addition, deletion or correction of the terms pursuant to the laws and/or policy will be publicly announced through the Notice 7 days prior to the implementation of the changes.

Article 1
(Purposes of Processing Personal Information)

HL Klemove Website processes personal information for the following purposes. The personal information processed shall not be used for other purposes, and a prior consent will be obtained pursuant to Article 18 of the Personal Information Protection Act when the purpose of the use is changed.

• A. Processing Complaints
  • - Personal information is processed for the purpose of verifying the identity of the person making the complaint, verifying the complaint, contact/notice for fact-finding, notice of the processing result, etc..

Article 2
(Period of Processing and Retaining Personal Information)

• A. HL Klemove Website processes and retains the personal information for the duration provided for by the relevant statutes for the retention and use of personal information or the period to which each data subject consents when the personal information is collected.
• B. The period during which personal information is processed and retained is as follows:
  • - Processing Complaints: 30 days (prior consent of the user)

Article 3
(Matters Pertaining to the Provision of Personal Information to Third Parties)

• A. HL Klemove Website processes the personal information of the Users only within the purpose stipulated in Article 1, as a rule, and does not process beyond the original scope nor provide to a third party. Provided, the personal information may be provided to a third party for the following:
  • - When the User consents to providing and/or disclosing to a third party in advance
  • - When required by law
  • - For personal information needed to fulfill the contract related to the provision of the Service and is difficult to obtain consent for economic or technical reasons
  • - When used by processing in a format that cannot be individually identifiable

Article 4
(Outsourcing of Personal Information Processing)

• A. HL Klemove Website outsources the processing of personal information as follows:

  <Maintenance of the HL Klemove Website>

  - Company (Outsourcer) : biznetpia

  - Outsourced Function : System management, etc..

  - Outsourcing Period : Until the termination of the outsourcing contract

• B. HL Klemove Website stipulates the terms, including prohibition on processing personal information outside the purpose of the outsourced work, technical and managerial protective measures, restriction on re-outsourcing, management and supervision on the outsourcer, indemnification, etc.., on the contract pursuant to Article 25 of the Personal Information Act when executing the outsourcing contract, and supervises the outsourcer to securely process the personal information.
• C. Any changes in the above commissioned tasks or the contractor will be publicly announced through the privacy policy without any delay.

Article 5
(Rights and Obligations of Data Subjects and the Exercise of the Rights and Obligations)

The user may exercise the following rights as the data subject.

• A. The data subject may exercise each of the following personal information protection-related rights against HL Klemove at any time.
  • ① Request for accessing personal information
  • ② Request for correcting any errors, if any
  • ③ Request for deleting personal information
  • ④ Request for suspending processing
• B. The rights provided in Paragraph A may be exercised by completing the form specified in the attached Form 8 of the Enforcement Rule of the Personal Information Protection Act and submitting it by post, e-mail or fax. In such cases, HL Klemove will take the necessary measures promptly.
• C. Where a data subject requests the correction or deletion of any error, etc.., to his/her personal information, the relevant information will not be used or provided until such information is corrected or deleted.
• D. A data subject may exercise the rights provided in Paragraph A through an agent, including a legal representative and a power of attorney.
• In such a case, the data subject is required to submit a letter of delegation as specified in the attached form 11 of the Enforcement Rule of the Personal Information Protection Act.

Article 6
(Personal Information to be Processed)

• A. HL Klemove Website processes the following personal information.

  <Processing of Complaints>

  - Required Items : Name, e-mail, telephone, details of the complaint

• B. The following personal information may be automatically created and collected in the process of using the internet service:

  - IP Address, cookies, MAC address, service use record, visiting log, etc..

Article 7
(Destruction of Personal Information)

HL Klemove Website dispose of records containing personal information immediately after achieving the purpose of processing the personal information, as a rule. The procedures, deadlines and methods for destroying personal information are as follows:

• A. Procedure for Destruction

  - The information entered by the User is moved to a separate DB after achieving the purpose (a separate document, in case of a paper document) and destroyed after being retained for a fixed period pursuant to the internal policy and other relevant laws, or immediately. At such a time, the personal information moved to a separate DB is not used for other purposes, unless required by law.

• B. Deadline for Destruction

  - The personal information of the Users is destroyed within 5 days after the expiration of the retention period, when the retention period has elapsed, and within 5 days from becoming unnecessary when such personal information becomes unnecessary, such as achieving the purpose of processing the personal information, abolition of the concerned service and the end of the business, etc..

• C. Method of Destruction

  - The information stored in electronic files will be destroyed through technical methods to prevent the recovery of the records. The personal information recorded and preserved in paper documents will be destroyed by a shredder or incinerated.

Article 8
(Measures for Ensuring the Safety of Personal Information)

HL Klemove Website, in accordance with Articles 24(2) and 29 of the Personal Information Protection Act and Article 30 of the Enforcement Decree, takes the following technical, administrative and physical measures to ensure safety.

• A. Conducting Self-Audit on a Regular Basis

  - To ensure safety related to the handling of personal information, a self-audit is conducted on a regular basis (quarterly).

• B. Minimizing and Educating Personnel Authorized to Handle Personal Information

  - HL Klemove designate and minimize the personnel handling of the personal information to manage the personal information.

• C. Establish and Implement an Internal Management Plan

  - HL Klemove establish and implement internal management plans to safely process the personal information.

• D. Technical Measures Against Hacking, etc..

  - HL Klemove Website has installed a security program and updates and inspects the programs to protect personal information from being leaked externally or destroyed by hacking or computer viruses, and the systems have been installed in an area with restricted access to technically and physically monitor and block external access.

• E. Encryption of Personal Information

  - Passwords and identification numbers for the personal information of each User are encoded for storage and management. Furthermore, additional means, such as encrypting essential data for storage and transmission, are used for security.

• F. Preserving Access Logs and Preventing any Forgery and Alteration

  - Log data about access to the personal information processing system are retained for at least 6 months, and the access logs are maintained properly to prevent any forgery, theft and losses.

• G. Restrictions on Access to Personal Information

  - Access to personal information is controlled by granting, amending or cancelling the authority to access the database system that processes personal information. Unauthorized external access is controlled by operating firewalls.

• H. Use of Locking Devices to Protect Documents

  - Documents and storage media with personal information are stored in a secure location with locking devices.

• I. Controlling Access by Unauthorized Persons

  - The area for the physical storage of the personal information is separated from other areas and a procedure for controlling access to this area is established and implemented.

Article 9
(Designation of a Privacy Officer)

• A. HL Klemove Website designates a privacy officer to supervise and be responsible for the personal information processing duties and for the processing of any complaints by the data subjects on the personal information processing.

  ▶ HL Klemove Website Privacy Officer

  - Name : shin, KangSic

  - Position : Team Leader

  - Contact : +82-031-5179-8046, kangsic.shin@hlcompany.com

  ※ Will be connected to the department in charge of personal information protection

  ▶ HL Klemove Website Personal Information Department

  - Team : Business Strategy

  - Manager : Park, Heera Supervisor

  - Contact : +82-031-5179-8049, heera.park@hlcompany.com

• B. Any inquiries related to personal information protection, complaints processing, damage relief from using the Service (or business) of HL Klemove can be directed to the privacy officer or the managing department. HL Klemove Website will answer and process any inquiries regarding a data subject without delay.

Article 10
(Remedial Measures on Personal Information Infringement)

A data subject may request assistance from the following agencies to seek remedies for the breach of personal information.

▶ Personal Information Infringement Reporting Center (Korea Internet and Security Agency)

- Responsible Duties : reporting personal information infringement, request consultation

- Website : privacy.kisa.or.kr

- Telephone : 118 (without dialing an area code)

- Address : (58324) Personal Information Infringement Reporting Center, 3rd Floor, 9, Jinheung-gil, Naju-si, Jeollanamdo (301-2 Bitgaram-dong)

▶ Personal Information Dispute Mediation Committee

- Responsible Duties : application for mediation on personal information dispute, mediation on group dispute (civil resolution)

- Website : www.kopico.go.kr

- Telephone : 1833-6972 (without dialing an area code)

- Address : (03171) Seoul Government Complex 4F, 209, Sejong-daero, Jongno-gu, Seoul

▶ The Cyber Crime Investigation Team of the Supreme Prosecutors’ Office : +82-2-3480-3573 (www.spo.go.kr)

▶ Korean National Policy Agency Cyber Bureau : 182 (cyberbureau.police.go.kr)

Article 11
(Changes to the Privacy Policy)

• A. This privacy policy is effective from the implementation date, and any addition, deletion or correction of the terms pursuant to the laws and/or policy will be publicly announced through the Notice 7 days prior to the implementation of the changes.