HOME - Privacy Policy
Privacy Policy
All personal data that KCL (Korea Conformity Laboratories) ( here, referred to “The Laboratories”) handles shall be collected, maintained, and managed, in compliance to the legislations related to Personal Information Protection Act, and the guidelines of personal information protection of the laboratories.
The laboratories shall protect customers’ personal information, according to Article 30 of Personal Information Protection Act, and shall establish and inform the privacy policy, as follows, in order to resolve complaints about personal data, rapidly and smoothly.
[Article 1 (Personal Information Collection Category, and the Purpose of Handling Personal Information) ]
The website of the laboratories collects users’ personal information, through the membership system, in order to provide better-quality services in relation to customer online affair.
Also, it requires users to Log-in, when posting with the board, in order to reduce irresponsible slanders or slurs, and provide swift response to users.
Name of Website : The Website of the CEO, On-Line Application System, Education, Electronic Bidding, Recruitment, Skills Operation Center
Required Category | Selective Category |
---|---|
Name, Genders, Date of Birth, E-Mail Address, Mobile Phone Number, Password | Name of Business, Business Number, Name of Company, Phone Number of Company, Name of CEO |
[Article 2 (How to Collect Personal Information)]
The laboratories shall collect personal information, by means of the following methods
-Website, Written Form, Fax, Phone, Counseling Bulletin Board, E-Mail, Pass Ticket
[Article 3 (Period of Treatment, Retention and Depletion of Personal Information) ]
The period of retention of personal information that the laboratories maintain is as follows.Name of Personal Information | Period of Retention | Remarks |
---|---|---|
Information about Application Of Test Inspection | Five years | Personal Information in relation to KC Safety Certification shall be kept until the certificate is either deleted or cancelled |
Period of Information related to Contract | Five years | |
Information about the Membership of Website | Until the period of company withdrawal | |
Visitor Information | Five years | |
Information about handling the payment for income tax | Five years | |
Information about Personal Video | 30 days |
The procedures, period, and methods of deleting personal data are as follows
Procedures of Deleting Personal Information
Personal data that has attained its original purpose shall be moved to an independent space and shall be deleted, according to the internal guidelines or any related legislations. The personal data that has been moved to an independent space shall not be used for other purposes but those specified in the act, unless otherwise prescribed.
Period and Methods of Deleting Personal Data
In case when the period of retention of personal data comes to an end, or the personal data is unnecessary, by the attaining of its original purpose, the eliminating of corresponding works and others, corresponding personal information shall be deleted without delay. Information in an electronic file form shall be handled, through technological method not to reproduce recording data. Personal data printed in papers shall be deleted by either a crusher or incinerator.
[Article 4 (Providing Personal Information to the Third Party)]
The laboratories shall provide personal information to the third party, as specified Only in Article 17 and 18 pursuant to the consent of information subject and legislative special regulations in 「Personal Information Protection Act」
In case when getting the special consent from the information subject of Section 2 (2) of Article 18 in 「Personal Information Protection Act」, and in case when there are special regulations in other legislations.
In case when the information subject or the agent cannot express his/her opinions, or when a prior consent is impossible, due to the unidentified address, personal information can be disclosed, under the terms and conditions that the third party is admitted of getting such information, for the sake of his/her urgent life, physical or property interests
In case when it is necessary to disclose personal data to the third party, for the purpose of preparing statistical reports and academic research, under the terms and conditions of providing personal information in the form that cannot identify particular individuals
In case when it is impossible to perform affairs specified in other legislations, when personal information is not used for other purposes than those prescribed in the act, or when personal information is not provided to the third party, under the terms and conditions that there are the deliberation and resolution from the Personal Information Protection Commission
In case when it is necessary to provide personal data, for the compliance to the treaty and any other international agreements, or for the provision to foreign governments or international organizations
In case when it is necessary to provide personal data, for the purpose of prosecuting and maintaining crime investigations and cases
In case when it is necessary to provide personal data, for the purpose of executing the court’s judgment affairs
In case when it is necessary to provide personal data, for the purpose of executing care, custody, protective disposition of crime
The laboratories shall provide personal information to the third party, as follows
1.National Tax Service
- Object of Personal Information : National Tax Service
- Purpose of Using Personal Information : For a Report of Tax Withheld to Customers
- Category of Personal Information : name, ID
- Period of Retention and Usability of Personal Information : until the purpose of using personal information is attained
- Disagreement to Provide Personal Information and Disadvantage from the Disagreement to Provide Personal Information : Any personal information provider can have his/her right to disagree to provide personal information. But if he/she disagrees to provide personal information, the return of income tax is not filed to National Tax Service.
[Article 5 (How to Exercise the Right and Obligation of Information Subject) ]
Any information subject can exercise his/her right in relation to personal information protection, at any time, specified as the following paragraph. But, the legal agent of children aged under 15 years can request for identifying, correcting, deleting, or stopping managing personal information about the children.
Personal data that the laboratories maintain allows to request for identifying personal information, as prescribed in Article 35 (Identifying Personal Information) in 「Personal Information Protection Act」.
But, the request for identifying personal information can be limited, according to the terms and conditions of Article 35-5, as follows.
In case when it is either prohibited or limited, according to the legislations
In case when it is feared to hurt other people’s life or physical bodies, or to unjustly infringe other people’s properties or any other interests
In case when any information subject does not articulate his/her intent to cancel the contract, under the terms and conditions that the contract can hardly be fulfilled, for example, that it is impossible to provide services agreed with the information subject, if personal information is left untreated.
Personal data that the laboratories maintain allows to request for the cessation of managing personal information, as prescribed in Article 37 (Cessation of managing Personal Information) in 「Personal Information Protection Act」. But, the request for the cessation of managing personal information can be rejected, according to Article 37-2 of Personal Information Protection Act.
In case when there are special law regulations pursuant to those measures of the cessation, or it is inevitable in compliance to legislative ordinance
In case when it is feared to hurt other people’s life or physical bodies, or to unjustly infringe other people’s properties or any other interests
In case when any information subject does not articulate his/her intent to cancel the contract, under the terms and conditions that the contract can hardly be fulfilled, for example, that it is impossible to provide services agreed with the information subject, if personal information is left untreated.
[Article 6 (Measures to Secure the Safety of Personal Information)]
The laboratories shall take technological, managerial, and physical measures, as follows, in order to secure the safety of personal information, according to Article 29 of 「Personal Information Protection Act」.
Personal information handlers shall be specified and managed, under the terms and conditions of the absolutely required number of personnel. Training targeting personal information handlers shall be provided, for safe management of personal information.
Necessary measures for controlling an access to personal information are taken, by offering, changing, and repealing the right to access the data system for personal information. Unauthorized access from the outside is controlled, through the firewall management system.
The access record (web log, summary information, and others) connected to personal data processing system shall be maintained and maintained, for more than six months, at least. The half yearly access record of personal data processing system shall be investigated, in order to respond to the leaked, fabricated, and damaged personal data.
Personal identification information shall be kept and maintained, through the encoding system. Also, the security function is being utilized, through transfer encoding type.
The security programs shall be established, regenerated and checked, on a regular basis, in order to prevent personal information from being leaked and damaged by hacking or computer viruses.
The physical storage place for personal information data shall be established independently, and the procedures of control on the access shall be established and operated.
Regular personal information protection management checkup is being conducted, in order to secure the stability in dealing with personal information
Internal management planning is established and implemented, in order to safely deal with personal information.
[Article 7 (Personal Information Protection Officer)]
The laboratories shall designate the personal information protection officer and manger, as follows, in order to protect personal information and handle complaints related to personal information.
Personal Information Protection Officer : Information Data Processing Team - Contact Number :: 02-2102-2500
Customer Information Protection Manager : CS Team- Contact Number : 02-2102-2500
Video Information Protection Manager : Management Innovation Promotion Team -Contact Number : 02-2102-2500
Staff Information Protection Manager : HRM (Human Resource Management) Team –Contact Number :: 02-2102-2500
[Article 8 (Rectification of Human Rights Violation)]
Any individual information subject can request resolutions or counseling on disputes to the Personal Information Dispute Resolution Committee and Personal Information Violation Report Center of KISA (Korea Internet & Security Agency), for the rectification of the damage inflicted by personal information violation
Personal Information Dispute Resolution Committee : (without area code) 118 : (privacy.kisa.or.kr)
Personal Information Violation Report Center : (without area code) 118 (privacy.kisa.or.kr)
Korea Prosecution Service Cyber Bureau : -3480-3571 (cybercid@spo.go.kr)
Korea National Police Agency Cyber Bureau : 1566-0112 (www.netan.go.kr)
[Article 9 ( Change of Privacy Policy )]
The current privacy (personal information) policy shall be come into effect, from Jul. 01, 2016. In case when adding, deleting, or changing information contents, the notice on the Website shall be made, a week, at least, before the related act is revised (before a month, at least, in case when important details are changed). In case when the agreement must be made about personal information to be collected and used, or about the changed third party regarding the receipt of personal information, an agreement procedure shall be made.
Version Number of Privacy (Personal Information) Policy : 1.0
Date of Notice of Privacy Policy : Jun. 01, 2016
Date of Constitution of Privacy Policy : Jun. 01, 2016
When preparing a text, information in relation to the name, contact number, and e-mail address of the customers, shall be collected. The customers have their rights to make the disagreement about collecting and using personal data by the laboratories. If there is a disagreement about it, no limitation in using the Website of the laboratories is put, but a restriction on the using of Website services to be provided on a membership basis, can be put.
TOP