Article 1 General Provisions
1. Lumen Global (hereinafter referred to as the "Company") values the personal information provided by its members and does its best to protect the personal information of its members by complying with the personal information protection regulations, "Personal Information Protection Guidelines" and "Technical and Management Protection Measures for Personal Information" under the "Act on Promotion of Information and Communication Network Utilization and Information Protection" (hereinafter referred to as the "Information and Communication Network Act").
2. The company will inform you of the use and method of personal information provided by members through the Personal Information Handling Policy (hereinafter referred to as the 'Policy') and what measures are being taken to protect personal information.
3. The policy may be subject to change in accordance with the government's laws and guidelines and may be adjusted in accordance with changes in the company's terms of use and policies. The company will notify the company's website for seven days if it revises the policy.
4. Members have the right to protect their personal information and the obligation not to infringe on other people's information. Be careful not to leak the personal information of members, including passwords, and be careful not to damage the personal information of others, including posts. Failure to fulfill these responsibilities and damage the information and dignity of others may result in punishment under the Information and Communication Network Act.
Article 2 Purpose of Collection and Use of Personal Information
1. "Personal information" refers to information about an individual, such as code, text, voice, sound, video, etc., that can identify the individual by name, date of birth, etc. This includes information that can be easily combined with other information even if the specific individual cannot be identified only by that information.
2. The company collects members' personal information through the process of signing up as a member on the company's website. The company is preparing a procedure to 'agree' or 'cancel' the contents of this policy when signing up for membership, and if a member chooses the 'agree' button, he/she is deemed to have agreed to collect personal information.
3. The company uses the collected personal information for the following purposes.
① Identification and personal identification for service delivery
② Contract performance and fee settlement for service provision
③ Providing service-related information (e.g., introducing new services, delivering advertising information such as events)
Article 3 Personal Information Items and Collection Methods
1. The company may present the required entries of the membership information when signing up for membership and may request additional information when receiving orders for the use of some services.
2. If a member wishes to use the company's services, the following information must be entered.
① Name, ID, password, date of birth, mobile phone number, e-mail address, home address, etc. necessary for membership management
② Name (or company name) required to apply for and use the service, type and number of certificate, phone number, address, e-mail address, etc
③ Information on the recipient required to issue and send tax invoices
3. Members who wish to settle charges for service provision should enter items such as bank account information and credit card information within the scope necessary for payment of usage fees.
4. If a person under the age of 14 applies for membership, the company may collect information such as the name, birth date, phone number, and address of the legal representative (e.g., parents) for membership registration and service provision.
5. Information such as usage records, access logs, cookies, access IP information, visit date and time, payment records, and suspension records can be collected during the service use process.
6. The company collects personal information by homepage, written form, telephone, fax, inquiry board, e-mail, event, and delivery request.
Article 4 Period of retention and use of personal information
1. The company maintains its membership as a member and continues to retain the members' personal information and use it to provide services, etc., while receiving services from the company.
2. In the event of civil complaints such as abuse of rights, abuse, or theft of names of members, personal information may be retained for 30 days from the date of withdrawal of members to handle objections and to confirm the facts.
3. In the case of bad members who use the
service unhealthy, they can retain their personal information for one year even
after withdrawing from the membership to prevent the recurrence of illegal use,
request an investigation by a law enforcement agency, and protect other
members.
4. According to the relevant laws and regulations, personal information may be retained for a certain period prescribed by the relevant laws and regulations if necessary for the confirmation of the relationship of rights and obligations related to transactions.
① Records on withdrawal of contracts or subscriptions: 5 years
② Records on payment and supply of goods, etc.: 5 years
③ Records on consumer complaints or disputes: 3 years
Article 5 Procedures and methods for destroying personal information.
1. The personal information of members collected by the company is destroyed without delay after the purpose is achieved or the retention and use period has elapsed. Personal information printed on paper is destroyed through pulverization or incineration, and personal information stored in the form of electronic files is deleted using a technical method that cannot be reproduced.
2. If a member's personal information is retained for a certain period in accordance with the company's policy and related laws and regulations after withdrawing from the membership, the personal information is transferred to a separate database and stored for a certain period of time in accordance with the company's policies and related laws and then destroyed. Personal information transferred to a separate database shall not be used for purposes other than the purpose of holding unless it is by law.
Article 6 Sharing and provision of personal information
1. The Company shall not provide and share the personal information of its members to a third party without the prior consent of its members: Provided, That the foregoing shall not apply in the following cases.
① If you provide a 'Domain Registrar Information (WHOIS)' inquiry service for the domain name
② Where a request is made by a state agency in accordance with relevant laws and regulations
③ Where an investigative agency requests it for the purpose of investigating a crime
④ Where it is necessary for information protection, such as confirmation of fraud, including violation of members' terms and conditions
⑤ Where the member's information is used for business contact
⑥ In the case of sharing some information only on banking-related matters
⑦ Where statistics are prepared, public relations materials, academic research, or market research are necessary, and are provided in a form that cannot be identified as a specific member
2. When the company obtains the consent of its members in advance to provide or share the personal information of its members, it shall notify the following matters: In such cases, the company shall notify the company of the following matters by telephone, mail, fax, e-mail, etc. for seven days.
① a person who receives personal information
② Purpose of use of personal information by the recipient of personal information
③ Items of personal information to be provided
④ Period of retention and use of personal information by persons receiving personal information
3. Where the company has acquired all or part of its business, or has succeeded to the rights and obligations of a third party through merger, inheritance, etc., the following matters shall be notified to the registered members: In this case, the company shall notify the company's website for 30 days or by telephone, mail, fax, e-mail, etc. Exceptions are made when a third party has notified the transfer of personal information in advance in the same procedure and contents.
① The fact that the rights and obligations of a third party have been succeeded and the name of the company
② Name, department, status, phone number, and other contact information of the person in charge of personal information management
③ Purpose of use, retention and use period of personal information
④ Members' rights and methods of exercise, such as withdrawal of consent to the collection, use, and provision of personal information
Article 7 Measures for the Protection of Personal Information
1. The company takes the following technical measures to ensure safety so that personal information is not lost, stolen, leaked, tampered with or damaged in handling members' personal information.
① Members' personal information is thoroughly protected by the password entered when signing up for membership.
② The company adopts Secure Sockets Layer (SSL) that enables secure transmission of personal information on the network using cryptographic algorithms.
③ The company uses a vaccine program to take measures to prevent leakage or damage of member's personal information due to computer viruses. In case of damage to personal information, data is backed up from time to time and members' personal information is transmitted safely using the latest vaccine program.
④ The company uses an intrusion prevention system to control unauthorized access from outside and strives to have all possible technical devices for securing security in other systems.
2. The company separately designates employees who handle members' personal information to limit the scope of employees who can handle members' personal information to a minimum, and the minimum number of people is as follows.
① A person who conducts customer support or marketing activities directly to members
② A person who performs personal information management, such as a person in charge of personal information management
③ A person who is inevitable to handle personal information for other business purposes
3. The company emphasizes compliance with the personal information handling policy through occasional training on new security technologies, etc. for employees handling personal information.
Article 8 Matters concerning cookie operation.
1. To provide optimized services to members, the company operates a "cookie (access information file)" that analyzes access frequency and visit time and identifies members' tastes and areas of interest.
2. Members have the option of "cookie." By selecting the option in the web browser, members can allow all cookies, get checked each time they are saved, or refuse to save all cookies. However, if you refuse to save all cookies, you will not be able to use the company's services through cookies.
■ To specify whether cookies are allowed to be installed: If you are using Internet Explorer
Internet Options from the Tools menu > Click the Privacy tab > Set Privacy Level
■ How to view cookies received: If you use Internet Explorer
Internet Options from the Tools menu > General tab, Settings from Search History > View Files from Temporary Internet Files
Article 9 Rights of Members and Method of Exercise thereof
1. Members should accurately input their personal information to the latest state to prevent unexpected accidents. The members are responsible for accidents caused by inaccurate information entered by members, and if false information such as theft of other people's information is entered, the company may be deprived of its membership.
2. Members and legal representatives can view the personal information of members registered with the company at any time or correct any errors. In the case of reading and correcting personal information or errors, you can directly view or correct errors by clicking "My Information> Correction" on the company's website, or request the person in charge of personal information management to view or correct them by writing, telephone, e-mail, etc. In this case, the relevant personal information will not be used or provided until the correction is completed.
3. Members and legal representatives may withdraw their consent to collect, use, or provide personal information at any time. In such cases, members may request withdrawal of membership by means of written, telephone, e-mail, etc. If there is no service in use, the company shall destroy the personal information of members by the procedures and methods specified in Article 5 of this Policy.
Article 10 Person in charge of personal information management
1. The company designates a department in charge as follows to protect members' personal information and handle complaints related to personal information.
Department in charge: Management /
Computerization Team
Phone number: 02-501-3422
Person in charge: Kang Seon-young
2. Members may report any personal information protection-related complaints arising from the use of the company's services to the department in charge or the person in charge of personal information management. The company responds quickly and sufficiently to members' reports.
3. If you need to report or consult on other personal information infringement, you can contact the following agency.
- Personal Dispute Mediation Committee (http://www.1336.or.kr/ No. 1336)
- Information Protection Mark Certification Committee (http://www.eprivacy.or.kr/02-580-0533 ~4)
- Internet Crime Investigation Center of the Supreme Prosecutors' Office (http://www.spo.go.kr/02-3480-2000)
- Cyber Terror Response Center of the National Police Agency (http://www.ctrc.go.kr/02-392-0330)
1. This policy will take effect on May 1, 2024.