Article 1 [General Provisions]
1. KT Hitel Corporation (hereinafter “we” or “KTH”) collects personal information when a user (hereinafter “you” or “Member”) registers with KTH. “Personal information” is information which personally identifies you, such as your name, resident registration number, or other data which can be reasonably linked to such information.
2. We very much appreciate the importance of your personal information and conforms to the Act on the Protection, Usage, etc. of Location Information, Telecommunications Security Protection Act, the Telecommunications Business Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and Personal Information Protection Act.
3. We do our best to protect your personal information and hereby inform you of the purposes and methods by which we may use your personal information of and of the actions taken to protect your privacy.
Article 2 [Types of Personal Information We Collect]
1. We collect the minimum amount of personal information necessary to provide our services.
2. We collect the following types of information about you when you resister in order to properly respond to your questions and inquiries.
1) Collected items for a member who registers with his/her email account
- Email, ID (username), Password, language setting information
2) Collected items for a member who registers with Facebook account or other services (http://www.facebook.com/about/privacy/your-info#inforeceived)
- Facebook ID, Registered Email Address, Password, language setting information
3. We may collect the following types of information when we provide our services to you.
1) Service usage information, access information, cookie, IP address, mobile device identification numbers (device ID or IMEI), unauthorized or inappropriate access information
2) Location information stored on your device or your location information (if you enable GPS feature)
3) Profile information: SNS registration information (twitter ID or/and Facebook ID), member’s status information, personal introduction, and interests
4. Upon your consent, we may also collect following information in case that you use additional services and personalized services or you participate in various events we host.
1) In case you win an event: information required to provide a gift and mailing address
2) In case you use fee-based services: payment information
5. Method of collecting personal information
1) Through pages in the service, paper form, fax, telephone, customer service board, email, promotional event application, logistics service
2) From business partners or other companies
3) Through an information-collecting tool
4) Automatically collected from you executing or using Pudding.to
5) Collected when you voluntarily register for or use our service
6. All personal information received by you is subject to processing by Amazon Web Service on our behalf and we sometimes handle transfers of personal information to countries outside where you reside.
Article 3 [Collection of Personal Information and Your Agreement]
We always aim to have your agreement to our collecting or using your personal information. In terms of colleting your personal data, you are deemed to consent to KTH’s privacy practices once you press the “I Agree” button. However, we may collect and/or use your personal information without your prior consent in any of following cases.
1) If it is difficult to get your consent on collecting or using your personal information required to fulfill the contract of providing information communications services for economic or technical reasons
2) To collect fees in respect with using information communications services
3) If there is any applicable law, regulation, legal process or enforceable governmental request
Article 4 [Collection of Personal Information and Purpose of Usage]
We may display or provide targeted advertisements and services based on collected demographic factors (age, gender, and region) and frequency of using services in order to fulfill the contract obligation as service provider. Also, we may collect and store your mobile device identification numbers (or IMEI) to verify identification when you download or use Pudding.to.
1. We use your personal information for the purposes set out below:
1) To perform contractual obligations and process payment regarding service provision
To provide contents on the website and mobile devices, to send bills or products, to verify identification, to purchase products or services and make payment, and to collect fees
2) To manage members
To verify identification for membership services, to distinguish individual, to prevent misbehaving members from using services improperly and prevent unauthorized use of services; to confirm intention of membership application; to restrict membership application and the numbers of such application; to confirm legal guardian’s consent to collect information of minors under the age of fourteen (14) and verify identification of such legal guardian; to preserve records for arbitrating disputes; to provide customer services for processing customers’ claims; and, to send notifications
3) To develop new services and to use for marketing and advertisement
To develop new services and provide personalized services, to provide services and advertisement according to demographic factors; to verify the validity of services, and to execute events and commercial information
Article 5 [Personal Information Collected from Cookie]
1. The Company operates cookies which frequently store and access your personal information. A cookie is a small piece of text sent by a web server to your web browser of wire/wireless devices, which is used to run the website. When you log into the website, the company’s server reads the contents of cookies on your browser of wire/wireless device. A cookie may identify wire/wireless devices of users, but does not collect personal information about you.
3. You have a choice of whether to install cookies. You may accept all cookies, or confirm whenever cookies are stored, or reject storage of all cookies by setting an option in your web browser by selecting [Internet Option] under [Tools] menu, clicking [Privacy] tab, and adjusting [Privacy] settings. However, if you refuse to reject storage of all cookies, you may experience some difficulties in using services.
Article 6 [Disclosure of Personal Information]
2. We do not entrust your personal information to outside parties without your prior consent. If it is necessary to disclose your personal information to an outside company, we will inform you of the identity of the company, the details of using your personal information, items of personal information provided, retention and using period via website or by email, written document, and telephone, and obtain your prior consent. However, we may disclose or use your personal information without your consent in the following cases;
1) If it is necessary to collect fees
2) If we provide location information in a non-personal, aggregate format for statistical and research purposes
3) If special regulations are set forth in laws
3. We may disclose your personal information to third parties with your prior consent to do so in following cases:
1) When you make a purchase or use fee-based services, your contact information such as your name, address, and phone number, etc., may be provided to the seller, fee-based service provider, and logistics providers in order to collect fees and deliver the services or product.
2) When you participate in various events, your personal information may be provided to the host of event hosts.
4. We may work with a variety of business partners or service providers who may perform certain functions on our behalf, such as providing personalized services, online advertisement, community service, fee-based contents, and mobile service or performing market research and statistical survey, etc.
5. We will notify the members about the usage of their personal information once annually, so that you may have control over your personal information.
Article 7 [Consignment of Personal Information]
In order to improve the quality of our services and to ensure the safety of such personal information, we may consign all or part of the management of personal information we have obtained for the collection, retention, handling, use, provision, management, and disposal of personal information in compliance with relevant laws and regulations. We will collect and manage minimum information needed to provide service to the members.
- Cosigned agency: KTIS (ktis.co.kr)
- Scope of Consignment: Service operations, customer service center support
- Retention period: Until the termination of the outsourcing agreement or membership
In case of change in consigned service provider or scope of consignment in the future, we will notify its details to you in accordance with the procedures specified in Article 15.
Article 8 [Access and Correction of Personal Information]
You can access or correct your personal information anytime except for your name, gender and date of birth. You can access or correct your personal information by clicking [profile].
Article 9 [Withdrawal of Consent of Collection, Usage, and Provision of Personal Information]
You may withdraw your consent to the collection, usage and disclosure of personal information at any time. For withdrawal of consent (cancellation of membership), you can go to [settings] > [management] and withdraw your consent or cancel your membership upon verification of your identity, Or you can request cancellation in writing or e-mail, to the Personal Information Manager, all necessary measures will be promptly taken to delete the personal information of the requesting member Upon verification of your identity.
Article 10 [Term of Retention and Usage of Personal Information]
1. We save your personal information you provided until your membership with us is terminated.
2. Upon termination, we will delete all personal information relating to the member without delay and will take proper measures so that your personal information cannot be used for any reason.
3. When you do not use our service for 3 years, to protect your personal information, we will manage your information in a separate storage, and make sure that the information will be not used for any purpose, other than exceptional purposes. Additionally, we may terminate your personal information by our decision.
4. One month before the separate management of members’ information, provided in Item 3 of Article 10, we will send you a notification e-mail, and if you visit at least once during the one month period, we will not store your information separately.
5. We will delete temporarily corrected personal information after completing the purposes of collection and use of them. However, in case that you provide your personal information to participate in various events we host, the personal information you provide will be kept for 6 months after the end of the promotional events.
6. We dispose of your personal documents such as a copy of identity card you submitted immediately after confirming your identity.
7. We aim to retain documents with parent’s consent for at least 2 years from its submission, but if the member terminates his/her membership with us, we immediately dispose of the evidence document.
8. We may make exceptions in retaining personal information based on relevant laws and regulations for more than the retention period set as below.
[Retention Period of Personal Information]
Items / Retention Period / Reason for Retention
- Personal information upon registration / 30 days / To prohibit a member from re-applying for the use of services after having had their membership revoked
- History of visits / 3 months / Item 2 of Paragraph 2 of Article 15 of the Protection of Communications Secrets Act (enforcement decree: item 2 of Paragraph 2 of Article 41)
- Records of inappropriate usage / 1 year / To prohibit a misbehaving member from reapplying for membership, to deal with infringement of the rights, such as defamation, and, to cooperate with investigation
- Records of display/advertisement / 6 months / Item 1 of Article 6 of the Consumer Protection Act on Electronic Transaction (enforcement decree: item 1 of Article 6)
- Records related to contract or cancellation of membership / 5 years / Item 1 of Article 6 of The Consumer Protection Act on Electronic Transaction (enforcement decree: item 2 of 6)
- Records related to payment and supplying goods, etc. / 5 years / Item 1 of Article 6 of the Consumer Protection Act on Electronic Transaction (enforcement decree: item 3 of Article 6)
- Records related to customer complaints and resolution of disputes/ 3 years / Item 1 of Article 6 of the Consumer – Protection Act on Electronic Transaction (enforcement decree: item 4 of Article 6)
Records related to locational information / 1 year / Item 2 of Article 16 of the Consumer Protection Act on usage of locational information
Article 11 [Disposal of Personal Information and Method of Disposal]
We delete and destroy your personal information immediately after the purpose of collection and use of such information is accomplished. The disposal procedures and its method are as below;
1. Disposal procedure
1) The information that you provide shall be transferred, upon completion of accomplishing the intended purpose, to a separate database (or a separate document storage device or paper-based documents) for storage for a certain period in accordance with the internal regulations and relevant laws and regulations before being disposed of.
2) The personal information moved to a separate database shall not be used for purposes other than storage, unless specified otherwise by law.
2. Disposal method of Personal Information
1) Irreversible termination by systematic technique on personal information on electronic file
2) Shredding or incineration for personal information on paper
Article 12 [Technological and Managerial Measures for Protection of Personal Information]
We take the following safety measures so that personal information will not be lost, stolen, leaked or spoiled.
1. Technological measures
A. Your password is encrypted with an encryption algorithm for the highest level of protection and even administers cannot know about it.
B. In order to protect leakage or damage of members’ personal information, we maintain strict safety devices at a place that limits external access, and monitor any external access 24/7 using a blocking and monitoring device.
C. We use security device that can safely transmit private information on the network using encrypted algorithm.
2. Managerial measure
A. We strictly specify that the employee who can handle personal information shall be the person who manages personal information, and who is necessarily required to handle personal information in the course of performing his/her duty.
B. Regular internal and external training is conducted for employees who handle personal information, with the said training pertaining to the acquisition of new security technology and on the responsibility for protection of personal information.
C. Handover of duties involving personnel who handle personal information is conducted thoroughly while maintaining security. We also set our responsibilities for incidents involving personal information after joining and leaving the company.
D. If there is a loss, leakage, alteration or damage of personal information due to the error of an internal manager or a technical or management incident, the Company will notify you immediately, take the appropriate steps, and take proper actions.
However, it is your responsibility to ensure the security of your ID and Password and we are not responsible for any leakage of such information resulting from your own mistake or fault.
Article 13 [Contact Details of Personal Information Manager and Personal Information Administrator]
We assign a personal information manager and a personal information administrator to receive suggestions and handle complaints related to personal information. The personal information manager and the personal information administrator are as follows. Please contact to the below Personal Information manager in case that you have any question regarding handling of Personal Information.
[Personal Information Manager]
Name : Yootaek Kim
Team : Corporate Culture
Email : firstname.lastname@example.org
Phone : 1588-5668
[Personal Information Administrator]
Name : Yongseon Yoo
Team : CVI
Email : email@example.com
Phone : 1588-5668
You can contact the following agencies if you need to report or consult on matters concerning privacy violation.
- Personal Information Infringement Center (www.118.or.kr / +82 2 118)
- PRIVACY Mark Certification Committee (http://www.eprivacy.or.kr/ +82 2 580 0533~4)
- Supreme Prosecutors’ Office Internet Crime Investigation Center (www.spo.go.kr / +82 2 3480 2000)
- Cyber Terror Response Center at the Police Agency (www.spo.go.kr/ +82 2 392 0330)
Article 14 [Rights of Members and Legal Representatives]
Members and respective legal representatives of children under the age of 14, at any time, may check or modify their registered personal information. They may also request to cancel their membership, and in case of such request, we take relevant measures immediately after going through the procedure to confirm his/her identity.
Article 15 [Duty of Notification]
Announcement Date : February 14, 2012
Enforcement Date : February 22, 2012