Privacy Policy
Exporum Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses this privacy policy to protect the personal information of data subjects in accordance with Article 30 of the Personal Information Protection Act and to handle related complaints promptly and smoothly.
Article 1 (Purpose of Processing Personal Information)
The Company processes personal information for the following purposes. The processed personal information will not be used for purposes other than those specified below, and in the event of a change in the purpose of use, necessary measures will be taken, including obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
1. Website membership registration and management
Purpose: Confirmation of membership registration intent, self-identification/authentication for providing membership services, maintenance/management of member qualifications, verification in accordance with restricted self-confirmation, prevention of service misuse, confirmation of consent from legal representatives for processing personal information of children under 14, various notifications, complaint handling, etc.
2. Provision of goods or services
Purpose: Delivery of goods, provision of services, sending of contracts and invoices, content provision, personalized service provision, self-authentication, age verification, fee payment and settlement, debt collection, etc.
3. Complaint handling
Purpose: Confirmation of complainant's identity, confirmation of complaint details, contact/notification for fact-finding investigations, notification of processing results, etc.
Article 2 (Processing and Retention Period of Personal Information)
① The Company processes and retains personal information within the period stipulated by law, the period for which consent is obtained at the time of collecting personal information, and the period specified for the purpose of processing personal information.
② The processing and retention periods for each category of personal information are as follows:
1. Website membership registration and management: Until the business/operator's website withdrawal
However, in the following cases, until the end of the relevant situation:
1) In the event of an ongoing investigation or inquiry due to a violation of relevant laws, until the end of the investigation or inquiry.
2) In the case of remaining rights and obligations related to website usage, until the settlement of such rights and obligations.
Article 6 (Processed Personal Information Items)
The Company processes the following personal information:
1. Provision of goods or services
Required items: Name, phone number, email address, affiliation, etc.
2. The following personal information items may be automatically generated and collected during the use of internet services.
IP address, cookies, MAC address, service usage records, visit records, faulty usage records, etc.
Article 7 (Destruction of Personal Information)
① The Company promptly destroys personal information when it becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose.
② In cases where the personal information holding period agreed upon with the data subject has elapsed or the processing purpose has been achieved, yet the Company is obliged to continue retaining the personal information under other laws, the Company transfers the relevant personal information to a separate database (DB) or retains it in a different location.
③ The procedure and methods for the destruction of personal information are as follows:
1. Destruction Procedure
The Company selects personal information for destruction when the reasons for disposal arise, and, after obtaining approval from the Company's Personal Information Protection Manager, proceeds to destroy the personal information.
2. Destruction Method
Personal information recorded and stored in electronic file format is destroyed to prevent reproduction, using methods such as low-level formatting (Low Level Format). For personal information recorded and stored in paper documents, the Company shreds or incinerates them for destruction.
Article 8 (Ensuring the Security of Personal Information)
The Company takes the following measures to ensure the security of personal information:
1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures: Access control management of personal information processing systems, installation of access control systems, encryption of unique identification information, etc.
3. Physical measures: Access control to computer rooms, data storage rooms, etc.
Article 9 (Installation, Operation, and Rejection of Automatic Collection Devices for Personal Information)
① The Company uses 'cookies' to store and periodically retrieve user information to provide personalized services.
② Cookies are small amounts of information sent by the server (http) operating the website to the user's computer browser and may be stored on the hard disk of the user's computer.
a. Purpose of using cookies: Used to understand the user's visits and usage patterns on each service and website, popular search terms, secure access status, etc., to provide optimized information to the user.
b. Installation, operation, and rejection of cookies: Users can refuse to store cookies by configuring their options in the top menu of the web browser under Tools > Internet Options > Privacy.
c. Rejecting cookie storage may cause difficulties in using personalized services.
Article 10 (Personal Information Protection Manager)
① The Company appoints a personal information protection manager to take overall responsibility for personal information processing and handle complaints, remedies for damage, etc., related to personal information processing.
▶Personal Information Protection Manager
Name: Kim Jeonghoon
Position: Executive
Contact: 02-6000-6694, expo@k-expo.org, 02-2051-3326 ※ Connects to the Personal Information Protection Department.
▶Personal Information Protection Department
Department Name: Korea Expo Organizing Committee
Person in Charge: Sophia Lee
Contact: 02-6000-6673, expo@k-expo.org, 02-2051-3326
② Data subjects can inquire about all matters related to personal information protection, complaints, and remedies for damages arising during their use of the Company's services (or business) to the Personal Information Protection Manager and the responsible department. The Company will promptly respond to and address inquiries from data subjects.
Article 11 (Request for Access to Personal Information)
Data subjects may request access to their personal information in accordance with Article 35 of the Personal Information Protection Act. Such requests can be directed to the following department:
▶Department for Receiving and Processing Requests for Access to Personal Information
Department Name: Korea Expo Organizing Committee
Person in Charge: Sophia Lee
Contact: 02-6000-6673, expo@k-expo.org, 02-2051-3326
Article 12 (Remedy for Violation of Rights)
Data subjects can inquire about remedies for damages, counseling, and other matters related to the infringement of their rights to the following organizations:
▶Personal Information Infringement Report Center (Operated by Korea Internet & Security Agency)
Responsibilities: Reporting personal information breaches, applying for counseling
Website: privacy.kisa.or.kr
Phone: 118 (no area code)
Address: 3rd floor, 9 Jinheung-gil, Naju-si, Jeollanam-do, 58324, Korea
▶Personal Information Dispute Resolution Commission
Responsibilities: Applying for personal information dispute resolution, collective dispute resolution (civil resolution)
Website: www.kopico.go.kr
Phone: 1833-6972 (no area code)
Address: 4th floor, Government Seoul Complex, 209 Sejong-daero, Jongno-gu, Seoul, 03171, Korea
▶Cyber Crime Investigation Division, Supreme Prosecutors' Office
: 02-3480-3573 (www.spo.go.kr)
▶Cyber Safety Bureau, National Police Agency
: 182 (http://cyberbureau.police.go.kr)
Article 13 (Effective Date and Changes to the Privacy Policy)
This privacy policy is effective as of November 28, 2023.