Basic Policy
We, as a company, comply with the “Act on the Protection of Personal Information” and other applicable laws and regulations concerning personal information to properly protect our customers’ personal information. We have established a basic provision (Declaration on the Protection of Personal Information) and will appropriately protect and manage our customers’ personal information. We will also continue to implement measures to ensure information security.
Purposes of Personal Information
(1) We will establish standards and regulations for the proper collection and use of personal information. (2) We will establish codes of conduct and specific rules to prevent unauthorized access, loss, destruction, alteration, and leakage of personal information.
Definition of Information Security
Information security is defined as maintaining the confidentiality, integrity, and availability of information.
Organizational Activities
To implement the basic policy, we will engage in the following activities:
(1) Officers and all employees will comply with laws, regulations, and other standards related to personal information and information security.
(2) We will establish a management system with the Chief Information Security Officer as the highest authority and appoint responsible managers to ensure appropriate management for the maintenance and improvement of information security.
(3) We will request understanding of this basic policy and cooperation from companies and individuals with whom we have transactions.
(4) In the event of any deviation from this basic policy by employees or others, the applicable penalty provisions will be applied.
(5) We will provide regular information security education to employees according to their job responsibilities.
(6) This basic policy will be made available for viewing at any time by posting it on our company’s website.
(7) In the event of a leak or other incident, we will notify and disclose the facts to the individuals involved and make efforts to prevent recurrence.
Collection, Use, and Provision of Personal Information
To implement the basic policy, we will engage in the following activities:
(1) Collection, Use, and Provision of Personal Information: When collecting personal information, we will clearly state the purpose and scope of collection to customers and handle it within the agreed purpose and scope.
(2) Respect for Rights: We respect individuals’ rights regarding personal information and, within reasonable limits, respond to requests for “disclosure,” “correction,” “addition,” “deletion,” “use cessation,” “erasure,” and “provision to third parties cessation” concerning their own personal information.