Personal Information Processing Policy

Daeho-al is preparing for the new future with a competitive advantage in the market.

Daeho-al (hereafter called the “Company”),
in accordance with the Personal Information Protection Act, establish the following policies and procedures to be able to protect users personal information and rights and respond smoothly and effectively to user’s complaints regarding their personal information.
The Company will make a public (or individual) announcement through the website if there is any revision made to personal information policies and procedures.

The policies and procedures will take effect from December 25, 2019.

1. Purpose of Use of Personal Information

The Company shall collect and use personal information for the following purposes. Personal information used will not be used for purposes other than the following purposes and will get a prior permission from the user when the purpose of use is changed.

  • A. Handling of Product Enquiries
    • - Personal information is processed for the purpose of making notifications of feedbacks to enquiries.

2. Personal Information Items and Collection Methods

  • A. Personal Information Collection Items
    • o The Company shall collect personal information listed below for a counseling request through the homepage.
      • - Counseling request: Name in full, email, phone number (mobile phone number), fax, address
    • o Service usage record, access log, cookies and access IP records can be created and collected during the course of service use.
  • B. Collection Methods
    • - Includes collection through the counseling request on the homepage, the generation information collection tool, and others.

3. Processing and Retention Periods of Personal Information

The Company shall process and hold personal information within the approved periods for its retention and use according to laws and regulations, or within the same time period when collecting personal information from the information subject.

  • o Handling of Product Enquiries

    The Company shall, in principle, destroy Personal information regarding ‘Handling of Product Enquiries’ without any delay after completing the enquiry process. But, the Company shall retain personal information when it falls under a reason listed below until it is resolved.

    • - Personal information remains on hold until the ongoing investigation or examination over the violation of related laws and regulations ends.
    • - Personal information remains on hold until corresponding bonds or liabilities related to the use of the homepage are cleared.
  • o Log Record
    • - Reason for retention : The Protection of Communications Secret Act
    • - Retention period : 3 months

4. Provision of Personal Information to Third Party

The Company shall not provide, as a rule, user’s personal information to the third party. Cases listed below are considered as exceptions:

  • - Users grant a prior consent.
  • - There is a request from the investigation agency based on rules and regulations under the law or according to procedures and methods prescribed in the law for investigation purposes.

5. Personal Information Commitment

The Company does not commit and operate user’s personal information.

6. Rights and Duties of the Information Subject & Legal Representative and Exercising Those Rights and Duties Users are entitled to exercise their rights as an individual information subject as listed below:

  • ① The information subject is entitled to exercise his/her rights on the Company at any time, such a request for accessing, correcting, deleting and suspending the disposal of personal information.
  • ② The rights stipulated in Paragraph 1 can be requested in written form, e-mail or fax in accordance with Paragraph 1 of Article 41 of the Enforcement Ordinance of the Personal Information Protection Act. Upon the receipt of the request, the Company will take prompt action accordingly.
  • ③ Exercising rights specified in Paragraph 1 can be performed through an agent such as the legal representative of the information subject or an entrusted person. In this case, a letter of entrustment should be submitted as specified in Item 11 of the attached document of the Enforcement Ordinance of the Personal Information Protection Act.
  • ④ The rights of the information subject can be restricted on a request for accessing personal information and a suspension of its processing in accordance with Paragraph 5 of Article 35 and Paragraph 2 of Article 37 of the Personal Information Protection Act.
  • ⑤ A request for correcting and deleting personal information cannot be made when the personal information is specified as what needs to be collected in another decree.
  • ⑥ The Company shall ensure verify the identity of a data subject or an authorized agent who requests access, correction, deletion and/or suspension of data processing according to the rights of an information subject.

7. Filling out Personal Information Items being Processed

  • A. Personal Information Items being Collected
    • o The Company collects personal information as listed below:
      • - Request for counseling : Name in full, e-mail, phone number (mobile phone number), fax, address
    • o Service usage record, access log, cookies and access IP records can be created and collected during the course of service use.
  • B. Collection Methods
    • - Includes collection through the counseling request on the homepage, the generation information collection tool, and others.

8. Personal Information Destruction

The Company, in principle, shall destroy the corresponding personal information without delay after meeting its initial purpose of the personal information. Listed below are personal information destruction procedures, deadline and method:

  • - Destruction Procedures
    • The information entered by the user is transferred to a separate DB (separate document in the case of paper) after fulfilling its purpose. Then, the information is either stored for a certain time period in accordance with internal policies and other related laws before being destroyed or destroyed immediately. The personal information transferred to DB shall not be used for purposes other than what was specified in law.
  • - Destruction Deadline
    • In the event that the retention period of user’s personal information expires, the Company shall destroy the personal information withing five (5) days from the end date of retention period. In case the personal information is made unnecessary for such reasons as achieving the purpose of personal information processing, the closure of the corresponding service and/or business shutdown, the Company shall destroy the personal information within five (5) days from the day when the personal information processing is acknowledged as unnecessary.
  • - Destruction Method
    • Information in the form of an electronic file is destroyed with a technical method involving any record unable to be reproduced.

9. Installation, Operation and Refusal of Automated Personal Information Collection System

  • ① The Company uses cookies which are used by websites to store and load frequently user data to provide personalized services.
  • ② A cookie is a small amount of information sent from the server (http) used in operating a website to the user's computer browser and it is also stored on the user’s computer hard drive while browsing the site.
    • A. Purpose for Using Cookies: Cookies are used to provide users with ideally personalized information by tracking each user’s visits to each service and website, types of service use, popular search words, and a secure access.
    • B. Cookie Installation, Operation and Refusal: Cookies can be refused and disabled by setting options in the Tools > Internet Option > Personal Information menu on the top of the web browser.
    • C. Cookies, if disabled, may make users find it difficult to use personalized services.

10. Personal Information Protection Supervisor

The Company assigns a related department and personal information protection supervisor as shown below to protect client’s personal information and to cope effectively with complaints about personal information.

  • o Personal Information Protection Personnel
    • - Name in full : Dong Wook Kim
    • - Working at : Daeho-al
    • - Tel: 053-610-5421
    • - email: daeho-al@daeho-al.com
  • o Personal Information Protection Supervisor
    • - Name in full : Dong Wook Kim
    • - Working at : Daeho-al
    • - Tel: 053-610-5421
    • - email : daeho-al@daeho-al.com
  • o Upon discovery of any complaint arising out of the personal information protection while using services provided by our company, you are free to report it to our personal information protection supervisor or its responsible department.
  • o The Company is committed to replying promptly and in full detail to any issues reported from users.
  • o 기Contact us at agencies listed below for enquiries when you need to make a report or counseling request regarding other personal information violations.
  • Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without the telephone exchange number)
    Personal Information Dispute Mediation Committee (kopico.go.kr / 1833-6972)
    Cyber Investigation Division at the Prosecutor-General's Office (spo.go.kr / area code +1301)
    Korean National Police Agency Cyber Bureau (cyberbureau.police.go.kr / without the telephone exchange number 182)

11. Personal Information Processing Policy Change

These personal information processing policies will take effect on a date set by regulation. When there are any additions, deletions and/or corrections made to changes in accordance with laws and policies, they will be publicly notified seven (7) days before the date of implementation.

12. Measures for Protecting Personal Information

The Company is taking technical/administrative and physical measures necessary for securing personal information safety according to Article 29 of the Personal Information Protection Act, as listed below:

  • - Carrying out a self-run regular inspection
  • - Minimizing the number of personal information handling staff and providing subsequent training
  • - Putting restrictions on accessing personal information