Privacy Policy

“AhnLab Blockchain Company, INC.” (hereinafter “the Company”) regards personal information of users as important and has this Privacy Policy (hereinafter the “Policy”) to take a measurement for protection of personal information in accordance with the Personal Information Protection Act, and to handle users’ complaints related to their personal information.

In case of modification, the Company will make public notice through posting on this website (or individual notice) at least 7 days before the effective date.

1.  Personal Information Collected and Method/Purpose of Collection

Personal information collected and purpose of collection

Personal information to be collected, processed by the Company and the purpose of collection are as follows. The personal information will not be used for any other purpose other purposes. If the purposes need to be changed, the Company will acquire a separate consent from users or take other necessary measures.

  • Purpose: To consult on service and respond to inquiries
  • Information collected: Email address and other information entered by users
  • Details: Securing communication channels for identifying users, responding to and resolving complaints and inquiries

The Company will not collect sensitive information (ideology, belief, admission to or withdrawal from a trade union or political party, political opinions, health, sex life, etc.) that is likely to markedly threaten the privacy of users.

When personal information of users under the age of 14 is unavoidably collected for future use of service, the Company will obtain consent from the legal representative of child in advance and destroy the information immediately after the related work is completed. The Company will also thoroughly manage personal information while the work is in progress.

Information such as IP address, cookies, service usage records, visiting records of users may be generated in an automated manner and collected during use of service  

Method of collection

The Company collects the information of users in a way of the following:

  • Emailing, telephone calling, fax

2. Period of Retention and Use of Personal Information

Period of retention

In principle, personal information collected for consultation and inquiry is retained for 1 year from completion of consultation and inquiry process. Provided, however, that if the Company has obtained a separate consent from users, or if investigation or examination is in progress due to a violation of the relevant laws and regulations, the personal information will be stored and used during the agreed or designated period.

Retention under related laws and regulations

The Company will retain personal information, if laws and regulations such as the Act on Consumer Protection in Electronic Commerce impose duties to retain information for a certain period.

  • The Act on the Consumer Protection, in Electronic Commerce, Etc.
    •  Records regarding contract or withdrawal of subscription: 5 years
    •  Records on payment and supply of goods: 5 years
    •  Records on consumer complaint or dispute treatment: 3 years
    •  Records on labeling and advertising: 6 months
  • The Act on Use and Protection of Credit Information
    •  Records on collection/process, and use of credit information: 3 year
  • The Act on Electronic Financial Transactions
    • Records on electronic financial transaction: 5 years
  • The Act on Protection of Communications Secrets
    • Log records of users such as internet/data detecting the place of user connection: 3 months
    •  Other communication confirmation data: 12 months
 

3. Procedure and Method of Destruction of Personal Information

In principle, the Company destroys personal information of users without delay when the purpose of its collection and use has been achieved. The procedure of method of destruction are as follows (Provided that personal information of users who have no service usage records during designated period by Personal Information Protection Act will be separately stored from other users’ and destroyed 2 years after the separate).

Procedure of destruction

When the purpose of collection and use of personal information has been achieved, information that can identify an individual is immediately deleted without delay and processed in an unrecoverable or unusable way. Provided, however, if the laws and regulations specified under the Article 2. Period of Retention and Use of Personal Information impose duties to retain information for a certain period, the personal information may be separated by technical means and stored during the designated period.

Method of destruction

Personal information stored in electronic file formats is deleted by technical means to prevent its recovery or restoration. Personal information printed on paper is destroyed through shredding or incineration.

 

4. Entrustment of Personal Information

The Company entrusts work of processing personal information to the outside to provide convenient and better service. The Company also carries out management or supervision on the entrusted to ensure compliance of relevant laws and regulations.

In case of modification of the entrusted party or work, the Company will make public notice through posting on this website (or individual notice through emailing, telephone calling, SMS, etc.) 

The entrusted works in details are below. The entrusted parties may retain and use personal information until the purpose of its collection and use has been achieved or its contract for entrustment has been expired.

Support for service

Entrusted party and Description of entrusted works

Atomrigs Lab, Inc.: Service operation and user support
B-square Lab Co., Ltd.: Service operation and user support
Amazon Web Services Inc.: Operation of service platform (AWS Cloud Seoul Region)

5. Rights of Users and their Legal Representatives and How to Exercise the Rights

How to view, update and delete by email or phone

Users can send email to address posted on this website to request to view, update and delete their personal information at any time. Besides that, users are entitled to request for privacy officers described in Article 6. Complaints relating to Personal Information to view, update, delete personal information and suspend tis processing. Legal representative of users and an authorized person from users can exercise the rights on behalf of the users.

However, if the Company has a justifiable reason to refuse the request for public interest as below, the Company may refuse the request. Within 10 days of refusal, the Company notifies, either verbally or in writing, the reason of refusal and how to object to the owner of personal information.

  • When viewing is prohibited or restricted by law
  • When it is likely to cause harm to life or body of any other person, or unfairly damages property and other interests of any other person

Protection of personal information of child under 14 years of age

In principle, the Company does not collect personal information from child under 14 years of age. When personal information of child is unavoidably collected for future use of service, the Company may request self-verification of legal representative of the child to acquire to collect information; provided that the Company does not collect personal information of the legal representative of child. The child’s legal representative can exercise the right to view, update and delete the child’s personal information through this website, email, mail, phone. If the child’s legal representative requests the correction of errors in the child’s personal information, the relevant personal information will not be used or provided until the correction is made.

6. Complaints relating to Personal Information

The Company has designated the following persons as the Chief Privacy Officer and Personal Information Manager to remain responsible for responding to user inquiries regarding personal information and resolving any related complaints. Users can contact the Chief Privacy Officer and Personal Information Manager, and exercise the rights to view, update and delete personal information specified in Article 5. Rights of Users and their Legal Representatives and How to Exercise the Rights in accordance with the Personal Information Protection Act.

 

Chief Privacy Officer

  • Management Support Team
  • Suk Kyoon Kang / CEO
  • 031-722-8000
  • sukkyoon.kang@ahnlab.com

Users can report all personal information protection-related complaints that occur while using the service to the contact information above. The Company will promptly and sufficiently respond to users’ reports.

If you need to report or consult on other privacy infringements, please contact the following institutions.

7. Measures for Protection of Personal Information

The Company takes technical, managerial and physical measures for securing safety of personal information as follows:

  • Management of personal information handler
    The Company keeps personal information handlers to a minimum and provides education and training for them.
  • Restriction on access to personal information

In order to prevent unauthorized external access to personal information, the Company has established the standards for granting, modifying, and canceling access rights to the personal information processing database system, and runs an intrusion prevention system and intrusion detection system.

  • Installation and operation of vaccine program

The Company installs vaccine software on personal information processing device and uses it to prevent leakage or damage of users’ personal information.

  • Encryption of personal information

The Company stores personal information after encryption or file locking of such information and transmits the personal information by using encrypted communication zone.

  • Access control for unauthorized persons
    The Company has a physically separated storage for personal information processing system and has established/operates access control procedure for it.

 

Notification Date: August 11, 2022

Enforcement Date: August 12, 2022

Copyright © 2022 AhnLab Blockchain Company