Personal Policy

Personal Information Handling Policy

  1. 1. Divememory Corp. (http://www.divememory.com) (hereinafter called “the company”)’s personal information handling policy is handled with accordance with Act on Promotion of Information and Communication Network Utilization and information Protection, etc.
  2. 2. The company commits personal information protection policy based on the acts which information and communication service providers should follow such as Protection of Communications Secrets Act, Enforcement Decree of the Telecommunications Business Act and Act on Promotion of Information and Communication Network Utilization. For reference, the company’s obligation to protect personal information shall not be applicable to the action of collecting personal information performed by the linked websites in the company’s webpage.
  3. 3. When joining the membership, if the user selects and click ‘Agree’, the company regards the user agrees the company’s personal information protection policy and the company collects personal information based on the information that the user inputs in the enrollment form. If the user disagree the personal information to be collected or the user does not want to join the membership, the user needs to click ‘Disagree’ on the menu.
  4. 4. The company may ask for additional information if the additional information need although the company tries to collect personal information within the minimal scope of what is necessary in order to provide its service.

Purpose of personal information handling

The company handles personal information for the following purposes and the personal information shall not be used for other than those purposes.

  1. - To confirm joining membership, identify and authenticate personal identity to provide service, maintain membership, payment or delivery of product and provided service

Handling and retention period of personal information

  1. 1. Personal Information collected under the consent of subjects of information shall be retained and used while the member’s membership is maintained.
  2. 2. Details about handling and retention period of personal information are as followings.
    1. - Records regarding contract or withdrawal of subscription.
    2. - Reason for retention: The law on the consumer protection in the online business transactions
    3. - Retention period: 5 years
    4. - Records regarding payments and provisions of goods
    5. - Reason for retention: The law on the consumer protection in the online business transactions
    6. - Retention period: 5 years
    7. - Record regarding transaction of electronic banking service
    8. - Reason for retention: Act of electronic financial transaction
    9. - Retention period: 5 years
    10. - Records of consumers’ complaints or results of disputes
    11. - Reason for retention: The law on the consumer protection in the online business transactions
    12. - Retention period: 3 years
    13. - Records regarding the website visits
    14. - Reason for retention: The communication secret protection law
    15. - Retention period: 3 months

Offer of Personal Information to third parties

The company does not provide personal information to third parties without consent from the subject of personal information, except for the cases that there is lawful basis which is applicable to Article 17 of personal information protection law. However, followings are the cases of exceptions,

  1. 1. For the case with consent from user or member
  2. 2. For the case of providing limited range of personal information which is necessary for service of name, birth date, phone number and home address among personal information provided by user or member
  3. 3. For the case if there is sufficient basis for the personal information to be provided to take legal action against causing physical and mental loss to others using the service
  4. 4. For the case that is required by other laws
  5. 5. For the case that is necessary for payment and delivery of products to provide service
  6. 6. For the case that provide as unidentified form for market search, compiling of statistics and academic research
  7. 7. For member to use our company or affiliated company’s service without additional membership enrollment process with one member ID, the personal information of our member who is willing to use a certain affiliated company’ service may be provided to the affiliated company. (same for the case that the number of affiliated company becomes larger than when member got membership at the first) Member always can retract to provide personal information to affiliated company and suspend to use the related service.

The rights and obligations of the subject of personal information and method of exercise

User may request to exercise the rights regarding personal information protection as followings

  1. 1. Request to review personal information
  2. 2. Request to make a correction if there are any errors in the personal information
  3. 3. Request to remove
  4. 4. Request to suspend the process against the personal information

The installation, operation and refusal of automatic personal information device

  1. 1. The company mainly uses ‘cookie’ which stores and often bring the user’s information in order to provide the customized services to meet the specific personal circumstances and preferences of each user. A cookie is also saved on the hard disk in PC with a small amount of information which transmit to web browser.
  2. 2. The user can provide the service without additional input such as a statement in accordance with the connection information of the user for more information, to read the cookie on a computer to find the user in the company of the server is a web browser of the user when connecting to the website. The cookie identifies user’s computer, but it does not identify individual user personally.
  3. 3. The company can provide more convenient services by identifying visits, patterns and scale of usage for each service users by using a cookie.
  4. 4. Users can also choose to use cookies by adjusting the option of your Web browser. In other words, it accepts all cookies or to send a notification when a cookie is installed, or alternatively, user can also refuse all cookies. However, the user must allow cookies in order to use the service with log in after connecting to the company.

Deletion of personal information

In principle, the company deletes the personal information as soon as the purpose for collection and use it attained. The deletion procedure and method are as follows.

  1. 1. Deletion procedure
    1. The input information by user gets deleted after it is retained for a certain time period in accordance with the internal policy and for other reason for the protection of information by relevant law (Refer to Article 4 Retention and Use of Personal Information). The personal information should not be used for other purpose except intended by the relevant law.
  2. 2. Period of deletion
    1. Personal information shall be purged using paper shredder or by burning them within 5 days from the assigned day when the personal information is not necessary any longer such as completion of purpose of personal information handling and abolition of service or discontinuance of business, the personal data stored in the electronic files shall be purged using the technical method that makes the records unrecoverable.

Securing the protection of personal information

To secure the safety of Personal Information, the company employees the following technical, managerial, physical devises according to the Article 29 of Personal Information Protection Act:

  1. 1. Minimization of number of employees for managing Personal Information and training for them
    1. The company limits the number of employees working on the Personal Information to the person in charge, we enforce a measure to manage the personal information.
  2. 2. Implementation of regular self-inspection
    1. In order to secure stability regarding personal information handling, we implement self- inspection quarterly.
  3. 3. Establish and implementation of internal manage plan
    1. The company establishes and implements internal manage plan for safe handling of personal information
  4. 4. Encryption of personal information
    1. User’s personal information and password are stored and managed in protected mode. The important data use addition secure function such as encryption of files and transferring data or file lock function.
  5. 5. Measures against the hacking
    1. The company installs anti-hacking program and check/renew regularly to prevent customers’ Personal Information from leakage or damage by hacking or computer virus. The system is installed using the access suspension system, unauthorized accesses from outside are controlled.
  6. 6. Limit of access to personal information
    1. By providing, change and cancellation of access authority to database system which handle personal information, necessary action is implemented to control access to personal information. Unauthorized accesses from outside are controlled by the access suspension system
  7. 7. Store of access record and anti-forgery
    1. The company stores and controls access record to personal information processing system at least 6 months and use security features in order to avoid forgery and burglaries of access record.
  8. 8. Using lock system for document security
    1. The company stores document and supplementary storage medium which include personal information at safe area with lock system.
  9. 9. Control of access for unauthorized person
    1. The company maintains additional physical storage area where store personal information and is operated by access control process.

Contact information for officers in charge of protecting (supervising) personal information

The company designates a department for and a person in charge of protecting (managing) Personal Information, and handling inquiries and complaints concerning Personal Information. The subjects of personal information can make inquiries about questions regarding any personal information protection, handling of complaints or relief for damage occurring while using our service or business for personal information protection officer or department. We will try to answer and deal with the inquiries from the subjects of personal information as soon as possible.

  1. 1. Person in charge of protecting (managing) personal information
    1. - Name: Kim, Young Hwan
    2. - Position: Chief Executive Officer
    3. - Phone number 070-7759-0267
    4. - Email: admin@divememory.com
    5. ※ It transfers to the department of personal information protection
  2. 2. The department of personal information protection
    1. - Name: Department of information protection
    2. - Person in charge: Kim, Young Hwan
    3. - Phone number: 070-7759-0267
    4. - Email: admin@divememory.com
  3. 3. Please direct your inquiries to the following center if you have anything to report or need a consultation regarding the infringement of other Personal Information.
    1. - Call Center for the Infringement of Personal Information (www.118.or.kr/118)
    2. - Cybercrime investigation department at the Supreme Prosecutor’s office (www.spo.go.kr / 02-3480-3571)
    3. - Korean National Police Agency Cyber Bureau (www.ctrc.go.kr / 182 without area code)
  4. Change in Personal Information Handling Policy

    This personal information handling policy will apply from the effective date and if there is any addition, removal, or modification of the information, we will notify from 7 days before the effective date via official announcement at homepage.

    This personal information handling policy was written in Korean. The Korean texts prevail if the translation of this policy may differ from the original Korean.