PRIVACY POLICY (Ver 1.1)

Infiniq Co., Ltd. establishes and discloses the following personal information handling guidelines in order to protect the personal information of information subjects in accordance with Article 30 of the Personal Information Protection Act and to promptly and smoothly handle related grievances.

Purpose/item of personal information processing

Infiniq does not use personal information for purposes other than the following, and if the purpose of use is changed, it will be processed with consent. Infiniq uses the collected personal information for the following purposes.
1. Request to view personal information: Personal information files held by Infiniq may be requested to be viewed in accordance with Article 35 (Access to Personal Information) of the 「Personal Information Protection Act」.
    However, requests for access to personal information may be restricted as follows in accordance with Article 35 (5) of the 「Personal Information Protection Act」.

2. Collection items (required): name, affiliation (company name), email, contact information

3. Retention period: In principle, after the purpose of collecting and collecting personal information is achieved, the information is destroyed without delay.
    However, if it is necessary to preserve in accordance with the provisions of related laws, personal information may be kept for a certain period of time determined by the relevant laws and regulations as follows.
 ◦ Records of transactions such as the contents and performance of display and advertisement contracts in accordance with the Consumer Protection Act in Electronic Commerce, etc
   - Records on display and advertisement: June
   - Records on consumer complaints or dispute resolution: 3 years
 ◦ Storage of communication confirmation data in accordance with Article 41 of the Communication Secret Protection Act
   - Computer communication, Internet log record data, access point tracking data: 3 months
    Retention of personal identification information in accordance with Article 29 of the Enforcement Decree of the Information and Communications Network Utilization Promotion and Information Protection Act: 6 months after information posting on the bulletin board ends

Rights and obligations of data subjects and how to exercise them

Users can exercise the following rights as information subjects.
1. Request to view personal information: Personal information files held by Infiniq may be requested to be viewed in accordance with Article 35 (Access to Personal Information) of the 「Personal Information Protection Act」.
    However, requests for access to personal information may be restricted as follows in accordance with Article 35 (5) of the 「Personal Information Protection Act」.
 A. When access is prohibited or restricted by law
 B. If there is a risk of harming the life or body of another person or unfairly infringing on the property and other interests of another person
 C. In the event that it causes a significant impediment to the performance of any of the following tasks
  - Tasks related to examinations and qualifications related to academic background, skills, and recruitment
  - Tasks related to the evaluation or judgment in progress regarding the calculation of compensation and benefits
  - Tasks related to ongoing audits and investigations in accordance with other laws

2. Request for correction/deletion of personal information: Regarding personal information files held by Infinek, in accordance with Article 36 (Correction and deletion of personal information) of the 「Personal Information Protection Act」
You can request correction or deletion of personal information. However, if the personal information is specified as a collection target in other laws, the deletion cannot be requested.

3. Request to suspend processing of personal information: Regarding personal information files held by Infinek, in accordance with Article 37 (Suspension of processing of personal information, etc.) of the 「Personal Information Protection Act」
    You can request the suspension of processing of personal information. In addition, the legal representative of a child under the age of 14 may request Infiniq to view, correct, delete, or suspend the processing of the child's personal information.
    However, when a request for suspension of processing of personal information is requested, the request for suspension of processing may be rejected according to Article 37 (2) of the 「Personal Information Protection Act」.
 A. hen there are special provisions in the law or it is unavoidable to comply with statutory obligations
 B. If there is a risk of harming the life or body of another person or unfairly infringing on the property and other interests of another person
 C. If a public institution is unable to carry out its duties as stipulated in other laws without processing personal information
 D. If it is difficult to fulfill the contract, such as not being able to provide the service contracted with the information subject if personal information is not processed, the information subject
    If the intention to terminate the contract is not clearly stated

4. In case of a request for viewing, correction, deletion, or suspension of processing of personal information, Infiniq will notify the action taken within 10 days.
    Requests for viewing, correction, deletion, and suspension of processing of personal information are possible through the relevant department.

5. The exercise of rights in accordance with the above may be done through an agent such as the legal representative of the information subject or a person who has been delegated.
    In this case, a power of attorney must be submitted.

Destruction of personal information

In principle, if the retention period of personal information has elapsed or the purpose of processing has been achieved, Infiniq will destroy the personal information without delay.
                            However, this is not the case when it is required to be preserved in accordance with other laws. The procedures, deadlines and methods of destruction are as follows.
                        
1. Destruction procedure: The information entered by the user is destroyed according to the internal policy and related laws after the retention period has elapsed or the purpose of processing has been achieved.

2. Destruction deadline: When the retention period of personal information of users has elapsed, without delay from the end of the retention period, the purpose of processing personal information is achieved, etc.
    When the personal information becomes unnecessary, the personal information will be destroyed without delay from the date on which the processing of the personal information is deemed unnecessary.

3. Destruction method: When destroying personal information processed by INFINIQ, it is destroyed in the following way.
 - In the case of an electronic file: Permanent in a way that cannot be restored
 - In the case of records, printed materials, writing, or other recording media other than the form of deletion electronic files: Shred or incinerate

Provision of personal information to third parties

Infiniq provides personal information to third parties only in cases where it falls under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the information subject and special provisions of the law.


                        

Personal information processing consignment matters

Infiniq entrusts the following personal information processing tasks for smooth personal information processing.
Consignment processing company
  - Consigned company name: Midas IT
  - Address: Pangyo Seven Venture Valley 2, 17 Pangyo-ro 228beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do
  - Tel: 031-789-1242
  - Consignment work: recruitment-related applicant selection management and civil complaint handling
  - Consignment items: name, phone number, email

Request to view personal information

Reception and processing department of personal information access request
- Department Name: HR Team
- Contact Person : Kim Soo-min
- contact : , 

Measures to ensure the safety of personal information

According to Article 29 of the 「Personal Information Protection Act」, INFINIQ takes the following technical, managerial, and physical measures necessary to ensure safety.
1. Establishment and implementation of internal management plan: Infiniq is based on the ‘Standards for measures to ensure the safety of personal information’ [Ministry of Public Administration and Security Notice No. 2019-47)
        Establish and implement an internal management plan (‘20.2.27)

2. Minimization and education of personal information handlers: We minimize the designation of personal information handlers and conduct regular training.

3. Restriction of access to personal information: Control access to personal information by granting, changing, or canceling access rights to the database system that processes personal information.
        An intrusion prevention system and an intrusion prevention system are used to control unauthorized access from the outside, and the personal information handler can access the personal information processing system from outside through the information and communication network.
        When connecting, a virtual private network (VPN) is used. Also keep a record of any authorizations, changes, or terminations;
        We keep those records for at least 3 years.

4. Encryption of personal information: Users' personal information is encrypted, stored and managed.
        In addition, we use separate security functions such as encrypting important data for storage and transmission.

5. Technical measures against hacking: Infiniq installs security programs to prevent leakage and damage of personal information due to hacking or computer viruses, etc.
        Periodic renewal and inspection are carried out, and the system is installed in an area where access is controlled from outside, and it is monitored and blocked technically and physically.

6. Access control for unauthorized persons: We establish and operate access control procedures in a separate physical storage location for the personal information system that stores personal information.

How to Remedy for Infringement

The information subject may inquire about damage relief and consultation for personal information infringement to the following organizations.
<following institutions are separate from Infiniq, and Infinek handles personal information complaints on its own,
    If you are not satisfied with the damage relief result or need more detailed help, please contact us.>
▶ 개인정보 침해신고센터 (한국인터넷진흥원 운영)
  - 소관업무 : 개인정보 침해사실 신고, 상담 신청
  - 홈페이지 : privacy.kisa.or.kr
  - 전화 : (국번없이) 118
  - 주소 : 전라남도 나주시 진흥길 9 한국인터넷진흥원
▶ 개인정보 분쟁조정위원회
  - 소관업무 : 개인정보 분쟁조정신청, 집단분쟁조정 (민사적 해결)
  - 홈페이지 : www.kopico.go.kr
  - 전화 : 1833-6972
  - 주소 : 서울특별시 종로구 세종대로 209 정부서울청사 4층
▶ 대검찰청 사이버범죄수사단 :
  - (국번없이) 1301, privacy@spo.go.kr (www.spo.go.kr)
▶ 경찰청 사이버안전국
  - (국번없이) 182 (cyberbureau.police.go.kr)

개인정보 보호 책임자 및 담당자 연락처

개인정보를 보호하고 개인정보와 관련한 불만을 처리하기 위하여 아래와 같이 개인정보 보호책임자 및 실무담당자를 지정하고 있습니다.
(개인정보보호법 제31조 제1항에 따른 개인정보 보호책임자)
  - 개인정보보호 책임자 : 이사 최정인 02-561-7142
  - 개인정보보호 담당자 : 팀장 김명진 02-555-8072

개인정보 처리 방침의 변경

본 방침은 2020년 03월 12일부터 시행됩니다. 이전의 개인정보 처리방침은 아래에서 확인하실 수 있습니다.
  - 2018. 9. 30 ~ 2020. 3. 11 적용(클릭)