Policy
Privacy Policy
Samyang Corporation safely manages personal information by complying with relevant statutes and regulations, such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, to protect the said information.
Samyang Corporation notifies users about the purpose and method of using the personal information provided and the measures taken to protect personal information.
-
Collection of General Personal InformationRequired items: company, position, name, email, contact number, country, content entered via inquiry
Optional items: company, position*Please refer to the detailed information in the Privacy Policy below.
-
Personal Information Processing PolicyProduct, partnership, and service-related announcements, Establishing smooth communication channels for inquiries and complaints handling
Website quality analysis and enhancement, service provision
(When agreeing to marketing communications) Information and benefits related to products, webinars, exhibitions, companies, etc.*Please refer to the detailed information in the Privacy Policy below.
-
Personal Information Retention PeriodPersonal information will be destroyed immediately after the purpose of collection and use has been achieved.
However, some personal information may be kept for the retention period specified by relevant laws and regulations, depending on the type.*Please refer to the detailed information in the Privacy Policy below.
-
Provision of Personal InformationNo external provision.
However, in accordance with legal regulations or legal proceedings, information will be provided exceptionally if required by the relevant authorities.*Please refer to the detailed information in the Privacy Policy below.
-
Entrustment of Data ProcessingIf necessary for service improvement,
personal information may be outsourced to external professional agencies. (Until the end of the outsourcing contract)*Please refer to the detailed information in the Privacy Policy below.
-
Complaint Handling DepartmentPosition/Title: Team Leader
Department: Building Management Team
Email : sys.privacy@samyang.com
Phone: +82-2-740-7120
Fax: +82-2-740-7790*Please refer to the detailed information in the Privacy Policy below.
-
1.
General Provisions
-
2.
Purpose of Processing Personal Information, Items Collected, Retention and Use Period
-
3.
Provision of Personal Information to Third Parties
-
4.
Matters Regarding the Outsourcing of Personal Information
-
5.
Procedures and Methods for Destruction of Personal Information
-
6.
Rights of Users and Legal Guardians and How to Exercise Them
-
7.
Measures for Ensuring the Security of Personal Information
-
8.
Complaint Services Related to Personal Information
-
9.
Notification of Personal Information Processing Policy
-
10.
Installation and Operation of Fixed Video Information Processing Devices
-
11.
Information Regarding the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
-
01.
General Provisions
-
- Personal information means information about a living individual which can identify the individual by items such as their name and resident registration number (This includes information that alone may not identify a specific individual, but can easily be used to identify when combined with other information).
- Samyang Corporation ("www.samyangcorp.com"hereinafter referred to as the “Company”) places great importance on the protection of users’ personal information and complies with relevant legal regulations on personal information protection, including the Act on the Promotion of Information and Communications Network Utilization and Information Protection and the Personal Information Protection Act, which must be observed by providers of information and communication services. Through this privacy policy, we inform users about how the personal information they provide is used and in what manner, as well as the measures taken to protect personal information.
- The Company makes the privacy policy easily accessible to users by disclosing it on the first page of the website.
- The Company has established procedures for amending the privacy policy to ensure continuous improvement and reserves the right to change the privacy policy to meet the needs of the Company and societal changes. In addition, when amending the privacy policy, the Company assigns a version number or other indicator to make it easy for users to identify the revised information.
-
02.
Purpose of Processing Personal Information, Items Collected, Retention and Use Period
-
- The Company collects personal information through the following methods. The Company does not use personal information for purposes other than those stated below, and takes necessary measures such as obtaining separate consent if the purpose of the service provided by the Company changes.
- The rights and responsibilities regarding personal information and posts voluntarily disclosed by the user during the use of services provided by the Company are the responsibility of the user. Voluntarily disclosed information is difficult to protect and may be collected or processed unauthorized by others. Please be mindful that any loss or issues arising from this are solely the responsibility of the user.
- Information collected during use of service
Information collected during use of service Legal basis Category Purpose of collection Items collected Retention and use period Personal Information Protection Act Article 15 (1) 1
(Consent of the data subject)Customer inquiries 1. Product, partnership, and service-related announcements
2. Establishing smooth communication channels for inquiries and complaints Handling1. General Inquiries from Companies
- Required items: company, position, name, email, contact number, country, content entered via inquiry
2. IR inquiries
- Required items: name, email, contact number, country, content entered via inquiry
- Optional items: company, position3 years after the inquiry (Article 6 of the Act on the Consumer Protection in Electronic Commerce, etc.) Personal Information Protection Act Article 15 (1) 1
(Consent of the data subject)Download data 1. Website quality analysis and enhancement, service provision
2. (When agreeing to marketing communications) Information and benefits related to products, webinars, exhibitions, companies, etc- Required items: company, position, name, email, country
- Optional items: consent to receive marketing information3 years after data download request
(Article 6 of the Act on Consumer Protection in Electronic Commerce, etc.)- We use cookie information for user convenience. Please refer to Article 11 of the Privacy Policy for related information.
-
03.
Provision of Personal Information to Third Parties
-
The Company shall process the user’s personal information within the scope clarified in the Personal Information Processing Policy; the personal information shall not be provided to a third party except in the following cases:
- When the user has consented to the processing
- When falling under special regulations according to the law, such as Articles 17 and 18 of the Personal Information Protection Act
- Personal information may be provided to relevant institutes without the consent of the data subject in emergencies, such as disasters, infectious diseases, accidents, and incidents that cause urgent risks to lives and the body and urgent loss of properties, according to the Personal Information Processing and Protection Guidelines in Emergencies jointly announced by relevant government departments.
-
04.
Matters Regarding the Outsourcing of Personal Information
-
The user’s personal information is managed by the following external company through consignment.
Trustee Entrusted
tasksData
subjectCommissioned
InformationRetention and
use periodSamyang Data
SystemOperation outsourcing
of IT infrastructure
including databasesAll data subjects All information
itemsUntil customer consent withdrawal or termination of consignment contract Salesforce Customer information
analysis and managementService users for
customer inquiriesCompany, position, name, country, email, contact number, country, other information entered by the customer Until customer consent withdrawal or termination of consignment contract Amazon Web
Service Inc.Data retention All data subjects All information
itemsUntil customer consent withdrawal or termination of consignment contract
-
05.
Procedures and Methods for the Destruction of Personal Information
-
- The Company shall destroy the personal information without delay when it is no longer necessary due to the expiration of the retention period for personal information or the achievement of the processing purpose.
-
If the personal information holding period agreed upon by the user has expired or the processing purpose has been achieved, but it is necessary to continue retaining the personal information according to other laws, the Company will transfer the relevant personal information to a separate database (DB) or to a separate table within the DB (in the case of paper, separate document storage) and retain it in a different storage location.
- The items of personal information retained and the basis for retention in accordance with other laws can be found in “2. Items of Personal Information Collected and Methods of Collection” and “4. Personal Information Retention and Use Period.”
-
The procedures and methods for the destruction of personal information are as follows:
-
Destruction process
- The Company selects personal information for destruction when the reason for destruction arises, and with the approval of the Company’s data protection officer, the personal information is destroyed.
-
Method of destruction
- The Company destroys personal information recorded or stored in electronic file format in a manner that makes it impossible to regenerate the record, and personal information recorded or stored on paper documents is shredded using a shredder or incinerated for destruction.
-
Destruction process
-
06.
Rights of Users and Legal Guardians and How to Exercise Them
-
-
Rights of Data Subjects and How to Exercise Them
-
Users have the right to exercise their rights (hereinafter referred to as “Exercising Rights”) to access, correct, delete, stop processing, withdraw consent, refuse automated decisions, or request an explanation from the Company at any time.
- Requests for access to personal information of children under 14 years of age must be made directly by their legal guardian. If the data subject is a minor over 14 years of age, the minor can exercise the rights regarding their personal information, or the rights can be exercised through their legal guardian.
-
You can exercise your rights towards the Company through writing, email, fax, or other means in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the Company will promptly respond to your request.
- Users can always request refusal of automated decisions and explanations through the ‘Contact Us’ section on the website.
-
Users have the right to exercise their rights (hereinafter referred to as “Exercising Rights”) to access, correct, delete, stop processing, withdraw consent, refuse automated decisions, or request an explanation from the Company at any time.
-
Obligations of Data Subjects and How to Exercise Them
- Exercising rights can also be done through a legal guardian or a representative who has been delegated by the user. In this case, you must submit a power of attorney form according to Annex No. 11 of the “Guidelines for Personal Information Processing Methods.”
- The right of users to request access to personal information and stop processing may be limited under Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.
- If the personal information is specified as a subject of collection in other laws, you cannot request the deletion of such personal information.
-
If the data subject has consented to automated decision-making or has been notified in advance through a contract, and if there are clear legal provisions, refusal of automated decisions may not be accepted, and only requests for explanation and review are allowed.
- Also, refusal or request for an explanation regarding automated decisions may be denied if there are legitimate reasons, such as concerns about unjustly infringing on another person’s life, body, property, or other benefits.
- The Company verifies whether the person exercising the rights is the individual oneself or a legitimate representative.
- Rights can be exercised at the following departments within the Company. The Company will make efforts to ensure that the rights of data subjects are promptly processed.
-
Department for receiving and processing requests for access to personal information
- Department Name : Building Management Team
- Address: 31 Jong-ro 33-gil, Jongno-gu, Seoul, Korea
- Email : Sys.privacy@samyang.com
- Phone : +82-2-740-7128
- Fax : +82-2-740-7790
-
Rights of Data Subjects and How to Exercise Them
-
07.
Measures for Ensuring the Security of Personal Information
-
The Company has implemented the following technical and managerial measures to ensure the security of personal information in processing to prevent loss, theft, leakage, alteration, or damage of personal information.
-
Technical measures
- When storing personal information, we encrypt it using reliable encryption algorithms to prevent unauthorized leakage.
- When transmitting personal information over the network, we secure the transmission by encrypting it with SSL.
- The Company utilizes antivirus programs to prevent damages caused by computer viruses. The antivirus program is regularly updated, and in case of sudden emergence of a virus, the Company provides immediate updates to prevent any infringement of personal information.
- The Company has installed intrusion prevention systems and intrusion detection systems to protect the system against external intrusions such as hacking.
- The Company retains and manages access records to the personal information processing system for at least 1 year, ensuring that access records are not tampered with, stolen, or lost.
-
Administrative measures
- The Company has established and implemented an internal management plan for the secure handling of personal information.
- The Company restricts access to users’ personal information to processors within the personal information processing department.
- The Company conducts regular in-house training and external training for employees who handle personal information to acquire new security technologies and fulfill obligations for personal information protection.
- The handover of duties related to personal information by processors is strictly conducted under secure conditions, and responsibilities for personal information incidents are clearly defined upon employment and departure.
-
The Company does not take responsibility for incidents resulting from the user’s mistakes or the inherent risks of the internet.
Each member is responsible for appropriately managing their personal information to protect it and must take responsibility for it. - In the event of loss, leakage, alteration, or damage of personal information due to the mistakes of internal administrators or incidents in technical management, the Company will immediately inform users of the facts and take appropriate measures and compensation.
-
Physical measures
- The Company has designated data processing rooms and data storage rooms as special protected areas and controls access to them.
The Company complies with the Personal Information Protection Act, its enforcement decree, enforcement rules, standards for ensuring the security of personal information, and other relevant laws and regulations.
-
Technical measures
-
08.
Complaint Services Related to Personal Information
-
-
The Company oversees the overall tasks related to personal information processing, takes responsibility, and has designated a person in charge of personal information protection to handle user complaints, damage relief, and other matters related to personal information processing.
-
Data Protection Officer
- Name: Park Chul
- Position: Team Leader
- Email : Sys.privacy@samyang.com
- Tel : +82-2-740-7120
- Fax : +82-2-740-7790
-
Personal Information Protection Department
- Department Name: Building Management Team
- Email : Sys.privacy@samyang.com
- Tel : +82-2-740-7128
- Fax : +82-2-740-7790
-
Data Protection Officer
-
Users can contact the Data Protection Officer and the responsible department for any inquiries, complaints, damage relief, or other matters related to personal information protection arising from the use of the Company’s services.
※Phone consultations are available on weekdays from 09:00 to 18:00, and inquiries via email, fax, or mail will be promptly responded to and processed within 24 hours of receipt. If you need professional consultation or to report a privacy breach regarding personal information, please contact the following agency.-
Personal Information Infringement Report Center (Korea Internet & Security Agency)
- Phone: +82-118 (without area code)
- Website: http://privacy.kisa.or.kr
-
Cyber Investigation Department of Supreme Prosecutor’s Office
- Phone: +82-1301 (without area code)
- Website: http://www.spo.go.kr
-
Cyber Safety Guardian of Korean National Police Agency
- Phone: +82-182 (without area code)
- Website: https://www.police.go.kr/www/security/cyber.jsp
-
Personal Information Infringement Report Center (Korea Internet & Security Agency)
-
The Company oversees the overall tasks related to personal information processing, takes responsibility, and has designated a person in charge of personal information protection to handle user complaints, damage relief, and other matters related to personal information processing.
-
09.
Notification of Personal Information Processing Policy
-
If there are any additions, deletions, or modifications to the current privacy policy due to changes in government policies or security technologies, we will notify you through the website at least 7 days in advance.
-
- Date of change to the privacy policy : 2024-10-02
- Effective date of the privacy policy : 2024-10-11
-
-
10.
Installation and Operation of Fixed Video Information Processing Devices
-
The Company operates and manages video information processing devices as follows.
-
Basis and purpose of installation of fixed video information processing devices
:The Company installs and operates fixed video information processing devices for the following purposes in accordance with Article 25 (1) of the Personal Information Protection Act.- Facility safety and management, fire prevention
- Crime prevention for customer safety
- Prevention of vehicle theft and damage
- Installation and operation are permitted based on Article 6 (1) of the Enforcement Regulations of the Parking Lot Act for facilities with more than 30 parking spaces.
-
Installation location, recording distance
- Installation location: Main entrance of the business premises, lobby, outer perimeter of the fence, etc., external entry and exit areas inside and outside the business premises
- Recording distance: range of the movement of people entering and exiting
- Installed units: 57 units (Jongno Headquarters), 255 units (Discovery Center)
-
Manager in charge, responsible department, and authorized personnel for access to video information
- Please contact the video information manager at each business location (Refer to the CCTV guide board for each business location).
- Manager contact information
Name Position Affiliation Contact Jongno Building Choi
Chang-yongDepartment
ManagerBuilding
Management Team+82-2-740-7128 Discovery Center Choi
Jeong-munDepartment
ManagerBuilding
Management Team+82-2-2157-9588 -
Video recording time, retention period
- Recording time: 24-hour recording
- Retention period: 30 days from the time of recording
-
Storage location and processing method
- Storage location: B1 floor of Jongno Headquarters, Central Monitoring Room of B1 floor of Discovery Center
- Processing method: Record and manage matters related to the use of personal video information for purposes other than its intended use, provision to third parties, destruction, and requests for viewing. Permanently delete in a manner that cannot be recovered when the retention period expires (shredding or incinerating for hard copies).
-
The Company outsources the installation, operation, and management of video information processing devices as follows: In accordance with relevant laws and regulations, the necessary matters are stipulated in the outsourcing contract to ensure the safe management of personal information.
- Service Provider: Honeywell Korea
- Department/Person in Charge: Service Team 2
- Manager and Contact: Director Lee Tae-ho (+82-10-4772-1393), Director Kim Jong-ho (+82-10-2478-7770)
-
Measures for requests to access video information
- If a user wishes to view recorded video information or confirm the existence of video information, access or confirmation will be permitted only in cases where it is clearly necessary for the benefit of the user’s life, body, or property. This is limited to the personal video information in which you are recorded.
-
Information on how to confirm personal video information and the location:
- Method of confirmation: contact the manager in charge of personal video information in advance and visit our organization for confirmation.
- Confirmation location: Samyang Corporation Management Support Team
-
Technical, managerial, and physical measures for the protection of video information
- Access control and access restriction, application of secure storage and transmission technologies for video information, storage of processing records and prevention of tampering, establishment of storage facilities, and installation of locking devices
-
Regarding Changes to the Policy on the Operation and Management of Fixed Video Information Processing Devices
- This policy on the operation and management of fixed video information processing devices was established on Oct. 02, 2024. Any additions, deletions, or modifications to the content due to changes in laws, policies, or security technologies will be announced on the organization’s website at least 7 days prior to implementation.
- Date of Notification: Oct. 02, 2024 / Effective Date: Oct. 11, 2024
-
Basis and purpose of installation of fixed video information processing devices
-
11.
Information Regarding the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
-
[Automatic personal information collection devices installed and operated]
- The Company uses "cookies" to store and periodically retrieve user information in order to provide individualized services and convenience.
- Cookies are small pieces of information sent by the server (http) of a website to the user’s browser and stored on the data subject’s PC or mobile device.
-
Users can allow or block cookies by configuring their web browser settings.
However, if you refuse to store cookies, it may cause difficulties in using personalized services.-
Allowing/Blocking Cookies in a Web Browser
- Chrome: Web browser Settings > Privacy and Security > Clear browsing data
- Edge: Web browser Settings > Cookies and site permissions > Manage and delete cookies and site data
-
Allowing/Blocking Cookies in Mobile Browsers
- Chrome: Mobile browser Settings > Privacy and Security > Clear browsing data
- Safari: Mobile device Settings > Safari > Advanced > Block All Cookies
- Samsung Internet: Mobile browser Settings > Internet usage records > Clear browsing data
-
Allowing/Blocking Cookies in a Web Browser
[Information on the collection, use, provision, refusal of behavioral information, etc]
- In order to provide users with optimized personalized services, benefits, and targeted online advertisements during the service usage process, the Company collects and utilizes behavioral information through cookies without identifying individuals.
- The Company collects behavioral information on the website it operates as follows.
-
Information subjects can inquire about matters related to behavioral information, exercise their right to refuse, and report damages through the following contact information.
-
Personal Information Protection Department
- Department Name: Building Management Team
- Person in Charge: Team Leader Park Chul
- Email : Sys.privacy@samyang.com
- Phone : +82-2-740-7120
- Fax :+82-2-740-7790
-
Personal Information Protection Department
Legal basis Items of behavioral information collected Methods of collecting behavioral information Purpose of collecting behavioral information Retention and usage period Article 15 (1) 1 of the Personal Information Protection Act Logging of website visits and key actions Automatically collected using Google Analytics when users visit the website, a web analysis tool provided by Google. Utilized for website service management, statistics, and analysis of user behavior. Up to 38 months(destroyed after retention period)