All personal information handled by a corporation called Mediage (hereinafter referred to as the “Company”) is collected, held, and processed on the basis of the relevant statutes or with the consent of the information subject.
This policy will take effect on December 1, 2020.
The company will deal with personal information collected, held, and processed in accordance with the provisions of the Act and subordinate statutes in order to properly perform public affairs and protect the rights and interests of the information subjects. In addition, the company respects the rights and interests of users, such as the right to view and correct personal information held by the company, and you can request an administrative judgment as prescribed by the Administrative Appeals Act. The company’s personal information processing policy is based on the current Personal Information Protection Act. However, if the organization in charge of the company enacts and implements a separate personal information processing policy for the affairs under the relevant statutes, such as the Act on the Promotion of Information and Communication Network Use and Protection, it will be posted on the website operated by the organization.
The company shall not use personal information for any purpose other than the following purposes, and shall fulfill its obligation to notify if the purpose of use is changed.
Service provision: Personal information is processed for the purpose of providing services such as customer inquiries, business partnership inquiries, press inquiries, and recruitment.
For security or continuous service on the homepage, the company applies a number of security codes to detect attempts to control network traffic as well as illegally changing information.
If you click the link or banner on the website operated by the company to move to another site, the personal information processing policy posted by the operating agency will be applied to the website, so please check the personal information processing policy.
The company collects and retains personal information only with the consent of the information subject and the provisions of the Act. The main personal information that the company collects and holds based on the provisions of the Act and subordinate statutes is as follows.
1. Where he/she receives separate consent from the information subject;
2. Where there is a special provision in the Act or it is inevitable to comply with the obligations under the Act;
3. Where the information subject or his/her legal representative is unable to express his/her intention or obtain prior consent due to unknown address, etc., which is deemed necessary for the immediate benefit of the information subject or third party;
4. In any of the following cases, the user’s personal information may be used for purposes other than the purpose or provided to a third party, except where there is a possibility of unfairly infringing the interests of the information subject or a third party:
1) Where he/she receives separate consent from the information subject;
2) Where there are special provisions in other laws;
3) Where the information subject or his/her legal representative is unable to express his/her intention or obtain prior consent due to unknown address, etc., which is deemed necessary for the immediate benefit of the information subject or third party;
4) Where personal information is provided in a form that is not recognizable to a particular individual, as necessary for the purpose of statistics preparation, academic research, etc.;
5) Where personal information is not used for purposes other than the purpose or is not provided to a third party, he/she is unable to perform his/her duties prescribed by other Acts and has undergone deliberation and resolution by the Protection Committee;
6) Where necessary for the provision of treaties or other international agreements to foreign governments or international organizations;
7) Where necessary for the investigation of crimes and the raising and maintenance of public prosecutions;
8) Where necessary for the performance of the court’s trial affairs;
9) Where necessary for the execution of the sentence, protection, and protective disposition;
The company does not entrust your information to an outside company without your consent. If such needs arise in the future, we will notify you of the consignee and the details of the entrustment work and obtain prior consent if necessary.
As the information entity, the user may exercise the following rights:
1. Request for perusal of personal information: Personal information files held by the company may be requested to be read pursuant to Article 35 (Review of Personal Information) of the Personal Information Protection Act. However, the request for perusal of personal information may be restricted as follows under Article 35 5 of the Personal Information Protection Act:
1) Where access is prohibited or restricted by law;
2) Where there is a possibility of harming another person’s life or body or unjustly violating another person’s property and other interests;
3) Where a public institution causes serious disruption when performing any of the following duties:
2. Request for correction or deletion of personal information: For personal information files held by the company, the company may request the company to correct or delete personal information pursuant to Article 36 of the Personal Information Protection Act. However, if the personal information is specified as the target of collection under other laws, it cannot be requested to delete it cannot be deleted.
3. Request for suspension of personal information processing: For personal information files held by the company, the company may request the company to suspend the processing of personal information pursuant to Article 37 of the Personal Information Protection Act. In addition, a legal representative of a child under the age of 14 may request the company to read, correct, delete, or suspend the processing of the child’s personal information. However, a request for suspension of personal information processing may be rejected pursuant to Article 37 (2) of the Personal Information Protection Act.
1) Where there is a special provision in the Act or it is inevitable to comply with the obligations under the Act;
2) Where there is a possibility of harming another person’s life or body or unjustly violating another person’s property and other interests;
3) Where a public institution is unable to perform its duties prescribed by other laws unless it processes personal information;
4) Where it is impracticable to implement a contract, such as failing to provide agreed services with the information subject unless personal information is processed, and the information subject has not clearly expressed his/her intention to terminate the contract;
4. The company shall notify the company of its actions within 10 days of request for perusal, correction, deletion, or suspension of processing of personal information. You can request perusal, correction, deletion, and suspension of processing of personal information through the relevant department.
5. The departments for receiving and processing personal information perusal, correction, deletion, and suspension of processing are as follows.
We will always guide and supervise personal information collected according to the provisions of the Act and subordinate statutes so that it can be used for the purpose of collection and processing.
In principle, the company destroys personal information without delay if the retention period of personal information has expired or the purpose of processing has been achieved. However, this is not the case if it is to be preserved in accordance with other laws. The procedures, deadlines, and methods for destruction are as follows:
1. Destruction procedure: The information entered by the user shall be destroyed in accordance with internal policies and related laws after the retention period has expired or the processing purpose has been achieved.
2. Destruction limit: User’s personal information shall be destroyed within five days of the expiration of the retention period, or within five days of the date when personal information is deemed unnecessary, such as achieving the purpose of processing personal information.
3. Destruction method: When destroying personal information processed by the company, it shall be destroyed by the following methods:
According to Article 29 of the Personal Information Protection Act, the company takes necessary technical, management, and physical measures to ensure safety as follows:
1. Establishing and implementing an internal management plan: The company establishes and implements an internal management plan (‘11.9.30′ in accordance with the “Safety of Personal Information Action Standards’ (2011 – 43).
2. Minimize and train designation of personal information handlers: We minimize the designation of personal information handlers and provide regular education.
3. Restrict access to personal information: We control access to personal information through granting, altering, and eliminating access to database systems that process personal information, using intrusion prevention systems and detection systems, and using Virtual Private Network (VPN) It also records details of authorization, change, or cancellation, and keeps the records for at least three years.
4. Storage of access records and prevention of forgery: Records accessed in the personal information processing system (web logs, summary information, etc.) are stored and managed for at least six months, and access records are managed to prevent forgery, theft, and loss.
5. Encryption of Personal Information: User’s personal information is encrypted, stored, and managed. They also use separate security features, such as encrypting and using sensitive data when it is stored and transferred.
6. Technical measures against hacking: The company installs security programs, updates and inspections periodically, and monitors and blocks systems in areas with restricted access from outside, technically and physically to preventing personal information leakage or damage by hacking or computer viruses.
7. Access control for unauthorized persons: We establish and operate access control procedures for the physical storage of personal information systems.
In order to receive relief from personal information infringement, the information entity may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee and the Korea Internet Agency’s Privacy Report Center. Please contact the following institutions for other reports and counseling of personal information infringement.
◯ Home page: www.kopico.go.kr
◯ Telephone: 1833-6972
◯ Address: Sejong-daero 209, Jongno-gu, Seoul Government Complex 4F
In addition, a person who is infringed on his/her rights or interests by the head of a public institution on the request of the information subject to perusal, correction, deletion, or suspension of processing of personal information may file an administrative appeal as prescribed by the Administrative Appeals Act.
The company designates related departments as follows to protect customers’ personal information and handle complaints related to personal information.
This personal information processing policy shall be applied from the effective date, and if there is any addition, deletion, or correction of changes according to laws and regulations, it will be notified 7 days before the change is implemented.
12. Telephone numbers of the Administrative Appeals Commission
The company designates related departments as follows to protect customers’ personal information and handle complaints related to personal information.
Telephone number guidance for the Administrative Appeals Commission
Seoul Administrative Appeals Commission 02-731-6157, 6557 Gangwon-do Administrative Appeals Commission 033-249-2132, 2478 Busan Administrative Appeals Commission 043-220-2321-4 Daegu Administrative Appeals Commission 053-429-2137 Chungcheongnam-do Administrative Appeals Commission 042-2133 Incheon Metropolitan City 322-2133 Incheon Metropolitan City Gyeongsangnam-do Administrative Judgment Committee 055-279-2133 Gyeonggi-do Administrative Judgment Committee 031-249-2132, 2881 Jeju Administrative Judgment Committee 064-710-2272
In order to provide personalized and customized services to individual users, the company uses ‘cookies’ that store and frequently bring in user information.
1. Purpose of using cookies: To provide targeted marketing and personalized services by analyzing the frequency of access and visiting hours of members and non-members, identifying users’ tastes and interests, tracking their own traces, participation in various events, and visit recall;
2. How to deny cookie settings: Users can deny cookie installation. However, if you refuse to install cookies, it may be difficult to use some services that require login.