Privacy Notice for MAXWORK Service
Maxst (hereinafter referred to as the “Company”) complies with applicable laws and regulations of personal information protection, including, without limitation, Act on the Promotion of Information and Communication Network Use and Information Protection, Personal Information Protection Act, Communication Secret Protection Act, and Telecommunication Business Act, with its best efforts to protect user rights under its Privacy Notice.
Article 1 (Purpose of collection/use of personal information, items to be collected/used and retention period)
① The Company processes user’s personal information for the purpose set forth in this Privacy Notice. User’s personal information processed by the Company is used solely to the extent of the following purposes. In case of any change in such purpose, the Company will take necessary actions such as attaining user’s consent, etc. under Article 22 of Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
② The Company processes and retains user’s personal information solely during the period required by law or agreed upon by a user at the time of his or her consent to the collection of personal information.
③ The methods to collect personal information are as follows:
1. Collection through applying for the use of MAXWORK service
2. Collection through entering for user events
3. Collection through bulletin board for customer inquiries
4. Collection in the course of use of services or handling businesses or
5. Collection via phone/fax
④ Items to be collected and retention period are as follows:
⑤ Notwithstanding the foregoing, if falling under any of following cases, user’s personal information is retained until it is completed even though a member is withdrawn.
1. Where an investigation is underway due to a breach of relevant laws and regulations: until such investigation is completed or
2. Where there is a claim-obligation relationship under use of the website: until such claim-obligation relationship is settled
⑥ Users are entitled to refuse to consent to items of personal information to be collected by the Company and methods of collection, in which case, however, use of the Service provided to members may be restricted partially.
⑦ The Company will notify users who do not have records of use for 1 year (hereinafter referred to as the “dormant member”) of the fact that their personal information will be destroyed, expiration date, items to be destructed, etc. via electronic mail, written document, fax, phone, or other similar methods, by 30 days prior to the expiration date, and if no answer is sent within a certain period, the dormant member may lose his/her membership.
Article 2 (Outsourced processing of personal information)
① The Company, in principle, does not outsource personal information processing to any third parties. If outsourcing personal information processing is required, the Company will outsource customer’s personal information to the outside only for part of the works necessary for provision of the service and exert its best efforts to manage user’s personal information in a safe manner under relevant laws and regulations. In the event that the Company intends to outsource user’s personal information processing, content of works outsourced and the ones who are outsourced to process personal information will be disclosed on the website of the Company, for easier recognition by users and safe management of personal information.
② The Company is currently outsourcing processing of personal information as follows:
Article 3 (Provision of personal information to third party)
The Company uses personal information solely to the extent of the purposes of personal information processing provided for in Article 1 and will, in principle, neither use it beyond such scope nor disclose it without user’s prior consent. However, if personal information is disclosed to any third party, the Company will notify a user of and have user’s consent to, the following: recipient(s), purpose to use personal information, items to be disclosed, a period during which information is retained and used, the notice that a user can disagree to such disclosure, and disadvantage, if any as a result of such disagreement. Personal information will be able to be disclosed to any third party if and to the extent:
1. a user gives the prior consent to such disclosure or
2. the disclosure is required by law or an investigative agency in accordance with the procedures and methods of the laws and regulations provided for investigative purpose.
Article 4 (Rights/obligations of users and how to exercise them)
① A user or legal proxy can exercise rights against the Company, at any time, in relation to protection of personal information described as follows:
1. Request of viewing personal information
2. Request of correcting information if there is any error, etc.
3. Request of deletion
4. Request of suspension of processing and
5. Withdrawal of consent to the personal information processing
② Users can exercise rights set forth in Paragraph 1 in writing, via email, fax or Setting tab provided through the website in accordance with the attached Form 8 (Request of inspection, correction, deletion or processing suspension of personal information) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., and the Company will take an action immediately.
③ The Company handles that personal information terminated or deleted upon a request from a user will be processed under Article 1, and it cannot be accessed or used for any other purposes. In the event that a user requests correction or deletion of an error, etc. in personal information, the Company will not use or provide personal information concerned unless such correction or deletion is completed. Moreover, in case that false personal information has provided to a third party already, the Company will notify the third party of results of correction in order to complete the correction.
④ Exercise of rights prescribed in Paragraph 1 can be conducted by a representative who is a legal proxy of user or who is delegated, etc. In the event that a legal proxy intends to access and modify user’s personal information, the proxy can send an email or call a general directory number to exercise rights, and in which case, the proxy shall submit power of attorney in accordance with the attached Form 11 of Enforcement Decree of the Personal Information Protection Act.
⑤ With respect to a request of correction or deletion of personal information, a user cannot request the deletion of personal information of such subject if relevant personal information is provided for as information subject to collection under any statute
⑥ User’s request to access or suspend the processing of, user’s personal information may be limited by Paragraph 5 of Article 35, Paragraph 2 of Article 37 of Personal Information Protection Act.
⑦ The Company verifies if a person who has made a request such as request of access, request of correction·deletion, request of suspension of processing, etc. is the principal or legitimate proxy, at the time such requests.
Article 5 (Procedure and methods of destruction of personal information)
① The Company destroys users’ personal information without any delay when personal information is no longer necessary upon the end of retention period of personal information, achievement of the purpose of personal information processing, etc.
② If personal information has to be kept despite the end of retention period of personal information or achievement of purpose of processing, in accordance with applicable laws, it shall be transferred to separate database (DB) or retained in a different place, and destroyed immediately after the period for keeping by using means which prevent any record from being recovered In which case, personal information separately stored and managed shall not be used for any purpose other than the retention purpose unless required by law.
③ Detailed procedures, due date and methods are described as follows.
Article 6 (Measures for ensuring safety of personal information)
In order to ensure safety of personal information, the Company takes measures as follows:
1. Organizational measures: Establishment/implementation of internal management plans, regular training for employees, restriction on and training of employees who handle personal information
2. Technical measures: Management of access authority including personal information processing system, etc., installation of access control system, encryption of unique identification information, etc., preparation in response to hacking and computer virus including installation of security program, etc.
3. Physical measures: Control of access to computer rooms, data storage rooms, etc.
Article 7 (Installation/operation and refusal of personal information auto collection devices)
① The Company uses ‘cookies’ as means of storing and retrieving user information from time to time in order to provide users with the services tailed to users.
② A cookie is a small piece of data sent to the user’s web browser by a server which is used to operate MAXWORK website and it may be stored on a hard drive in a user’s PC
1. Purpose of using cookies: The cookies analyze frequency of user’s access, visiting time, etc., identify taste and interest of users, tracking the trace, participation in various events, frequency of visiting, etc. in order to provide target marketing and individually customized service.
- Google Analytics Terms & Conditions: https://www.google.com/analytics/terms/kr.html
3. Installation∙operation and refusal of Cookie: Users may refuse to save cookies in any of following ways: Users can allow all cookies by setting web browser options that the users use, confirm cookies every time they are saved, or refuse to save all cookies. If users refuse to save cookies, the users may experience difficulties in using customized services.
- For Internet Explorer
• Choose [Internet Option] in the [Tool] menu
• Click [Personal Information]
• Click [Advanced]
• Choose whether to allow cookies
- For Chrome Browser
• Choose [Setting] of [More] menu at the top right
• Choose [Advanced] at the bottom
• Choose [Content Settings] in [Privacy and Security]
• Choose [Cookies] and make [Allow sites to save and read cookie data] to be turned off.
Article 8 (Manager responsible for personal information protection and contact information)
① To undertake responsibilities for overall tasks regarding personal information processing, and to handle user’s complaints and remedy problems, the Company has appointed the department and officer in charge of personal information protection as follows.
Data Protection Officer
Name: Kim, Seung-Gyun
Contact: 02-585-9566, email@example.com
Department handling personal information protection related-tasks and complaints
Person in charge: Yoo, Byeong-Woo
Contact: 02-585-9566, firstname.lastname@example.org
② Users may inquire any matter regarding protection of personal information, handling complaints, remedies, etc. occurred while using the service of the Company. The Company will provide sufficient answers promptly in response to the inquiries made from users.
③ In case of other reports or consultations regarding infringement of personal information, please contact agencies described as below.
Privacy Infringement Report Center (operated by Korea Internet Security Agency)
- Jurisdiction: Report on personal information infringement, apply for consultation
- Website: privacy.kisa.or.kr
- Phone: (without area code) 118
- Address: Personal Information Infringement Report Center, 3rd Floor, 9 Jinheung-gil (301-2 Bitgaram-dong), Naju-si, Jeollanam-do, Republic of Korea (58324)
Personal Information Dispute Mediation Committee
- Jurisdiction: Application for mediation of personal information disputes, collective dispute mediation (civil resolution)
- Website: www.kopico.go.kr
- Phone: (without area code) 1833-6972
- Address: 4th Floor, Government Complex-Seoul, 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea (03171)
Supreme Prosecutors Office Cyber Crime Investigation Division: 02-3480-3573 (www.spo.go.kr)
National Police Agency Cyber Terror Response Center: 182 (http://cyberbureau.police.go.kr)
Article 9 (Amendment to privacy notice)
① This Privacy Notice will take effect on 07, 07, 2020
② This Privacy Notice may be amended upon changes of the Company’s policy and relevant laws and regulations.