경기 스타트업 서밋
'South Summit Korea,' operated by 'GBSA' (hereinafter referred to as ‘the company') established and operates the following privacy policy to protect the privacy and rights of users in accordance with Article 30 of the Personal Information Protection Act as well as to promptly handle any related grievances and issues.
The company is doing its best to comply with and fulfill the responsibilities and obligations stipulated by the relevant laws and regulations.
Date of Implementation: 2024-07-15
Table of Contents
Article 1 – Information on the collection and use of personal information
Article 2 – Refusal to install and operate automatic personal information collection devices
Article 3 – Retention, period of use, and destruction of personal information
Article 4 – Consignment of personal information processing
Article 5 – Provision of personal information to third parties
Article 6 – Measures to ensure the safety of personal information
Article 7 – Rights of users and legal representatives and how to exercise them
Article 8 – Remedies against infringements of the rights and interests of the users and privacy officer
Article 9 – Changes to the privacy policy
Article 2 – Refusal to install and operate automatic personal information collection devices
Article 3 – Retention, period of use, and destruction of personal information
Article 4 – Consignment of personal information processing
Article 5 – Provision of personal information to third parties
Article 6 – Measures to ensure the safety of personal information
Article 7 – Rights of users and legal representatives and how to exercise them
Article 8 – Remedies against infringements of the rights and interests of the users and privacy officer
Article 9 – Changes to the privacy policy
Article 1
Information on the collection and use of personal information
The Company collects the minimum amount of personal information necessary to provide services; furthermore, depending on the service provided, the purpose, items, retention, and period of use related to personal information varies according to the table below:
Non-registered members
| Purpose of Collection | Essential Categories | Use and retention period |
|---|---|---|
| Respond to queries related to attending the event | Name, cell number, email, affiliation, content of query | Up to 12 months from date of collection |
| Distinguish event participants and event operations | Name, cell number, email, address | Up to 12 months from date of collection |
| Provide participant passes at event location and so on | Email, cell number, affiliation, title, country | Up to 12 months from date of collection |
| Invite and manage visitors | Name, contact number, email | Up to 12 months from date of collection |
Marketing
| Purpose of Collection | Essential Categories | Optional Categories | Use and retention period |
|---|---|---|---|
| Pre-registration event | Name, email, Cell number | Up to 12 months from date of collection | |
| Send newsletters,promote events | Name, email, Cell number | Affiliation, title, purpose of attendance, etc | Up to 12 months from date of collection |
Other
>
The company does not provide its services to children under the age of 14 and does not collect personal information from them.
>
In case the purpose and categories of members’ information processed by the company changes, the company will request consent in advance in accordance with relevant laws and regulations.
>
In principle, the company prohibits the processing of residents’ personal registration information (personal SSNs) and processes this information only when specifically required by law, presidential decrees, National Assembly regulations, Supreme Court regulations, Constitutional Court regulations, National Election Commission regulations, and the Board of Audit and Inspection.
>
The Company collects personal information in the following ways and obtains prior consent before collection.
-
Direct input of personal information by the user in the process of using the service
-
Collection of personal information through written means at offline events such as fairs, seminars, and events and so on.
-
Information automatically generated and collected in the process of using the service, such as cookies, access logs, etc
Article 2
Refusal to install and operate automatic personal information collection devices
In the process of using the company’s services, personal information may automatically be processed and collected from users and used for the following purposes:
Purpose of use regarding automatically collected personal information
>
Compliance with relevant laws and regulations
The company is obliged to preserve the user's access records (login) to comply with relevant laws and regulations.
Information about the automatic collection of personal information and means of refusal
>
How to install, operate and refuse automatic personal information collection devices (cookies, etc.): It is possible to reject or delete the storage of cookies, etc. through the following methods
[web]
- Internet Explorer: Top of the web browser: Tools > Internet Options > Privacy
- Microsoft Edge: Top menu: Settings > Show advanced settings > Set options in the Cookies menu
- Chrome web browser: web browser top menu > Settings > Advanced > Content settings > Set options in the Cookies menu
- Chrome mobile: Chrome app > More [on the top right] > Clear browsing data > Select a time period > Check the boxes next to "Cookies and site data" and "Cached images or files" > Clear browsing data
- Safari mobile: Safari App > Clear History and Website Data > OK
- Naver mobile: Naver App > Settings > Clear cache + Browsing data > Clear cookies
- Microsoft Edge: Top menu: Settings > Show advanced settings > Set options in the Cookies menu
- Chrome web browser: web browser top menu > Settings > Advanced > Content settings > Set options in the Cookies menu
- Chrome mobile: Chrome app > More [on the top right] > Clear browsing data > Select a time period > Check the boxes next to "Cookies and site data" and "Cached images or files" > Clear browsing data
- Safari mobile: Safari App > Clear History and Website Data > OK
- Naver mobile: Naver App > Settings > Clear cache + Browsing data > Clear cookies
Article 3
Retention, period of use and destruction of personal information
The personal information collected by the company shall be processed within the retention and use period agreed upon from users at the time when personal information was collected or within the personal information retention and use period in accordance with the relevant laws and regulations, and shall be destroyed without delay in a way that cannot be recovered or reproduced when the relevant purpose is achieved and the retention and use period has expired.
User Information
1.
When the purpose for which the personal information was collected is fulfilled, the company shall delete all users’ personal information
2.
However, if it is necessary to preserve personal information under the relevant laws and regulations, the company will follow the provisions of the relevant laws and regulations.
Mandatory retention periods under applicable law
| Retention Purpose | Relevant Law | Period of Retention/Use |
|---|---|---|
| Preserve login records | Communications Privacy Act | Up to 12 months |
Article 4
Consignment of Personal Information Processing
The Company consigns some tasks related to personal information processing to ensure the smooth handling of personal information. When entering into a consignment contract, the company supervises whether the consignee handles personal information safely in accordance with relevant laws and regulations. If the content of the consignment or the consignee is added or changed, the company will disclose this information without delay through the prior consent notice in accordance to the relevant laws and regulations or through this Privacy Policy.
Information about outsourced personal information processing and subcontractors
| Subcontractor | Consigned Tasks | Contact information |
|---|---|---|
| Unimotto Ltd | Respond to inquiries about event participation, identify event participants and operate the event, invite and manage visitors, issue passes to enter the event site, send newsletters, promote events, develop and maintain services | 070-8796-9604 |
Article 5
Provision of Personal Information to Third Parties
The company only processes the personal information of users within the scope specified in Article 1: Information on the collection and use of personal information and provides personal information to third parties only with the prior consent of the user or when specifically required by relevant laws and regulations.
Provision of personal information to third parties without prior consent based on applicable laws
1.
When needed for statistical records, academic research, or market research, and provided in a format that does not identify specific individuals
2.
When requested by a national organization in accordance with relevant laws and regulations
3.
When needed for the purpose of a criminal investigation or at the request of the Information and Communication Ethics Committee
4.
In the event of an emergency such as a disaster, infectious disease, an event or accident that poses an imminent danger to life or body, or an imminent loss of property
5.
When requested in accordance with the procedures prescribed by other relevant laws and regulations
Article 6
Measures to secure the safety of personal information
The company is committed to safely managing the personal information of users, is doing its best to ensure that this information is not lost, stolen, leaked, altered or damaged and is taking all necessary technical, administrative and physical measures to safely manage the personal information of users
Minimizing and training employees who handle personal information
We take measures to manage personal information by minimizing the number of employees who handle personal information and host periodic personal information protection training.
Establish and implement an internal management plan
We have established and implemented an internal management plan to ensure the safe handling of personal information.
Retention of access records and prevention of falsification
Records of access to the personal information processing system (web logs, summary records, etc.) are kept and managed for at least one year to facilitate response in the event the security of personal information is infringed upon. Furthermore, the necessary security functions are used to prevent records of access to personal information from being falsified, stolen, or lost.
Encryption of personal information
Your personal information is stored and managed in encrypted form
Technical measures against hacking and so on
The company has installed security programs and periodically updates and inspects these programs to prevent the leaking and damage of personal information due to hacking or computer viruses. In addition, the company has installed personal information systems in facilities with controlled access. These facilities are monitored and access can be/are blocked technically and physically.
Restriction of access control to personal information
We take measures to control access to personal information by granting, changing, and canceling access rights to the personal information processing system that processes personal information.
Article 7
Rights of users and their legal representatives and how to exercise them
In order to protect the personal information rights of users (or their legal representatives), the company provides the following methods for users (or their legal representatives) to exercise them:
Users’ rights and how to exercise them
1.
View or modify information: No membership registration service
2.
Request for withdrawal or deletion of membership: No membership registration service
3.
In addition, users may request the suspension of processing and deletion of personal information in writing, via e-mail, and so on.
4.
If the company requests the correction or deletion of errors in someone’s personal information, the company will not use or provide this personal information until the required corrections or deletion are completed.
5.
Regarding requests for the correction or deletion of personal information, the deletion of personal information shall not be implemented if the relevant laws and regulations identify said information to be collectible
6.
In the event a user requests access, correction, deletion, or suspension of processing in accordance with the user's rights, the company shall verify that the person making the request is indeed that person.
Rights of legal representatives and how to exercise them
1.
When an agent, such as a legal representative or a person authorized by the user, seeks to exercise the user's rights (access, correction, suspension of processing, deletion), he/she must submit a power of attorney letter in the format listed in Appendix No. 11 to the Rules of Enforcement of the Personal Information Protection Act.
2.
The company shall verify whether the person making the request is a legitimate representative of the user when requesting access, correction, deletion, or suspension of personal data processing in accordance with the user's rights.
Article 8
Remedies against infringements of the rights and interests of the users and Privacy Officer
The Company takes general responsibility for the task of processing personal information, and designates the following person as privacy officer in charge of the protection of personal information, the handling of user complaints, and the request for remedies against damages related to the processing of personal information.
|
Privacy Officer
Name : Jake [Ji-hoon] Gong
Position : Director
Contact Number : 02-557-7702
|
Role of the Privacy Officer
Users are entitled to contact the privacy officer regarding all queries related to personal information protection, complaints, and damage relief arising from the use of the company’s service. The company shall respond to and handle users’ inquiries without delay.
Where to seek help in the case of a violation of the rights and interests of users
In the event you need additional assistance regarding a violation of your rights and interests as a user, please contact the following organizations: 1.
Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
- Responsibilities: Report cases of personal information infringement, request consultations
- Homepage: privacy.kisa.or.krr
- Telephone: 118 (without area code)
- Address: Personal Information Infringement Report Center, 3rd Floor, Jinheung-gil 9, Naju-si, South Jeolla Province (301-2, Bitgaram-dong), (58324), Korea
2.
Personal Information Dispute Mediation Committee
- Responsibilities: Process mediation dispute requests related to personal information, mediate collective disputes (civil resolution)
- Website: www.kopico.go.kr
- Telephone: 1833-6972 (without area code)
- Address: Seoul Government Complex, 4th Floor, Sejong-daero 209, Jongno-gu, Seoul, Korea (03171)
3.
Supreme Prosecutor’s Office, Cybercrime Investigation Division
- Telephone: 02-3480-3573
- Website: www.spo.go.kr
4.
Cyber Security Bureau, National Police Agency
- Tel: +82-2-182
- Website: cyberbureau.police.go.kr
Article 9
Changes to the Privacy Policy
This Privacy Policy shall be applicable from the date of implementation, and any additions, deletions or corrections to the Privacy Policy shall be made in accordance with relevant laws and policies and will be notified on the website without delay. You can view the previous version of this Privacy Policy by clicking on the selection box below.