Personal Information Processing Policy
1. Purpose of processing personal information
- (Astrogen.com, herein ‘Astrogen’) processes personal information for the following purposes, and does not use it for purposes other than the following.
- - Confirm customer's intention to sign up, identify and authenticate customers according to service provision to customers, maintain and manage membership, settle payments based on supply of goods or services, supply and deliver goods or services, etc.
2. Processing and retention period of personal information
Terminology used in these terms are defined as follows.
- ① ‘Astrogen’ processes and retains personal information within the period of retention and use of personal information agreed upon when collecting personal information from the data subject, or within the period of retention and use of personal information according to laws and regulations.
- ② The specific personal information processing and retention period is as follows.
- · With reference to the example below, the retention period and related laws and rationale for personal information processing and personal information processing are described.
- · (Example)-Customer subscription and management: Until the service use contract or membership termination, but if the bond-debt relationship remains, until the settlement of the bond-debt relationship
- · Record of supply of contracts, subscription withdrawals, payments, goods, etc. in e-commerce: 5 years
- ③ Password : A combination of letters and numbers selected by members to protect their confidentiality in communications
- ④ Termination: Termination of use contract by company or member
3. Rights and obligations of the data subject and legal representatives and how to exercise them
The user can exercise the following rights as a personal data subject.
- ① The data subject can exercise the following privacy rights at any time on ‘Astrogen’.
- 1. Request to view personal information
- 2. Request for correction, if there is an error
- 3. Request for deletion
- 4. Request to stop processing
- ② Astrogen checks whether the person who made the request, such as a request for viewing, request for correction or deletion, or a request for suspension of processing according to the rights of the data subject, is the person or a legitimate agent.
4. Creating items of personal information to be processed
- ① Astrogen handles the following personal information items.
- - Required items: Email, mobile phone number, password, login ID, gender, date of birth, name
- - Optional items: Home address, hobby
5. . Destruction of personal information
In principle, when the purpose of processing personal information is achieved, Astrogen destroys the personal information without delay. The procedure, deadline and method of destruction are as follows.
- ① Destruction procedure
- The information entered by the user is transferred to a separate DB after achieving the purpose (separate documents in the case of paper) and stored for a certain period of time according to the internal policy and other related laws or immediately destroyed. At this time, personal information transferred to the DB will not be used for any other purpose unless required by law.
- ① Destruction deadline
- When the retention period of personal information has elapsed, the user's personal information is destroyed within 5 days from the end date of the retention period. When the personal information becomes unnecessary, such as the achievement of the purpose of processing the personal information, the abolition of the service, or the termination of the business, the personal information is destroyed within 5 days from the date it is deemed unnecessary.
6. Matters concerning the installation, operation and rejection of automatic personal information collection devices
7. Personal information protection officer
- ① Astrogen is responsible for the handling of personal information, and has designated the person in charge of personal information protection as follows to handle complaints and remedy of data subjects related to personal information processing.
- * Personal information protection officer
- Name : Seonghyuk Park
- Contact : 053-254-8850
- ※ It connects to the department in charge of personal information protection.
- * Personal information protection department
- Department name : Management Planning Department
- Representative : Seonghyuk Park
- Contact : 053-254-8850
② The information subject can inquire about personal information protection inquiries, complaint handling, and damage relief that occurred while using Astrogen's service (or business) to the person in charge of personal information protection and the department in charge. Astrogen will respond to and process information subject inquiries without delay.
8. Change of personal information processing policy
- ① This personal information processing policy is applied from the effective date, and if there are additions, deletions, and corrections of changes in accordance with laws and policies, the notice will be notified through 7 days prior to the enforcement of the changes.
9. Measures to secure the safety of personal information
In accordance with Article 29 of the Personal Information Protection Act, Astrogen takes the necessary technical, administrative and physical measures to ensure safety.
- 1. Minimization and training of personal information handling staff
- We take measures to manage personal information by designating and minimizing the number of employees who handle personal information.
- 2. Establishment and implementation of internal management plan
- For the safe handling of personal information, we have established and implemented an internal management plan.
- 3. Technical measures against hacking
- installs a security program to prevent the leakage and damage of personal information caused by hacking or computer viruses, and the system is installed in an area where access is controlled from the outside through periodic updates and inspections, and technical / physical monitoring and blocking are performed.
- 4. Restricting access to personal information
- We take necessary measures to control access to personal information through granting, changing, and canceling access rights to the database system that processes personal information, and control unauthorized access from the outside using an intrusion prevention system.
- 5. Use of locking devices for document security
- We store documents containing personal information, auxiliary storage media, etc. in a safe place with locking devices.
- 6. Access control for unauthorized persons
- o We have set up a separate physical storage location for personal information and established and operate access control procedures.