The Korea Automobile Importers & Distributors Association places great importance on protecting your privacy. We are hereby notifying how we handle and use the personal information you provide and what measures we take to protect your privacy through our privacy policy as follows.
1. Purpose of collecting and using personal information
1) Membership management
- Provision of services;
- Membership application and confirmation of intent to become a member;
- Member identification and authentication for use of member-only services;
- Protection from unauthorized access or duplicate subscription by black-listed members;
- Delivery of notice.
2) Service offerings and subsequent fee calculations
- Provision of contents, issuing invoices, and fee payment
3) Utilization for marketing purposes
- Provision of optimized services for customers;
- Generation of business-related statistics and development of new services;
- Determining web page traffic;
- Statistics regarding use of service;
- Sending out newsletters and notice of new available services;
- Customer surveys;
- Delivery of information and materials related to various events and prizes.
2. Collected personal information items and collection method
1) Information collected
- When registering as individual members:
- Required: User ID/password/password confirmation/name/email/address/phone number/mobile number/mailing subscription.
- When registering as corporate members:
- Required: User ID/password/password confirmation/corporation name/person in charge/email/address of person in charge/phone number/mobile number/mailing subscription/tax invoice request/business registration number/representative/business classification (type of business)/business classification (Items)/business address
2) Collection method
- The Association collects personal information via means such as the website, forms, fax, telephone, consultation, and email.
3. Right to refuse consent and its disadvantages
1) Provider of personal information reserves the right to refuse consent to provide personal information.
2) If you refuse consent to provide personal information, you may be restricted from membership and use of services.
4. Rights and obligations of data subject and matters pertaining to exercise of such rights and obligations
1) A data subject (refers to the legal representative(s) of a person if the subject is below age 14 years) may exercise their rights related to privacy protection under any of the following Subparagraphs at any given time:
- Request for access to personal information;
- Request for correction if there are errors, etc.;
- Request for deletion;
- Request for suspension of processing.
2) Exercise of rights pursuant to Paragraph 1 may be executed through documentation, email, fax, etc. after filling out the attached Form 8 of the Enforcement Regulation of the Personal Information Protection Act, and the Association shall take immediate action.
3) When a data subject has requested for correction of errors, etc. or deletion of personal information, the Association shall not use or provide the applicable personal information until such correction or deletion is complete.
4) Exercise of rights under Paragraph 1 may be executed through the legal representative(s) or a proxy with delegation from the data subject. In this case, a power of attorney prescribed in the attached Form 11 of the Enforcement Regulation of the Personal Information Protection Act must be submitted.
5) Request for access or suspension of processing of personal information may restrict the rights of the data subject pursuant to Article 35 Paragraph 5 and Article 37 Paragraph 2 of the Personal Information Protection Act.
6) Request for correction or deletion of personal information cannot be executed if such personal information is specified to be collected in other legislations.
7) Request for access, correction, deletion, or suspension of processing pursuant to the rights of the data subject shall require verification if the party making the request is the data subject or a legally entitled proxy.
5. Outsourcing the handling of personal information
The Association has entrusted the handling of your personal information to the following specialized outside companies to facilitate the performance of tasks such as providing better service and customer convenience. Details of the commissioned agency and details on entrusted work are as follows:
1) LG CNS / INNERINFO: entrustment of system operation to provide services and analysis of service use.
6. Technical and administrative measures to protect privacy
The Association has been devising technical and administrative measures to secure safety for collected personal information as follows:
1) Your collected personal information is protected by a password, and critical information is protected by encryption of files and transmitted data.
2) To prevent leakage of personal information due to hacking, etc., we block and monitor intrusion using separate security devices (firewalls) on the network and system side that block intrusion from the outside.
3) Access to your personal information is strictly limited to a minimum number of people, and in order to prevent personal information from being lost, stolen, leaked, etc. by the handlers, we are receiving continuous training and consciousness development.
4) The Association shall not be held responsible for any damages arising out of your negligence or any risks inherent to the Internet. You must properly manage your passwords and take responsibility for them.
7. Measures to secure safety for privacy protection
1) The following measures are taken to secure safety of personal information:
- Minimization and training of employees handling personal information: Employees handling personal information are limited to only the necessary number of personnel and training on safe management of personal information is administered to the employees handling personal information;
- Restriction of access to personal information: Measures necessary for controlled access to personal information are executed through assignment, change, and expiration of access authority to the personal information processing system processing your personal information, and a firewall system is used to restrict unauthorized access from the outside;
- Storage of access records: Records of access to the personal information processing system are stored and managed for at least six (6) months;
- Installation of security programs and regular inspection/renewal: Security programs have been installed and undergone regular inspection and renewal to prevent leak and damage of personal information caused by hacking, computer virus, etc.;
- Access control for unauthorized personnel: There is a separate physical storage location of the personal information processing system storing your personal information, and an access control procedure has been established and operated;
- Encryption of personal information: Personal information is stored and managed safely through encryption, etc.; In addition, a separate security function is used in which critical information are encrypted when stored and transmitted.
8. Period of retention and use of personal information
Collected personal information shall be retained for use throughout the period of service agreement. Collected personal information will be discarded immediately when the purpose for collecting and using such information has been fulfilled. Provided, the information may be retained for up to six (6) months for fee settlement, user analysis, and user convenience upon re-subscription.
9. Procedure and method of discarding of personal information
1) Discarding procedure
- Your personal information will be retained for a certain period of time after the purpose for collecting and using such information has been fulfilled before being discarded according to our internal policy.
2) Discarding method
- Personal information stored by electronic means will be deleted using a technical method that makes retrieval of such information impossible. Papers containing personal information will be shredded by a paper shredder or destroyed through incineration.
10. Privacy administrator
If you have questions or complaints about our handling of your personal information, please contact our privacy administrator. We will receive and take action on your inquiries as soon as possible.
[Privacy administrator]
Name: Eun-seok Park Phone: 02-518-8046 Email: qna@kaida.co.kr
The above privacy policy on the website of the Association shall be enforced from January 13, 2014.
11. Obligation of notice
You will be notified of any addition, deletion, or change to our current privacy policy through announcements on our website.