KAIDA Website Privacy Policy
The Korea Automobile Importers and Distributors Association (KAIDA) considers the protection of your personal information to be of utmost importance. Through our privacy policy, we would like to inform you about the purposes and methods of how the personal information you provide is used, as well as the policies we implement for the protection of personal information.
1. Purpose of collecting and using personal information
① Membership management
② Service offerings and subsequent fee calculations
③ Utilization for marketing purposes
- Provision of services
- Membership registration and confirmation of intent to join
- Member identification and authentication for use of member-only services
- Prevention of improper use and duplicate registration by dishonest members
- Delivery of Notice.
② Service offerings and subsequent fee calculations
- Providing contents, issuing invoices, and paying fees
③ Utilization for marketing purposes
- Provision of optimized services for customers;
- Preparation of business-related statistics and development of new services;
- Tracking website access frequency
- Statistics regarding service usage
- Sending out newsletters and noticing new services
- Customer satisfaction survey
- Delivery of information and materials related to various events and prizes.
2. Types of personal information collected and methods of collection
① Collection of Information
② Methods of collection
- When registering as individual members:
- Required: User ID/password/password confirmation/name/email/address/phone number/mobile number/mailing subscription.
- When registering as corporate members:
- Required: User ID/password/password confirmation/corporation name/contact person/email/address of contact person/phone number/mobile number/mailing subscription/tax invoice request/business registration number/representative/business classification (type of business)/business classification (Category)/business address
② Methods of collection
- The 'Association' collects personal information via means such as the website, forms, fax, telephone, consultation, and email.
3. Right to refuse consent and disadvantages
① A personal information provider reserves the right to refuse consent to provide personal information.
② If you refuse consent to provide personal information, you may be restricted from membership and services usage.
② If you refuse consent to provide personal information, you may be restricted from membership and services usage.
4. Rights and obligations of data subject and matters about exercise of such rights and obligations
① A data subject (refers to the legal representative(s) if the subject is below age 14 years) may exercise their rights related to privacy protection under any of the following Subparagraphs at any given time:
② Exercise of rights pursuant to Paragraph 1 may be executed through documentation, email, fax, etc. after filling out the Form 8 of the Enforcement Regulation of the Personal Information Protection Act, and the 'Association' shall take immediate action.
③ If a data subject has requested for correction of errors, etc. or deletion of personal information, the 'Association' shall not use or provide the applicable personal information until such correction or deletion is complete.
④ Exercise of rights under Paragraph 1 may be executed through the legal representative(s) or a proxy with delegation from the data subject. In this case, a power of attorney prescribed in the Form 11 of the Enforcement Regulation of the Personal Information Protection Act shall be submitted.
⑤ Request for access or suspension of processing of personal information may restrict the rights of the data subject pursuant to Article 35 Paragraph 5 and Article 37 Paragraph 2 of the Personal Information Protection Act.
⑥ Request for correction or deletion of personal information cannot be executed if such personal information is specified to be collected in other legislations.
⑦ Request for access, correction, deletion, or suspension of processing pursuant to the rights of the data subject shall require verification if the party making the request is the data subject or a legally entitled proxy.
- Request for access to personal information
- Request for correction if there are any errors, etc.
- Request for deletion
- Request for suspension of processing
② Exercise of rights pursuant to Paragraph 1 may be executed through documentation, email, fax, etc. after filling out the Form 8 of the Enforcement Regulation of the Personal Information Protection Act, and the 'Association' shall take immediate action.
③ If a data subject has requested for correction of errors, etc. or deletion of personal information, the 'Association' shall not use or provide the applicable personal information until such correction or deletion is complete.
④ Exercise of rights under Paragraph 1 may be executed through the legal representative(s) or a proxy with delegation from the data subject. In this case, a power of attorney prescribed in the Form 11 of the Enforcement Regulation of the Personal Information Protection Act shall be submitted.
⑤ Request for access or suspension of processing of personal information may restrict the rights of the data subject pursuant to Article 35 Paragraph 5 and Article 37 Paragraph 2 of the Personal Information Protection Act.
⑥ Request for correction or deletion of personal information cannot be executed if such personal information is specified to be collected in other legislations.
⑦ Request for access, correction, deletion, or suspension of processing pursuant to the rights of the data subject shall require verification if the party making the request is the data subject or a legally entitled proxy.
5. Outsourcing the handling of personal information
The association entrusts your personal information to the following external professional agencies to facilitate smooth execution of tasks, including providing better services and ensuring customer convenience. The entrusted agencies and the details of the entrusted tasks are as follows:
① LG CNS / INNERINFO: Outsourcing of system operations for service provision and analysis of service usage
① LG CNS / INNERINFO: Outsourcing of system operations for service provision and analysis of service usage
6. Technical and administrative measures to protect privacy
The Association has been devising technical and administrative measures to secure safety for collected personal information as follows:
① Your collected personal information is protected by a password, and critical information is protected by encryption of files and transmitted data.
② To prevent leakage of personal information due to hacking, etc., we block and monitor intrusion using separate security devices (firewalls) on the network that block intrusion from the outside.
③ Access to your personal information is strictly limited to a minimum number of people, and to prevent personal information from being lost, stolen, leaked, etc. by the handlers, we are receiving continuous training and consciousness development.
④ The Association shall not be held responsible for any damages arising out of your negligence or any risks inherent to the Internet. You shall properly manage your passwords and take responsibility for them.
① Your collected personal information is protected by a password, and critical information is protected by encryption of files and transmitted data.
② To prevent leakage of personal information due to hacking, etc., we block and monitor intrusion using separate security devices (firewalls) on the network that block intrusion from the outside.
③ Access to your personal information is strictly limited to a minimum number of people, and to prevent personal information from being lost, stolen, leaked, etc. by the handlers, we are receiving continuous training and consciousness development.
④ The Association shall not be held responsible for any damages arising out of your negligence or any risks inherent to the Internet. You shall properly manage your passwords and take responsibility for them.
7. Measures to secure safety for privacy protection
① The following measures are taken to secure safety of personal information:
- Minimization and training of employees handling personal information: Employees handling personal information are limited to only the necessary number of personnel and training on safe management of personal information is administered to the employees handling personal information.
- Restriction of access to personal information: Measures necessary for controlled access to personal information are executed through assignment, modification, and expiration of access to control access of the personal information processing system processing your personal information, and a firewall system is used to restrict unauthorized access from the outside
- Storage of access records: Records of access to the personal information processing system are stored and managed for at least six months;
- Access control for unauthorized individuals: We establish and operate access control procedures for the physical location of the personal information processing system, where personal information is stored, by maintaining a separate storage space.
8. Period of retention and use of personal information
Collected personal information shall be retained for use throughout the period of service agreement. Collected personal information will be discarded immediately when the purpose for collecting and using such information has been fulfilled. Provided, the information may be retained for up to six months for fee settlement, user analysis, and user convenience upon re-subscription.
9. Procedure and method of discarding of personal information
① Discarding procedure
② Discarding method
- Your personal information will be retained for a certain period of time after the purpose for collecting and using such information has been fulfilled before being discarded according to our internal policy.
② Discarding method
- Personal information stored by electronic means will be deleted using a technical method that makes retrieval of such information impossible. Papers containing personal information will be shredded by a paper shredder or destroyed through incineration.
10. Privacy administrator
If you have questions or complaints about our handling of your personal information, please contact our privacy administrator. We will receive and take action on your inquiries as soon as possible.
[Privacy administrator]
Name: Eun-seok Park Phone: 02-518-8046 Email: qna@kaida.co.kr
The above privacy policy on the website of the Association shall be enforced from January 13, 2014.
[Privacy administrator]
Name: Eun-seok Park Phone: 02-518-8046 Email: qna@kaida.co.kr
The above privacy policy on the website of the Association shall be enforced from January 13, 2014.
11. Obligation of notice
You will be notified of any addition, deletion, or modification to our current privacy policy through announcements on our website.