1. Items of personal information to be processed
1.1. The Company collects the following personal information for efficient customer consultation and provision of various services.
– Required information: Name, contact information, email, organization, job grade
– Required information: Name, email, company, job grade
– Optional information: Department
Blog Letter Subscription
– Required information: Name, email, job, company, job grade
– Optional information: Interests
You have the right to withhold consent to the collection of ‘required information’, and you may withhold consent to the collection of optional information other than the required information. If you do not agree to the collection of required information, your use of the service may be restricted.
1.2. In the process of using the service, the following information may be automatically generated and collected.
– IP address, cookies, date and time of visit, service usage records
1.3. Method of collection of personal information
The Company collects personal information using the following methods.
– When using inquiries, resources (brochures, white papers, etc.) download, blog letter subscription, etc.
– When accessing the LG CNS website and using the services on the website
– Collection through generated information collection tool
2. Purpose of processing and using personal information
The Company processes the collected personal information for the following purposes.
– Provision of information and guides (responses) on customer inquiries and status management
– Facilitation of communication between executives and employees and work processes to answer customer inquiries
– Provision of resource materials and blog letters and use in email marketing
3. Sharing and provision of collected personal information
The Company uses the user’s personal information within the scope notified in “2. Purpose of processing and using personal information” and does not use it beyond the scope therein or disclose the user’s personal information to third parties without the prior consent of the user. However, exceptions may be made in the following cases.
– When the user has agreed to the disclosure in advance
– When there is a request from the investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods set forth in the law for the purpose of investigation
4. Processing and retention period of personal information
The Company processes and retains the following information for the period specified for the following reasons.
Personal information is retained for 60 months after consenting to the collection and use of personal information, and then the information is destroyed without delay. In addition, when applying for cancellation of subscription, the information is destroyed without delay. However, if there is a preservation obligation by law, it is preserved for a certain period specified by the law.
4.1. Retention of information according to Company policy
Processing and retention period of personal information
|Items retained||Purpose of retention||Retention period|
|Name, email, contact information, organization, job grade||Checking the inquiry details||60 months|
|Name, email, job, company, job grade, interests||Sending Blog Letters||60 months|
|Name, contact, email, company, job grade, department||Email marketing||60 months|
-Other personal information is retained for the consented retention period if prior consent is obtained individually from the user for the retention period.
4.2. Retention of information in accordance with relevant laws and regulations
– If an investigation, etc., is in progress due to a violation of related laws, the Company retains the information for a certain period of time in accordance with the relevant laws and regulations until the end of the investigation.
5. Consignment of collected personal information
– Consigned company name: Amazon Web Service
– Consigned duties and purpose: Data storage and system operation
– Country of transfer of personal information: Seoul, Korea (AWS Seoul Region)
– Items of personal information to be transferred: All personal information collected in the process of providing services
– Date and time of transfer of personal information: When required information is entered for service use
– Method of transfer of personal information: Storing personal information in the AWS cloud computing environment
– Period of retention and use of personal information: Retention until membership withdrawal or expiration of personal information
6. Rights of users and legal representatives and methods of exercising such rights
– The user and his or her legal representative can view or modify his or her registered personal information or the personal information of children under the age of 14 at any time, and may request deletion.
– Please contact the personal information manager in writing, by phone or e-mail and we will take action without delay once your identity has been verified.
– If a user requests correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if wrong personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that it too can make the correction.
– The Company handles personal information that has been canceled or deleted at the request of the user or legal representative as specified in ‘4. Period of retention and use of personal information’, and prevents it from being viewed or used for any other purpose.
7. Matters concerning the installation, operation, and refusal of automatic personal information collection devices
– Provision of targeted marketing and personalized service through analysis of member’s or non-member’s access frequency and visit time, identification of user’s tastes and areas of interest, tracking traces, and identification of participation in various events and number of visits. You have a choice concerning the installation of cookies. Using the options in your web browser, you can choose to allow all cookies, selectively allow specific cookies by reviewing them each time they are saved, or block all cookies.
* How to reject cookies
Example: Regarding cookies, using the options in your web browser, you can choose to allow all cookies, selectively allow specific cookies by reviewing them each time they are saved, or block all cookies.
Settings example (for Internet Explorer): At the top, select Tools > Internet options > Privacy.
Note that if you block cookies, you may have restricted access to services.
8. Technical/administrative protection measures for personal information
The Company takes the following technical/administrative measures to ensure security so that personal information is not lost, stolen, leaked, falsified or damaged in processing users’ personal information.
8.1. Technical protection measures for personal information
– The Company takes the following technical measures to ensure safety so that personal information is not lost, stolen, leaked, falsified or damaged while processing your personal information.
– In preparation for external intrusions such as hacking, each server uses an intrusion prevention system and vulnerability analysis system to ensure security.
8.2. Administrative protection measures for personal information
– Restrictions and training on personal information handlers
– Restriction of access to personal information processing system
The Company has established internal standards for system access rights of personal information handlers and manages their grants, changes, and cancellations. The Company is implementing measures to manage personal information handlers, such as managing the standard/change period when generating passwords for personal information handler access rights.
In addition, if personal information is lost, leaked, falsified, or damaged due to an internal manager’s mistake or an incident in technical management, the Company will immediately inform you of the fact and devise appropriate measures and compensation.
9. Procedure and method of personal information destruction
As a general rule, the Company destroys the information without delay after the purpose of collecting and using personal information is achieved. The destruction procedure and method are as follows.
9.1. Destruction procedure
The information entered by the user is destroyed after being stored for a certain period of time once its purpose has been achieved, in accordance with internal policies and other reasons for information protection pursuant to relevant laws (refer to retention and use period). Personal information will not be used for any purpose other than storing for a certain period of time unless otherwise required by law.
9.2. Destruction method
– Personal information stored in the form of electronic files is completely deleted from the hard disk using a technical method that cannot reproduce the record.
– Personal information printed on paper is shredded with a shredder or destroyed by incineration.
10. Contact information of the Personal Information Manager and the persons in charge
In order to protect users’ personal information and handle complaints related to personal information, the Company appoints the relevant departments and Personal Information Managers as follows.
|Category||Department in charge|
|Personal Information Manager||Person in charge of Jeon-do Managementfirstname.lastname@example.org|
|Person in charge of personal information||Information Security Teamemail@example.com|
|Website Personal Information Manager||PR Team Leaderfirstname.lastname@example.org|
|Person in charge of website personal information||PR Teamemail@example.com|
If you need to report or consult about other personal information infringements, please contact the organizations below.
– Personal Information Infringement Report Center: (privacy.kisa.or.kr / 118 without area code)
– Supreme Prosecutors’ Office: (www.spo.go.kr / 1301 without area code)
– Cyber Security Bureau of the National Police Agency (http://cyberbureau.police.go.kr / 182 without area code)
12. Duty of notice
Effective date September 20, 2019