A. website registration and management
We collect personal information to check intention to join membership, to check identification and authentication of individual members with membership service provision, to maintain and manage members’ qualifications, to identify members as a limited identification policy has been introduced, to prevent unauthorized use of services, to check legal representative’s presence in collection of personal information of children under 14 years and to record notices, claims and mediation.B. civil petitions treatment
We collect and handle personal information for identifying applicants, verifying petitions, contacting applicants for questioning, and notifying the outcome of the facts.C. Supply of goods or services
We collect and handle personal information for the purpose of service provision, contents provision, authentication, payment and settlementD. Use for marketing and advertising
We collect and handle personal information for validating the service, checking access frequency, or finding statistic value of the members’ service use.A. Payus handles and retains personal information only during the period specified by relevant statutes for retaining and using personal information or the period to which each user consents when we collect the user’s personal information.
B. Each personal information processing and retention period is as follows.
A. Payus provides personal information to third parties only if a case falls under Articles 17 and 18 of the Privacy Act, including consent from an information subject and special provisions of the law.
B. Payus provides personal information to third parties as follows:
A. In accordance with Article 25 of the personal information protection act, Payus specifies responsibilities including banning a processing of personal information other than for the purpose of carrying out requested services, enforcing technical and administrative protection measure, limiting re-appointments, supervising and managing consignees and compensation; also supervises consignees to handle personal information safely.
B. We will inform you through this Privacy Policy without delay, in the event of any changes in consigned duties or consignees.
A. The information subject may exercise the right to view, correct, delete, or stop processing personal information at any time with respect to Payus .
B. The exercise of the rights pursuant to the preceding paragraph may be done in writing or via e-mail, etc. in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act , and Payus will take action without delay.
C. The exercise of rights under paragraph A can be through a representative, such as a person who is the legal representative or a delegate of the data subject. In this case, you must submit a power of attorney in accordance with the form of Attachment 11 of the Enforcement Regulations of the Personal Information Protection Act .
D. The rights of the information subject may be restricted according to Article 35 (5) and Article 37 (2) of the Personal Information Protection Act for requests to view and suspend personal information.
E. Request for correction and deletion of personal information cannot be requested for deletion if the personal information is specified as the object of collection in other laws.
F. Payus verifies whether the person making the request, such as a request for access according to the rights of the information subject, a request for correction or deletion, or a request for processing suspension, is the person or a legitimate agent.
- Procedure for destruction
The information entered by a user is transferred to a separate DB upon achievement of the purpose (to a separate document in the case of paper) and stored for a certain period according to internal policies and other related regulations; after a certain period, it is immediately destroyed. In this process, the personal information transferred to DB will not be used for any other purpose except under the law.- Deadline for destruction
The personal information of the user shall be disposed of within five days from the end of the retention period. When the information is no longer needed due to achievement of the purpose, discontinuance of services, and end of business, the personal information will be destroyed within 5 days from the day of such recognitions.- Methods for destruction
The foundation destroys personal information stored in the form of electronic files, which can not be revived.A. Payus uses ‘cookie’, which saves and recalls user’s data, to provide customized service.
B. A cookie is a small piece of text file usually set by the web server (http), sent from a website and stored in a User's computer hard disk while the user is browsing that website.
A. We designate a privacy officer as shown below to take responsibility for personal information handling and to respond to complaints and damage relief of information subjects.
<Privacy officer >B. You can report any complaint on privacy issues in relation to the use of our services to our privacy officer or to personal information infringement report center. Payus will respond to your reports promptly.
This Privacy Policy will be applied as of the date of enforcement. In the event that changes are added, deleted, or corrected in accordance with legislations and policies, the change will be notified 7 days before the date of execution.
A. Regular in-house inspection
We conduct in-house inspections on a regular basis (quarterly) to ensure security in handling personal information.B. Establishing and implementing an internal management plan
We establish and implement an internal management plan to handle personal information safely.C. Encryption of personal information
Your password is kept and managed as it is encrypted, so you are the only person who knows the password. For important data, we use separate security functionality such as encrypting file and transmission data or file lock features.D. Storage of access records and prevention of forgery
We store and manage access records at least 6 months in personal information handling system. We use security function to prevent from forgery, theft and loss.E. Restriction on access to personal information
We take necessary measures to control access to personal information through granting, modification, and cancellation of access authority to database system, which processes personal information. We also use firewall system to control access from the outside.F. Use of lock features for document security
We store documents and storage mediums consisting personal information in safe place with lock features.G. Access control for unauthorized person
We have a physical storage separately, and we establish and conduct access control procedures.