Privacy Policy
(hereinafter referred to as "NB Solutions") establishes and discloses the following privacy policy to protect and handle complaints related to personal information of data subjects in accordance with Article 30
of the Personal Information Protection Act.
Article 1 (Purpose of Processing Personal Information)
(hereinafter referred to as "NB Solutions") processes personal information for the following purposes.
Personal information being processed will not be used for purposes other than the following, and if the purpose of use is changed, separate consent will be obtained in accordance with Article 18 of the Personal Information Protection Act.
1. Website Membership Registration and Management
Personal information is processed for the purpose of confirming the intention to join, identifying and authenticating members, maintaining and managing member qualifications, preventing misuse of services, confirming the consent of legal
representatives when processing personal information of children under 14 years of age, various notifications, and handling complaints.
2. Handling of Complaints
Personal information is processed for the purpose of confirming the identity of the complainant, verifying the details of the complaint, contacting and notifying for fact-finding, and notifying the results of processing.
3. Provision of Goods or Services
Personal information is processed for the purpose of providing content, providing customized services, and authenticating individuals.
4. Utilization in Marketing and Advertising
Personal information is processed for the purpose of developing new services (products) and providing customized services, providing information on events and advertisements and providing participation opportunities, providing services and posting
advertisements based on demographic characteristics, verifying the effectiveness of services, understanding access frequency, or statistics on members' service usage.
Article 2 (Period of Processing and Retaining Personal Information)
① processes and retains personal information within the period agreed upon by the data subject or within the period required by laws and regulations.
② The period of processing and retaining each personal information is as follows.
Personal information related to website membership registration and management is processed and retained until the purpose of use is achieved, and then it is promptly destroyed without delay after the consent for collection and use.
Basis for retention: Not applicable
Related laws:
Exceptions:
Article 3 (Provision of Personal Information to Third Parties)
① processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only with the consent of the data
subject or under special provisions of the law, such as Articles 17 and 18 of the Personal Information Protection Act.
② provides personal information to third parties as follows.
Recipient of personal information:
Purpose of using the personal information by the recipient:
Period of retaining and using the personal information by the recipient:
Article 4 (Outsourcing of Personal Information Processing)
① outsources personal information processing tasks as follows to ensure smooth handling of personal information.
Recipient of outsourcing (delegatee):
Contents of the outsourced tasks:
Period of outsourcing:
② specifies matters such as prohibition of personal information processing beyond the purpose of outsourcing, technical and managerial protective measures, restrictions on re-outsourcing, management
and supervision of the delegatee, and liability for damages in the contract or documents in accordance with Article 26 of the Personal Information Protection Act when entering into an outsourcing contract.
③ In the event of a change in the content of the outsourced tasks or the delegatee, we will promptly disclose it through this privacy policy.
Article 5 (Rights and Obligations of Data Subjects and Legal Representatives and Methods of Exercising Them)
① Data subjects may exercise their rights to access, correct, delete, or request the suspension of processing of their personal information from NB Solutions Corporation at any time.
② The exercise of rights under paragraph 1 may be made in writing, by electronic mail, facsimile transmission (FAX), etc., to NB Solutions Corporation without delay, pursuant to Article 41(1) of the Enforcement Decree of
the Personal Information Protection Act.
③ The exercise of rights under paragraph 1 may be made through a legal representative of the data subject or a delegate. In this case, you must submit a power of attorney according to Attachment 11 of the "Guidelines for
Personal Information Processing Methods (No. 2020-7)."
④ The rights of data subjects to access and request the suspension of processing may be restricted under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
⑤ Requests for correction and deletion of personal information cannot be made if the personal information is specified as the collection target by other laws.
⑥ NB Solutions Corporation confirms whether the requester of access, correction, deletion, or suspension of processing is the data subject or a legitimate representative when receiving requests according to the rights of
data subjects.
Article 6 (Items of Personal Information to be Processed)
① processes the following personal information:
Required items: Email, mobile phone number, password, login ID, name
Optional items:
Article 7 (Destruction of Personal Information)
① promptly destroys personal information when it becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose.
② If personal information must be retained under other laws despite the expiration of the consented retention period or the achievement of the processing purpose, NB Solutions Corporation transfers
the personal information to a separate database (DB) or stores it in a different location.
1. Legal basis:
2. Items of retained personal information: Account information, transaction dates
③ The procedure and method of personal information destruction are as follows.
1. Destruction procedure:
selects personal information for destruction, obtains approval from the Personal Information Protection Manager of NB Solutions Corporation, and then destroys the
personal information.
2. Destruction method:
Personal information printed on paper is shredded or incinerated for destruction.
Article 8 (Measures to Ensure the Security of Personal Information)
takes the following measures to ensure the security of personal information:
1. Minimization and Education of Personal Information Handling Staff
We designate employees responsible for handling personal information and minimize them to manage personal information.
2. Encryption of Personal Information
User's personal information, including passwords, is encrypted for storage and management. Important data is encrypted or file locking functions are used to enhance security.
3. Preservation and Prevention of Alteration of Access Records
Access records to the personal information processing system are kept and managed for at least 6 months. We use security functions to prevent alteration, theft, or loss of access records.
4. Access Control for Personal Information
We grant, change, and revoke access rights to the database system that processes personal information to control access. We also use intrusion prevention systems to control unauthorized access from external
sources.
5. Entry Control for Unauthorized Persons
We establish and operate entry control procedures for physical storage locations where personal information is kept.
Article 9 (Installation, Operation, and Rejection of Automatic Collection Devices for Personal Information)
does not use 'cookies' that store and retrieve usage information of data subjects.
Article 10 (Personal Information Protection Manager)
① takes overall responsibility for personal information processing and has appointed a personal information protection manager to handle complaints and remedies related to
personal information processing. The details are as follows:
▶ Personal Information Protection Manager
Name: Seok Tae Yoon
Position: Director of Research Institute
Title: Department Head
Contact: 02-451-8721, basagee@gmail.com
※ Connects to the Personal Information Protection Department.
▶ Personal Information Protection Department
Department:
Person in Charge:
Contact:
② Data subjects can contact the personal information protection manager and department regarding all inquiries, complaints, and remedies related to personal information protection while using the
services (or business) of NB Solutions Corporation. We will respond promptly to inquiries from data subjects.
Article 11 (Request for Access to Personal Information)
Data subjects may request access to personal information under Article 35 of the Personal Information Protection Act from the department below. NB Solutions Corporation will make
efforts to promptly process requests for access to personal information.
▶ Department Responsible for Processing Requests for Access to Personal Information
Department:
Person in Charge:
Contact:
Article 12 (Remedies for Violation of Rights)
Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency Personal Information Infringement Reporting
Center, etc., for remedies against personal information infringements. For other reports or consultations regarding personal information infringements, please contact the following institutions.
1. Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
2. Korea Internet & Security Agency Personal Information Infringement Reporting Center: 118 (privacy.kisa.or.kr)
3. Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
4. National Police Agency: 182 (cyberbureau.police.go.kr)
According to Article 35 (Access to Personal Information), Article 36 (Correction/Deletion of Personal Information), and Article 37 (Suspension of Personal Information Processing, etc.) of the Personal
Information Protection Act, those who have suffered damage or injury to rights or interests due to administrative dispositions by public institutions or acts against the law by public officials may
apply for administrative adjudication according to the Administrative Adjudication Act.
※ For more information on administrative adjudication, please refer to the Central Administrative Adjudication Committee (www.simpan.go.kr) website.
Article 13 (Changes to Personal Information Handling Policy)
① This personal information processing policy is effective from January 1, 2018.
② The previous personal information processing policy can be reviewed below.
For example) – Applied from 20XX. X. X to 20XX. X. X