본문 바로가기 주메뉴 바로가기

Privacy Policy

HOME > Privacy Policy

Suprema ID Privacy Policy



Suprema ID Inc. (the “Company"), in compliance with applicable Korean and international laws and regulations, has established and released this Privacy Policy to protect personal information of users and properly respond to any complaints regarding their personal information.

 

Article 1. Personal information to be collected and methods of collection

Article 2. Purposes of collection and use of personal information

Article 3. Retention and usage periods

Article 4. Provision of personal information to a third party

Article 5. Entrustment and international transfer of personal information

Article 6. Rights and obligations of users and means to exercise rights

Article 7. Cookies; installation, operation and refusal

Article 8. Procedure and method of destroying personal information

Article 9. Security measures for protection of personal information

Article 10. Contact information of Data Protection Officer

Article 11. Updates to privacy policy and notification

 

Article 1. Personal information to be collected and methods of collection

 

(1) Personal information to be collected

The Company collects the following personal information:

 

Personal information collected from the Company’s website in Korean

  Personal Information
Sales and technical support Required: Name, E-mail, Country, Company
Optional: Position, Telephone number
Registration to participate in an event Required: Name, E-mail, Country, Company
Optional: Position
Purchases by phone/technical support/after-sales services Required: Customer name, Company, Phone Number, E-mail
 

Personal Information collected from the Company’s websites in English/Spanish/Portuguese

  Personal Information
Inquiry Required: Full Name, E-mail, Country, Company
Optional: Position, Telephone
Events (Book a meeting) Required: Name, E-mail, Country, Company
Optional: Position
 

Personal Information collected offline, e.g. at exhibitions

  Personal Information
Participant information Required: E-mail, Name, Company, Country, Division, Telephone number, Position
 

(2)Methods of collection

- When users enter their personal information on websites

- Through tools for collecting generated information (e.g. connection logs, cookies, etc.)

- When users directly provide their personal information offline such as at exhibitions

- Via mail, phone calls, fax, etc. when users inquire or consult

 

Article 2. Purposes of collection and use of personal information

 

The Company collects and uses personal information for the purposes set out below. The personal information collected shall be used solely for the purposes. In the event of any changes to such purposes, the Company will take the necessary measures required by laws, including obtaining prior consent.

  Purposes
Provide services Process inquiries, provide information and notices, transmit contents, and guide on event reservations
Marketing and advertising Notices via TM, SMS, DM, E-mails, Push e-mails, etc., provide promotional information, market research, customer satisfaction surveys, product/service research and development, track login frequencies, and analyze customer statistics
 

Article 3. Retention and usage periods

 

Unless required by applicable laws, the Company, in principle, promptly destroys personal information after achieving the purposes for which it was collected. The Company will retain personal information collected upon a user’s consent for an agreed period.

 

If you wish to withdraw your consent, please contact our data protection division (privacy@suprema.co.kr) or the website management team (marketing@suprema.co.kr). Your requests will be processed immediately upon verifying your identity.
Once a user agrees to use of personal information for marketing purposes, the company will retain the user’s personal information until the user cancels the subscription.

 

In the event that applicable laws require personal information to be retained, the Company may keep users’ information for certain period of time as stipulated in applicable laws as follows:

Retention period Applicable laws
① Personal information relating to use of services: 3 months Protection of Communications Secrets Act
② Records on labeling and advertising: 6 months Act on Consumer Protection in Electronic Commerce
③ Records regarding contracts or subscription cancellation: 5 years Act on Consumer Protection in Electronic Commerce
④Records on payment and supply of goods: 5 years Act on Consumer Protection in Electronic Commerce
⑤ Records on consumer inquiries, responses to claims, or settlement of disputes: 3 years Act on Consumer Protection in Electronic Commerce
 

Article 4. Provision of personal information to a third party

 

Unless prior consent of users is acquired or otherwise required by applicable laws, the Company does not in any case provide users' personal information to a third party.

 

Article 5. Entrustment and international transfer of personal information

 

The Company entrusts processing of personal information to external entities in order to provide more convenient and improved services. The entrusted entities only manage infrastructure operation, but do not access to users’ personal information.

 

- Entrusted Entity : Salesforce.com

- Contact : privacy@salesforce.com

- Entrusted task : DM mailing

- Entrusted Personal Information : E-mail, Name, Country, Company, Telephone number, Position

- Location of entrusted entity : Japan

- Date of entrustment and method : Via the network upon users’ entering personal information on websites Transfer via network after users provide personal information offline

- Personal information retention and usage period : Until users request to cancel DM subscriptions or delete personal information

 

The Company manages and supervises the entrusted entities to ensure that the entrusted entities process personal information solely for the entrusted tasks take technical and administrative security measures, and comply with applicable laws relating to personal information.

 

In the event that details of entrusted tasks or entrusted entities change, the Company will promptly disclose such information under Article 11 of this Privacy Policy.

 

Article 6. Rights and obligations of users and means to exercise rights

 

(1) Users can at any time exercise the following rights pertaining to the protection of personal information:

1. Right to request access to personal information

2. Right to request correction of errors

3. Right to request deletion of personal information

4. Right to request suspension of processing personal information

5. Opposition rights

 

(2) The rights set forth above may be exercised in writing or by telephone, e-mail or fax, etc., and the Company will take action immediately upon identity verification.

 

(3) In principle, the Company will not collect personal information of users under the age of 16.



Article 7. Cookies; installation, operation and refusal


(1) The Company uses cookies to store and retrieve user information from time to time to provide relevant and useful services to users. Cookies are small text files that the servers running the Company's website send to users' computers and are stored on users' computer hard disks. Users can choose whether or not to accept cookies, provided, however, that the Company shall not be held accountable for any issues or limitations in using services caused by disabling cookies.


(2) How to reject cookies

- Users can either accept all cookies, confirm each time, or reject all cookies from their web browser settings.

- How to enable/disable cookies (for Internet Explorer)

1. Select [Internet Options] from the [Tools] menu

2. Click on [Privacy]

3. Click on [Advanced]

4. Select to enable/disable


To learn more about our use of cookies, please see the Cookie Policy.



Article 8. Procedure and method of destroying personal information


Once the purposes for which personal information is being processed are achieved, the Company will in principle promptly destroy said personal information. Procedure and method of destruction are as follows:


(1) Procedure

Once the purposes have been achieved, the personal information entered by the user will be either destroyed immediately or after being stored for a certain period of time in a separate database (separate documents if the information is on paper) as required by internal policies or applicable laws. Personal information transferred to the database will not be used for any other purpose unless required by law.


(2) Method of destroying personal information

The Information in the form of electronic files will be deleted using technical methods that prevent records being recovered. Personal information printed on paper will be either shredded or incinerated.



Article 9. Security measures for protection of personal information


The Company takes technical, administrative, and physical measures necessary for ensuring security as follows:


(1) Administrative measures

Establishing and implementing internal management plan, and training personnel regarding protection of personal information


(2) Technical measures

Managing rights to access to personal information processing systems, installing access control systems, encrypting security programs, etc.


(3) Physical measures

Access control to computer rooms



Article 10. Contact information of the Data Protection Officer


In order to protect users' personal information and respond to complaints regarding personal information, the Company has appointed a Data Protection Officer and the relevant division as follows:


*Data Protection Officer

Name : Park Chang-sun

Title : Head of Division

Contact information : 031-710-2450 / cspark@suprema.co.kr


*Data Protection Division

Division: Information security TF

Contact information: privacy@suprema.co.kr


Users can contact the Data Protection Officer or the division for any inquiries on personal information protection and complaints while using Company services. The Company will promptly respond to and process inquiries from users.



Article 11. Security measures for protection of personal information


Any changes will be effective 7 days after the Company posts the revised Privacy Policy in this section on the Company’s website.

Any significant changes to users' rights, including changes to collection and use of personal information and provision of personal information to third parties, will be notified at least 30 days in advance.


1) Announcement Date: June 17, 2020

2) Effective Date: July 17, 2020



Link to previous Privacy Policy documents

Inquiry TOP