Go Contents

Utility

Personal Information Management Policy

The Personal Information Protection Act prescribes general standards regarding the handling of such personal information, and Hyundai GLOVIS (hereafter "Hyundai GLOVIS" or "We") handle personal information we collect, retain and process in accordance with such statutes in a legitimate and appropriate manner to properly perform related business and protect your rights and interests.
We also respect you exercising your rights and interests, such as requesting to access, correct, erase and suspend processing of your personal information we have in accordance with relevant statutes.
In order to protect your personal information and your rights and interests and smoothly handle your complaints relating to personal information in accordance with the Personal Information Protection Act, we have the following Personal Information Management Policy in place, and in the event where we revise this policy, we will notify you in advance through announcements on our website (or individually).
This Policy is effective from September 1, 2017.
Article 1 (Purposes of processing personal information)
We process personal information for the following purposes. We will use processed personal information only for the following purposes and ask for your prior consent when there are any changes to the purposes.
A. General Inquiry
Used to answer general inquires about Hyundai GLOVIS.
B. Quote inquiry
Used to answer quote inquiries about Hyundai GLOVIS services.
C. New Car Delivery Tracking
Used to answer inquiries about Hyundai GLOVIS new car delivery service.
D. Ethical management reporting
Used to respond to inquiries and secure efficient communication channels.
Article 2 (Personal information processing and retention period)
We will retain and use your personal information during the period from when we collect it until we achieve the agreed purpose of its collection and use, and will destroy it without delay once the purpose is achieved. However, we will retain the following data for the duration specified below for the following purposes.
A. General Inquiry
Items of personal information: Name, phone number, email address, affiliation
Duration: 1 year after collection
B. Quote inquiry
Items of personal information: Name, company name, department, phone number, email address
Duration: 1 year after collection
C. New Car Delivery Tracking
Items of personal information: Name, new car contract number, vehicle model
Duration: 1 year after collection
D. Ethical management reporting
Items of personal information: Name, phone number, email address, informant type
Duration: 1 year after collection
E. IR inquiry
Items of personal information: Name, phone number, email address, company name
Duration: 3 months after registration
We will retain your personal information if we are obliged to do so according to any of the relevant laws, such as the Commercial Act.
In this case, we will use the retained data only for the prescribed purpose of retention for the following duration.
A. Information related to our commercial books, critical business documents and statements.
Legal ground: Commercial Act
Duration: 10 years (critical documents) / 5 years (statements)
B. Information related to all transaction books and supporting documents.
Legal ground: Framework Act on National Taxes, Corporate Tax Act
Duration: 5 years
C. Records on contracts or subscription withdrawals and records on payments and supply of goods, etc.
Legal ground: Act on the Consumer Protection in Electronic Commerce, Etc.
Duration: 5 years
D. Records on the processing of consumer complaints or disputes.
Legal ground: Act on the Consumer Protection in Electronic Commerce, Etc.
Duration: 3 years
E. Books and issued invoices or receipts.
Legal ground: Value-Added Tax Act
Duration: 5 years
Article 3 (Provision of personal information to a third party)
In principle, we process your personal information within the scope prescribed in Article 1 (Purposes of processing personal information), and will not process or provide to a third party personal information without your prior consent. However, personal information may be processed in the following cases.
1. Where you have already agreed to the provision and disclosure of personal information to a third party.
2. Where it is required by the relevant statutes, etc.
3. Where the personal information is required to fulfill a contract concerning provision of services and it is noticeably difficult to go through a typical consent process due to economic/technical reasons.
4. Where personal information is used after being processed into non-personally identifiable information.
Article 4 (Outsourcing of personal information processing)
As necessary to fulfill a contract and provide services, we outsource the collection, retention, processing, use, provision, control and destruction of your personal information to outside contractors as follows.
Item Company name
System maintenance Hyundai AutoEver
Delivery of giveaways Hanaro Adcom
Article 5 (Rights and obligations of the data subject and how to exercise them)
As a data subject, you may exercise the following rights.
1. Request to access personal information
You may request to access your personal information kept by us in accordance with Article 35 (Access to Personal Information) of the Personal Information Protection Act.
However, your request for access to personal information may be limited in accordance with Article 35(5) of the Act.

A. Where access is prohibited or limited by Acts
B. Where access may cause damage to the life or body of a third party, or unjustified infringement of property and other interests of any other person
2. Request to correct or erase personal information
You may request to correct or erase your personal information kept by us in accordance with Article 36 (Rectification or Erasure of Personal Information) of the Personal Information Protection Act.
However, where that personal information is subject to collection under other statutes, you may not request for it to be erased.
3. Request to suspend the processing of personal information
You may request to suspend the processing of your personal information kept by us in accordance with Article 37 (Suspension of Processing of Personal Information) of the Personal Information Protection Act.
However, your request for the suspension of processing personal information may be limited in accordance with Article 37(2) of the Act.

A. Where special provisions exist in other laws or it is inevitable to observe legal obligations
B. Where access may cause damage to the life or body of a third party, or unjustified infringement of property and other interests of any other person
C. Where it is impracticable to perform a contract, such as the provision of services as agreed upon with the data subject without processing the personal information, and the data subject has not clearly expressed the desire to terminate the agreement

To make a request for access, correction, erasure and suspension of the processing of personal information, you must first go through identity verification with our privacy personnel by telephone, email, etc.
Article 6 (Destruction of personal information)
Once the purpose of processing personal information is achieved, in principle, the Company destroys the personal information without delay, unless otherwise required to retain it by other laws. The procedure, deadline and method of destruction are as follows.
A. Destruction procedure
Once the purpose is achieved, the personal information you entered will be destroyed immediately or after a certain period of time in accordance with our internal policy and relevant statutes.
B. Destruction deadline
Personal information will be destroyed within five days after its retention period comes to an end or the data is recognized to be unnecessary due to, for example, achievement of the purpose of processing the personal information.
C. Destruction method
Personal information files processed by us are recorded in the form of electronic file and thus we destroy them in any technical method that makes it impossible to restore them.
Article 7 (Actions to secure the safety of personal information)
We take the following technical, managerial and physical measures required to secure the safety of personal information in accordance with Article 29 of the Personal Information Protection Act.
1. Establishment and enforcement of internal management plan
We establish and enforce internal management plan in compliance with the internal management guidelines published by the Ministry of Public Administration and Security.
2. Minimization and training of personnel who handle personal information
We designate only the minimum required number of personnel who will handle personal information for control of personal information.
3. Control of access to personal information
We take any and all necessary actions to control access to personal information by granting, changing and revoking access to our database system used to process personal information, and control unauthorized access to personal information with intrusion prevention systems.
4. Retention of access records and prevention of their falsification
We maintain records on access to personal information processing systems (web logs, summary, etc.) for at least six months, and operate security functions to prevent access records from being falsified, stolen or lost.
5. Encryption of personal information
We store and manage your personal information in an encrypted state.
We also use separate security functions, such as encrypting sensitive data when storing or sending.
6. Technical measures to respond to hacking, etc.
To prevent the leakage or damage of personal information by hacking, computer viruses, etc., we install security programs and update and inspect them regularly, and install systems in a secure area with technical and physical monitoring and blocking in place.
We also monitor network traffic and detect any attempt to modify information illegally.
7. Control of unauthorized access
We have a separate physical place for personal information systems containing personal information, and establish and operate a procedure for control of access to it.
Article 8 (Matters concerning the installation and operation and rejection of cookies)
We do not use cookies, etc., which frequently store and retrieve user data. A cookie is a tiny text file a website server sends to your browser. It is stored on your computer hard disk.
Article 9 (Privacy Officer)
We designate a privacy officer and privacy personnel as below, who are responsible for protecting personal information and handling complaints relating to personal information.

(Privacy Officer pursuant to Article 31(1) of the Personal Information Protection Act)

[Privacy Officer]
Department: HR Support Office
Name: Cho Byeong-in
Phone: +82-2-6191-9426
Email: privacy@GLOVIS.net
[Privacy Personnel]
Department: Safety Security Team
Name: Yoon Sung-han
Phone: +82-2-6191-9285
Email: privacy@GLOVIS.net
Article 10 (Revision to Personal Information Management Policy)
This Personal Information Management Policy is effective from its enforcement date, and in the event of any addition, deletion or correction in accordance with relevant statutes and our internal policy, we will notify you through announcements on our website at least seven days before any such change takes effect.
Article 11 (Remedy for infringement on rights and interests)
For any remedial actions as regards any infringement on personal information, the data subject may file an application for dispute resolution or consultation with the Personal Information Dispute Mediation Committee. You can also contact the following agencies for reporting or consultation in relation to personal information infringement.
1. Personal Information Dispute Mediation Committee: 118 (http://www.privacy.kisa.or.kr)
2. National Police Agency Cyber Bureau: 1566-0112 (http://www.ctrc.go.kr/)

Notification date: September 1, 2017
Enforcement date: September 1, 2017
최상단으로 이동