Heuron Co., Ltd. Privacy Policy

Notice of Collection and Use of Personal Information

Heuron Co., Ltd. (hereinafter referred to as the "Company") provides this notice concerning the collection and processing of users' personal information on the Company's website in accordance with the 『Personal Information Protection Act』 and other relevant regulations.

The "Company" is committed to protecting users' personal information and promptly and effectively addressing any related grievances. The Company makes the Privacy Policy readily accessible on the main page of the website, allowing users to review it at any time. The Privacy Policy is subject to changes in accordance with relevant laws and the Company's internal policies, and any revisions will be documented and made available through version management.

Term

• Member: Refers to individuals or business members who access the Heuron website and leave inquiries related to the use of services.

Purpose of Processing Personal Information

Purpose of Processing "Member" Information: The Company collects personal information of "Members" to respond to inquiries regarding the use of Heuron services.

(However, in cases where personal information retention is required by relevant laws, the information will be retained for the period specified by those laws.)

Categories of Personal Information Collected

(Mandatory) [Contact Us]

·         Collected Items: Name, Region, Institution/Company Name, Department/Position, Email, Phone Number, Inquiry Details

·         Purpose of Use: To respond to service inquiries

·         Collection Method: Heuron website

·         Retention Period: Until consent is withdrawn

(Mandatory) [Request a Demo]

·         Collected Items: Name, Region, Institution/Company Name, Department/Position, Email, Phone Number, Additional Inquiries

·         Purpose of Use: To respond to demo requests

·         Collection Method: Heuron website

·         Retention Period: Until consent is withdrawn

(Optional) Receive Service Advertisement/Event Information

·         Collected Items: Name, Email, Contact Number, Institution/Company Name

·         Purpose of Use: To receive service-related advertisements/event information

·         Collection Method: Heuron website

·         Retention Period: Until consent is withdrawn

Provision of Personal Information to Third Parties

The "Company" uses "Members'" personal information within the scope notified in the notice of collection and use of personal information and, in principle, does not provide "Members'" personal information to third parties. However, exceptions are made in the following cases:

·         When "Members" have given prior consent

·         When required by law or when requested by investigative agencies following the procedures and methods prescribed by law for investigative purposes

Entrustment of Personal Information Processing

Entrustment of personal information processing refers to the delegation of certain tasks to specialized contractors to provide smooth services to "Members." Personal information is processed only within the scope entrusted under the responsibility of the "Company." The "Company" carefully reviews whether the entrusted contractors have sufficient capabilities to protect "Members'" personal information.

·         The "Company" has entrusted the processing of personal information to the following domestic specialized companies to provide services:

·         Entrusted Company Name: Gabia (Web Hosting)

·         Entrusted Work: System management (hosting)

·         Entrusted Company Name: Switchworks (Website Maintenance Company)

·         Entrusted Work: Website and system management (maintenance)

·         When entering into an entrustment contract, the "Company" specifies in documents such as contracts the prohibition of processing personal information for purposes other than the performance of entrusted tasks, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of the trustee, and responsibilities such as compensation for damages in accordance with the 『Personal Information Protection Act』. The "Company" supervises whether the trustee safely processes personal information.

·         If the content of the entrusted work or the trustee changes, the "Company" will disclose it promptly through the privacy policy.

Period of Processing and Retention of Personal Information

Unless otherwise stipulated by law or separately agreed upon with the "Member," the "Company" retains personal information for the duration of service use or until the purpose of use is achieved.

If the retention period is not specified:

1) Information will be used until the purpose of provision is achieved.

2) Information will be used until the retention period prescribed by relevant laws.

Upon the "Member's" request for withdrawal, the "Company" will immediately destroy all related information, including logs.

Other information required to be retained for a certain period according to relevant laws is as follows:

[Relevant Law] Protection of Communications Secrets Act

·         Retention Period: 3 months for service usage log records

Rights of Members and Methods of Exercise

"Members" have the right to exercise their personal information protection rights at any time, and the "Company" will process requests as promptly as possible, except in cases where compliance with relevant laws and regulations necessitates otherwise.

If a "Member" requests correction or deletion of personal information due to errors, the "Company" will not use or provide the concerned personal information until the correction or deletion is completed.

[Rights of the Information Subject]

·         Request to access personal information

·         Request to correct or delete personal information

·         Request to suspend processing of personal information

·         Request to inquire about the use and provision of personal information

[Methods of Exercising the Rights of the Information Subject]

·         Rights can be exercised through the customer service department listed below, and we will take immediate action upon verification of identity.

Matters Concerning the Destruction of Personal Information

When the purpose of collecting and using personal information has been achieved, or when a "Member" withdraws their consent or otherwise requests the cessation of personal information processing, the "Company" will promptly destroy the relevant personal information using the methods outlined below.

·         Destruction Procedure

When a reason for the destruction of personal information arises, the "Company" will promptly destroy the personal information in a secure manner under the supervision of the Personal Information Protection Officer.

·         Destruction Method

For electronic files, the "Company" will safely delete the information using technical methods that make recovery and reproduction impossible.

For printed materials, the "Company" will destroy them by shredding or incineration.

Installation, Operation, and Rejection of Devices that Automatically Collect Personal Information

1. Cookies

Cookies are very small text files stored on the "Member's" PC by the website the "Member" has accessed to maintain the service usage environment set by the "Member" for more convenient service usage. These cookies do not contain any personal information that can identify the "Member," and the "Member" can easily refuse or delete cookies at any time. However, refusing to store cookies may cause difficulties in using some services.

1-1. How to Change Cookie Settings

You can check and change the cookie settings of the browser you are currently using through the following methods: Microsoft Edge: [Settings] → [Cookies and site permissions] → [Manage and delete cookies and site data] → Block third-party cookies

·         Microsoft Edge: [Settings] → [Cookies and site permissions] → [Manage and delete cookies and site data] → Block third-party cookies

·         Chrome: [Settings] → [Preferences] → [Privacy and security] → [Cookies and other site data] → Change settings

·         Safari: [Safari] → [Preferences] → [Privacy] → Change settings for [Cookies and website data]

2. Google Analytics (GA)

The "Company" uses Google Analytics, a web analysis tool provided by Google. Through Google Analytics, the Company collects behavioral information about users of its website, and only information that cannot identify individuals is collected. This analysis information is used to provide more useful and convenient services to "Members." If you do not want this information to be processed, you can refuse processing through the following guide page.

2-1. How to Disable Google Analytics [View]

Technical and Managerial Protection Measures for Personal Information Protection

The "Company" makes every effort to manage "Members'" personal information safely and protects personal information at a level higher than required by relevant laws. Additionally, "Members" are responsible for securely managing their personal information and should not transfer or lend it to third parties.

·         Establishment and Implementation of Internal Management Plan

The "Company" has established and implemented an internal management plan for the secure processing of personal information.

·         Minimization and Training of Personal Information Handling Staff

The "Company" designates and restricts staff who handle personal information to a minimum number and implements measures to manage personal information.

·         Regular Self-Audits

The "Company" conducts regular self-audits to ensure the stability of personal information handling.

·         Access Restriction to Personal Information

The "Company" takes necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system processing personal information and uses an intrusion prevention system to control unauthorized access from outside.

·         Storage and Prevention of Forgery or Alteration of Access Records

The "Company" stores and manages access records to the personal information processing system for at least one year. If personal information is added or unique identifiers or sensitive information for more than 50,000 data subjects are processed, records are stored and managed for at least two years. Additionally, security functions are used to prevent access records from being forged, altered, stolen, or lost.

·         Encryption of Personal Information

Users' personal information is encrypted and stored/managed in such a way that only the user can know it. Important data is protected using separate security functions such as encrypting files and transmission data or using file locking functions.

·         Technical Measures Against Hacking, etc.

The "Company" installs security programs to prevent personal information leakage and damage caused by hacking or computer viruses, regularly updates and inspects them, and installs systems in areas where access is controlled from outside, and monitors and blocks them technically and physically.

·         Access Control for Unauthorized Persons

The "Company" has a separate physical storage place for personal information and establishes and operates access control procedures for it.

·         Use of Locking Devices for Document Security

The "Company" stores documents and auxiliary storage media containing personal information in a secure place with locking devices.

Dedicated Department for Personal Information Protection

The "Company" operates a dedicated department for the protection of "Members'" personal information. This department addresses inquiries related to personal information processing and handles complaints. You can inquire about any personal information-related issues arising from the use of the Company's services, and we will provide prompt and thorough responses.

[Customer Service Department]

·         Department: TE Team

·         Contact Number: 02-2633-8595

·         Fax Number: 02-2633-8596

[Chief Privacy Officer, CPO]

·         Name: InHo Hwang

·         Contact Number: 02-2633-8595

If you need remedies or consultation regarding personal information infringement, you can contact the specialized agencies listed below for assistance.

[Personal Information Infringement Report Center (Operated by KISA)]

·         Scope of Work: Reporting and consulting on personal information infringement

·         Website: https://privacy.kisa.or.kr

·         Phone: 118 (no area code required)

·         Address: 9 Jinheung-gil, Naju-si, Jeollanam-do, 58342, Korea Internet & Security Agency Personal Information Infringement Report Center

[Personal Information Dispute Mediation Committee]

·         Scope of Work: Application for personal information dispute mediation, group dispute mediation (civil resolution)

·         Website: https://kopico.go.kr

·         Phone: 1833-6972 (no area code required)

·         Address: 12th Floor, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul, 03171

[Supreme Prosecutors' Office]

·         Website: https://www.spo.go.kr

·         Phone: 1301 (no area code required)

[National Police Agency]

·         Website: https://ecrm.police.go.kr

·         Phone: 182 (no area code required)

Changes to Privacy Policy

1.     This Privacy Policy will be effective from July 26, 2024.

2.     Previous versions of the Privacy Policy can be accessed below:

·         Heuron Privacy Policy (Effective Date: January 28, 2024) (Click)

·         Heuron Privacy Policy (Effective Date: December 29, 2023) (Click)

·         Heuron Privacy Policy (Effective Date: February 20, 2023) (Click)