BRAINKEYS (here in after referred to as "the Company") respects the personal information of users, and complies with the relevant laws and regulations dealing with personal information protection including the Personal Information Protection Act and the Act on Information Communications Network Use Promotion and Information Protection. The Company notifies you of how and for what purposes we may use your information and what measures have been taken to protect your personal information through its policies regarding personal data privacy and information processing. In the event any of the provisions of the relevant policies are amended, we will publicly notify you of such amendments through this Website or individually.

·       The Company’s policy related to personal information consists of the following:

·       1. Collected personal information item and collection method

·       2. Collecting and collecting purpose of personal information

·       3. Provision and sharing personal information

·       4. Processing and possessing period of personal information

·       5. Procedures and methods of destroying personal information

·       6. Measures to ensure the stability of personal information

·       7. Rights and obligations of user and legal deputy and method of action

·       8. Personal information protection manager or Personal information department

·       9. Notice of obligation

This policy takes effect on October 13, 2017

·       1. Personal information items to be collected and collection methods

The Company collects the following personal information in order for customer inquiry.

o   Customer Inquiry
Name, E-mail, Contact number, Sales area

o   Method of Personal Information Collection
Homepage, Phone, Fax, E-mail

·       2. Collecting and collecting purpose of personal information

The Company uses the collected personal information for the following purposes.

o   Processing Customer Inquiry

·       3. Provision and sharing personal information(Disclosure of personal information to third parties, etc.)

In principle, the Company does not provide personal information of users to outside parties. However, exception applies to the following cases.

o   In case user's consent is obtained in advance

o   In case request is made by investigating organizations pursuant to provisions in laws and ordinances or for purposes of investigation according to procedures and methods prescribed by laws and ordinances.

·       4. Processing and possessing period of personal information

The Company destroys the personal information collected during inquiries without delay after stored for 1year to offer services.

·       5. Procedures and methods of destroying personal information

In principle, the Company destroys the information without delay as soon as the purpose of collecting and using personal information is fulfilled after stored for 1 year based on internal rules. Procedures and methods of destroying personal information are as follows.

o   Procedures
Once the purpose has been fulfilled, information entered by you is transferred to a separate DB (separate document in case information is in paper form) and saved for the prescribed period of time according to the reasons of information protection (Refer to Period of Information Holding and Use.) based on internal rules and other related laws before it is destroyed. Unless otherwise specified by law, personal information transferred to a separate DB is not used for purposes other than the original purpose of collection.

o   Method
Any personal information saved in an electronic file format will be deleted using a technology that prevents the recovery of the deleted records. The personal information retained on paper will be shredded or burned.

·       6. Measures to ensure the stability of personal information

The Company is taking technical, administrative, and physical measures needed to ensure safety as the following.

o   Establishment and implementation of the internal management plan
To safely process personal information, an internal management plan is set up and implemented.

o   Minimization and education of handling employees
The Company has designated and minimized the person in charge of handling personal information and implemented measures to manage personal information.

o   Management of access authority for personal information processing system
Necessary measures are taken to control access to personal information, such as granting, changing, and cancelling access authority for the database system which processes personal information. Also, intrusion detection systems are used to restrict unauthorized access from the outside.

o   Storage of access records and prevention of falsification
Access records on the personal information processing system are stored and managed for minimum six months, and security functions are used to prevent falsification, theft, and loss of access records.

o   Measures against hacking, unauthorized people’s access
The Company has installed security programs and updates and inspects the programs to protect personal information from being leaked externally or destroyed by hacking or computer viruses and has installed its systems in an area with restricted access to technically and physically monitor and block external access.

·       7. Rights of user and legal representative and the methods of exercising the right

Users and legal representatives can read or modify personal information by writing to, calling or e-mailing personal information management officer. The information will be modified or deleted after identity confirmation process.
In the event you have requested modification or deletion of errors in personal information, the information will not be used or provided until the requested modification or deletion is completed.
Personal information deleted upon request by user or legal representative is processed pursuant to specifications in Term of Holding and Using Personal Information Collected by the Company and will not be available or used for other purposes.

·       8. Personal information protection manager or Personal information department

To protect personal information of users and process complaints and inquiries regarding personal information, the Company appoints related departments and the personal information protection manager as below.

Personal Information Protection Manager
Chief Privacy Officer
Yong Kwang Won, General Manager
Phone: +82-2-6347-4545
E-mail: brainkeys@naver.com

 

You can report complaints related to personal information occurred while using the service of the Company to the personal information control manager or customer service department. The Company will provide sufficient answers promptly for the reported complaints. Contact the following organizations if you need to report or consultation on other personal information misuse issues.

o   Privacy Information Violation Report Center (http://privacy.kisa.or.kr / +82-118)

o   Personal Information Dispute Resolution Committee (www.kopico.go.kr / +82-2-2100-2499)

o   Cyber Investigation Department of Supreme Prosecutors' Office (www.spo.go.kr / +82-1301)

o   Cyber Security Bureau of the National Police Agency (cyberbureau.police.go.kr / +82-182)

·       9. Notice of obligation

In the event privacy policy is amended, the Company will notify it in the 'notice board' of website at least 7days before the revision.

o   Privacy Policy Version Number: V1.0

o   Privacy policy enforcement date: May 10, 2021