Read this

Select Your Language

English

Go

Home Privacy and information Processing Policy, etc.
open Privacy and information Processing Policy, etc.
Enlarge text Reduce text

Privacy and Information Processing Policy, etc.

Doosan Infracore Construction Equipment business group (the "Company") complies with the relevant statutory provisions regarding the protection of personal information, including the Personal Information Protection Act, and the Act on Promotion of Information and Communications Network Utilization and Information Protection. The Company further commits to safeguarding the rights and interests of the owners and holders of personal information, such as its customers, staff and website users, and has established its own Privacy and Information Processing Policy, in accordance with the relevant legislation.

The Company, through its Privacy and Information Processing Policy, etc., notifies the purposes and procedures of the collection of personal information, as well as the relevant protection measures. In case of any update or revision to the Policy, the Company will announce the change either on its website’s notice or by means of individual communication.

The Company’s Privacy and Information Processing Policy is composed of three parts pertaining to: the “Personal Information Processing Policy” for the protection of the personal information of all information holders with whom the Company deals; the “Personal Information Handling Policy” regarding the information of website users; and the “Visual Information Processing Equipment Management Policy” which manages the personal information used in visual processing.

However, other affiliated websites of the Company may have different policies.

1. Personal Information Processing Policy

01. General Provisions

  1. - "Personal Information" refers to the personally
      identifiable information of a living person whose identity may be checked easily in combination
      with the use of other sources such as a name, national identification number and picture, even
      though it is rarely possible to differentiate the individual in question with only the given
      information.
  2. - "Informer" means the owner of any information which enables the recognition of a person’s
      identity.
  3. - The Company discloses the Personal Information Processing Policy on the
      first screen of the website (www.doosaninfracore.com/ce,) to facilitate the verification of the
      policy in question, and will always announce any changes or revisions to this policy via a notice
      posted on its website or through individual communication.

02. Processed Personal Information and Purposes of Processing

Without the legitimate provisions or the consent of the informer, the Company may handle neither the sensitive information that may significantly compromise the privacy of its provider nor the unique identification information assigned to distinguish the interested-party from others.

A. Processed Information

[Concerning customers]
Name, home address, e-mail, company name, service record, access log, cookies and IP address information

[Concerning employment]
Name, national identity number, picture, password, home address, home telephone number, mobile phone number, e-mail, education, military service, foreign language proficiency, computer skills, qualifications, family relationships, and career

B. Purposes of Processing

[Concerning customers]
- Settlement of the complaints on the membership and points of dissatisfaction
- Online market research or survey
- Marketing or advertising
- Service delivery and the settlement of fees

[Concerning employment]
- Test process, modification of the application form, verification of acceptance,
  contact for applicants, and verification of employment requirements
- Personnel management, including payroll, welfare benefits, support for various tasks,
  and assessment

03. Processing and the Retention Period of Personal Information

In principle, the collected personal information will be destroyed immediately after the purpose for which it was collected has been achieved. However, the following information will be retained during the designated period for the reasons set forth below:

- Retained information: name, home address, e-mail, company name
- Retention period: 1 year
- Reasons for retention: user inquiries / request management, user identification, etc.

- Retained information: service use data, access log, cookies, IP address information
- Retention period: 3 years
- Reasons for retention: enhancement of service quality through analysis of service use

- Retained information: name, password, date of birth, gender, national identity number,
  home address, home telephone number, mobile phone number, hobbies, skills, education,
  work experience, foreign language proficiency, military service, and family relationship
- Retention period: in principle, until the expiration of employment relationship
- Reasons for retention: Personnel management, including payroll, welfare benefits,
  support for various tasks, and assessment
- However, the personal information of an applicant, who was not employed,
  will be discarded immediately after the completion of the employment process.

04. Procedures and methods for the destruction of personal information

A. Destruction procedures
The company destroys the personal information without delay once it has achieved the purpose of its collection or the retention period has finished, except where the retention is required pursuant to the informer's consent, terms of use, or relevant legislation.

B. Methods of destruction
- Personal information stored in electronic file formats shall be deleted using technical methods
  that prevent the recovery of its record.
- Personal information printed on the paper shall be broken by the shredder, or destroyed
  through incineration.

05. Vision of personal information to a third party

The Company currently provides the following personal information

  1. - In the case of having received the special consent of the informer
  2. - If there are special provisions in other relevant laws
  3. - If it is impossible to obtain the prior consent of the informer or its legal representative due
      to the state in which he cannot express his or her intention or his or her unknown address,
      so that the stored information is deemed to be necessary evidence for an imminent benefit of
      life, health, property of the informer or relevant third party
  4. - In case of providing the personal information in a form to block the recognition of a particular
      individual as necessary for the purposes of statistics and research.

The Company currently provides the following personal information

  1. - Institutions receiving personal information: Multicampus, Korea TOEIC Committee, Chamber of
      Commerce, the Department of Defense and Regional Military Manpower Administration,
      District Office/Dong Residents’ Center
  2. - Offered personal information: name, national identity number, phone number, military serial
      number
  3. - Purpose: verification of qualification
  4. - Retention and use period: immediately destroyed
  1. - Institution receiving personal information: Doosan Corporation
  2. - Offered personal information: name, national identity number, picture, password,
      home address, home telephone number, mobile phone number, e- mail, education,
      military service, foreign language proficiency, computer skills, qualifications,
      family relationship, career, social experience, awards, international experience and
      research experience
  3. - Purpose: integrated management and development of human resources
  4. - Retention and use period: until the expiration of employment relationship

06. Outsourcing of personal information processing

The Company does not entrust the personal information processing to an outside agency without the prior consent of the relevant informer.
For the outsourcing of personal information processing, the Company has in place the following instructions to safely manage the personal information when it concludes an outsourcing agreement in accordance with the relevant legislation.

  1. - Trustee company : Doosan Corporation
  2. - Outsourced service : Payroll, benefits and others
  1. - Trustee company : Multicampus, Korea Academy, Alpaco, Spicus, Pickupphone, eCampus, KT Innoedu
  2. - Outsourced service : Online courses for the staff
  1. - Trustee company : Doosan Information Communication BU Inc.
  2. - Outsourced service : Operation of the employment system

07. Rights and Obligations of Informers and Methods to Exercise the Rights

Every informer may demand the access, correction, omission and suspension of his or her personal information that the Company treats. However, the Company may refuse or limit the aforementioned demand under the following conditions.

  1. - If there is a special legal provision or it is unavoidable to comply with statutory obligations
  2. - If there is a concern to harm the lives or bodies of others, or to damage improperly the
      property and other interests of other people
  3. - If it is difficult to fulfill the contract, including agreed services, without processing the personal
      information, meanwhile the informer does not reveal clearly the intention to terminate
      the contract.

Methods and Procedures to Exercise Rights

The informer who wants to read his or her personal information may submit the Request of Reading, Correction, Deletion and Suspension in writing, e-mail, fax, etc., to the department in charge (For this, see the section "09. Complaint Resolution Service for Personal Information“).

- The Company takes action to respond to the demand within 10 days unless there is a justifiable
  reason, and communicates the reasons, if any, for such denial or restriction within five days,
  as well as the methods to appeal against this refusal or restriction.
- The Company may verify the identity of the informer or, his or her representative that demands
  the reading, etc., of the personal information, checking his o her identity cards such as national
  identity card, one of certified electronic signatures or other equivalents.

Request form

08. Technical, Administrative, and Physical Protection Measures for Personal Information

The Company takes the following safety measures to prevent personal information from being lost, stolen, leaked, altered, or damaged.

<Technical actions>

  1. - The Company complies with the required legal standards for the secure storage and
      transmission of the personal information.
  2. - Using anti-virus software, the company takes steps to
      prevent the damage caused by computer viruses. The anti-virus program is updated
      periodically, and protects against the violation of privacy in case of a sudden outbreak of
      a new virus, providing its new version as soon as possible.
  3. - Against external attacks such as hacking, the Company does everything for the security,
      utilizing an intrusion detection system and a vulnerability assessment system for each server.

<Administrative actions>

  1. - The company gives the exclusive access to personal information to those who deal
      with sales and marketing directly with the informers, to those in charge of the management
      of personal information, and those who inevitably handle the personal data
      through carrying out other tasks.
  2. - The employees who treat the personal information take a regular in-house training and
      outsourcing education on the protection of personal information, being properly
      supervised to strictly comply with laws and regulations to the same purpose after both
      starting work and after taking retirement.

<Physical actions>

  1. - For the secure storage of the personal information and its handling system, the facilities
      are equipped with protection measures to prevent a physical access,
      including physical locking devices.
  2. - The computer room and data storage room, designated as special security areas,
      are under strict access control.

09. Complaint Resolution Service for Personal Information

The Company designates and operates the following division and officer in charge to protect the personal information and respond to the complaints regarding the sector.

A. Personal Information Division

  1. - Division: Information Security Team
  2. - Phone : 02-3398-2906
  3. - Fax : 02-3398-8499
  4. - E-mail : di_security@doosan.com
  5. - Business Hours: (Mon-Fri) 09:00 – 18:00, (closed on Sat-Sun, national holidays)

B. Chief Privacy Officer

  1. - Name: Park Dong-bum
  2. - Phone : 02-3398-2906
  3. - E-mail : di_security@doosan.com

If you want to report or need an advice on the invasion of the privacy, please contact the following organizations.

  1. - Personal Information Dispute Mediation Committee
      (http://privacy.kisa.or.kr - Phone: 118)
  2. - Privacy Complaint Center
      (http://www.privacy.go.kr - Phone: 118)
  3. - Government Protection Mark Authentication Commission
      (http://www.eprivacy.or.kr - Phone: 82 2 580 0533~4)
  4. - Internet Criminal Investigation Center, Supreme Prosecutor's Office
      (http://www.spo.go.kr - Phone: 82 2 3480 3600)
  5. - Cyber Terror Response Center, National Police Agency
      (http://www.ctrc.go.kr - Phone: 82 2 392 0330)

10. Notification

Additions, deletions and modifications of the current Personal Information Processing Policy will be notified through the website’s notice at least 10 days prior to the revision.

- Announcement date: Sept. 30, 2011
- Effective Date: Sept. 30, 2011


Up