Go to the main text

Language

Go
Main Menu

Home Privacy and information Processing Policy, etc.
open Privacy and information Processing Policy, etc.
Enlarge text Reduce text

Privacy and Information Processing Policy, etc.

Doosan Infracore Engine Business Group(the “Company”) complies with the relevant statutory provisions regarding the protection of personal information, including the Personal Information Protection Act, and the Act on Promotion of Information and Communications Network Utilization and Information Protection. The Company further commits to safeguarding the rights and interests of the owners and holders of personal information, such as its customers, staff and website users, and has established its own Privacy and Information Processing Policy, in accordance with the relevant legislation.

The Company, through its Privacy and Information Processing Policy, etc., notifies the purposes and procedures of the collection of personal information, as well as the relevant protection measures. In case of any update or revision to the Policy, the Company will announce the change either on its website’s notice or by means of individual communication.

The Company’s Privacy and Information Processing Policy is composed of three parts pertaining to: the “Personal Information Processing Policy” for the protection of the personal information of all information holders with whom the Company deals; the “Personal Information Handling Policy” regarding the information of website users; and the “Visual Information Processing Equipment Management Policy” which manages the personal information used in visual processing.

However, other affiliated websites of the Company may have different policies.

1. Personal Information Processing Policy

01. General Provisions

- "Personal Information" refers to the personally identifiable information of a living person whose identity may be checked easily in combination with the use of other sources such as a name, national identification number and picture, even though it is rarely possible to differentiate the individual in question with only the given information.
- "Informer" means the owner of any information which enables the recognition of a person’s identity.
- The Company discloses the Personal Information Processing Policy on the first screen of the website (www.doosaninfracore.com/engine) to facilitate the verification of the policy in question, and will always announce any changes or revisions to this policy via a notice posted on its website or through individual communication.

02. Processed Personal Information and Purposes of Processing

Without the legitimate provisions or the consent of the informer, the Company may handle neither the sensitive information that may significantly compromise the privacy of its provider nor the unique identification information assigned to distinguish the interested-party from others.

A. Processed Information

[Concerning customers]
Name, home address, e-mail, company name, service record, access log, cookies and IP address information

[Concerning employment]
Name, national identity number, picture, password, home address, home telephone number, mobile phone number, e-mail, education, military service, foreign language proficiency, computer skills, qualifications, family relationships, and career

B. Purposes of Processing

[Concerning customers]
- Settlement of the complaints on the membership and points of dissatisfaction
- Online market research or survey
- Marketing or advertising
- Service delivery and the settlement of fees

[Concerning employment]
- Test process, modification of the application form, verification of acceptance, contact for applicants, and verification of employment requirements
- Personnel management, including payroll, welfare benefits, support for various tasks, and assessment

03. Processing and the Retention Period of Personal Information

In principle, the collected personal information will be destroyed immediately after the purpose for which it was collected has been achieved. However, the following information will be retained during the designated period for the reasons set forth below :

- Retained information: name, home address, e-mail, company name
- Retention period: 1 year
- Reasons for retention: user inquiries / request management, user identification, etc.

- Retained information: service use data, access log, cookies, IP address information
- Retention period: 3 years
- Reasons for retention: enhancement of service quality through analysis of service use

- Retained information: name, password, date of birth, gender, national identity number, home address, home telephone number, mobile phone number, hobbies, skills, education, work experience, foreign language proficiency, military service, and family relationship
- Retention period: in principle, until the expiration of employment relationship
- Reasons for retention: Personnel management, including payroll, welfare benefits, support for various tasks, and assessment
- However, the personal information of an applicant, who was not employed, will be discarded immediately after the completion of the employment process.

04. Procedures and methods for the destruction of personal information

A. Destruction procedures
The company destroys the personal information without delay once it has achieved the purpose of its collection or the retention period has finished, except where the retention is required pursuant to the informer's consent, terms of use, or relevant legislation.

B. Methods of destruction
- Personal information stored in electronic file formats shall be deleted using technical methods that prevent the recovery of its record.
- Personal information printed on the paper shall be broken by the shredder, or destroyed through incineration.

05. Vision of personal information to a third party

The Company uses the personal information only within the scope laid out in “02. Processed Personal Information and Purposes of Processing”, and does not abuse it in excess of the established range nor discloses it to a third party. However, the following cases are exceptions :

  1. - In the case of having received the special consent of the informer
  2. - If there are special provisions in other relevant laws
  3. - If it is impossible to obtain the prior consent of the informer or its legal representative due to the state in which he cannot express his or her intention or his or her unknown address, so that the stored information is deemed to be necessary evidence for an imminent benefit of life, health, property of the informer or relevant third party
  4. - In case of providing the personal information in a form to block the recognition of a particular individual as necessary for the purposes of statistics and research.

The Company currently provides the following personal information

  1. - Institutions receiving personal information: Multicampus, Korea TOEIC Committee, Chamber of Commerce, the Department of Defense and Regional Military Manpower Administration, District Office/Dong Residents’ Center
  2. - Offered personal information: name, national identity number, phone number, military serial number
  3. - Purpose: verification of qualification
  4. - Retention and use period: immediately destroyed
  1. - Institution receiving personal information: Doosan Corporation
  2. - Offered personal information: name, national identity number, picture, password, home address, home telephone number, mobile phone number, e- mail, education, military service, foreign language proficiency, computer skills, qualifications, family relationship, career, social experience, awards, international experience and research experience
  3. - Purpose: integrated management and development of human resources
  4. - Retention and use period: until the expiration of employment relationship

06. Outsourcing of personal information processing

The Company does not entrust the personal information processing to an outside agency without the prior consent of the relevant informer.
For the outsourcing of personal information processing, the Company has in place the following instructions to safely manage the personal information when it concludes an outsourcing agreement in accordance with the relevant legislation.

  1. - Trustee company : Doosan Corporation
  2. - Outsourced service : Payroll, benefits and others
  1. - Trustee company : Multicampus, Korea Academy, Alpaco, Spicus, Pickupphone, eCampus, KT Innoedu
  2. - Outsourced service : Online courses for the staff
  1. - Trustee company : Doosan Information Communication BU Inc.
  2. - Outsourced service : Operation of the employment system

07. Rights and Obligations of Informers and Methods to Exercise the Rights

Every informer may demand the access, correction, omission and suspension of his or her personal information that the Company treats. However, the Company may refuse or limit the aforementioned demand under the following conditions.

  1. - If there is a special legal provision or it is unavoidable to comply with statutory obligations
  2. - If there is a concern to harm the lives or bodies of others, or to damage improperly the property and other interests of other people
  3. - If it is difficult to fulfill the contract, including agreed services, without processing the personal information, meanwhile the informer does not reveal clearly the intention to terminate the contract.

Methods and Procedures to Exercise Rights

  1. - The informer who wants to read his or her personal information may submit the Request of Reading, Correction, Deletion and Suspension in writing, e-mail, fax, etc., to the department in charge (For this, see the section “09. Complaint Resolution Service for Personal Information”).
  2. - The Company takes action to respond to the demand within 10 days unless there is a justifiable reason, and communicates the reasons, if any, for such denial or restriction within five days, as well as the methods to appeal against this refusal or restriction.
  3. - The Company may verify the identity of the informer or, his or her representative that demands the reading, etc., of the personal information, checking his o her identity cards such as national identity card, one of certified electronic signatures or other equivalents.

Request Form

08. Technical, Administrative, and Physical Protection Measures for Personal Information

The Company takes the following safety measures to prevent personal information from being lost, stolen, leaked, altered, or damaged.

<Technical actions>

  1. - The Company complies with the required legal standards for the secure storage and transmission of the personal information.
  2. - Using anti-virus software, the company takes steps to prevent the damage caused by computer viruses.
  3.   The anti-virus program is updated periodically, and protects against the violation of privacy in case of a sudden outbreak of a new virus, providing its new version as soon as possible.
  4. - Against external attacks such as hacking, the Company does everything for the security, utilizing an intrusion detection system and a vulnerability assessment system for each server.

<Administrative actions>

  1. - The company gives the exclusive access to personal information to those who deal with sales and marketing directly with the informers, to those in charge of the management of personal information, and those who inevitably handle the personal data through carrying out other tasks.
  2. - The employees who treat the personal information take a regular in-house training and outsourcing education on the protection of personal information, being properly supervised to strictly comply with laws and regulations to the same purpose after both starting work and after taking retirement.

<Physical actions>

  1. - For the secure storage of the personal information and its handling system, the facilities are equipped with protection measures to prevent a physical access, including physical locking devices.
  2. - The computer room and data storage room, designated as special security areas, are under strict access control.

09. Complaint Resolution Service for Personal Information

The Company designates and operates the following division and officer in charge to protect the personal information and respond to the complaints regarding the sector.

A. Personal Information Division

  1. Division: Information Security Team
  2. Phone : 02-3398-2906
  3. Fax : 02-3398-8499
  4. E-mail : di_security@doosan.com
  5. Business Hours: (Mon-Fri) 09:00 – 18:00, (closed on Sat-Sun, national holidays)

B. Chief Privacy Officer

  1. - Name: Park Dong-bum
  2. - Phone : 02-3398-2906
  3. E-mail : di_security@doosan.com

If you want to report or need an advice on the invasion of the privacy, please contact the following organizations.

  1. - Personal Information Dispute Mediation Committee
      (http://privacy.kisa.or.kr - Phone : 118)
  2. - Privacy Complaint Center
      (http://www.privacy.go.kr - Phone : 118)
  3. - Government Protection Mark Authentication Commission
      (http://www.eprivacy.or.kr - Phone : 02-580-0533~4)
  4. - Internet Criminal Investigation Center, Supreme Prosecutor's Office
      (http://www.spo.go.kr - Phone : 02-3480-3600)
  5. - Cyber Terror Response Center, National Police Agency
      (http://www.ctrc.go.kr - Phone : 02-392-0330)

10. Notification

Additions, deletions and modifications of the current Personal Information Processing Policy will be notified through the website’s notice at least 10 days prior to the revision.

Announcement date: Sept. 30, 2011
Effective Date: Sept. 30, 2011


Up