2023. 07. 01
Hankook & Company (hereinafter referred to as the "Company") values and respects the privacy of users; this privacy policy is committed to complying with the relevant laws such as the Act on the Promotion of Information and Communications Network Utilization and Information Protection and Privacy Protection Act. If the Company revises this privacy policy, then notification will be made about the details in accordance with the method prescribed by the relevant laws and regulations.
-
Chapter 1: Scope of Personal Information Collected by the Company
- 1. The Company only collects personal information of users specified in the “Purpose of Collection and Use of Personal Information” in this Privacy Policy; such information is the minimum information required for the Company to provide services according to fair and legitimate means. For optional items, we will not deny users the use of basic services, even if the user chooses not to provide them.
- 2. In principle, the Company does not collect any sensitive personal information that poses a risk of significant infringement of fundamental human rights. This includes information on ideology/belief, membership in/withdrawal from labor union/political party, political views, health state, sex life, place of birth and domicile, criminal record, etc. Exceptions are made, however, when the law specifies the personal information to be collected or when the user consents to the collection of personal information as required for the provision of services.
-
Chapter 2: Purpose of Collection and Use of Personal Information
-
1. The Company processes the minimum personal information of users in order to provide quality services. Collected personal information shall be used for the following purposes:
Description |
Collected Items |
Type |
Purpose of Collection |
Period of Retention |
Website |
Customer Q&A |
Name, e-mail, contact |
Required |
Customer consultation, reception and handling of concerns, notification of results, etc. |
3 years from the date of consent to the collection and use of personal information
1 year after completion of a requested case
|
Cyber Audit Office |
Name, e-mail, contact |
Required |
Reporting to the Cyber Audit Office, investigation, notification of results, etc. |
1 year after completion of a requested case |
- 2. To provide users with high-quality services related to personal information and service use-related information, Hankook & Company has integrated member information into one member account (including member information on the www.hankookandcompany.com website) for users to receive the services provided by the Company (www.hankooktire.com, www.hankook-networks.com, www.hankook-engineeringworks.com, www.hankook-precisionworks.com, www.hankook-atlasbx.com, www.model-solution.com, www.hankook-motorsports.com, www.tstation.com, m.tstation.com, biz.tstation.com, mbiz.tstation.com). Users can integrate and manage the member information acquired through the Company’s current or future business, such as member information and offline customer information. Should the purpose of collection and use of personal information be changed in the course of integrated use or management of members' personal information or addition or change of details of businesses operated by the Company, additional consent shall be acquired from the user.
-
Chapter 3: Processing and Retention Period of Personal Information
- 1. The Company manages personal information in accordance with legal requirements and the agreed-upon retention and usage period specified during the collection of personal information from the individuals concerned. Once the intended purpose of utilizing the information has been fulfilled, it will be promptly and securely disposed of.
-
2. The following information shall be retained for the specified period for the following reasons:
-
(1) Records on contracts or withdrawal of subscription, etc.
- - Grounds for retention: Act on Consumer Protection in Electronic Commerce, Etc.
- - Retention Period: 5 Years
-
(2) Records on payment and supply of goods, etc
- - Grounds for retention: Act on Consumer Protection in Electronic Commerce, Etc.
- - Retention Period: 5 Years
-
(3) Records on consumer complaints or dispute handling
- - Grounds for retention: Act on Consumer Protection in Electronic Commerce, Etc.
- - Retention Period: 3 Years
-
(4) Website browsing history
- - Grounds for retention: Protection of Communications Secrets Act
- - Retention Period: 3 Months
-
(5) Records on displays and advertisements
- - Grounds for retention: Act on Consumer Protection in Electronic Commerce, Etc.
- - Retention Period: 6 Months
-
Chapter 4: Procedures and methods for destroying personal information
- 1. In principle, the Company immediately destroys the relevant personal information once the period of use has passed, or a user requests for membership withdrawal or information destruction.
- 2. Personal information in electronic file format shall be deleted completely through technical methods so that it cannot be recovered or reproduced; other records, printed materials, written documents, etc. shall be shredded or incinerated.
- 3. If a user do not leverage our information and communication services for one year, the Company shall take the necessary measures (e.g., destroying personal information). However, if specific period is set by the relevant law, or if the period is set differently at the request of the user, then the aforementioned necessary measures shall be taken after the period has elapsed.
-
Chapter 5: Provision of personal information to third parties
- 1. The Company does not provide personal information to third parties without the user's prior consent.
-
Chapter 6: Outsourcing of personal information processing
- 1. The Company consigns the handling of personal information for consistent business performance, to provide better service and customer convenience, as follows.
-
2. The Company does not provide the user’s personal information to another company if the related services are not used in tasks entrusted to another company.
Contractor |
Contracted Tasks |
Hankook Networks Inc. |
Computer system operation and maintenance |
Concentrix Services Korea Ltd. |
Website system development and operation management |
-
3. Transferring Collected Personal Information: The Company entrusts entrusted overseas vendor to store information for the purpose of providing services and improving user convenience.
Transferee of personal information (name of consignee) |
Country to which personal information is transferred |
Date and method of transfer |
Purpose of use of personal information (Details of consignment tasks) |
Period of retention and use |
Amazon Web Services, Inc. |
Republic of Korea |
Occasional transmission through the information and communication network |
Provision of servers for data storage and backup and system operation |
Until the system maintenance and management contract between the Company and [Amazon Web Services, Inc.] is terminated or membership is withdrawn |
- Upon entering into the consignment agreement, the Company explicitly establishes stringent rules to ensure compliance with instructions pertaining to the protection of personal information, the prohibition of personal information disclosure, and the liability for any privacy breaches. The content of these agreements is duly recorded in both written and electronic formats. Additionally, the Company diligently monitors the handling of users' personal information by the consignee to ensure its safe and secure management. If the Company enters into a contractual agreement with a new vendor, its name shall be disclosed on our Privacy Policy page.
-
Chapter 7: Installation and Operation of Automatic Personal Information Collecting Device and Refusal of its Use
- The Company uses "cookies" to store and retrieve user information occasionally in order to provide personalized and customized services. Cookies refer to small text files that are transmitted from the website's server to the user's browser. These files are then stored on the user's hard disk. The information collected by the Company through cookies is limited to the Company ID, and no other information shall be collected.
- 1. Cookies serve various purposes, including but not limited to: Analyzing the frequency and timing of visits by both members and non-members; Identifying users' preferences and interests; Tracking users' behavior to enable targeted marketing and personalization; Assessing the level of participation in various events and tracking the number of visits; Notifying users of the available period when utilizing paid services; Facilitating the posting of articles.
-
2. How to Refuse Cookie Settings: Users have options to cookie installation. Accordingly, you can allow all cookies by setting options in your web browser, or go through confirmation whenever cookies are saved, or refuse to save all cookies.
-
• For Internet Explorer
Tools menu at the top of the web browser > Internet Options > Privacy > Settings
-
• For Chrome
Settings menu at the right of the web browser > Show advanced settings at the bottom of the screen > Content settings button for personal information > Cookies ※ If you refuse to install cookies, then you may have difficulty in using the website and some services.
-
Chapter 8: Technological, Managerial, and Physical Measures for Protecting Personal Information
-
1. Technological Measures
The Company safely protects users’ personal information through security functions in accordance with the relevant laws and regulations and internal policies. The Company uses a vaccine program to take measures to prevent damage caused by computer viruses. This vaccine program is regularly updated. In the sudden event of virus detection, the Company applies the vaccine instantly when it is released to prevent the breach of personal information. The Company encrypts, stores, and manages users’ passwords and adopts security devices that can safely transmit personal information on the network. To safeguard against the unauthorized disclosure of your personal information through hacking attempts, the Company employs a robust security system that includes a dedicated device to prevent external intrusions. Furthermore, continuous 24/7 monitoring of potential intrusions is carried out throughout the year, ensuring a proactive approach to maintaining data security.
-
2. Managerial Measures
The Company strictly limits the number of employees in charge of managing personal information to those who perform personal information management tasks, who inevitably handle personal information in business. The Company emphasizes compliance with the privacy policy through regular internal training for employees in charge.
-
3. Physical Measures
The Company is equipped with separate physical storage places for the personal information processing system that archives personal information (such as data processing rooms, data storage rooms, etc.), and implements established access control procedures for such places.
-
Chapter 9: Rights of Users and Legal Representatives and How to Exercise Such Rights
- 1. If a user requests correction of errors in personal information in writing, by phone, e-mail, fax, etc., then the personal information shall be neither used nor provided until the correction is completed. Furthermore, in the event that incorrect personal information has already been inadvertently disclosed to a third party, the Company undertakes to promptly notify the said third party of the corrected information, enabling them to make the necessary updates and rectifications accordingly.
- 2. A user may request the viewing or provision of the transaction information held by the Company with the consent of the user, in which case the Company shall take the necessary measures to ensure that the user can view it without delay.
- 3. In the case of a child below 14 years, the legal representative has the right to view or modify the child’s personal information and the right to withdraw consent to its collection and use.
- 4. Users can request access to personal information in accordance with Article 35 of the Personal Information Protection Act, in which case the Company shall make every effort to process users’ requests promptly.
-
Chapter 10: Consultation with Personal Information Manager/Reporting
-
1. The Company designates a person in charge of personal information protection to protect users’ personal information and handle complaints related to personal information. For any questions regarding users' personal information, please contact the person in charge of personal information protection or the relevant department below.
Person in charge of personal information protection
Department: Information Security Team
Manager: Ko, Myeong-su
Contact: 031-5178-7155
E-mail: privacy@hankookn.com
Person in charge of Customer Service
Contact: 080-022-8272
E-mail: as@hankooktech.com
-
2. To report or consult on other personal information infringement, please contact the following agencies:
- (1) Personal Information Infringement Report Center (http://privacy.kisa.or.kr / Just dial 118)
- (2) Cyber Investigation Department of the Supreme Prosecutor’s Office (http://www.spo.go.kr / Just dial 1301)
- (3) Cyber Security Bureau, National Police Agency (http://cyberbureau.police.go.kr / Just dial 182)
- (4) Personal Information Dispute Mediation Committee (http://kopico.go.kr / 1833-6972)
-
Chapter 11: Changes in Privacy Policy
- 1. This Privacy Policy shall come into effect starting from July 1, 2023.
- 2. In the event of any modifications to this privacy policy by the Company, the reason and specific details for such changes will be communicated in advance through the designated notification section of the website.