DRB Privacy Policy |
DRB establishes and discloses the following privacy policy to protect the personal information of information subjects and handle related complaints quickly and efficiently.
Purpose of managing personal information
DRB manages personal information for the following purposes. Personal information items that are managed will not be used for purposes other than described below, and if the purposes are changed, DRB will take necessary measures, including obtaining separate consent.
1. Receiving and managing job application documents
- DRB manages personal information for the purpose of receiving and managing job application documents, and sending various announcements and notices related to job applications.
2. Q&A
- DRB manages personal information for the purpose of identifying complainants, confirming complaints, communicating and notifying for investigation of facts, sending the results of handling the complaints, etc.
1. Receiving and managing job application documents
- DRB manages personal information for the purpose of receiving and managing job application documents, and sending various announcements and notices related to job applications.
2. Q&A
- DRB manages personal information for the purpose of identifying complainants, confirming complaints, communicating and notifying for investigation of facts, sending the results of handling the complaints, etc.
Personal information management and retention period
1. DRB manages and retains personal information within the personal information retention and usage period that the information subjects consented to when personal information was collected.
2. The personal information management and retention periods are as follows respectively.
- Receiving and managing job application documents: 1 year
- Q&A: 1 year
2. The personal information management and retention periods are as follows respectively.
- Receiving and managing job application documents: 1 year
- Q&A: 1 year
Provision of personal information to a third party
1. DRB manages the personal information of information subjects within the scope set forth in ¡®the purpose of managing personal information,¡¯ and provides personal information to third parties only with the consent of the information subject, and in accordance with the special provision of laws.
2. DRB provides personal information to third parties as follows:
- Personal information recipients: affiliated companies
- Personal information recipients¡¯ purpose of using personal information: Q&A regarding affiliates
- Personal information items provided: name, address, phone number, e-mail address
- Personal information recipients¡¯ retention and usage period: 1 year
2. DRB provides personal information to third parties as follows:
- Personal information recipients: affiliated companies
- Personal information recipients¡¯ purpose of using personal information: Q&A regarding affiliates
- Personal information items provided: name, address, phone number, e-mail address
- Personal information recipients¡¯ retention and usage period: 1 year
Rights and duties of information subjects and how to exercise the rights
1. Information subjects may exercise the following rights related to personal information protection against DRB.
- Requesting access to personal information
- Requesting that corrections should be made if there is any error
- Requesting that personal information should be deleted
- Requesting that the managed personal information should be stopped
2. Information subjects can exercise their rights against DRB in writing, by phone or e-mail, and DRB will immediately take necessary actions.
3. If information subjects request that errors in personal information should be corrected, or personal information should be deleted, DRB will not use or provide the said personal information until the correction or deletion is completed.
4. Information subjects can exercise their rights through their legal representatives or those who are entrusted with the exercising of their rights.
5. Information subjects should not infringe on their own or others¡¯ personal information and privacy.
- Requesting access to personal information
- Requesting that corrections should be made if there is any error
- Requesting that personal information should be deleted
- Requesting that the managed personal information should be stopped
2. Information subjects can exercise their rights against DRB in writing, by phone or e-mail, and DRB will immediately take necessary actions.
3. If information subjects request that errors in personal information should be corrected, or personal information should be deleted, DRB will not use or provide the said personal information until the correction or deletion is completed.
4. Information subjects can exercise their rights through their legal representatives or those who are entrusted with the exercising of their rights.
5. Information subjects should not infringe on their own or others¡¯ personal information and privacy.
Personal information items managed
DRB manages the following personal information items.
1. Receiving and managing job application documents
- name, gender, birthdate, academic background, last school attended, major, address, contact information, e-mail address
2. Q&A
- name, affiliation, region, contact information, e-mail address
3. In the process of using Internet service, the following personal information items may be automatically generated and collected.
- IP address, cookies, MAC address, service use history, visit history, improper use history, etc.
1. Receiving and managing job application documents
- name, gender, birthdate, academic background, last school attended, major, address, contact information, e-mail address
2. Q&A
- name, affiliation, region, contact information, e-mail address
3. In the process of using Internet service, the following personal information items may be automatically generated and collected.
- IP address, cookies, MAC address, service use history, visit history, improper use history, etc.
Destruction of personal information
1. If personal information becomes unnecessary, e.g. the personal information retention period has expired, and the purpose of managing personal information has been accomplished, DRB will immediately destroy the personal information.
2. If DRB must retain personal information in accordance with other laws even though the personal information retention period, which information subjects consented to, has expired, or the purpose of managing personal information has been accomplished, it must move the personal information to a separate database (DB), or retain it in a different storage space.
3. The personal information destruction procedure and method are as follows:
- Personal information recorded and stored in electronic files must be destroyed in a way that it cannot be reproduced.
- Personal information recorded and stored in paper documents must be shredded in a paper shredder or incinerated.
2. If DRB must retain personal information in accordance with other laws even though the personal information retention period, which information subjects consented to, has expired, or the purpose of managing personal information has been accomplished, it must move the personal information to a separate database (DB), or retain it in a different storage space.
3. The personal information destruction procedure and method are as follows:
- Personal information recorded and stored in electronic files must be destroyed in a way that it cannot be reproduced.
- Personal information recorded and stored in paper documents must be shredded in a paper shredder or incinerated.
Measures to ensure the safety of personal information
DRB takes the following measures to ensure the stability of personal information:
1. Administrative measures: establishing and carrying out internal management plans, providing ongoing training for employees, etc.
2. Technical measures: Installing file encryption programs, etc.
3. Physical measures: Controlling access to the computer room, data archives, etc.
1. Administrative measures: establishing and carrying out internal management plans, providing ongoing training for employees, etc.
2. Technical measures: Installing file encryption programs, etc.
3. Physical measures: Controlling access to the computer room, data archives, etc.
Personal information protection manager
1. DRB appoints the following personal information protection manager so that he/she will oversee and take responsibility for personal information management, and handle the complaints of information subjects related to personal information management and alleviate damages.
Personal information protection manager
- Name: Lee Hyeon-seok
- Position: Executive managing director
Department in charge of personal information protection
- Department name: Management Support Team
- Person in charge: Jin Pil-woo
- Contact information: +82-51-520-9051
2. Information subjects can contact the personal information protection manager and the department in charge of personal information protection to inquire about personal information protection while using DRB¡¯s service, file complaints and request damage relief. DRB will immediately answer information subjects¡¯ questions and take necessary measures.
Personal information protection manager
- Name: Lee Hyeon-seok
- Position: Executive managing director
Department in charge of personal information protection
- Department name: Management Support Team
- Person in charge: Jin Pil-woo
- Contact information: +82-51-520-9051
2. Information subjects can contact the personal information protection manager and the department in charge of personal information protection to inquire about personal information protection while using DRB¡¯s service, file complaints and request damage relief. DRB will immediately answer information subjects¡¯ questions and take necessary measures.
Privacy policy change
This privacy policy will go into effect on March 31, 2012.