이전 개인정보취급방침

개정일자	다운로드

Privacy Policy (“these Guidelines”)

Read our previous Privacy Policy

We at Smartro Co., Ltd. (“we”) have adopted these Guidelines to protect customers’ personal information, their rights, and interests and handle customers’ complaints about the way we deal with their personal information under Article 27-2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

Personal Information Items Collected by Us

We collect the following personal information for purposes associated with membership subscription, business consultation, and service provision.
Basic information
1. Members’ personal information such as names, home addresses, phone/fax numbers, cellphone numbers, e-mail addresses/ID/passwords (when using a site), credit card numbers, DOBs, wedding anniversaries, etc.
2. Payment-related information such as bank names, withdrawal account numbers, account holder names/resident registration numbers
Information items automatically collected (when using a site)
1. Records about using a service, connection logs, cookies

Purpose of Collecting and Using Personal Information

We use personal information collected by us for the following purposes. No information provided by users is used for any purposes other than what is stated in the following. If there is a change in the stated purpose, we will obtain users’ consent in advance.
Service provision-related contract execution; service-related content provision
1. Affiliated stores management, transaction details inquiry, transaction details registration/establishment, service such as data audit, etc.
Members management
1. Member system-based service usage-related identification, prevention of unauthorized use, ascertainment of intention for subscription, complaint handling, etc.
Use in marketing/advertisements
1. Information communication and customized service provision associated with the development of new services and carrying out of special events, introduction/sale of our and affiliated businesses’ goods/services, checking access frequency, statistics compilation about members’ possession and use of personal information

Period for Retaining and Using Personal Information

We destroy personal information upon attaining the purpose of collecting and using it, provided that we retain information on members during a period stated in the following as required under relevant laws.
Records about cancelled contracts and withdrawn subscriptions, etc.
1. Basis for retention: The Act on the Consumer Protection in the Electronic Commerce Transactions, etc.
2. Retention period: 5 years
Records about payment and goods supply
1. Basis for retention: The Act on the Consumer Protection in the Electronic Commerce Transactions, etc.
2. Retention period: 5 years
Records about handling consumers’ complaints or disputes
1. Basis for retention: The Act on the Consumer Protection in the Electronic Commerce Transactions, etc.
2. Retention period: 3 years
Records about collection, handling, and use of credit information
1. Basis for retention: The Use and Protection of Credit Information Act
2. Retention period: 3 years
Records about visits to websites
1. Basis for retention: The Protection of Communications Secrets Act
2. Retention period: 3 months

Provision of personal information to third parties

We make it a rule to handle customers’ personal information within the scope stated in Purpose of collecting and using personal information. We do not disclose or provide customers’ personal information to a third party without customers’ prior consent, except in the following occasions.
When required for signing, maintaining, and executing contracts;
When customers consent to our disclosure or provision in advance;
When there is a special clause about disclosure or provision in relevant laws or when there is a request from a law enforcement agency under relevant laws;
We provide personal information on customers subscribing to or using specifically combined or affiliated service and customers giving us a separate consent to disclosure or provision as follows.

Provided to	Purpose of Using Personal Information	Personal Information Items Provided	Period of Possession/Use	How Personal Information is Destroyed Upon Contract Termination
BC Card	Attracting BC TOP affiliated stores	Affiliated stores’ names, their representatives’ names, business registration numbers, affiliated stores’ numbers, affiliated stores’ addresses, phone numbers	Retaining for two months after attracting affiliated stores(for account settlement); destruction of personal information upon customer’s refusal to consent to our retention	Upon contract termination - Destruction of only business registration number and personal contact numbers in connection with the need to retain basic information * Destruction of all personal information upon customer’s refusal
NH Nonghyup Card	Attracting NH Cheum Shop affiliated stores	Affiliated stores’ names, their representatives’ names, business registration numbers, affiliated stores’ numbers, affiliated stores’ addresses, phone numbers, card fees	Retaining for two months after attracting affiliated stores	Upon contract termination - Destruction of only business registration number and personal contact numbers in connection with the need to retain basic information * Destruction of all personal information upon customer’s refusal to consent to our retention
Alba Co., Kr	Provided to membership subscribers for public notice registration and search for talented individuals	Affiliated stores’ names, addresses, business registration numbers, their representatives’ names, cell phone numbers	We destroy personal information upon attaining the purpose of collecting and using it, provided that we retain information on members during a period stated in the following as required under relevant laws. - Records about cancelled contracts and withdrawn subscriptions, etc. Basis for retention: The Act on the Consumer Protection in the Electronic Commerce Transactions, etc. Retention period: 5 years Records about payment and goods supply Basis for retention: The Act on the Consumer Protection in the Electronic Commerce Transactions, etc. Retention period: 5 years Records about handling consumers’ complaints or disputes Basis for retention: The Act on the Consumer Protection in the Electronic Commerce Transactions, etc. Retention period: 3 years Records about collection, handling, and use of credit information Basis for retention: The Use and Protection of Credit Information Act Retention period: 3 years	Permanent deletion of relevant information from stored data
Lotte Rental	Provided to those applying for rental service	Affiliated stores’ names, business registration numbers, their representatives’ names, cell phone numbers
Albain	Provided to those applying for public notice registration service	SALT ID, store names/addresses, their representatives’ names, contact numbers, e-mail addresses
Daidong Industrial Systems	Provided to those applying for CCTV service	Affiliated stores’ names, their representatives’ names, contact numbers, addresses, e-mail
KT Music	Provided to those using KT music service	SALT ID, affiliated stores’ names, their representatives’ names, business registration numbers, e-mail
Korea Information Evaluation Association	Confirmation of affiliated stores’ names for provision of service related to consulting and loans for small business	Affiliated stores’ names, their representatives’ names, phone numbers, cell phone numbers
Korean Federation of Savings Banks	Provided to those applying for consulting service	Affiliated stores’ names, their representatives’ names, contact numbers, addresses, business registration numbers
MEATBOX	Provided to membership subscribers for using MEATBOX (foodstuff distribution) service	Affiliated stores’ names, business registration numbers, cell phone numbers
BC Card	Provided to those applying for BC Card-based service	Affiliated stores’ names, business registration numbers

* As for Lotte Rental, Korean Federation of Savings Banks, Alba Co., Kr, and Albain, we only provide SALT service subscriber information

* As for Double Save, we only provide information entrusted by BC Card

Entrustment of personal information handling

We entrust personal information handling to another business for customers’ convenience and proper management of the business such as service contracts, provision of after sales service and ancillary business. We make the trustee observe personal information protection-related laws and not provide personal information to third parties, with the relevant contracts electronically maintained in good order. We will keep customers informed of any change in the trustee business through public notices and these Guidelines.

Trustee	Content of Business Entrusted
Tongin Safe Warehouse	Keeping sales receipts
LGCNS	Keeping sales receipts
ACE Information & Communications and 982 other businesses	Integrated management for service provision; service-related consulting; handling new subscriptions, transfer of subscriptions, and cancellation of subscriptions ; other additional goods-related services; new goods; or our service and goods combined/affiliated with service provided by our affiliated businesses and subcontractors; or customer retention; obtaining customers’ consent to our provision of personal information to affiliated businesses; other marketing activities for customers; customer management.

Personal Information Destruction Procedures and Methods

We destroy personal information as follows upon attaining the purpose of collecting and using it.
Destruction procedures
1. We destroy information entered by users for member subscription and the like by relocating it to a separate database (or to a file in the case of paper documents) upon attaining the purpose per internal guidelines and relevant laws (Ref.: period for retention and use) after retaining it for a given period.
2. The stated personal information is not used for any purpose other than what is designated unless otherwise stipulated by law.
Destruction methods
1. We destroy documents containing personal information with a shredder or through incineration.
2. We delete personal information stored in the form of an electronic file, using an irrecoverable method.

Rights of Users and Legal Agents and How to Exercise Them

Users and legal agents registered with us may access or revise personal information on the subject of information at any time. If they do not consent to the way we handle personal information, they may ask for withdrawal of subscription (or membership). In such case, it may be difficult for them to partially or wholly use the service.
If they wish to access or revise their personal information, they may do so within ten days by contacting our personal information management personnel in writing, by phone or by e-mail.
When a user has asked for correction of an error in his/her personal information, we will stop using or providing the information until the correction of the error is completed.
When we have provided incorrect personal information to third parties, we will immediately inform the third parties of the fact.
The personal information withdrawn or deleted by the request of the user or legal agent will be handled as per the Period for retaining and using personal information and will not be allowed to be accessed or used for any other purpose.

※ We do not provide service to children less than 14 years of age.

Matters Concerning Installation and Operation of Devices for Automatic Collection of Personal Information and Rejection of the Use of Such Devices

We use “cookies” to store and call users’ personal information from time to time. Cookies are a small amount of information transmitted by a website to users’ computer browser (Internet Explorer and the like). When users connect to our website, our website reads cookies information in the users’ browser and finds additional information on them and enables us to provide service without taking separate steps. Users have the right to reject our installation of cookies.
By setting an option in [Tools] > [Internet Options] > [Personal Information] tab on the upper part of the web browser, users may accept all cookies that we install, confirm each cookie to be saved or fully reject our use of any cookies. If you reject our use of cookies, it may be difficult for them to partially or wholly use our service.

Technological and Management-Related Protection Measures of Personal Information

We take technological and management-related protection measures as follows to ensure the safety of users’ personal information, i.e. to prevent loss, theft, leakage, alternation or damage of the personal information
Management-related protection measures
1. We formulate personal information protection-related policies and guidelines and carry out periodic training for employees in charge. We remind employees of the importance of observing these Guidelines. We maintain the number of employees handling personal information to a minimum. We use a secret access code to personal information and change it periodically.
Technological protection measures
1. We do our best to prevent members’ personal information from being leaked or mishandled due to hacking or computer viruses. We periodically back up materials to protect against the possibility of personal information being damaged. We use updated anti-virus programs in an effort not to have users’ personal information leaked or damaged. We use coded communications for safe transmission of personal information in networks. We use an intrusion prevention system to block unauthorized outside access to personal information. We strive to use all available devices for systemic security. However, we will not be responsible for any problems caused by leakage of personal information such as ID or password due to users’ negligence or an internet problem beyond our control.
Physical protection measures
1. We operate an access control system and closed-circuit television (CCTV) to block unauthorized access to the computer room, where the personal information handling system is operated. We keep documents and media containing personal information in a locked cabinet.

Handling Customers’ Personal Information-Related Complaints

Our personal information manager and employees stated in the following strive to protect customers’ personal information and handle their personal information-related complaints. Users may contact us to discuss their complaints about the way their personal information is handled by us in their use of our service. We will remain responsive to their complaints.
Personal information manager
1. Dong Sanggwon (Senior Managing Director), the Management Strategy Division
2. Tel : 02-2109-9020 / FAX : 02-2109-9197
3. E-mail : sg.dong@smartro.co.kr
Employee in charge
1. Jang Oksul (Deputy Department Manager), the Business Support Team, the Management Support Office
2. Tel : 02-2109-9163 / FAX : 02-2109-9197
3. E-mail : osjang@smartro.co.kr

Help in Personal Information-Related Rights Infringement Cases

You may contact one of the following outside agencies to discuss your complaint about the way your personal information is handled by us.
Personal Information Infringement Reporting Center (www.1336.or.kr / 118 )
Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
The Internet Crime Investigation Center of the Supreme Prosecutors' Office (http://www.spo.go.kr / 02-3480-3600)
Cyber Terror Response Center (www.ctrc.go.kr / 02-392-0330)

Personal Information-related notices

In the event of a change (including addition, deletion or revision) in these Guidelines, we will post a relevant public notice at least seven days in advance or at least a month in advance in the event of a change that may affect users’ important rights such as collection and use of personal information or its provision to third parties.
Date of notice: 3/8/2016
Date of implementation: 3/8/2016

개인정보 취급위탁 업체

이카드밴 주식회사(수도권1)
(주)누리네트웍스(수도권2)
(주)이나밴(경기남부)
스마트로 경인지사
(주)승일정보(대전)
주현정보통신(충남지사)
주식회사 스마트(강원)
한국카드시스템(대구)
인포스정보통신(울산)
윈넷정보통신(부산)
(주)정훈정보시스템
한길카드넷(전남)
(유)전주정보
다인정보통신(제주지사)
(주)드림정보
KR POS SYSTEM
아이씨카드밴
대영정보통신
하이넷
(주)스카이씨엔에스
(주)포씨스
한양정보통신
주식회사 이백산업
(주)영원정보통신
(주)성진에이에스
(주)에이스아이앤씨
(주)티에스시티
참신정보통신
(주)스마트전자금융
글로벌 밴
(주)스타커뮤니티
길사랑장학사업단
주식회사 퍼스트정보통신
새롬정보서비스
주식회사에이퍼스
경기정보통신
에스비(SB)네트웍스
한국신용카드
OK비즈메카
나노정보통신
(주)안양밴협회
주식회사 경일정보
MG자산관리
G드림네트워크
(주)오케이벤
한울
주식회사엘씨브이
에스씨한일정보텍
노벨솔루션
(주)대경네트웍스
에코정보통신
경인데이타정보
해드림정보통신
(주)엘앤케이피플코리아
스카이정보통신
훼밀리정보통신
(유)유달카드체크
금강넷정보통신
이준정보통신
대양솔루션
이레정보통신
신한정보통신코리아
OK정보통신
포스가이드
디지털정보통신
HB정보통신
케이아이비넷(주)
필포스넷
하은정보통신
한국기술통신
안성정보통신
한울정보통신
정우정보통신
밀레니엄정보통신
신제천새마을금고
뱅크라인
유천정보통신
스마트정보통신
OK정보통신
부산정보통신
K2포항시스템
원정보통신
온누리정보통신
지코드시스템
신화정보시스템
서연정보시스템
준우정보통신
(주)대성포스
나이스콜센터
앤애프씨밴
세원정보통신
아이씨체크
창원나이스정보통신
이노스
인우아이앤티
제이씨텍
한별정보
IC카드정보
미래로정보통신
그린POS시스템
한국지역정보
EDP대구경산점
(주)21포스
주식회사 진우통상
한국카드체크
(주)센트럴웨이
더블유에스엠(WSM)
(주)디에디션
주식회사 에스티씨코리아
(주)리더스페이
소프트뱅크
상린정보통신
(주)신암
KTS솔루션
제주POSN
원시스
주식회사 우리아이엔씨
인포스시스템
(주)지인정보
KBcom
대성정보통신
유니원정보통신
케이씨엔 카드넷
에스엔비네트웍스
㈜케이엠지네트워크
한국카드단말기관리업협동조합
퍼스트넷
세종정보통신
주식회사 카수코
(주)티지테크놀러지
바른정보통신
(주)일교기술정보시스템
케이엠지
준정보운영시스템
주식회사 씨이시스템
플러스정보통신
동방정보㈜
㈜신화아이엔씨
신안네트웍스
케이지정보통신
주식회사 한결
리치플랜네트웍스
모바일뱅크㈜
더줌인베스트주식회사
히엘정보통신
주식회사 마이꿈
(주)한국금융밴
정우정보통신
대금정보통신
삼산나이스
(주)으뜸정보통신
공감커뮤니케이션즈
알당
(주)디에이치홀딩스
코리아정보통신
수정보통신
㈜두성티엔씨
주식회사씨와이솔루션
예스정보통신
제이원inc
㈜브이씨티정보통신
맥정보통신
케이앤티크레딧 남부
조아정보통신
굿정보통신
주식회사 대진포스
주식회사 밴텍아이엔씨
한국정보
(주)한별정보통신
미강정보
대원하이텍
비전정보
솔비시스템
밴코리아
스마트솔루션
케이씨씨포스(주)
미르정보통신
태통정보통신
카드플러스
닥터카운터
신현에너지
예스(YES)정보통신
인젠시스템
나이스통합정보통신
나무 포스 아이앤씨
대연정보통신
에이치아이시스템
원시스템
광윤정보통신
㈜포스텍
㈜에스엠정보통신
주식회사 푸른통신
퍼스트밴(대성정보)
스마트넷
주식회사 포스센터
아모레카운셀러
와이어드
미르정보
(주)신신엠앤씨
JOY네트워크
SNP
글로벌텍스프리
맥 인터내셔널
베스트티앤씨
세기정보통신
세븐정보통신
스마트정보
스페컴
시너직디앤지
아이오모션
아이포시스
알에스포
에스제이정보통신
영도정보통신
유아이디포스
태인
퍼스트밴
포스뱅크