privacy policy

PRIVACY POLICY

“K2 Laser System Co., Ltd.” hereafter, the “Company” collects, uses, and provides personal information to manage website inquiries, send newsletters, distribute marketing materials, and improve service quality.

In order to protect the freedom and rights of information subjects, the company processes personal information appropriately and manages it safely in accordance with the provisions of the “Personal Information Protection Act” and related laws. Therefore, in accordance with Section 30 of the “Personal Information Protection Act”, we establish and disclose the following personal information processing policy in order to guide information subjects on procedures and standards related to the processing of personal information, and to be able to handle grievances related to this quickly and smoothly.

‍

This policy will take effect on September 14, 2023.

‍

‍

Article 1. Purpose of processing personal data

The company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and prior consent will be sought if the purpose of use is changed.

‍

a. Website inquiry management: Collection and management of customer inquiries about the company's general and solutions through the website

me. Sending newsletters and distributing marketing materials: Email distribution of newsletters, distribution of marketing materials for the purpose of promoting the company

‍

Article 2. Period of processing and retention of personal data

The company processes and holds personal information within the period of retention and use of personal information agreed upon when collecting personal information from the data subject.

‍

a. Website inquiry management: 3 years

me. Sending newsletters and distributing marketing materials: 3 years (or until consent is withdrawn)

‍

‍

Article 3. Items of personal information to be processed

The company processes the following personal information items.

‍

A. Managing inquiries on the website

‣ Required items: name, gender, organization, email, phone number, inquiry details, and access route

※ Information automatically collected by the information system: usage records, visit logs, access logs, IP

‍

A. Sending newsletters and distributing marketing materials: 3 years (or until consent is withdrawn)

‣ Required items: email, phone number

‍

Article 4. Matters relating to provision of personal information to third parties

The company processes the personal information of the data subject only within the scope specified in the purpose of processing personal information, and provides personal information to a third party only if it falls under Sections 17 and 18 of the “Personal Information Protection Act”, such as the consent of the data subject or special provisions of the law, and does not provide the personal information of the data subject to a third party.

In order to improve promotional marketing and service quality, the company obtains the consent of the data subject and provides personal information to a third party only to the minimum extent necessary in the following cases.

‍

a. Recipient: Google, Webflow

me. Purpose of provision: PR marketing, system security and analysis

Everything. Offered items:

- (Basic information) Name, gender, organization

- (contact information) email, phone number

- (Activity information) Usage records, visit logs, access logs, IP

Ra. Retention and use period: 3 years

※ The company may provide personal information to related organizations without the consent of the data subject in the event of an emergency such as a disaster, infectious disease, incident or accident causing imminent risk to life or physical danger, or imminent loss of property.

‍

‍

‍

Article 5. Matters relating to outsourcing of personal information processing

In order to facilitate the processing of personal information, the company entrusts the processing of personal information as follows. If the details of the outsourced work or the trustee change, we will disclose it through this privacy policy without delay.

‍

a. Outsourced tasks: PR marketing, system security and analysis

me. Entrusted by: Google, Webflow

Everything. Period of entrustment: Until December '24

‍

※ When signing a contract of entrustment, the company specifies matters relating to liability such as prohibition of processing of personal information other than the purpose of execution of outsourced work, technical and administrative protection measures, restrictions on re-entrustment, management and supervision of the trustee, and compensation for damages in accordance with Article 26 of the “Personal Information Protection Act”, and supervises whether the trustee processes personal information safely.

※ Personal information is transferred overseas and processed as follows.

1. Contractor: Amazon
2. Outsourced work content: PR marketing, system security and analysis
   ‍

‍

Article 6. Matters relating to procedures and methods of destruction of personal information

The company destroys personal information without delay when personal information becomes unnecessary, such as when the retention period of personal information has elapsed or the purpose of processing has been achieved.

The procedures and methods for destroying personal information are as follows.

‍

a. Destruction procedure: The company selects the personal information for which the reason for destruction occurred and destroys the personal information with the approval of the person in charge of personal information protection.

me. Destruction method: The company destroys personal information recorded and stored in the form of an electronic file so that the records cannot be reproduced, and personal information recorded and stored in paper documents is destroyed by crushing or incinerating it with a shredder.

‍

※ If personal information must continue to be preserved in accordance with other laws and regulations even though the personal information retention period agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information is moved to a separate database (DB) or stored in a different storage location.

‍

‍

Article 7. Matters relating to the rights and obligations of data subjects and how to exercise them

The data subject can exercise the right to view, correct or delete personal information, or request suspension of processing against the company at any time.

‍

1. Rights can be exercised against the company in writing, e-mail, or facsimile transmission (FAX) in accordance with Article 41 (1) of the Enforcement Decree of the “Personal Information Protection Act”, and the Company will take action without delay.
2. Rights can also be exercised through an agent such as the data subject's legal representative or an authorized person. In this case, you must submit a power of attorney in accordance with the “Notice on the Method of Handling Personal Information” Attachment No. 11.
3. Requests to view personal information and stop processing may restrict the rights of the data subject under Article 35 (4) and Article 37 (2) of the “Personal Information Protection Act”.
4. Requests for correction or deletion of personal information cannot be requested if the personal information is specified as the object of collection in other laws and regulations.
5. In the event of a request for access based on the rights of the information subject, a request for correction or deletion, or a request for suspension of processing, the company checks whether the person making the request is the person making the request or an appropriate agent. Therefore, you may request documents that can prove your identity, such as a copy of your ID card.

‍

‍

Article 8. Matters relating to measures to ensure the safety of personal information

The company takes the following measures to ensure the safety of personal information.

‍

a. Management measures: establishment and implementation of internal management plans, operation of dedicated organizations, regular employee training

me. Technical measures: Management of access rights to personal information management systems, etc., installation of access control systems, encryption of personal information, installation and update of security programs

It's all. Physical measures: Access control to computer rooms, data storage rooms, etc.

‍

‍

Article 9. Matters relating to the person responsible for personal information protection

The company oversees and is responsible for the processing of personal information, and has designated a person responsible for personal information protection as follows for the handling of complaints and damage relief from data subjects related to the processing of personal information.

‍

a. Personal Information Protection Officer

‣ Name: ki-beom, Song

‣ Job Title: directorates

‣ Contact: 070-4571-1981, [email protected]

※ You will be directed to the Personal Information Protection Department

‍

me. Personal Information Protection Department (Personal Information Viewing Request Receiving/Processing Department)

‣ Department name: Management support teams

‣ Person in charge: Eun-ah, Kim

‣ Contact: 070-4571-1946, [email protected]

‍

※ The data subject may inquire about all personal information protection-related inquiries, complaint handling, damage relief, etc. caused by using the company's services to the person in charge of personal information protection and the department in charge. The Company will respond to and process inquiries from data subjects without delay.

‍

‍

Article 10. Remedies for infringement of the rights and interests of data subjects

In order to receive relief due to personal information infringement, data subjects can apply for dispute resolution or consultation at the Personal Information Dispute Mediation Committee and the Korea Internet & Security Agency's Personal Information Infringement Report Center. For other reports and consultations of personal information infringement, please contact the following organizations.

‍

a. Personal Information Dispute Mediation Committee: (without country code) 1833-6972 (www.kopico.go.kr)

me. Privacy Infringement Report Center: (without country code) 118 (privacy.kisa.or.kr)

Everything. Grand Prosecutor's Office: (without country code) 1301

※ The company guarantees the data subject's right to self-determination of personal information, and strives for consultation and damage relief due to personal information infringement. If a report or consultation is required, please contact the person in charge below.

‍

Customer consultation and reporting related to privacy

‣ Department name: Management support team

‣ Person in charge: Eun-ah, Kim

‣ Contact: 070-4571-1946, [email protected]

‍

‍

‍

Article 11. Matters relating to changes to the privacy policy

This privacy policy is effective as of September 14, 2023.

The previous privacy policy can be found below.

‍