Samsung Corning Precision Materials ('www.samsungscp.co.kr', hereinafter “Company”) has the following processing
policies in order to protect the personal information, rights and interests of users and to smoothly process the
grievances of users related to personal information pursuant to the Personal Information Protection Act.
Where the Company modifies the personal information processing policies, it will give notice thereof through the
notifications on the website (or a separate notification).
The policies were implemented from September 30, 2011.
Article 1 (Purpose of Processing Personal Information)
The Company processes personal information for the following purposes. The Company does not
use processed personal information for purposes other than the following, and when the purposes
for use are changed, the Company is expected to request prior consent
1. Reply to customers’ questions
The Company processes personal information for the purpose of replying mails to customers’ questions.
2. Other purposes
When the Company carries out events, it processes personal information for the purpose of confirming identification
and sending gifts.
Article 2 (Items of Personal Information to be Processed)
The Company processes items and applies its collection methods for personal information as
- 1. Customers’ questions
- - Items of personal information: e-mail.
- - Collection method: homepage.
- 2. Others (carrying out events, etc.)
- - Items of personal information: name, e-mail, contact information (cellular phone, etc.).
- - Collection method: homepage, application for events.
Article 3 (Processing and Retention Period for Personal Information)
In principle, the personal information of users is destroyed without delay once the purpose of
processing said personal information has been accomplished.
Article 4 (Provision of Personal Information to Third Parties)
- ① In principle, he Company processes the personal information of users within the scope
specified in Article 1 (Purpose of Processing Personal Information) and does not process or of
provide to third parties personal information in excess of the original scope, without prior
consent users; provided,however, that the Company may provide personal information to a third
party in the following cases:
- 1. Where the prior consent of users has been obtained;
- 2. Where there is a specific provision under the law or it is unavoidable to comply with the obligations set by law;
- 3. Where public authorities are unavoidable required to perform competent duties as prescribed by law, etc.;
- 4. Where it is necessary to prepare statistics or conduct academic studies or market research in a way that a
specific individual cannot be identified; or
- 5. Where it is otherwise permitted under the law.
- ② When the Company obtains the consent of a user for the provision of their personal information
to a third party, it informs the user of the following matters:
- 1. The third party who receives the personal information;
- 2. The purpose to which the third party receiving the personal information will put it to use;
- 3. Items of personal information to be provided;
- 4. The retention and use period of the personal information being provided to a third party; and
- 5. The fact that the user has the right to reject their consent and, where there is a disadvantage as a result of the
rejection, the content of any disadvantage.
Article 5 (Delegation for the Processing of Personal Information)
The Company may pass on the information of users to an outside company if it is necessary to
maintain and manage its homepage. The Company delegates the duties for the maintenance and
management of its homepage as follows:
- Delegatee: WebVision Co., Ltd. (www.codpro.co.kr/ 02-538-6592)
- Delegated duties: maintaining and operating the homepage, planning and operating events.
In entering into delegation agreements, the Company definitely sets forth provisions, including compliance with the
relevant laws relating to personal information protection, prohibition of providing personal information to third parties,
and liabilities, and keeps to the relevant agreements. In changing companies, the Company will inform you of any
notifications and personal information processing policies.
Article 6 (Rights, Obligations, and the Rights Exercise Method of Information Owners)
A user may, as an owner of his or her personal information, exercise the following rights:
- 1. To inquire about, change the personal information of himself or herself or a child of not more than 14 years old,
a termination of subscription.
- 2. To request the correction and deletion of mistakes in personal information;
- 3. If a user requests, by phone or e-mail, the personal information control manager for an inquiry, change,
termination, or deletion of personal information, the user may directly read, correct their personal information or
withdraw from membership.
- 4. Where a user has requested a correction or deletion of mistakes in their personal information, the Company does
not use or provide a third party with the user’s personal information until it has completed the requested correction
or deletion. In this case, when the Company has used or provided mistaken personal information, it will make
corrections thereof without delay.
- 5. The personal information terminated or deleted upon the request of a user is processed according to the
processing and retention period of personal information in Article 3.
Article 7 (Destruction of Personal Information)
In principle, the Company destroys the relevant personal information without delay when the
purpose for processing personal information has been accomplished. The procedures, due date,
and methods of destruction are as follows:
1. Procedures for destruction
The information entered by a user is moved to a separate database, after the purpose has been accomplished
(a separate document in the case of a sheet), and destroyed either after the information has been saved for a
certain period of time, under the internal policies and other relevant laws, or immediately. At this time, the
personal information moved to a database is not used for other purposes unless it is so required by law.
2. Due date of destruction
The personal information of a user is destroyed within five (5) days from the date of completion of the retention
period for personal information, where the retention period has lapsed, or within five (5) days from the date it
has been found unnecessary to process personal information, where the personal information became
unnecessary because the purpose of processing personal information has been accomplished, the relevant
services have been discontinued, or the business has been completed, etc. The personal information printed
as sheets is shredded or destroyed by way of incineration.
Information in an electronic form uses technical methods that cannot reprocess records.
Article 8 (Measures to Obtain Personal Information Security)
The Company takes the technical, managerial, and physical measures necessary to obtain the
necessary level of security pursuant to Article 29 of the Personal Information Protection Act
- 1. Minimizing and providing education to employees who process personal information
The Company takes measures to manage personal information by designating, limiting and minimizing the
employee(s) who process personal information.
- 2. Conducting regular self-auditing
The Company conducts its self-auditing regularly (once per quarter) in order to ensure the highest level of
security related to the processing of personal information.
- 3. Establishing and carrying out an internal management plan
The Company establishes and carries out its internal management plan in order to safely process personal
- 4. Encrypting personal information
As to the personal information of users, their passwords are encrypted, saved, and controlled, and as to
important data that only oneself can know, the files and data for transmission are encrypted or separate
security functions are used to lock files, etc.
- 5. Taking technical measures to overcome hacking, etc.
In order to prevent the outflow or damage to personal information by hacking, computer viruses, etc., the
Company establishes security programs and does occasional renewal and checking activities, establishes
systems in areas where access from the outside is restricted, and monitors and detects any access from
the outside technically and physically.
- 6. Restricting access to personal information
The Company takes the necessary measures to restrict the access to personal information by granting,
changing, or cancelling the rights to get access to its database system that processes personal information.
- 7. Retaining access records and preventing fabrications or alterations
The Company retains and controls the records of those who have accessed the personal information processing
system for at least more than six (6) months. Security measures are taken to ensure that the access records
are not fabricated, altered, stolen, or lost.
- 8. Using a locking device for the security of documents
The Company keeps documents, supplementary storage media, etc., with personal information in a safe place
with a locking device.
- 9. Restricting access by unauthorized persons
The Company establishes and operates access control procedures by separately having a physical retention
place where all personal information is kept.
Article 9 (Personal Information Protection Manager)
The Company has appointed a Personal Information Protection Manger and Personal Information
Control Manager in order to protect the personal information and to process complaints related
to personal information as follows:
(Personal information protection manager appointed pursuant to Article 31, Section 1 of the
Personal Information Protection Act)
- 1. Personal Information Protection Manager
- - Name: Joong-Geun Kang – Executive Director
- - Affiliation: Samsung Corning Precision Materials, Personnel Management Team
- - Phone: 041-520-1100
- - E-mail: email@example.com
- 2. Personal Information Control Manager
- - Name: Soon-Gon Kim - Group Leader
- - Affiliation: Samsung Corning Precision Materials, Communication Group
- - Phone: 02-2255-2732
- - E-mail: firstname.lastname@example.org
Article 10 (Changes in Personal Information Processing Policies)
The personal information processing policies are applied from their date of implementation, and
where there is an addition, a deletion or a correction of the content according to the law and
the policies, the Company will inform users seven (7) days before the implementation of such
Article 11 (Remedial Measures for Infringement of Rights and Interests)
An owner of personal information may file an application for dispute resolution or consultation
with the Personal Information Dispute Mediation Committee, the Personal Information Infringement
Reporting Center of the Korea Internet & Security Agency, etc ., in order to remedy an infringement
on their personal information. In addition, as to other reports or consultations related to personal
information infringements, please contact the following institutions:
- 1. Personal Information Dispute Mediation Committee: 118 (without a telephone exchange number)
- 2. Information Protection Mark Certification Committee: 02-580-0533~4
- 3. Internet Crime Investigation Center of Supreme Prosecutors’ Office: 02-3480-2000
- 4. Cyber Crime Investigative Service of National Police Agency: 02-392-0330