All personal information handled by USIST corp (SCORE888.COM) (hereinafter referred to as "SCORE888") is collected, retained and processed based on relevant laws and regulations or with the consent of the data subject.
This policy will take effect on November 1, 2015.
SCORE888 does not use personal information for any other purpose than the following. If the purpose of use changes, we will handle it with consent.
- 1. Personal information is processed for the purpose of service provision, such as membership registration, authentication, paid service use, customer center, event, etc.
- 2. Personal information such as access to personal information, correction of personal information, deletion of personal information, request to stop handling personal information, reporting personal information leakage, receiving and handling reports of personal information infringement, handling spam complaints, and hacking reports are processed for the purpose of handling personal information.
■ Personal Information Processing and Retention Period
SCORE888 handles and retains personal information within the scope of its statutory or agreed upon by the information subject.
■ Provide third party of personal information
Personal information collected and held by SCORE888 shall not be provided to third parties without the consent of the user, and personal information may be provided to third parties in the following cases.
- 1. In case a separate agreement is obtained from the information subject
- 2. In case there is a special provision in the law or it is inevitable to comply with statutory obligations
- 3. In case the information subject or its legal representative is in a state of inability to make a statement or is not able to obtain prior consent due to an address or unknown, which is clearly recognized as necessary for the benefit of the urgent life, body or property of the information subject or third party
- 4. In case personal information is provided in an unrecognizable form as necessary for the purpose of statistical and academic research
- 5. Payment agency using specific service
If SCORE888 provides personal information to a third party, the following items will be notified to the information subject and agreed.
• Name and contact of the recipient (name of the entity or organization)
• The purpose of the personal information of the recipient and the items of personal information provided
• The period of time during which the personal information is held and used by the person receiving the personal information
• Contents of the disadvantage of having the right to refuse consent and of refusal to agree
■ Consignment of personal information processing
SCORE888 does not, in principle, entrust the processing of such personal information to others without the consent of the user. However, if SCORE888 consigns the processing of personal information to a third party, it shall be entrusted pursuant to Article 26 of the Personal Information Protection Act (restrictions on processing personal information under the Business Delegation), and the contents of the consignment and the trustee shall be posted on the SCORE888 website.
- 1. Matters concerning the prohibition of processing personal information other than the purpose of conducting consignment work
- 2. Matters concerning the technical and administrative protection of personal information
- 3. Other matters designated under the Presidential Decree for the safe management of personal information
• The purpose and scope of consignment work
• Matters concerning the limitation of recourse
• Matters concerning measures to secure safety, such as restricting access to personal information
• Matters related to supervision, such as checking the status of personal information held in relation to consignment work
• Matters concerning liability, such as damages, in the event of a breach of duty by a trustee pursuant to Article 26 paragraph 2 of the Act
■ Rights of information subjects, obligations and methods of exercise
As an information entity, the user may exercise the following rights
- 1. Personal Information Request: Personal Information File held in SCORE888 may be accessed in accordance with Article 35 of the Privacy Act (Viewing Personal Information). However, the request for access to personal information may be limited to the following in accordance with Article 35 para 5 of the Privacy Act.
가. If access is prohibited or restricted in accordance with the law
Work on audits and investigations in progress under different laws
나. In case of danger of harming another person's life or body, or of unfairly infringing on another person's property and other interests
다. Work concerning an ongoing evaluation or judgment on academic background, function, and recruitment tests, compensation for qualifications, and calculation of paychecks, etc. in case of significant disruption in the performance of any of the following tasks
- 2. Request for personal information correction and deletion: Personal information files held in SCORE888 can be requested in SCORE888 according to Article 36 of the Privacy Act (Correcting and deleting personal information). However, if the personal information is specified as a collection target under other statutes, it cannot be requested to be deleted.
- 3. Request for suspension of processing personal information: For personal information files held in SCORE888, the personal information can be requested in SCORE888 pursuant to Article 37 of the Personal Information Protection Act (such as suspension of processing of personal information). In addition, a legal representative of a child under the age of 14 may request SCORE888 to access, correct, delete, or suspend the child's personal information. However, the request for suspension of processing may be rejected in accordance with Article 37 paragraph 2 of the Privacy Act.
A. In case there is a special provision in the law or it is inevitable to comply with statutory obligations
B. In case of danger of harming another person's life or body, or of unfairly infringing on another person's property and other interests
C. In case a public authority cannot perform its duties as prescribed by other laws unless it processes personal information
D. In case the performance of the contract is difficult, such as failure to process personal information, the information subject and the agreed service cannot be provided, and the information subject has not clearly indicated its intention to terminate the contract
- 4. For requests for access to personal information, correction, deletion, and suspension of processing, the actions of SCORE888 shall be notified within 10 days. Personal information access, correction, deletion, and suspension of processing can be requested through the relevant department.
- 5. The rights exercise according to the above can be performed through the legal representative of the information subject or through the representative of the person who receives the delegation.
■ Personal information items handled
SCORE888 only collects and retains personal information based on the consent of the information subjects and the provisions of the statutes. Key personal information files collected and held by SCORE888 are as follows.
-Personal information item: login ID, password, email, date of birth (selection), mobile phone number (selection), name (selection), payment record, access IP, cookie, service use record, connection log
-How to collect: Information generated during website membership registration, authentication, and use of Eurobis is collected through the relevant tools.
■ The destruction of personal information
In principle, SCORE888 destroys personal information without delay if the period of personal information retention has expired or the purpose of processing has been achieved.
However, this is not the case if it is required to be preserved in accordance with other laws. Procedures, deadlines, and methods of dismantling are as follows.
- 1. Destruction procedure
The information entered by the user shall be destroyed in accordance with the internal policies and related statutes after the retention period has expired or the processing purpose has been achieved.
- 2. Due date for destruction
The user's personal information shall be destroyed within five days from the date of the end of the personal information retention period, and within five days from the date when the personal information is deemed unnecessary, such as achieving the purpose of processing the personal information.
- 3. Destruction method
When destroying personal information handled by SCORE888, destroy it using the following method.
In case of electronic file format: permanent in such a way that it is not to restore
Deletion In case of records, printed materials, written or other recording media other than electronic file types: crushing or incineration
■ Measures to secure the safety of personal information
Under Article 29 of the Privacy Act, SCORE888 is taking the technical, administrative and physical actions necessary to ensure safety as follows.
- 1. Minimize and train the designation of personal information recipients
The company minimizes the designation of personal information recipients and implements regular training.
- 2. Restrict access to personal information
It controls access to personal information through granting, changing, or canceling access to the database system that processes personal information, and blocks access from outside.
- 3. Storage of access records and prevention of forgery
The records (web logs, summary information, etc.) connected to the personal information processing system are kept and managed for at least six months. The records are not falsified, stolen, or lost.
- 4. Encryption of personal information
The password of the user's personal information is encrypted and stored and managed. We also use separate security features, such as encryption for sensitive data when it is stored and transferred.
- 5. Technical measures against hacking, etc
To prevent leakage or damage of personal information due to hacking or computer viruses, SCORE888 installs security programs, updates and checks on a regular basis, and installs systems in areas with restricted access from outside, and monitors and blocks them technically and physically.
- 6. Access control to unauthorized persons
The company establishes and operates access control procedures for the personal information system with separate physical storage locations.
■ Personal Information Protection Officer
If you have any questions regarding personal information protection, or if you want to report/handle personal information violations, you can consult with the customer center. In addition, the company designated a person in charge of personal information protection as follows for the purpose of handling complaints and alleviating damages related to personal information processing.
Personal Information Protection Officer
Statement: Lee Sang-gil
e-mail : firstname.lastname@example.org