SM for Global (hereinafter referred to as the “Company”) establishes and discloses the following Privacy Policy in accordance with Article 30 of the Personal Information Protection Act in order to protect the personal information of data subjects and to promptly and smoothly handle related grievances.
- Article 1 (Purpose of Processing Personal Information)
-
The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those stated below. If the purpose of use changes, the Company will take necessary measures, such as obtaining separate consent, in accordance with Article 18 of the Personal Information Protection Act.
- 1. Responding to customer inquiries submitted through the website and managing related records
- Article 2 (Processing and Retention Period of Personal Information)
-
- 1. The Company processes and retains personal information within the retention and usage period stipulated by applicable laws or agreed upon by the data subject at the time of collection.
-
2. The retention period is as follows:
- Within three (3) years from the date of receipt of the website inquiry
- Article 3 (Provision of Personal Information to Third Parties)
-
-
The Company uses personal information only within the scope previously disclosed and does not use it beyond such scope or disclose it to third parties without prior consent of the data subject. However, exceptions apply in the following cases:
- Where the data subject has given prior consent
- Where required by law or requested by investigative authorities in accordance with procedures and methods prescribed by law for investigative purposes
-
The Company uses personal information only within the scope previously disclosed and does not use it beyond such scope or disclose it to third parties without prior consent of the data subject. However, exceptions apply in the following cases:
- Article 4 (Outsourcing of Personal Information Processing)
-
- In principle, the Company does not outsource the processing of personal information without the user’s consent. However, for the purpose of providing improved customer services, the Company may entrust personal information to third parties within a limited scope. When entering into an outsourcing agreement, the Company will disclose matters such as the entrusted party, scope of entrusted tasks, retention period, contractual obligations (including compliance with relevant data protection laws, prohibition of third-party provision, and liability), and measures for safe management of personal information through notices and this Privacy Policy. Where necessary, prior consent will be obtained.
- Article 5 (Rights and Obligations of Data Subjects and Methods of Exercise)
-
-
1. Data subjects may exercise the following rights regarding personal information protection at any time:
- Request access to personal information
- Request correction in case of errors
- Request deletion
- Request suspension of processing - 2. Rights under Paragraph 1 may be exercised by submitting a request in writing, by telephone, or by email to the Company, and the Company will take action without delay.
- 3. If a data subject requests correction or deletion due to errors in personal information, the Company will not use or provide such personal information until the correction or deletion is completed.
- 4. The rights under Paragraph 1 may also be exercised through a legal representative or an authorized agent. In such cases, a power of attorney in accordance with Form No. 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.
- 5. Data subjects shall not infringe upon their own or others’ personal information or privacy processed by the Company in violation of relevant laws, including the Personal Information Protection Act.
-
1. Data subjects may exercise the following rights regarding personal information protection at any time:
- Article 6 (Items of Personal Information Processed)
-
-
1. Responding to website inquiries and managing related records
- Required items: Name, Contact Information (Phone Number, Email Address), Company Name
-
2. The following personal information may be automatically generated and collected during the use of internet services:
- IP address, cookies, MAC address, service usage records, access logs, records of improper use, etc.
-
1. Responding to website inquiries and managing related records
- Article 7 (Destruction of Personal Information)
-
- 1. The Company will promptly destroy personal information when it becomes unnecessary due to expiration of the retention period or achievement of the processing purpose.
-
2. The procedures and methods of destruction are as follows:
- Destruction procedure
The Company selects personal information subject to destruction and obtains approval from the Chief Privacy Officer before destroying it.
- Destruction method
Personal information printed on paper is destroyed by shredding or incineration. Personal information stored in electronic file form is deleted using technical methods that prevent recovery.
- Article 8 (Measures to Ensure the Security of Personal Information)
-
- The Company takes the following measures to ensure the security of personal information:
- 1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.
- 2. Technical measures: Access control management for personal information processing systems, etc.
- Article 9 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
-
- 1. The Company uses cookies to store and retrieve user information in order to provide customized services.
- 2. Cookies are small pieces of information sent by the server (HTTP) operating the website to the user’s browser and may be stored on the user’s computer hard disk.
- 3. Purpose of cookies: To analyze users’ visit patterns, frequently searched keywords, security access status, and other usage behaviors in order to provide optimized information.
- 4. Installation, operation, and refusal of cookies: Users may refuse cookie storage through the settings in their web browser (Tools → Internet Options → Privacy).
- 5. If cookie storage is refused, there may be limitations in using customized services.
- Article 11 (Remedies for Infringement of Rights)
-
- Data subjects may contact the following institutions for damage relief or consultation regarding personal information infringement. (These institutions are separate from the Company. If you are not satisfied with the Company’s handling of personal information complaints or require further assistance, please contact the institutions below.)
-
1. Personal Information Infringement Report Center (operated by KISA)
- Duties: Reporting personal information infringement, consultation
- Website: privacy.kisa.or.kr
- Tel: 118 (without area code)
- Address: 3rd Floor, 9 Jinheung-gil, Naju-si, Jeonnam 58324, Republic of Korea -
2. Personal Information Dispute Mediation Committee
- Duties: Dispute mediation, collective dispute mediation (civil resolution)
- Website: www.kopico.go.kr
- Tel: 1833-6972 (without area code)
- Address: 12th Floor, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul 03171, Republic of Korea -
3. Supreme Prosecutors’ Office Cyber Crime Investigation Division: +82-2-3480-3573 (www.spo.go.kr)
-
4. Korean National Police Agency Cyber Bureau: 182 (cyberbureau.police.go.kr)
- Article 12 (Amendment of the Privacy Policy)
-
- This Privacy Policy shall take effect on December 1, 2024.