English

Terms of Use

Privacy Policy

Megazone Cloud CloudPlex Privacy Policy

Megazone Cloud Co., Ltd. (hereinafter referred to as the “Company”) ‘collects, uses and provides personal information based on the user’s consent’ for the CloudPlex service and ‘actively guarantees the user’s rights (right to self-determination of personal information).’ do.
The company complies with the relevant laws and personal information protection regulations and guidelines of the Republic of Korea that information and communication service providers must comply with.

Article 1 (Purpose of processing personal information)

The company processes users’ personal information for the following purposes. Personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

  1. Purpose of processing personal information
    • Membership management: User identification through membership registration and member management
    • Service provision: service registration, service operation
    • Consultation and grievance handling: 1:1 inquiry, customer consultation work, grievance handling
    • Promotion and marketing: Providing educational information, newsletters, and promotions

Article 2 (Personal information items collected)

The company collects and processes the following personal information. If we collect a user's personal information, we will notify the user in advance and ask for their consent.

  1. Personal information items collected through the website
    1. Membership management
      1. Collection items: [Required] Email, name
        [Optional] Company name, phone number
      2. Collection point: When registering as a member of the website
      3. Collection method:
        • · If the user agrees to the collection of personal information and enters the information when registering for membership or applying for service
          · Service provided upon third party consent [Required] When applying for email or name service
    2. Service provision
      1. Collection items: [Required] Email, name
      2. Point of collection: When applying for service
      3. Collection method:
        • · If the user agrees to the collection of personal information and enters the information when registering for membership or applying for service
          · Service provided upon third party consent [Required] When applying for email or name service
  2. Information automatically collected while using the service
    1. Automatically generated information
      1. Collection items: IP address, cookies, service use records, visit records, bad use records, etc.
      2. Collection point: Automatically generated while using the service
      3. Collection method: Collection through automatic collection device
  3. The company does not collect personal information from children under 14 years of age.

Article 3 (Retention and use period of personal information)

The company processes and retains personal information within the personal information retention/use period in accordance with the law or within the personal information retention/use period agreed upon when collecting personal information from the information subject (user).

  1. Personal information retention and use period for providing CloudPlex services
    • Membership management: Deleted without delay after membership withdrawal
    • Service provision: Deleted without delay after service termination
    • Consultation and grievance handling: Deleted without delay after consultation and grievance handling work is completed.
    • Promotion/Marketing: Deleted without delay after achieving the purpose of promotion and marketing.
  2. Preservation by law following the provision of goods or services
    1. Records of contracts or subscription withdrawals, etc.
      • Related law: Act on Consumer Protection in Electronic Commerce, etc.
      • Period of use (retention period): 5 years
    2. Records of payment and supply of goods, etc.
      • Related law: Act on Consumer Protection in Electronic Commerce, etc.
      • Period of use (retention period): 5 years
    3. Records of consumer complaints or dispute resolution
      • Related law: Act on Consumer Protection in Electronic Commerce, etc.
      • Period of use (retention period): 3 years
    4. Records of labeling and advertising
      • Related law: Act on Consumer Protection in Electronic Commerce, etc.
      • Period of use (retention period): 6 months
    5. Books and supporting documents for all transactions stipulated by tax laws
      • Related law: Framework Act on National Taxes
      • Period of use (retention period): 5 years
    6. Records of electronic financial transactions
      • Related law: Electronic Financial Transactions Act
      • Period of use (retention period): 5 years
    7. records of visits
      • Related law: Communications Secret Protection Act
      • Period of use (retention period): 3 months

Article 4 (Entrustment and international transfer of personal information)

  1. Personal information entrustment details
    1. The company entrusts personal information to external companies to perform some of the tasks essential to providing services. We also manage and supervise entrusted companies to ensure that they do not violate relevant laws.
      • Megazone Cloud Co., Ltd.
        • Purpose of provision (contents of entrusted work): Establishment and operation of information system
        • Retention and use period: Deleted without delay after membership withdrawal
      • TOS Payments Co., Ltd.
        • Purpose of provision (contents of entrusted work): Payment processing (credit card, simple payment) and prevention of payment theft
        • Retention and use period: Deleted without delay after membership withdrawal
      • Standard Networks Co., Ltd.
        • Purpose of provision (contents of consignment work): Sending SMS
        • Retention and use period: Deleted without delay after membership withdrawal
  2. Details of overseas transfer of personal information
    1. In order to provide smooth services and process user consultations, the company transfers users' personal information overseas, and it is transmitted using an Internet network that has been processed with a security protocol (SSL).
      • GoogleLCC.
        • Managing Director and Contact: Gerhard Eschelbeck (googlekrsupport@google.com)
        • Purpose of transfer: Management of consultation information during the personal information retention period
        • Items transferred: company name, name, contact information, email and consultation request information
        • Transferred countries: USA, Taiwan, Japan, Sydney, Singapore, EU
        • Transfer date and method: Transfer through the network every time a consultation request is filled out
        • Personal information use period: Until consultation work is completed
  3. When concluding a consignment contract, in accordance with Article 25 of the Personal Information Protection Act, the company prohibits processing of personal information other than for the purpose of performing consignment work, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of the consignee, compensation for damages, and other matters related to responsibilities in the contract, etc. We specify this in the document and supervise whether the trustee handles personal information safely.
  4. If the details of the entrusted work or the trustee changes, we will disclose it through this personal information processing policy without delay.

Article 5 (Provision of personal information to third parties)

The company processes the personal information of the information subject (user) only within the scope specified in “Article 1 (Purpose of Personal Information Processing)” and complies with Articles 17 and 18 of the Personal Information Protection Act, including consent of the information subject and special provisions of the law. Personal information is provided to third parties only in cases that fall under Article 11.

  1. Personal information provided to third parties
    • Provided by: AWS
    • Provided items: [Required] Email, name
    • Purpose of provision: Integrated member management
    • Retention and use period: Deleted without delay after membership withdrawal

Article 6 (Destruction of personal information)

When personal information becomes unnecessary, such as when the personal information retention period has passed or the purpose of processing has been achieved, the company destroys the information without delay.

  1. When personal information becomes unnecessary, such as when the personal information retention period has passed or the purpose of processing has been achieved, the company destroys the information without delay.
  2. The procedures and methods for destroying personal information are as follows.
    • Destruction Procedure: The company selects the personal information for which there is a reason for destruction and destroys the personal information with the approval of the company's personal information protection manager.
    • Destruction method: Personal information recorded and stored in the form of electronic files is destroyed so that the records cannot be reproduced. Personal information recorded and stored in paper documents is destroyed by shredding or incineration.

Article 7 (Rights, obligations and exercise methods of information subjects)

  1. The information subject (user) may exercise the following rights related to personal information protection against the company at any time.
    • Request to view personal information
    • Request for correction if there is an error, etc.
    • Request for deletion
    • Request to stop processing
  2. The exercise of rights pursuant to Paragraph 1 may be made to the Company in writing, by phone, e-mail, facsimile (FAX), etc. in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the Company will take action without delay.
  3. If the information subject requests correction or deletion of errors in personal information, the company will not use or provide the personal information until correction or deletion is completed.
  4. The exercise of rights under Paragraph 1 may be done through an agent, such as the information subject's legal representative or a person authorized to do so. In this case, you must submit a power of attorney according to Form No. 11 of the Notice on Personal Information Processing Methods (No. 2020-7).
  5. Requests to view and suspend personal information processing may limit the information subject's rights pursuant to Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.
  6. Requests for correction or deletion of personal information cannot be requested if the personal information is specified as the subject of collection in other laws and regulations.
  7. The company verifies whether the person making the request, such as a request for viewing, a request for correction or deletion, or a request for suspension of processing, is the person or a legitimate agent in accordance with the information subject's rights.

Article 8 (Measures to ensure the safety of personal information)

The company is taking the following measures to ensure the safety of personal information.

  1. Management measures: establishment and implementation of internal management plan, regular employee training, etc.
  2. Technical measures: Management of access rights to personal information processing systems, etc., storage of access records and safety measures to prevent forgery or alteration, installation of an access control system, encryption of unique identification information, etc., installation of security programs, etc.
  3. Physical measures: access control to computer rooms, data storage rooms, etc.

Article 9 (Matters regarding installation, operation and refusal of automatic personal information collection devices)

  1. The company uses ‘cookies’ to store usage information and retrieve it from time to time in order to provide individualized services to users.
  2. Cookies are a small amount of information that the server (http) used to run the website sends to the user's computer browser and are sometimes stored on the hard disk of the user's PC computer.
    • Purpose of use of cookies: They are used to provide optimized information to users by identifying visitation and usage patterns, popular search terms, secure access, etc. for each service and website visited by the user.
    • Installation, operation and refusal of cookies: You can refuse the storage of cookies through the option settings in the Tools > Internet Options > Personal Information menu at the top of your web browser.
    • If you refuse to store cookies, you may have difficulty using customized services.
    • How to refuse cookie settings
      • Internet Explorer: Select Tools menu > Select Internet Options > Click Privacy tab > Advanced privacy settings > Cookie level settings
      • Chrome: Select Settings menu > Select Show advanced settings > Privacy and security > Select content settings > Set cookie level
      • Safari: Select the Settings menu > Select the Privacy tab > Cookie and website data level settings
      • Microsoft Edge: Select Settings menu > Select Site Permissions tab > Cookie and site data settings

Article 10 (Personal Information Protection Manager)

The company is responsible for overall management of personal information processing, and has designated a personal information protection officer as follows to handle complaints and provide relief for damage from information subjects related to personal information processing. To ensure the safety of personal information, as follows: We are taking the same steps.

  1. Personal information protection manager and department in charge
    • Personal information protection officer
      • Name: Joowan Lee
      • Position: Personal Information Protection Manager
      • Phone number: 1644-2243
    • Personal information protection department
      • Department in charge: IRM
      • Phone number: 1644-7378
      • Email: irm@megazone.com
  2. Information subjects may inquire about all personal information protection-related inquiries, complaint handling, damage relief, etc. that arise while using the company's services (or business) to the personal information protection manager and responsible department. The company will respond and process inquiries from information subjects without delay.

Article 11 (Request to view personal information)

The information subject may request access to personal information pursuant to Article 35 of the Personal Information Protection Act to the department below. The company will strive to promptly process the information subject's request to view personal information.

  1. Reception/Processing Department
    • Department Name: CloudPlex
    • Email: cloudplex@megazone.com

Article 12 (Methods for relief from rights infringement)

Information subjects can inquire about damage relief and consultation regarding personal information infringement to the organizations below.

The organizations below are separate from the company. If you are dissatisfied with the company's own personal information complaint handling or damage relief results, or if you need further assistance, please contact us.

  1. Information Breach Reporting Company (operated by Korea Internet & Security Agency)
    • Responsibilities: Reporting personal information infringement, requesting consultation
    • Website: Privacy.kisa.or.kr
    • Phone: (without area code) 118
    • Address: 58324) Personal Information Infringement Reporting Company, 3rd floor, 9 Jinheung-gil, Naju-si, Jeollanam-do (Bitgaram-dong 301-2)
  2. Personal Information Dispute Mediation Committee (operated by the Personal Information Protection Committee)
    • Responsibilities: Request for personal information dispute mediation, group dispute mediation (civil resolution)
    • Website: www.kopico.go.kr
    • Phone: (no area code) 1833-6972
    • Address: 03171) 12th floor, Seoul Government Complex, 209 Sejong-daero, Jongno-gu, Seoul
  3. Supreme Prosecutors' Office Cyber Crime Investigation Team
    • Website: www.spo.go.kr
    • Phone: (without area code) 1301
  4. National Police Agency Cyber Security Bureau
    • Website: http://ecrm.cyber.go.kr
    • Phone: (without area code) 182

Article 13 (Responsibility for linked sites)

The Company may provide users with links to other companies' websites or materials. In this case, since the company has no control over external sites and materials, it cannot be held responsible for and cannot guarantee the usefulness, truthfulness, or legality of the services or materials provided from them. If you click on a link included by the company and move to a page on another site, the privacy policy of that site is unrelated to the company, so please check the policy of the newly visited site.

Article 14 (Changes to personal information processing policy)

If there are any additions, deletions or modifications to the current personal information processing policy, we will notify you at least 7 days prior to revision. However, if there are significant changes to user rights, such as collection and use of personal information, provision to third parties, etc., notification will be provided at least 30 days in advance.

This privacy policy is effective from December 27, 2022.

You can check the previous privacy policy below.

Updated
2023-08-30
2022-12-27
2022-08-18
2020-01-01
2021-02-01