Policy

 

»  News
»  Event
»  Conferences &
    Seminars
»  Client's Publication
»  Mileage usage guide
»  Contact us
»  FAQ
»  Download
»  Technical Newsletter
»  Mobile Applications
Macrogen’s Privacy Policy
All personal information that Macrogen Inc. (hereinafter “the Company”) handles is based on the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. and the Personal Information Protection Act or is collected, retained and processed with the information subject’s consent.
Also, the Company provides services in compliance with the EU GDPR standards, and regularly receives inspections of its personal information security activities by an outside agency through PIMS, a domestic personal information security certification program.

1. Personal Information Collection/Use Purpose, Personal Information Items Collected and Collection Method

A. The Company collects the following personal information from users registering for the first time or using services. The personal information will not be used for any purposes other than those stated below, and if the purpose is changed, the Company shall ask for the information subject’s consent beforehand.

  1. ① The Company shall collect and use personal information to provide membership services as follows:

    Collection Method Items Collected Collection and Use Purposes
    Member Registration Required ID, password, Title & name, Role, department,
    Institude, Address & Zip Code, telephone number,
    e-mail address, ATTN, Payment method,
    Invoice to be sent through, billing e-mail address,
    Telephone Number of payer, Fax Number of payer,
    Billing Address, Institude(for billing)
    Member registration, user identification,
    service use, and consultation
    IP address, cookie, time and date of visit,
    records of service use
    To prevent inappropriate use, record information
    on recent order, retain records to resolve disputes, etc.
    Optional Other affiliation, fax number, Mobile Number,
    second e-mail address, third e-mail address,
    Recommender, Channel to Macrogen, Priority,
    major interests, intended use of sequencing results,
    Language Preference
    Marketing such as customized
    product recommendation, etc.
  2. ② The Company shall collect and use the following information to provide non-member services:

    Collection Method Items Collected Collection and Use Purposes
    Request Estimate Name, institution, telephone number, e-mail Estimate and consultation inquiry
    Make Inquiry E-mail Inquiry during service use
    Make Homepage Improvement Suggestion E-mail Suggestion during homepage use

2. Provision of Personal Information to Third Parties

A. The Company shall process the information subject’s personal information within the scope specified in “1. Personal Information Collection/Use Purpose, Personal Information Items Collected and Collection Method” only, and shall not process the information outside the original scope or provide it to third parties without the information subject’s consent.

  1. ① When the information subject has given separate consent
  2. ② When there is a special regulation in the legislation
  3. ③ When it is acknowledged that it is clearly required for the benefit of life, body, and property of an information subject or a third party, but the information subject or the legal representative is not in a position to express their intention or it is not possible to receive consent beforehand due to unknown address, etc.
  4. ④ When it is necessary for the production of statistics, academic research purposes, etc. and personal information is provided in a format that does not allow specific individuals to be identified
  5. ⑤ When it is not possible to execute judicial work designated by other legislation, if the personal information is not used for purposes other than the intended purpose or if it is not provided to a third party
  6. ⑥ When it is necessary to provide it to a foreign government or international organization to honor a treaty or other international agreements
  7. ⑦ When it is necessary for a criminal investigation and prosecution and maintaining a prosecution
  8. ⑧ When it is necessary for a court’s trial proceeding
  9. ⑨ When it is necessary for sentencing and enforcement of preventive custody and protective disposition

3. Personal Information Processing and Retention Period

A. The Company shall immediately destroy the personal information after the purpose of collection and use has been achieved, without exception. However, the following information shall be retained for the reasons and terms specified below.

Legislation/Internal Policy Items Collected Collection and Use Purposes Retention and Use Periods
Protection of Communications
Secrets Act
Provide if an investigative agency with
a court warrant makes a request
Record of website visit 3 months
Act on the Consumer Protection
in Electronic Commerce, Etc.
Records of Bill Settlement and Supply
of Goods, etc.
Records of Bill Settlement and Supply
of Goods, etc.
5 years
Consumer identification information
Record of contract/subscription cancellation
Records of Canceled Contracts or
Subscription, etc
5 years
Consumer identification information
Record of dispute settlement
Records of Customer Complaints and
Dispute Settlement
3 years

4. Destroying Personal Information

A. The Company shall destroy personal information without delay in cases where it has become unnecessary, such as the retention period has expired, processing purpose has been achieved, etc.

B. The personal information destruction procedure and method shall be as follows:

  1. ① Destruction Procedure

    • In cases where the personal information has become unnecessary, such as the personal information purpose has been achieved, retention period has expired, relevant service has been discontinued, business has been terminated, etc. the personal information shall be destroyed without delay on the date that it is acknowledged as unnecessary.
  2. ② Destruction Method

    • Personal information recorded and stored in electronic file form shall be destroyed so that the record cannot be retrieved, and personal information recorded and stored on paper documents shall be shredded with a paper shredder or incinerated.

5. Entrustment of Personal Information Processing

A. The Company shall entrust the following personal information processing work for smooth personal information work processing:

Order Trustee Work Entrusted Period Entrusted
1 LGU+ Electronic payment agent Until entrusted work is finished

B. When the Company entrusts personal information processing work, it shall do so with a document that includes the following contents in accordance with Article 26 (Limitation to Personal Information Processing Subsequent to Outsourcing of Work) of the Personal Information Protection Act.

  1. ① Matters regarding prohibiting the processing of personal information for purposes other than the execution of the work entrusted

  2. ② Matters regarding technical and administrative security measures for personal information

  3. ③ Other matters designated by Presidential Decree for the secure management of personal information as follows:

    • Purpose and scope of the work entrusted
    • Matters regarding restricting re-outsourcing
    • Matters regarding measures to secure safety, such as restricting access to personal information, etc.
    • Matters regarding supervision, such as inspecting the management situation of the personal information retained in relation to the entrusted work
    • Matters regarding responsibility, such as indemnity if the trustee has violated its obligated duty in accordance with Article 26, Paragraph 2 of the Act.

C. When there are changes to the work entrusted or the trustee, the Company shall notify through this privacy policy.


※ Only for domestic (Korea) customers

6. User and Legal Representative’s Rights and Exercise Method

A. The information subject can exercise the following rights related to personal information protection at any time:

  1. ① Demand to view personal information
  2. ② Demand to rectify any errors, etc.
  3. ③ Demand deletion
  4. ④ Demand to stop processing

B. The exercising of rights according to “A” must be done by phone or e-mail, and the Macrogen homepage shall respond to it without delay.

C. If the information subject has demanded the rectification or deletion of a personal information error, etc., the Macrogen homepage shall not use or provide the relevant personal information until it is rectified or deleted.

D. The exercising of rights according to “A” may be done through an agent, such as the information subject’s legal representative or an entrusted person, etc. In this case, a power of attorney for the personal information processing must be submitted.

E. When there is a demand to view, rectify, delete, or stop processing pursuant to the information subject’s rights, it shall be checked if the person who made the demand is the information subject himself/herself or his/her legitimate agent.

7. Matters Regarding the Installation, Operation, and Rejection of the Automatic Personal Information Collection Device

A. Personal information may be accumulated with the collection of “automatically generated information items (cookie, IP, etc.)” when users use the Company’s services. A cookie is a temporary file created automatically when a website is accessed, and it is stored on the user’s computer hard drive.

B. The Company uses cookies for the purpose stated below. The user has the option regarding cookie storage of allowing all cookies or rejecting cookie storage by selecting the option on the web browser.

  1. ① Purpose of Cookies

    • When using a service that requires logging in, a cookie provides convenience by making it unnecessary to type in the ID and password every time. Also, a cookie is used for customized marketing services, such as event participation identification, etc.
  2. ② How to Reject Cookies

    • The user can select the option on the web browser he or she uses to allow all cookies or reject cookie storage.
    • Setup example (in the case of IE): Tools > Internet options > Privacy > Advanced > Advanced privacy setting

8. Chief Personal Information Security Officer

Inquiries about personal information security, complaint handling, damage relief, etc. can be directed to the personal information security officer and the department in charge. They will reply to information subjects’ inquiries without delay.

Category Affiliation Name/Title Contact Number E-mail
Personal Information
Security Officer
Technology Innovation
Division
Sukang Lee/
Executive Vice President
(Managing Director)
02-2180-7048 privacy@macrogen.com
Personal Information
Security Staff
Technology Innovation
Division’s Information
Security Team
Bae Soo-Young/
Personal Information
Security Staff

9. Big Data Utilization Method

A. Macrogen does not utilize possible data, such as customized environment provision, big data, etc.

10. Personal Information Safety Security Measures

A. The following measures shall be taken to secure personal information safety:

  1. ① Establish and implement internal management plan

    • An internal management plan shall be established and implemented in accordance with the “Personal Information Technical & Administrative Security Measures Standard” and the “Personal Information Safety Security Measures Standard.”
  2. ② Restrict access to personal information

    • Necessary measures shall be taken to control access to personal information by granting, changing and canceling the authority to access the personal information processing system. A firewall shall be used to restrict unauthorized access from the outside.
  3. ③ Retain access records and tampering

    • Personal information processing system access records shall be retained and managed for at least six months. Access records shall be properly managed to make sure they are not forged, falsified, stolen or lost.
  4. ④ Encrypt personal information

    • Personal information shall be safely stored and managed through encryption, etc. Also, separate security functions shall be used for encrypting important data when storing and transmitting, etc.
  5. ① Install security program and inspect and update it regularly

    • To prevent personal information leaks and damage due to hacking, computer viruses, etc. security programs shall be installed and regularly inspected and updated.
  6. ② Restrict access of unauthorized personnel

    • The personal information processing system, which stores the personal information, shall be kept in a physically separate location, and an access control procedure shall be established and operated.

11. Changes in the Privacy Policy

A. This privacy policy shall be applied from May 20, 2018.

B. The previous privacy policy can be viewed below.
- 2012. 12. 03 ~ 2017. 07. 26