Policy

 

»  News
»  Event
»  Conferences &
    Seminars
»  Client's Publication
»  Mileage usage guide
»  Contact us
»  FAQ
»  Download
»  Technical Newsletter
»  Mobile Applications
Macrogen’s Privacy Policy
Macrogen, Inc. (“Company”) wants to let customers know that it complies with the personal information protection regulations in the relevant law such as “Act on the Promotion of Information and Communication Network Utilization and Information Protection, etc.,” “Personal Information Protection Act,” “Telecommunications Security Protection Act,” and “Telecommunications Business Act” based on Korean laws as well as how and for what purpose the personal information provided by customers is used and what measures are being taken to protect personal information through the company’s policy on personal information handling.
When revising the policy on personal information handling, the company will make an announcement on the website (or through individual notice).
1. Personal Information Items to be Collected
First, the company collects the following minimum personal information as necessary items for membership, counseling, service application, etc., when customers sign up for membership :
- Name, Organization, Department, Country, Address, E-mail, and Telephone Number

Second, the following information can be created and collected in the process of using services or implementing businesses :
- IP Address, Cookies, Visiting Time, Record of Using Services

Third, the following information can be collected for optional services, entry course for events, and product delivery on order based on ID from the user of services only :
- Orderer’s Information (Orderer’s Name, E-mail, Telephone Number), Destination Information (Recipient, Destination Address, Contact Number)
2. Personal Information Collection Method
The company collects personal information using the following methods :
- Homepage, Writing Forms, Fax, Telephone, Consulting Board, and E-mail
3. Personal Information Collection and its Purpose
The company collects personal information for the following purposes :

A. Implementation of contract regarding service provision and service charge calculation
Contents provision, customized services provision, product delivery and bill dispatch, user authentication, purchase and charge payment, and collection of charges

B. Member Management
Providing membership services, addressing the needs of customers such as complaints handling, delivering notices, and checking with members if they really want to cancel the membership

C. Use in Marketing and Advertising
To know the frequency of access and statistics on the service use of members
4. Retention of Personal Information and Period of Its Use
After collecting personal information and achieving the purpose of its use, the company destroys the information immediately, and there are no exceptions. For the following information only, however, the company retains them for the indicated period as per Korean laws :

A. Reason for retaining information based on the relevant ordinances
When there is a need to retain the information according to the regulations in the relevant laws such as “Commercial Law” and “Act on Consumer Protection in Electronic Commerce Transactions, etc.,” the company keeps the information for a certain period as indicated in the relevant laws. In this case, the company uses the information for the purpose of retention only, and the periods are as follows:

- Records on contracts or withdrawal of orders
Legal ground for retention : Act on Consumer Protection in Electronic Commerce Transactions, etc.
Period of retention: 5 years

- Records on payment and goods provision
Legal ground for retention : Act on Consumer Protection in Electronic Commerce Transactions, etc.
Period of retention: 5 years

- Records on electronic financial transactions
Legal ground for retention : Electronic Financial Transactions Act
Period of retention: 5 years

- Records on complaints handling or dispute resolution
Legal ground for retention : Act on Consumer Protection in Electronic Commerce Transactions, etc.
Period of retention : 3 years

- Records on website visit
Legal ground for retention : Telecommunications Security Protection Act
Period of retention : 3 months
5. Destruction Process and Method of Personal Information
In principle, after collecting personal information and achieving the purpose of its use, the company destroys the information immediately, and there are no exceptions. The destruction process and method are as follows :

A. Destruction Process
The information inputted by the user for membership, etc., shall be moved to a separate DB (in case of paper, separate document file) after the purpose of its use is achieved. It shall be destroyed after being retained for a certain period according to the company’s internal policy and the reason for information protection based on the relevant laws (refer to “Retention of Personal Information and Period of its Use”).

B. Destruction Method
Personal information printed out in paper shall be shredded by the shredder or incinerated. Personal information saved in electronic file form shall be deleted by a technical method that renders the records irreproducible.
6. Provision of Personal Information
In principle, the company does not provide the personal information of users to the outside. Note, however, that the following cases are exceptions :

- When the user agreed in advance
- When there are regulations in laws, or in case the investigation agency asks for such based on the process and method in the laws for investigation purposes
7. Rights of the User and Legal Representative and Method of Exercise of Rights
The user can check and revise the information that he or she queried at any time and may ask for the deletion of the contents. The company immediately takes measures when the user contacts the company in writing, telephone, or e-mail. When the user asks for the correction of information error, the company does not use or provide such information until the correction is completed. Personal information that has been canceled or deleted at the request of the user shall be handled according to “Retention of Personal Information and Period of Use” and such that reading or use for other purposes is prevented.
8. Regarding the Installation, Operation, and Refusal of Automatic Collection Device of Personal Information
The company operates “cookies,” which frequently save and find the information of the user. A cookie is a small text file sent by the server operating the website to the browser of the user and is saved on hard disk. The company uses cookies for the following purposes:

A. Purpose of Use of Cookies by the Company
For target marketing and customized service provision by understanding the user’s security access, visit, use type, number of visits, and participation in events when the user uses the website of the company, which requires login

The user has a choice with regard to cookie installation on the website he/she visited. Therefore, the user can permit cookies, check and confirm whenever a cookie is saved, or refuse cookies by setting the option in the web browser.

B. Setting Method of Cookie (Permit/Refuse)
The user can permit cookies, check and confirm whenever a cookie is saved, or refuse cookies by setting the option in the web browser.

Example of Setting Method (in the case of Internet Explorer)
: Tool in the upper part of the web browser > Internet Options > Personal Information Tab > Setting the Personal Information Handling Level
When the user refuses cookie installation, providing services requiring login may be difficult.
9. Technical/Managerial Protection Measure for Personal Information
The company considers the following technical/managerial measures for securing safety to prevent loss, theft, leak, falsification, or damage when handling personal information :

A. Password Encryption
The password of the member ID shall be saved and managed in an encrypted form. Therefore, only the user knows the password, and checking and changing personal information are available only to the user who knows the password.

B. Personal Information Encryption
The Personal Information DB through membership secures safety based on the Personal Information Protection Act by being saved with more than 128bit encryption.

C. Measures in case of Hacking, etc.
The company does its best to prevent the leak or damage of members’ personal information through hacking or computer virus. When users use the company’s services, the company has the personal information delivered safely on the network through encryption to prevent the leak of personal information or data and forbids unauthorized access from the outside using a firewall system.
10. Customer Complaint Handling Service Regarding Personal Information
The company has designated the following department and person in charge of personal information management to protect the personal information of customers and handle complaints regarding personal information :

Personal Information Management Department : Information Management Dept. Hyeyeon Choi.
TEL : 82-02-2113-7028
Email : privacy@macrogen.com
11. Notification Duty
In case of contents addition, deletion, or modification in the current policy on personal information handling, the company will make an announcement at least 7 days before the revision by posting a notice on the website. In case of critical change of user rights such as providing information to a third party, notification should be made at least 30 days before the revision.

- Announcement Date: Dec. 3, 2012
- Implementation Date: Dec. 3, 2012