Privacy Policy

In order to protect the freedom and rights of data subjects, CyberLogitec Co., Ltd. (the “Company”) manages personal information lawfully and safely in compliance with the Personal Information Protection Act and relevant laws and regulations. In accordance with Article 30 of the “Personal Information Protection Act”, the following Privacy Policy is established and disclosed to inform data subjects of the procedures and standards for the processing of personal information, and to ensure prompt and smooth processing of grievances related thereto.

1. Collection Items of Personal Information

The Company collects and uses personal information to the minimum extent necessary to provide the services.

Purpose of Collection and Use  Collection Items Legal basis
Membership Management
    Compulsory: ID, Name, Email, Country, Company Name
    Optional: Company Address, Phone Number
Article 15 (1)4 of the Personal Information Protection Act (‘Performance of agreement’)

2. Personal Information Utilization Purpose

The Company collects and uses personal information for the following purposes. Personal information processed shall not be used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures such as obtaining separate consent pursuant to Article 18 of the Personal Information Protection Act shall be taken.

Purpose Details
Membership Management Creation of new service user accounts and provision of service use information through new/existing user contact information

3. Processing and retention period of personal information

The Company processes and retains personal information within the period of retention/use of personal information in accordance with laws and regulations or within the period of personal information retention/use with the consent of the data subject when collecting personal information.

Each personal information processing and retention period is as follows.

1. Membership management: Until withdrawal from the website of the business/organization Provided, however, that in the following cases, until the end of the relevant period:

1) Where an investigation is in progress due to a violation of relevant statutes, until the relevant investigation is completed;

2) If a claim or obligation remains due to the use of the service, until the settlement of the relevant claim or obligation.

4. Matters concerning the procedure and method for destruction of personal information

When personal information becomes unnecessary due to the lapse of the retention period of personal information, achievement of the purpose of processing, etc., the Company shall immediately destroy such personal information.

If personal information must be preserved continuously in accordance with other laws and regulations even after the period of retention of personal information with the consent of the data subject has elapsed or the purpose of processing has been achieved, the relevant personal information shall be transferred to a separate database (DB) or preserved at a different storage location.

The procedure and method for destroying personal information are as follows.

1. Procedures of destruction;

The Company shall select the personal information for which the grounds for destruction have occurred and destroy the personal information with the approval of the Personal Information Protection Officer of the Company.

2. Method of destruction;

The Company shall destroy personal information recorded and stored in the form of electronic files so that records cannot be reproduced, and personal information recorded and saved in paper documents shall be destroyed by crushing or incinerating them with a crusher.

5. Matters regarding measures to ensure the safety of personal information

The Company is taking the following measures to ensure the safety of personal information.

1) Managerial measures:

Establishment and implementation of internal management plans, operation of dedicated organizations, and regular employee training

2) Technical Measures:

Management of access rights such as personal information processing systems, installation of access control systems, encryption of personal information, installation and renewal of security programs, and security of personal information transmission (SSL) on networks using encryption algorithms.

3) Physical Measures:

Access control of computer rooms, data storage rooms, etc.

4) Acquisition of domestic/foreign personal information protection certification:

ISO/IEC 27001, ISO/IEC 27701

6. Matters concerning the installation and operation of devices that automatically collect personal information and the refusal thereof

Automatic collection device for personal information installed and operated

The Company provides members with login convenience and uses cookies that store usage information and retrieve from time to time for statistical analysis of service usage.

Cookies are small amounts of information that servers used to operate websites send to users’ computer browsers and are also stored on users’ PCs or mobile devices.

Data subjects can set up options for web browsers to allow and block cookies. However, if you refuse to store cookies, it may be difficult to use customized services.

▶ Allow/block cookies in web browsers 

  • Chrome: Tools at the top of the web browser > Settings > Personal Information and Security > Cookies and other site data
  • Edge: Tools at the top of the web browser > Settings > Cookies and Site Authority
  • ▶ Allow/block cookies in mobile browsers

  • Chrome: Mobile browser settings > Privacy and security > Delete internet usage records
  • Safari: Mobile device settings > Safari > Advanced > Block all cookies
  • Samsung Internet: Mobile browser settings > Internet usage records > Internet usage records deleted
  • 7. Matters concerning the rights and obligations of data subjects and legal representatives and the method of exercising them

    The data subject may exercise the right to request the Company to access, correct, delete, or suspend the processing of personal information at any time.

    The exercise of rights may be made to the Company through writing, e-mail, FAX, etc. in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the Company will take measures against this without delay.

    The exercise of rights can also be done through agents such as legal representatives of data subjects or delegated persons. In such cases, you must submit a power of attorney in accordance with the attached Form 11 of the “Public Notice on How to Process Personal Information (No. 2020-7)”.

    Requests to suspend access to and processing of personal information may limit the rights of data subjects under Articles 35 (4) and 37 (2) of the Personal Information Protection Act.

    Requests for correction and deletion of personal information cannot be requested if the personal information is specified as the subject of collection in other laws and regulations.

    The Company confirms whether the person who made the request for inspection, correction or deletion, suspension of processing, etc. in accordance with the rights of the data subject is the principal or a legitimate agent.

    8. Matters regarding the name of the Personal Information Protection Officer or the department in charge of personal information affairs and the department handling grievances

    The Company is responsible for the overall handling of personal information and designates a personal information protection officer as follows for the handling of complaints and relief of damages by data subjects related to the handling of personal information.

    ▶ Department in charge of personal information protection

    Department Name: Data Integration Platform Team


    Person in charge: SmartLink Privacy Officer


    Contact: +82-2-6350-2000, smartlink@cyberlogitec.com

    ▶ Personal Information Protection Officer

    Title: Management Support Group Officer


    Contact: +82-2-6350-2000, privacy@cyberlogitec.com

    Data subjects may inquire with the Personal Information Protection Officer and the relevant department about all personal information protection-related inquiries, complaint handling, damage relief, etc. that have occurred while using the Company’s services (or business). The Company will respond to and handle inquiries from data subjects without delay.

    9. Remedies for Infringement of Rights and Interests of Data Subjects

    Data subjects may apply for dispute resolution, consultation, etc. to the Personal Information Dispute Mediation Committee, the Korea Internet and Security Agency, the Personal Information Infringement Reporting Center, etc. in order to obtain relief from personal information infringement. In addition, please contact the following organizations for reporting and counseling on personal information breaches.

    1. Personal Information Dispute Mediation Committee: www.kopico.go.kr

    2. Personal Information Infringement Reporting Center: privacy.kisa.or.kr

    3. Supreme Prosecutors’ Office: www.spo.go.kr

    4. Police Agency: ecrm.cyber.go.kr

    Any person whose rights or interests have been infringed due to a disposition or omission made by the head of a public institution in response to a request under Articles 35, 36, and 37 of the Personal Information Protection Act may file an administrative appeal under the conditions as prescribed by the “Administrative Appeals Act”.

    ○ Central Administrative Appeals Commission: www.simpan.go.kr

    10. Matters regarding changes to the Privacy Policy

    This policy will be effective from 01 Aug 2024.

    The previous Privacy Policy can be found below.

    - 2019.12.10 ~ 2024.07.31 Application ( Click )