Privacy Policy


Privacy Policy

Gridwiz, Inc., (hereinafter referred to as the “Company”) has established and presents the following personal information policies to protect the personal information of users, and to promptly handle the arising issues therefrom.

 

Article 1 (Items of personal information processed)

The Company collects and processes the following personal information via the website(http:// , hereinafter referred to as the “Website”).

1.       Personal information collected via ‘Q&A’ webpage: the following personal information could either be collected through the data subject’s provision, or could be obtained from a third party upon the consent of the data subject.

-       Obligatory: name, phone number(either home or mobile), e-mail address, company name, position

2.       Personal information automatically created and collected during the time of using the Website.

-       IP address, record for service use, record for access, record for visit.

 

Article 2 (Purpose of personal information process)

The Company collects and uses personal information for the following purposes.

1.       Operating the ‘Q&A’ webpage

-       Identifying the inquirer, confirming the question, to contact and/or notice the inquirer, and to answer the question.

 

Article 3 (Processing and retention period of personal information)

      The Company processes and retains personal information within the period of retention and use of personal information in accordance with the relevant laws, or within the period of retention and use of personal information as agreed up on when collecting personal information from the data subjects. 

      The period of retention and use of personal information is as below:

Personal Information

Period of retention and use

name, phone number(either home or mobile), e-mail address, company name, position

1 year

 

Article 4 (Destruction of personal information)

      The Company shall destroy personal information without delay when the personal information becomes unnecessary owing to the expiry of the retention period or achievement of process purpose, etc.

      If the retention of the personal information is still required despite the expiry of the retention period as agreed upon with the data subject or achievement of process purpose, the Company will transfer the personal information concerned to a separate database (DB) or retain it at other storage place.

      The procedure and method for destruction are as follows:

1.       Destruction procedure: The Company shall select the personal information with reason for its destruction and destroy the personal information with the approval of a personal information protection officer of the Company.

2.       Destruction method: The Company shall destroy the personal information which is recorded and stored in the form of electronic files using the technical measures blocking its recovery and revival, and the personal information recorded and stored in paper documents shall be shredded or destroyed by a paper shredder.

 

Article 5 (Use and provision of personal information within the scope reasonably related to the purpose of collection)

The Company may use or provide personal information to a third party without the consent of the data subject, considering each of the following criteria within a reasonable scope and the original purpose of collection.

1.       Whether or not it is related to the original purpose of collection: Judgment based on whether the original purpose of collection and the purpose of additional use and provision are related in terms of their nature or tendency;

2.       Whether or not the further use or provision of personal information is predictable considering the circumstances in which the personal information was collected or the processing practices: Judgment based on the relationship between the personal information controller and the data subject, the level of technology and the rate of development, and general circumstances (practice) established over a substantial amount of time;

3.       Whether the interests of the data subject are unreasonably infringed: Judgment basd on whether the interests of the data subject are substantially infringed in relation to the additional purpose of use and whether the infringement of the interests is unreasonable; and

4.       Whether measures necessary to secure safety, such as pseudonymization or encryption, have been taken: Judgment by considering whether safety measures are taken in consideration of the possibility of infringement.

 

Article 6 (Rights and duties of users and legal representatives, and exercising method)

      The data subject can exercise the following rights related to personal information protection against the Company at any time.

1.       Request to read personal information

2.       Request for correction in case of errors, etc.

3.       Request for deletion

4.       Request to stop processing

      The exercise of the rights pursuant to Paragraph 1 can be made to the Company in writing, by phone, or by e-mail, and the Company will take action without delay.

      If the data subject requests correction or deletion of personal information, the Company shall not use or provide the personal information until the correction or deletion is completed.

      The exercise of rights pursuant to Paragraph 1 may be done through an agent such as a legal representative of the data subject or a person who has been delegated. In this case, a power of attorney must be submitted to the Company.

      The data subject must not infringe the personal information and privacy of the data subject himself or others processed by the Company in violation of related laws such as the Personal Information Protection Act.

 

Article 7 (Installation, operation and rejection of automatic personal information collection devices)

      The Company uses 'cookies' to store and frequently retrieve usage information to provide users with individually customized services.

      Cookies are a small amount of information sent to the user's mobile device by the server, which are used to operate the website, etc., and are also stored in the user's mobile device storage space.

1.       Purpose of using cookies: It is used to manage security and improve service by analyzing the user's access frequency and visit time, identifying the user's service usage pattern and tracking traces, and identifying the number of visits.

2.       Installation, operation, and rejection of cookies: Users have the option with regards to the installation of cookies. Therefore, the users can accept all cookies via options in the mobile device, order to request for a confirmation each time a cookie is saved, or refuse to save all cookies.

3.       If you refuse to store cookies, you may experience difficulties in using customized services.

      The Company improves service efficiency and user experience through non-personally identifiable information.

 

Article 8 (Personal information protection officer)

      The Company designates a personal information protection officer as follows who is responsible for processing of personal information, handles users’ complaints and offer relief for damages.  

Personal Information Protection Officer

-       Name: June

-       Phone: 031-698-3381

      The data subject may inquire to the personal information protection officer for all personal information protection-related inquiries, complaints, damages, etc. that occurred while using the Company's website. The Company responds and handles inquiries from data subjects without delay.

 

Article 9 (Measures to ensure the safety of personal information)

The Company takes the following measures to ensure the safety of personal information.

1.       The Company restricts the right to access the user's personal information to those who perform duties directly against the user, those who perform personal information management tasks such as the person in charge of personal information management, and those who are inevitably dealing with personal information for business purposes.

2.       The Company provides in-house training to the employees handling personal information, which focuses on new security technologies and obligations to protect personal information.

3.       If personal information is lost, leaked, altered, or damaged due to the mistake of an internal manager or an accident in technical management, the Company will immediately notify the user and take appropriate measures and compensation.

 

Article 10 (Personal information complaint service)

The data subject may request relief of damages and consultation for personal information infringement to the following organizations.

-       Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency): (without area code) 118

-       Personal Information Dispute Mediation Committee: (without area code) 1833-6972

-       Supreme Prosecutors' Office Cyber ​​Crime Investigation Team: (without area code) 1301

-       National Police Agency Cyber ​​Security Bureau: (without area code) 182

 

Article 11 (Scope of application and amendment)

      The Website may contain links to third-party websites, and this Privacy Policy applies only to the Website.

      If there are any additions, deletions, or changes to the contents of this Privacy Policy, we will notify users in advance through a notice on the website at least 7 days prior to the revision. However, we will notify users at least 30 days in advance of any major changes such as the items of personal information to be collected or provision of third parties.

 

Supplementary provision (Effective Date)

This Privacy Policy shall come into effect on August 22, 2022.