Privacy Policy
GnCenergy Co., Ltd. complies with the Privacy Policy pursuant to the “Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.”
GnCenergy Co., Ltd. (hereinafter the “Company”) highly values the personal information of customers (hereinafter “Users”) who use the services provided by the Company (hereinafter the “Services”) and is making every effort to protect the Users’ personal information.
The Company complies with all laws and regulations regarding personal information protection, including the 『Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. 』, and further protects users' personal information by establishing and adhering to a separate Privacy Policy.
Furthermore, the Company takes measures to ensure that users can easily access its Privacy Policy at any time by always displaying it on the main page of the Company website. The Company's Privacy Policy is subject to change when relevant laws and notices or internal operating policies are changed. If the Company's Privacy Policy is modified, the changes will be announced through the website.
The Company's Privacy Policy contains the following information:
1. Consent to Collection of Personal Information
Regarding the collection of users' personal information, the Company has established a procedure allowing users to select 「Agree」 or 「Cancel」 in relation to the contents of the Company's Privacy Policy or Terms of Service. When clicking the 「Agree」 button, the user is deemed to have consented to the collection of personal information.
2. Items and Methods of Personal Information Collection
The Company collects users' personal information to provide services. The items of personal information collected by the Company and the purposes of the collection are as follows:
[Items Collected]
Name, Email
[Collection Method] Online: Online Inquiry
3. Purpose of Use of Personal Information
The Company collects and uses users' personal information for the purpose of providing optimal services tailored to users, such as use for identity verification procedures related to service usage and answers to online inquiries
Without the user's prior consent or the provisions of relevant laws and regulations, the Company will not use the information for any purpose other than those disclosed to users in advance, nor will it disclose it externally.
4. Provision and Sharing of Personal Information to Third Parties
Except where the user has consented or as required by the provisions of relevant laws, the Company shall not, under any circumstances, use users' personal information beyond the scope notified in 「Collection and Use of Personal Information」 and 「Purpose of Use of Personal Information」. If users' personal information is provided or shared, the Company seeks consent after individually notifying the user in advance via email or website announcement regarding who the recipient or sharing party is, what their main business is, what personal information items are being provided or shared, and the purpose of providing or sharing the personal information. However, the following are exceptions.
When necessary for statistical compilation, academic research, or market research, or when providing information to research organizations, survey institutes, etc., processed into a form that prevents the identification of specific individuals.
When there are special provisions in the Protection of Communications Secrets Act, the Framework Act on National Taxes, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Act on Real-Name Financial Transactions and Confidentiality, the Credit Information Use and Protection Act, the Framework Act on Telecommunications, the Telecommunications Business Act, the Local Tax Act, the Consumer Protection Act, the Criminal Procedure Act, etc.
5. Retention and Use Period of Personal Information
The Company retains users' personal information for three years and uses it for services, etc. If the purpose of collection and use, or the retention and use period of the personal information for which consent was obtained, has expired, the information will be destroyed without delay. However, if a user requests the deletion of his/her personal information, the information will be completely erased from the disk using a method that renders it unrecoverable; if printed, it will be shredded using a shredder to ensure it cannot be viewed or used in the future. Even if a user requests to withdraw consent for personal information, if preservation is required pursuant to the provisions of laws such as the Commercial Act, the Act on the Consumer Protection in Electronic Commerce, etc., and the Framework Act on National Taxes, the user's personal information may be kept for a certain period as follows.
Records on contracts or withdrawal of subscription, etc.: 5 years
Records on payment settlement and supply of goods, etc.: 5 years
Records on consumer complaints or disputes: 3 years
Those other than the Privacy Officer and Manager, or those authorized by them, shall not print personal information registered in the computer system as a document.
6. Privacy Officer and Manager
To protect users' personal information and handle complaints related to personal information, the Company shall appoint a Privacy Officer and Manager as follows:
[Privacy Manager]
Name: Jang Yu-su
Affiliation/Position: Management Division/Senior
Phone Number: 02-2164-7200
Email: ysjang@gncenergy.co.kr
[Privacy Officer]
Name: Lee Jin-ho
Affiliation/Position: Management Division/Chief
Phone Number: 02-2164-7200
Email: hr@gncenergy.co.kr
7. Personal Information by Cookies
The collecting company shall not use ‘cookies’ that store or retrieve information about users from time to time.
8. Access to and Correction of Personal Information
Users may at any time inquire about their personal information, correct errors in their personal information, or request deletion through the Personal Information Management Officer or the Manager. If a user who wishes to request an inquiry or correction regarding his/her personal information contacts the Privacy Officer or Manager in writing, by phone, or by email, we will take immediate action without delay.
9. Withdrawal of Consent for Collection, Use, and Provision of Personal Information
Users may withdraw their consent to the collection, use, and provision of personal information at any time. They may withdraw their consent to the Privacy Officer and Manager in writing, by phone, or via email. The Company’s Privacy Officer and Manager will take necessary measures, such as destroying the user’s personal information, immediately upon receiving such contact. In the event that measures such as withdrawal of consent or destruction of personal information are taken, the Company will notify the user of such fact without delay and will take necessary measures to ensure that the withdrawal of consent for the collection of personal information is easier than the method of collection. In the case of children under the age of 14, their legal representative has the right to view or modify the child's personal information and the right to withdraw consent for its collection and use.
10. Personal Information Management
[Technical Measures] When handling users' personal information, the Company seeks technical measures to ensure safety and prevent the loss, theft, leakage, alteration, or damage of personal information. Customer personal information is managed using an internal network that is inaccessible and impenetrable from the external network. Important data is thoroughly protected through separate security features by encrypting files and transmitted data or using file locking functions. To prepare for external intrusions like hacking, the Company takes every precaution to ensure internal network security through firewalls and intrusion detection systems on each server, and strengthens security through access control systems. We prevent personal information from being compromised by installing antivirus software to constantly check and address the intrusion of malicious programs, such as computer viruses and spyware, into personal information processing systems and information devices used by personal information handlers.
[Administrative Measures] The Company restricts access to users' personal information to a minimum number of personnel and, in order to ensure the safety of personal information, establishes internal procedures necessary for accessing and managing personal information, requiring employees to familiarize themselves with and comply with these procedures. The handover of duties for person in charge of personal information is conducted thoroughly while maintaining security, and the Company clarifies responsibility for personal information incidents both upon hiring and after resignation.
11. Consultation and Reporting on Personal Information Infringement
The Company values the opinions of its users, and users have the right to receive sincere responses to their inquiries at any time. Users may report any complaints related to privacy protection arising from their use of the Company's services to the Company's main number or to the person in charge of personal information management.
12. Obligation to Notify Changes of the Protection Policy
In the event of any additions, deletions, or modifications to the current Personal Information Protection Policy, the Company shall post announcements on this page of the website at least 7 days prior to the revision. If the changes are significant, we actively notify users, such as by sending email notifications regarding changes of the privacy policy on some services.
[Additional Clauses] (Effective Date)
These Terms and Conditions shall be effective from February 20, 2012.