Article 7 (Measures to secure the safety of personal information)

① In accordance with Article 29 of the Personal Information Protection Act, the company takes the following technical/managing and physical measures to ensure safety.

  1. Conduct regular self-audit In order to secure stability related to personal information handling, we conduct regular (once a quarter) audits.

  2. Minimize and educate employees handling personal information We are implementing measures to manage personal information by designating employees who handle personal information and minimizing them by limiting them to those in charge.

  3. Establishing and implementing an internal management plan For the safe processing of personal information, an internal management plan is established and implemented.

  4. Technical countermeasures against hacking, etc In order to prevent personal information leakage and damage caused by hacking or computer viruses, the company installs security programs, periodically updates and checks, installs systems in areas with controlled access from outside, and monitors and blocks them technically and physically.

  5. Encryption of personal information The user's personal information is stored and managed by encrypting the password, so only you can know it, and important data uses separate security functions such as encrypting file and transfer data or using file lock function.

  6. Storage of access records and prevention of forgery and alteration

① Records accessed to the personal information processing system are kept and managed for at least 6 months, and security functions are used to prevent forgery, theft, or loss of access records.

  1. Restriction of access to personal information It takes necessary measures to control access to personal information by granting, changing, and canceling access to the database system that processes personal information, and controls unauthorized access from outside using the intrusion prevention system.

Last updated