Clush Co., Ltd. (hereinafter referred to as the “Company”) is committed to protecting the rights and freedoms of data subjects by lawfully processing and securely managing personal data in accordance with the Personal Information Protection Act (PIPA) and other applicable laws and regulations.In accordance with Article 30 of the Personal Information Protection Act, the Company establishes and discloses this Privacy Policy to provide guidance on the procedures and standards for personal data processing and to ensure prompt and smooth resolution of related concerns.
Table of Contents
-
Purpose of Personal Information Processing, Items Collected, and Retention Period
-
Outsourcing of Personal Information Processing
-
Procedures and Methods for Disposal of Personal Information
-
Measures to Ensure the Security of Personal Information
-
Processing of Pseudonymized Information
-
Remedies for Infringement of Data Subject Rights
-
Revisions to the Privacy Policy
-
Provision of Personal Information to Third Parties
-
Transfer of Personal Information Overseas
-
Rights and Obligations of Data Subjects and Legal Representatives, and How to Exercise Them
-
Use of Automatic Data Collection Tools and Opt-Out Options
-
Personal Information Protection Officer and Access Request Procedures
-
Installation and Operation of Video Surveillance Systems
Article 1. Purpose of Processing, Collected Data Items, Retention and Use Period
Clush Co., Ltd. processes personal information of data subjects as follows.
Service | Purpose of Collection | Items Collected | Retention Period |
|---|---|---|---|
- 원칙적으로 개인정보의 수집 및 이용목적이 달성되면 지체 없이 파기 | |||
[필수] | - 다만, 회사 내부 방침에 의한 정보보유 사유로 고객사의 원활한 서비스 제공을 위해 회사명, 문의자성명, 이메일주소, 전화번호, 기타 선택 항목을 1년간 보유 | ||
Contact Us (문의하기) | 프로젝트 의뢰하고자 하는 이용자의 확인 및 마케팅 자료로써 정보주체에게 포르젝트의 최적서비스를 제공 | [선택] | - 상법, 전자상거래 등에서의 소비자보호에 관한 법률 등 관계법령의 규정에 의하여 보존할 필요가 있는 경우에는 일정기간 보존 |
*소비자의 불만 또는 분쟁처리에 관한 기록: 3년(전자상거래등에서의 소비자보호에 관한 법률) | |||
*웹사이트 방문기록: 3개월(통신비밀보호법) |
Article 2. Provision of Personal Data to Third Parties
Clush Co., Ltd. only provides personal data to third parties within the scope specified by law, such as with data subject consent or when required by special provisions under Article 17 and 18 of the Personal Information Protection Act.
Article 3. Delegation of Personal Data Processing
Clush Co., Ltd.does not delegate personal data processing tasks to any third party.
Article 4. Cross-border Transfer of Personal Data
Clush Co., Ltd. does not transfer personal data to entities located outside the Republic of Korea
Article 5. Destruction of Personal Data
① Clush Co., Ltd. promptly destroys personal information without delay when it becomes unnecessary—such as when the retention period has expired or the processing purpose has been fulfilled.
② Even if the retention period agreed upon by the data subject has expired or the processing purpose has been fulfilled, the personal information may still be retained in accordance with applicable laws and regulations.
In such cases, the personal information will be transferred to a separate database (DB) or stored in a different location.
③ The procedures and methods for destroying personal information are as follows:
1. Destruction Procedure
Clush Co., Ltd. selects the personal information subject to destruction and proceeds with disposal after obtaining approval from the company’s Personal Information Protection Officer.
2. Destruction Method
-
Personal information stored in electronic files is permanently deleted using technical methods that make data recovery impossible.
-
Personal information recorded in paper documents is shredded or incinerated.
Article 6. Rights of Data Subjects and Legal Representatives
① Data subjects may at any time request access, correction, deletion, or suspension of processing of their personal data.
② These requests can be made in writing, via email, or by fax under Article 41(1) of the Enforcement Decree of the Personal Information Protection Act.
③ Such requests can be made through a legal representative, in which case a Power of Attorney must be submitted using the standard form (Form No. 11).
④ Access or suspension of processing may be restricted pursuant to Articles 35(4) and 37(2) of the Act.
⑤ Correction or deletion cannot be requested where another law mandates the data's retention.
⑥ The Company verifies the identity of the requester or their legal representative before acting on such requests.
Article 7. Security Measures for Personal Data
Clush Co., Ltd. implements the following measures to ensure data security:
1. Administrative Measures: Internal policies, dedicated data protection team, regular employee training
2. Technical Measures: Access control, encryption, security software installation and updates
3. Physical Measures: Restricted access to server rooms and storage facilities
Additionally, Clush Co., Ltd. maintains the following international certifications: ISO 27001, ISO 27017, ISO 27018
Article 8. Use of Cookies and Other Tracking Technologies
1. Clush Co., Ltd. uses cookies to provide customized services.
2. Cookies are small text files stored on the user's device by the website's server.
1) Purpose: To analyze visit frequency, preferences, and secure login status for customized content delivery
2) Rejection: Users can disable cookies in browser settings (e.g., Tools > Internet Options > Privacy tab)
3) Note: Disabling cookies may result in limited service availability
Article 9. Processing of Pseudonymized Data
-
Clush Co., Ltd. does not process pseudonymized personal data.
Article 10. Data Protection Officer & Data Access Requests
① Clush Co., Ltd. takes overall responsibility for personal information processing and has designated a Personal Information Protection Officer to handle complaints and provide remedies related to the processing of personal information.
② Data subjects may submit requests to access their personal information in accordance with Article 35 of the Personal Information Protection Act to the department listed below. Clush will make every effort to respond promptly to such requests.
③ If you have any inquiries, complaints, or requests for redress regarding personal information protection arising from the use of Clush’s services (or business), you may contact the Personal Information Protection Officer or the responsible department. Clush will respond and handle your inquiries without delay.
개인정보보호 담당부서 | 개인정보보호 책임자 |
|---|---|
솔루션기술지원그룹
T: 02-2039-0100
E: contact@clush.net | 대표이사 임정순
02-2039-0100 |
Article 11. Remedies for Infringement
① Clush Co., Ltd. is committed to protecting the data subject's right to self-determination regarding personal information and to providing consultation and remedies in the event of personal data breaches. For reports or consultation, please contact the department below:
▶ Grievance Handling Department
Department: Solution Technical Support Group
Tel: +82-2-2039-0100
Email: contact@clush.net
Fax: +82-2-2039-0101
② Data subjects may seek dispute resolution or consultation from the following institutions to obtain remedies for personal information breaches. For reporting or consultation on any personal information infringement, you may also contact the agencies below:
-
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
-
Personal Information Infringement Report Center (KISA): 118 (privacy.kisa.or.kr)
-
Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
-
National Police Agency: 182 (ecrm.cyber.go.kr)
③ If a data subject’s rights or interests are infringed by a disposition or omission by the head of a public institution in response to a request made under Articles 35 (Access to Personal Information), 36 (Correction or Deletion), or 37 (Suspension of Processing) of the Personal Information Protection Act, the data subject may file an administrative appeal in accordance with the Administrative Appeals Act.
▶ Administrative Appeals Commission: 110 (www.simpan.go.kr)
Article 12. Operation of Video Surveillance Equipment
Clush Co., Ltd. does not operate any video surveillance systems.