According to the Personal Information Protection Act, <Metis> (http://metis.tcpschool.com>) has the following processing policies to protect users' personal information, protect their rights and interests, and smoothly deal with complaints related to personal information.
<Metisedu> ('Metis') will be announced through a website notice (or individual notice) when the company revises its personal information processing policy.
○ This policy will take effect from April 15, 2021.
1. Purpose of processing personal information
<Metisedu> ('Metis') processes personal information for: The processed personal information will not be used for any purpose other than the following purposes, and prior consent will be sought if the purpose of use is changed.
A. Register and manage membership on the homepage
Personal information is processed for the purpose of verifying membership intention, maintaining and managing membership, preventing fraudulent use of services, various notices and notices, handling grievances, and preserving records for dispute settlement.
B. Handling civil affairs
Personal information is processed for the purpose of verifying civil complaints, contacting and notifying the facts, and notifying the results of processing.
C. Supply of goods or services
Process personal information for service delivery, content delivery, and custom service delivery.
D. Use for marketing and advertising
Personal information is processed for developing new services (products), providing event and advertising information and participation opportunities, providing and advertising services based on demographic characteristics, validating services, identifying access frequencies, or statistics on members' use of services.
E. Personal video information
Personal information is processed for the purpose of crime prevention and investigation.
2. Status of personal information files
① Personal information file name: Metis
- Personal information item: Email, password, login ID
- Collection method: Homepage
- Retention base: Direct input
- Retention period: Until the member leaves the group
- Related Acts and subordinate statutes: Records of consumer complaints or disputes: 3 years
3. Processing and retention period of personal information
① <Metis> processes and retains personal information within the period of personal information retention and use under the Act or the period of personal information collected by the information subject.
각각의 The period of processing and holding each personal information is as follows.
A. <Registration and management of homepage membership>
Collect personal information related to <Homepage membership registration and management>.Retained for the purpose of the above use from the date of consent for use to <Destroy without delay>.It's used.
- Grounds for holding: Membership registration
- Related Acts and subordinate statutes: Records of markings/advertisements: 6 months
- Reasons for exception: When requesting an individual
B. <Products or Services Provided>
Collect personal information regarding <Products or Services Delivery>.Retained for the purpose of the above use from the date of consent for use to <Destroy without delay>.It's used.
- Grounds for holding: Membership registration
- Related Acts and subordinate statutes: Records of markings/advertisements: 6 months
- Reasons for exception: When requesting an individual
4. Consignment of personal information processing
① For the smooth handling of personal information, <Metis> entrusts personal information processing as follows:
- Consignee (Consignee): Providing services and providing contents
- Contents of entrusted work: Email, password, login ID
- Consignment period: Until the member leaves the office
< In accordance with Article 25 of the Personal Information Protection Act, M Metis specifies matters concerning personal information processing, technical and management protection measures, re-entrustment restrictions, management and supervision of the trustee, and controls personal information is safely handled.
③ If the details of the entrustment work or the trustee is changed, it will be disclosed through this personal information processing policy without delay.
5. Users of the rights, obligations, and methods of exercise of information subject may exercise the following rights as a personal information subject:
① The information subject may exercise the following personal information protection rights at any time for <Metisedu> ('Metis'):
A. Request to read personal information
B. Request correction if there is an error, etc.
C. Request deletion
D. Request for processing suspension
제 The exercise of rights under paragraph (1) can be carried out in writing, e-mail, simulation transmission (FAX), etc. in accordance with attached Form 8 of the Enforcement Rules of the Personal Information Protection Act.
정보 If the information subject requests correction or deletion of personal information errors, <Metis> ('Metis') will not use or provide such personal information until the correction or deletion is completed.
제 The exercise of rights under paragraph (1) may be carried out through the legal representative of the information subject or the delegated person. In such cases, a letter of attorney under attached Form 11 of the Enforcement Rules of the Personal Information Protection Act shall be submitted.
6. Create items in your personal information that you process
① <Metisedu> ('Metis') processes the following personal information items:
<Registration and management of homepage membership>
- Required items: Email, password, login ID
- Select item:
7. Destruction of Personal Information <Metis> ('Metis') shall destroy such personal information without delay if the purpose of personal information processing has been achieved in principle. Procedure, due date, and method of destruction are as follows.
① Destruction procedure
The information entered by the user is transferred to a separate DB after achieving the purpose (in case of paper, separate documents) and is stored for a certain period of time in accordance with the internal policy and other related laws and regulations. At this time, personal information transferred to DB is not used for any other purpose unless it is under the law.- Personal information of the user whose personal information is destroyed shall be destroyed within 5 days from the end of the retention period, or within 5 days from the date when personal information is deemed unnecessary.
파기 Destruction method
Information in the form of electronic files uses technological methods that cannot play records.
Personal information printed on paper is shredded with a shredder or destroyed through incineration.
8. In accordance with Article 29 of the Personal Information Protection Act, "Metis" takes technical, administrative, and physical measures necessary to secure safety as follows:
A. Conduct regular self-audits
In order to ensure stability related to personal information handling, we conduct regular (once a quarter) self-audits.
B. Minimize and educate employees who handle personal information
Measures are implemented to manage personal information by designating employees who handle personal information and minimizing them only to those in charge.
C. Establishing and implementing an internal management plan
Internal management plans are established and implemented to ensure safe processing of personal information.
D. Technical countermeasures against hacking, etc.
In order to prevent personal information leakage or damage caused by hacking or computer viruses, <Metis> installs security programs, updates, checks, and installs systems in areas where access is restricted from outside, technically and physically.
E. Encryption of personal information
The user's personal information is encrypted and stored and managed, so only he/she knows it, and important data uses separate security functions such as encrypting file and transfer data or using file locking.
F. Storage of access records and prevention of forgery
We keep and manage records accessed to the personal information processing system for at least six months, and use security features to prevent records from being tampered with, stolen, or lost.
G. Restrict access to personal information
By granting, changing, and canceling access to the database system that processes personal information, the company takes necessary measures to control access to personal information and controls unauthorized access from outside using the intrusion prevention system.
H. Using locks for document security
Documents containing personal information, auxiliary storage media, etc. are stored in a safe place with locks.
Now. Access control for unauthorized persons.
The company establishes and operates access control procedures for the physical storage area where personal information is stored.
9. Preparation of a person in charge of personal information protection
① "Metis" is responsible for the overall handling of personal information, and designates a person in charge of personal information protection as follows for the handling of complaints and damage relief of information subjects related to personal information processing.
▶ Person in charge of personal information protection
Name: Sam suh
metisedu2021@gmail.com
※ It is connected to the department in charge of personal information protection.
② The information subject may contact the person in charge of personal information protection and the department in charge of personal information protection, handling complaints, and relief of damages caused by using the service (or business) of <Metis>. <Metisedu> ('Metis') will respond and process your information subject's inquiries without delay.
10. Request for perusal of personal information
The following institutions are separate from <Business/Group Name>, so please contact us if you are dissatisfied with the results of <Metis>'s personal information complaints and damage relief, or if you need more help.
▶ Personal Information Infringement Report Center (operated by the Korea Internet Promotion Agency)
- Responsible work: Report of personal information infringement and request for counseling
- Home page: privacy.kisa.or.kr
- Phone: (without country code) 118
- Address: (138-950) Jung-daero, Songpa-gu, Seoul, 135 Korea Internet & Security Agency Personal Information Breach Report Center
▶ Personal Information Dispute Mediation Committee (Operated by the Korea Internet Promotion Agency)
- Responsible affairs: Application for personal information dispute settlement, collective dispute settlement (civil settlement)
- Home page: privacy.kisa.or.kr
- Phone: (without country code) 118
- Address: (138-950) Jung-daero, Songpa-gu, Seoul, 135 Korea Internet & Security Agency Personal Information Breach Report Center
▶ Cyber Crime Investigation Team of the Supreme Prosecutors' Office: 02-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Crime Investigation Team: 1566-0112 (www.netan.go.kr)
11. Change of personal information processing policy
① This personal information processing policy will be applied from the date of implementation, and if there is an addition, deletion, or correction of the changes in accordance with the statutes and policies, it will be notified seven days before the change is implemented.