AIONCLOUD Privacy Policy
Article 2 (Categories of Personal Information Collected)
Article 3 (Methods of Collecting Personal Information)
Article 4 (Processing and Retention Period of Personal Information)
Article 5 (Provision of Personal Information)
Article 6 (Entrustment of Personal Information)
Article 7 (Procedures and Methods for Destroying Personal Information)
Article 8 (Rights and Obligations of Users and Legal Representatives and Their Exercise Methods)
Article 9 (Measures to Ensure the Security of Personal Information)
Article 10 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
Article 11 (Personal Information Protection Manager and Department in Charge)
Article 12 (Personal Information Access Requests and Related Handling Departments)
Article 13 (Remedies for Infringement of Information Subject’s Rights)
Article 14 (Notice of Changes to the Privacy Policy)
Article 15 (Application to Public Cloud Use)
MONITORAPP (hereinafter referred to as the “Company”) processes personal information lawfully and manages them safely while complying with the “Personal Information Protection Act,” “Cloud Computing Act,” and “Information and Communications Network Act,” along with related laws and regulations to safeguard the freedom and rights of information subjects. Under Article 30 of the “Personal Information Protection Act,” the Company establishes and discloses the following privacy policy to inform data subjects of the procedures and standards for handling and protecting personal information and to address complaints promptly and effectively.
Article 1 (Purpose of Processing Personal Information)
Category | Details |
---|---|
Member Registration and Management | Verification for membership services, identity verification under the limited identification system, personal identification, prevention of unauthorized use, confirmation of registration intention, limiting membership registration and withdrawal, verifying the identity of legal representatives in the future, preservation of records for dispute resolution, complaints handling, delivery of notices, membership withdrawal confirmation. |
Development of New Services and Use in Marketing and Advertising | Development of new services and provision of customized services, statistical analysis for targeted services and advertisements, validation of service effectiveness, provision of event and promotional information and participation opportunities, tracking service usage and access frequency. |
Article 2 (Categories of Personal Information Collected)
Category | Collected Information | Retention Period | Member Identification and Membership Services | Name, email, password, company name, country | Until membership withdrawal |
---|---|---|
Customer Consultation, After-sales Service, and Notice of Service Changes | Name, email, phone number, company name | 3 years (In accordance with the “E-Commerce Act” Article 6) |
② With the consent of the information subject, the Company processes the following personal information under Article 15, Paragraph 1, Subparagraph 1 and Article 22, Paragraph 1, Subparagraph 7 of the “Personal Information Protection Act.”
Category | Collected Information | Retention Period |
---|---|---|
Sales Inquiries | Name, email, phone number, company name | Until membership withdrawal or consent withdrawal |
Service Promotion and Events | Name, email, company name | Until membership withdrawal or consent withdrawal |
Newsletters and White Papers Subscription | Name, email, company name | Until membership withdrawal or consent withdrawal |
③ The following information may be automatically generated or additionally collected during service use or service processing:
Category | Collected Information |
---|---|
Auto-generated Information | IP address, cookies, access logs, visit times, service usage records, misuse records, browser language settings |
Article 3 (Personal Information Collection Method)
- 1. Website collection, written forms, fax, telephone, inquiry boards, email, offline collection (e.g., event participation, seminar attendance).
- 2. Information provided by partner companies.
- 3. Generation information collection tool
Article 4 (Processing and Retention Period of Personal Information)
② Legal retention periods for mandatory record-keeping are as follows:
Category | Relevant Laws | Retention Period |
---|---|---|
Records related to contracts or cancellation of subscription | Act on Consumer Protection in E-Commerce, etc. | 5 years |
Records of payment and supply of goods | 5 years | |
Records of consumer complaints or dispute resolution | 3 years | |
Records of display advertising | 6 months | |
Records of identity verification | Act on Promotion of Information Communications Network Utilization, Information Protection, etc. | 6 months |
Records of visits | Communications Secrets Protection Act | 3 months |
All transaction records specified by tax laws (books and supporting documents) | National Tax Basic Act, Corporate Tax Act | 5 years |
Records of electronic financial transactions | Electronic Financial Transactions Act | 5 years |
Article 5 (Provision of Personal Information)
② The Company provides personal information to third parties as follows:
Recipient | Purpose | Information Provided | Retention and Usage Period |
---|---|---|---|
: Distributors and Partners |
Inquiries for quotes, product sales, and orders | Required: Name, email, company phone number Optional: mobile phone number |
3 months after request |
Article 6 (Entrustment of Personal Information Processing)
② Details of the entrusted agency and its processing tasks are as follows:
Agency | Entrusted Task | Retention and Usage Period |
---|---|---|
ADVANTAPP | CRM system operation for user management | Until membership withdrawal or service termination |
③ When entering into an entrustment agreement, the Company ensures compliance with Article 26 of the “Personal Information Protection Act,” which includes prohibiting the use of personal information for purposes other than the entrustment purpose, technical and managerial protection measures, restrictions on re-entrustment, supervision, liability of the trustee, and compensate for damages. The Company also supervises the trustee's personal information handling process.
④ Under Article 26(6) of the “Personal Information Protection Act,” if the trustee subcontracts the entrusted work, the Company’s consent must be obtained.
⑤ In case there are changes to the entrusted work or the trustee, the updated information will be disclosed promptly through this Privacy Policy.
Article 7 (Procedures and Methods for Destroying Personal Information)
② If the retention period agreed by the information subject has expired or the purpose of processing has been achieved but retention is required under other laws, the information will be moved to a separate database (DB) or stored in a different location.
③ The procedures and methods for destroying personal information are as follows:
- 1. Destruction Procedure: The Company selects personal information to be destroyed and obtains approval from the Personal Information Protection Manager before destruction.
- 2. Destruction Methods: Personal information under electronic files will be destroyed using technical methods that prevent recovery. Personal information under printed files will be shredded or incinerated.
Article 8 (Rights and Obligations of Users and Legal Representatives and Their Exercise Methods)
- 1. Request access to the subject’s personal information
- 2. Request correction of errors
- 3. Request deletion
- 4. Request suspension of processing
② Rights under Paragraph 1 may be exercised via written request, phone, or email following Article 31-2(1) of the “Personal Information Protection Act Enforcement Decree,” and the Company will act without delay.
③ If the information subject requests corrections or deletions due to errors, the Company will not use and disclose the information until the necessary actions are completed.
④ Rights under Paragraph 1 may be exercised by the information subject’s legal representative or an authorized agent. A power of attorney must be submitted following Form 11 of the “Personal Information Processing Method Notice (No. 2020-7).”
⑤ Requests for access, transmission, and suspension of processing may be restricted under Articles 35(4), 35-2(6), and 37(2) of the “Personal Information Protection Act.”
⑥ Requests for correction and deletion cannot be made if the personal information is specified as a collection target under other laws.
⑦ The Company confirms the identity of the individual or legal representative requesting access, correction, deletion, or suspension of processing.
⑧ After completing the correction, deletion, or suspension of personal information as requested, the Company will notify the information subject of the results.
⑨ If deletion is impossible because the personal information requested by the information subject is specified as a collection target by law, the Company will notify the subject accordingly.
Article 9 (Measures to Ensure the Security of Personal Information)
- 1. Regular Self-Audits
The Company conducts regular self-audits to ensure the safety of personal information handling. - 2. Minimization and Training Personal Information Handling Staff
The Company designates employees to handle personal information and limits processing to the designated personnel while implementing countermeasures to manage personal information. - 3. Establishment and Implementation of Internal Management Plans
The Company establishes and implements internal management plans to ensure safe personal information handling. - 4. Technical Countermeasures Against Hacking
To prevent the leakage and damage of personal information due to hacking or computer viruses, the Company installs security programs, conducts regular updates and inspections, and establishes a system in restricted-access areas for technical and physical monitoring and blocking. - 5. Encryption of Personal Information
Users’ personal information is stored and managed in an encrypted format, ensuring that only the user knows the password. Critical data is encrypted or locked for additional security during storage or transmission. - 6. Storage of Access Logs and Prevention of Tampering
Access logs to personal information processing systems are stored and managed for at least one year. In the case of adding personal information or processing unique identification information or sensitive information for more than 50,000 information subjects, the Company stores and manages personal information for at least 2 years. Access logs are protected from tampering, theft, or loss through security functions. - 7. Personal Information Access Restriction
The Company implements necessary measures to control access to personal information by granting, changing, and deleting access rights to the database system and uses an intrusion prevention system to block unauthorized external access. - 8. Use of Locking Devices for Document Security
Documents and supplementary storage devices containing personal information are stored in a safe location with locking devices. - 9. Access Restriction for Unauthorized Personnel
Physical storage locations containing personal information are separate, and access control procedures are established and operated.
Article 10 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
- 1. Definition of Cookies
Cookies are small data files sent by a server to a user’s web browser and stored on the user’s computer hard drive. - 2. Purpose of Cookies
Cookies identify service and website visit/use patterns, popular search terms, and secure connections to optimize information for users. - 3. Installation, Operation, and Refusal of Cookies
- A. Internet Explorer: Tools → Internet Options → Privacy → Advanced Settings → Cookies Settings
- B. Chrome: Settings → Privacy and Security → Clear Browsing Data → Cookie Settings
- C. Safari: Preferences → Privacy Tab → Cookie and Website Data Settings
- D. Microsoft Edge: Settings → Cookies and Site Permissions → Manage and Delete Cookies
② The Company uses “Google Analytics,” a web analytics service provided by Google, to enhance service quality. Details are as follows:
- 1. Definition of Google Analytics
Google Analytics analyzes and evaluates how customers use the Company’s services, aiding in users’ demand assessment. - 2. Purpose of Google Analytics
To improve services and products and deliver efficient services. - 3. Use of Google Analytics
The Company does not collect personally identifiable information through Google Analytics or combine collected data with other identifiable information. Data collection is subject to the “Google Privacy Policy” and “Google Analytics Terms of Service.”- A. Google Privacy Policy
https://policies.google.com/privacy - B. Google Analytics Terms of Service
https://marketingplatform.google.com/about/analytics/terms/
- A. Google Privacy Policy
- 4. Opt-Out of Google Analytics
Users can refuse data collection via Google Analytics
https://tools.google.com/dlpage/gaoptout
Article 11 (Personal Information Protection Manager and Responsible Department)
Data Protection Manager | Personal Information Protection Department |
---|---|
- Name: Seungwon Yoon - Position: Executive Director, Strategic Planning Office - Email: swyoon@monitorapp.com - Phone: (+82)2-749-0799 |
- Name: Seungho Na - Department: Marketing Department - Email: seungho.na@monitorapp.com - Phone: (+82)2-749-0799 |
② Information subjects can direct all inquiries, complaints, and requests for remedies related to personal information to the above manager and department for prompt response.
Article 12 (Personal Information Access Requests and Related Handling Department)
Reception/Processing Department |
---|
- Department: Marketing Department/Communication Team - PIC: Seungho Na - Email: seungho.na@monitorapp.com - Phone: (+82)2-749-0799 |
Article 13 (Remedies for Infringement of Information Subject’s Rights)
Article 14 (Notice of Changes to the Privacy Policy)
Article 15 (Application to Public Cloud Use)
② Article 2 is replaced as follows: The Company collects the minimum required personal information to identify users and provide membership services, customer consultations, notifications, promotions, and event participation opportunities as follows.
Category | Collected Information |
---|---|
Member Identification and Use of Membership Services | Name, Email, Company Name, Country, Password, Time Zone |
Customer Consultation and After-Sales Service, Notice of Service Changes | Name, Email, Company Name |
Service Promotion and Events | Name, Email, Company Name |
Previous versions can be reviewed below.