Privacy Policy | AIONCLOUD

AIONCLOUD Privacy Policy

MONITORAP Co., Ltd. (hereinafter referred to as the “Company”) has the following personal information processing policy to protect users’ personal information and rights and smoothly manage users’ objections related to personal information.

Article 1 (Purpose of Personal Information Processing)

① The company utilizes the gathered personal information for the following purposes.
  • 1. Execution of the contract for service provision: Provision of services such as content provision and prevention of malicious code intrusion.
  • 2. Member management: Membership service use and identity verification, personal identification, prevention of illegal usage by wrong members and unauthorized use, confirmation of intent to join, complaint handling, and delivering information
  • 3. Utilization for marketing and advertising: development and specialization of new services (products), delivery of advertising information such as events, provision of services according to demographic characteristics and advertisements, identification of access frequency, or utilization of statistics on member service use.

Article 2 (Personal Information Processing and Retention Period)

① Personal information processed by the company is destroyed without delay when the collection purpose and use is achieved. However, the company shall keep members' information specified by the relevant laws for a certain period. If necessary, preserve it following the provisions of related laws, such as the Commercial Act and the Consumer Protection Act in Electronic Commerce. The items and period of personal information that the company preserves under relevant laws and regulations are as follows.
  • 1. Act on Consumer Protection in E-Commerce, Etc.
    • - Records on the contract or subscription withdrawal: 5 years
    • - Records on payment and supply of goods: 5 years
    • - Records on consumer complaints or dispute handling: 3 years
  • 2. Communication Secret Protection Act
    • - Login record (visit record): 3 months

Article 3 (Matters concerning the provision of personal information to third parties)

① The company, as a general rule, handles the personal data of the information subject within the range specified for collection purposes and use. Accordingly, the following cases will be except that the information is not processed beyond the scope of its original purpose or provided to a third party without the data subject's prior consent. However, subparagraphs 5 through 8 are limited to public associations.
  • 1. In case of obtaining separate consent from the information subject
  • 2. In case there are special provisions in other laws
  • 3. If the information subject or their legal representatives cannot express their intention, or the prior consent cannot be obtained due to an unknown address when deemed necessary for the immediate life, body, or property of the information subject or a third party.
  • 4. When providing personal information in a form that cannot identify a specific individual as required for statistical purposes and academic research
  • 5. If personal information is not an intention for purposes other than the intended purpose or not provided to a third party, the Protection Committee has deliberated and decided in cases where it is impossible to carry out the duties under the jurisdiction of other laws
  • 6. In case it is necessary for the investigating crimes and for maintaining prosecute a case
  • 7. In case it is necessary to carry out the judicial affairs of the court
  • 8. Where it is necessary for the execution of punishment, probation, and protective disposition

Article 4 (Items of Personal Information Processed)

① The personal information processed by the company processes only the minimum amount of personal data, stipulated by In the affairs and laws under the jurisdiction, and the information is as follows.
  • 1. Sign up for membership - Required items: Email, password, name, company name, company domain, country, timezone
  • 2. Partner Consultation - Required items: name, company name, company email, country
  • 3. Job application - Required items: name, email, phone number, attachments
  • 4. Subscribe to Newsletter - Required: Email
  • 5. Contact us - Required: Email

Article 5 (Procedures and Methods for Destruction of Personal Information)

① As a general rule, the company destroys personal information after achieving the purpose of personal information processing without delay. However, this may not be the case if demanded to preserve under other laws. The procedures, deadlines, and processes of destruction are as follows.
  • 1. Destruction Procedures
  • Internal procedures handle unnecessary personal data and information files under the person's responsibility for personal information protection.
    • 1) Destruction of personal data
    • Personal information that has expired will be destroyed without delay from the termination date.
    • 2) Destruction of personal data files
    • When the personal information file becomes unnecessary, like achieving processing of personal data files, the service abolition, or the business termination, the personal information file is destroyed immediately from the date where the processing of the personal data turns unnecessary.
  • 2. Destruction method
    • 1) Information in electronic form utilizes a technical method that cannot reproduce records.
    • 2) Personal information printed on paper is shredded with a shredder or destroyed through incineration.
  • 3. Separate storage
    • 1) After the retention period has elapsed, it is stored separately through a separate backup procedure if it is necessary to retain it without destroying it by law.

Article 6 (Measures to Secure Personal Information Safety)

  ① For securing the safety of personal information, the following measures shall be taken.
  • 1. Minimization and training of personnel handling personal information Employees who manage personal information are designated and handled only by the necessary numbers. In addition, training for safe management is provided for taking employees.
  • 2. Restricting access to personal information We are taking necessary measures to manage access to personal information through endowing, changing, and revoking access rights to the personal information processing system. We also use an intrusion prevention system to control unauthorized access from outside.
  • 3. Storage of Access Records The access records to the personal information processing system are stored and managed for at least one year.
  • 4. Encryption of Personal Data Personal information is safely stored and handled through encryption. In addition, sensitive data is stored and transmitted using different security features such as encrypted and utilized.
  • 5. Security program installation and periodic inspection and update Security programs are installed, updated, and inspected periodically to prevent leakage and damage of personal information caused by hacking or computer viruses.
  • 6. Access control for unauthorized persons A separate physical storage location for the personal information processing system that stores personal data has been set up. The access control procedure has been confirmed and operated.
  • 7. Block access Consider that personal information is exposed through using communications networks. In that case, the user's access is blocked upon demand from the related agencies (KCC, Korea Internet & Security Agency).

Article 7 (Rights and Duties of Users and Legal Representatives and how to exercise them)

①. At any time, users and their legal representatives may request to inquire, modify, delete, or politicize their registered personal information. ②. Users can inquire, modify and delete (revoke) their personal information at any time via the website. ③. Consider that the member cannot challenge, modify, delete, or request breaking processing of personal information through the website. In that case, the member can exercise their rights by sending the 'Form No. 8 Attachment to the Enforcement Regulations of the Personal Information Protection Act' in writing, e-mail, and fax. ④. Exercise of one's right can be possible through an agent such as a legal representative of the information object or a delegate. When the company gets to exercise one's right, it may request identification, resident registration, and family relationship certificate to confirm whether the member is a legitimate representative. ⑤. The company regulates personal information that has been canceled or deleted from users' request or their legal representatives as stipulated in "Chapter 2 Personal Information Processing and Retention Period". So, it prevents viewing or uses for other purposes.

Article 8 (Matters related to the installation of automatic personal collection device and operation and its refusal)

①. The company uses cookies to provide optimized services to users. ②. Cookies are text files automatically transferred to the member's computer on accessing the company's site. ③. These cookies are not stored on the PC. They are automatically deleted when the member closes the browser after logging out. ④. The company uses Google Analytics, a log analysis tool, to provide personalized and customized services to users. ⑤. Google Analytics is a web analysis service by Google Inc. (hereinafter referred to as “Google”), which provides a function to analyze interchanges between users and websites. ⑥. The information processing collected through Google Analytics is applied by the Google Privacy Policy and the Google Analytics Terms of Use. ⑦. Users can reject to collect cookie information and use Google Analytics by setting options in the web browser. However, if refused this, there may be problems using the service.

Article 9 (Manner of Remedy for Infringement of Rights and Interests)

①. The personal information subject may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, or Korea Internet & Security Agency Personal Information Infringement, and Report Center to alleviate the damage caused by private information infringement.
  • 1. Privacy Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
  • 2. Supreme Prosecutors' Office Cyber Investigation Division: (without area code) 1301, privacy@spo.go.kr, (www.spo.go.kr)
  • 3. National Police Agency Cyber Security Bureau: (without area code)

Article 10 (Personal Information Protection Officer and Contact Person in Charge)

Classification Department Name Contact
Chief Privacy Protection officer Business Management Division HR Training Team General Manager Park Min-ah Phone : 02-749-0799 E-mail : privacy@monitorapp.com
Personal Information Protection Officer Business Management Division HR Training Team Manager Seo Dong-hak Phone : 02-749-0799 E-mail : privacy@monitorapp.com

Article 11 (Request for Inspection of Personal Information)

① The information subject may file a request for access to personal information under Article 35 of the Personal Information Protection Act to the following departments.
  • 1. Receiving and addressing requests for personal information access Department name: Business Management Headquarters Human Resources Education Team Person in charge: Seo Dong-hark, Contact: (Tel: 02-749-0799)

Supplementary Provisions

This provision applies only to customers using the public cloud. The Appendix is part of the Privacy Policy and is subject to the Privacy Policy. To the extent stipulated in the Supplementary Provisions, the Supplementary Provisions shall prevail in the event of any inconsistency with the ranges of the Privacy Policy. The Privacy Policy shall define phrases that the supplementary provisions will not determine. (1) Article 4 has the whole meaning as amended and replaced, as follows. ① The personal information processed by the company only abides the minimum amount of personal data specified by the business and laws under its jurisdiction, and the information is as follows.
  • 1. Sign up for membership
  • - Required items: E-mail, password, name, company name, country, timezone
(2) Article 9 has the whole meaning as amended and replaced, as follows. ①. The company uses cookies to authenticate the members' login to provide users with more appropriate and valuable services. ②. Cookies are text files automatically transferred to the member's computer when accessing the company's site. ③. The PC will not store these cookies and automatically delete them when the user member closes the browser after logging out. ④. Users can refuse to store or delete these cookies at any time by setting options in their web browser.
 
Appendix   This privacy policy will be effective from January 21, 2022  
Scroll Up