shortcut to menu

shortcut to main contents

shortcut to footer

Landscape View unavailable.

Legal Notice

bizmeka EZ Personal Information Handling Policy

Chapter 1. General
KT Corp. (the “Company”) values customers’ personal information and the Company is exercising its best efforts in order to effectively manage and safely protect customers’ personal information.  The Company is in compliance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and various laws and regulations relating to personal information protection.  Furthermore, the Company has established and is in compliance with the Personal Information Handling Policy, and it has published the Policy on the Company’s website – thereby enabling customers to view the Policy easily at any time.
 
  • 1. Personal information is information about surviving individuals. It refers to information about mark, letter, voice, sound, video and physical characteristics, etc. that can identify the relevant individual by the means of name, date of birth and gender, etc. (including those information that can identify the relevant individuals by easily combining with other information – even in cases where the relevant information alone cannot identify the relevant individual).
  • 2. The Company deems customers’ personal information as important and it is in compliance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and related laws and regulations.
  • 3. The Company, pursuant to the Personal Information Handling Policy, informs customers about purposes and methodologies of use of customers’ personal information and measures undertaken for the protection of personal information.
  • 4. The Company’s Personal Information Handling Policy can be amended pursuant to changes in the relevant laws and regulations and internal operation policies. Where the Policy is amended, the amended details along with the effective date, etc. will be announced on the website (http://www.bizmeka.com) without delay.
  • 5. In case of transferring personal information due to transfer of a whole or part of business or merger, etc., the Company shall individually notify customers in writing or email, etc. Where customers’ contact details are not known without the Company’s fault so that notifications cannot be made in writing or email, etc., the Company shall announce such fact on the first page of its website (http:// www.bizmeka.com) in a discernable manner for 30 days or longer; provided, however, where such website announcement is difficult due to a justifiable ground such as natural disaster, etc., it may substitute the website announcement with posting the said fact on two or more central daily newspapers (where most of customers live in a specific region, it may be daily newspapers that are distributed in such specific region) at least once.
Chapter 2. Collected Items of Personal Information and Purposes of Collection/Use
  • 1. The Company collects minimum personal information to the extent necessary for membership subscription, consultation, and provision of service, etc.
  • 2. The Company does not collect personal information that has a concern of clearly breaching customers’ rights and interests or private lives such as ideology, belief, family and relatives relationship, academic background, health background, and other social activities, etc.; provided, however, where customers consented to such collection or where such collection is specially permitted under other laws, the Company may collect the said personal information to the minimum necessary extent.
  • 3. The items of personal information that the Company collects and the purposes of collection/use are as follows.
A. Essential Collection, Uses, and Purposes
 
Collection/Uses and Purposes Items of Personal Information
Identity identification/verification procedure following the use of service and handling of service subscription/revisions Applicant or (legal) representative’s name, corporate (business) registration number, date of birth, gender, mobile phone number, connection information, duplication information, address, contact number, email address, ID and password
Communication of notification, guidelines relating to service provision, confirmation of customer’s intent, handling of inquiries and complaints regarding usage, sending invoices, delivery of items (device/prize, etc.), demographic analysis (age/gender/regional analysis, etc.) and analysis of use type/preference for improved service quality, introduction, recommendation, confirmation of intent to subscribe, and receipt of application of bundled and partnered product and service or fee discount plan between all goods/services offered by the Company or the Company’s services and services provided by KT group companies / partners / affiliated companies, customer retention, receipt of personal information consent for partners, marketing activities and customer management such as introduction of other customer benefits and event details Name, contact number, mobile phone number, email address, ID and password
Consultation, discount, claim (individual / combined / aggregate), notification, payment, and collection of fees and settlement of fees and commissions Fee payer’s name, date of birth, financial information such as account (card) information, etc., mobile phone number, address, and relationship with applicant
Collection/use pursuant to relevant laws or generation during service use or work handling process. Service use time/record, service suspension record, grounds of suspension/cancellation, original texts and sending agency of spam messages blocked by the spam block service, service use information such as access IP, payment records, access log, used contents, and cookies, etc., device information (model name, IMEI number, and USIM details, etc.)
Provision of e-tax invoice service (limited to customers that use such service) Name of representative, name of person in charge, contact details, ID, password, and email address
Provision of scrapping service of trading parties, accounting, and automatic evidence (limited to customers that use such service) Hometax certificate and certificate password, the Credit Finance Association ID and password, card company name, card type (personal and corporate), card number, card name, card company ID and password, bank name, account number, account password, call code, date of birth, the latter numbers of date of birth, and account name
Provision of call service (limited to customers that use such service) Phone number, date of birth, ID, mobile phone number, email address and address
Provision of HR and accounting services ID, password, mobile phone number, office number, landline number, employee number, name (Korean, English and Chinese character), name of company, gender, photo, date of birth, whether married, date of wedding anniversary, home address, position, job duties, date of joining the company, date of leaving the company, family details, academic background, language background, qualifications, employment background, appointment details, education details, award and penalty details, military service details, work diligence and laziness details, and salary details
Provision of groupware services such as corporate SNS and messenger, etc. ID, password, mobile phone number, office number, photo, email address, landline number, name, position, name of department, name of company, bizmeka EZ member subscription status, status message, whether messenger is accessed, and photo
B. Selective Collection, Uses, and Purposes
 
Collection/Uses and Purposes Items of Personal Information

• Introduction of all services and bundled and partnered products offered by kt, outline of discount plans and confirmation of intent to subscribe, retention, marketing and customer management such as introduction of customer benefit events, etc. 
• By using analysis of personal information, use type and preference of applicant that kt collects and possesses, it transmits information / advertisement

Amongst the essential consent items at the time of use of kt service, all items for which the customer consented for collection and use of personal information
  • 4. As a smartphone app service, even if a customer permits the right of access, it is not that all information relating to the permitted rights are immediately collected (transmitted) from the device information, etc.  They are collected to the extent of the customer’s consent of collection and use of personal information after notification and approval of the access to the device information, etc.
  • 5. Personal information collected for the provision of corporate SNS and messenger service are used only for the services between members belonging to the same group.  For the corporate SNS and messenger service with members outside the same group, we request for the customer’s separate consent (messenger invitation acceptance, etc.)
Chapter 3. Method of Collection of Personal Information
The Company collects personal information by the following methods.
  • A. Collected through the processes of membership / service subscription through preparation in writing such as internet website and subscription application, etc., presentation and scanning of ID card, phone and fax, etc., consultation via phone or internet, entry for giveaway events, and request for delivery, etc.
  • B. Generated during the process of service use or work handling, provided from third parties such as partners, and collected through generated information collection tools, etc.
Chapter 4. Method of Consent regarding Collection and Use of Personal Information
  • 1. In case of collection of customers’ personal information, pursuant to the provisions of relevant laws and regulations, the Company informs and obtains customers’ consents about the collection, use, and purpose of personal information and the details that are provided and consigned to third parties for handling or notifies them pursuant to the Personal Information Handling Policy.
  • 2. In case of subscription to the website (including mobile) or use of service, customers can click on the “agree” button or “disagree” button in relation to the collection, use, provision to third parties, and delegation of handling work, etc. of customers’ personal information pursuant to the “Standard Terms and Conditions of Usage of Service” and “Personal Information Handling Policy” posted on the Company’s website (http://www.bizmeka.com).
Chapter 5. Period of Possession and Use of Personal Information
  • 1. The Company possesses and uses the customers’ personal information only during the period of providing the services to the customers or the period of dispute resolution.
    • A. Service subscription period (subscription date ~ cancellation date)
    • B. Six months from the cancellation for the purpose of preparation against disputes over fee payment and erroneous/excessive payment, etc. or the full payment of fees
    • C. Where complaints / disputes related to the use of service such as disputes over fees continue, the Company possesses such information until the resolution of complaints / disputes (provided, however, where there are special provisions applicable in the relevant laws and regulations, they shall be kept in possession pursuant to such laws and regulations)
  • 2. In relation to personal information of cancelled customers, the following information shall be kept pursuant to Article 85-3 of the Framework Act on National Taxes and used only in cases under law.
    • A. Items in possession: name, customer identification number (citizen registration number, etc.), phone number (mobile / general), fee details (claim amount, VAT amount, amount received, date of claim, and date of receipt), method of fee payment, name of fee payer, services used, discount amount and grounds of discount, fee invoice recipient address, etc.)
    • B. Period in possession: 5 years
  • 3. In relation to information relating to employment contracts of cancelled customers, the following information shall be kept pursuant to Article 42 of the Labor Standard Act and used only in cases under law.
    • A. Items in possession: name, gender, date of birth, address, career background, type of work, date of employment or employment renewal, contract period if applicable, other matters relating to employment, relevant dates and grounds in case of dismissal, retirement or death, and other necessary matters
    • B. Period in possession: 3 years
  • 4. Others
    • A. Record about labeling and advertisement: 6 months (Act on the Consumer Protection in Electronic Commerce, etc.)
    • B. Record about contract or subscription withdrawal, etc.: 5 years (Act on the Consumer Protection in Electronic Commerce, etc.)
    • C. Record about payment settlement and supply of goods, etc.: 5 years (Act on the Consumer Protection in Electronic Commerce, etc.)
    • D. Record about handling of consumer complaints or disputes: 3 years (Act on the Consumer Protection in Electronic Commerce, etc.)
    • E. Record about collection/handling and use, etc. of credit information: 3 years (Credit Information Use and Protection Act)
Chapter 6. Procedure and Method of Destruction of Personal Information
The Company in principle shall destroy the relevant personal information without delay after the achievement of purposes of collection and use of personal information.  The procedure and method of destruction are as follows.
 
  • 1. Destruction Procedure
    • A. Customers’ personal information are moved to a separate DB after the achievement of purposes of collection and use (in case of paper, they are moved to a separate filing cabinet) and they are destroyed after being stored for a certain period in accordance with the grounds of information protection (please refer to the periods of possession and use) under the internal guidelines and other relevant laws and regulations.
    • B. Personal information moved to a separate DB is not used for purposes other than the possession purpose except those cases provided under statutes.
    • ※ However, in case of the app service, even if the customer deletes the app, he/she needs to make a separate request such as membership withdrawal, etc. in order to completely delete the personal information.
  • 2. Destruction Method
    • A. Personal information prepared or printed on paper (writing): destruction by pulverization or incineration, etc.
    • B. Personal information stored in the form of electronic files such as DB, etc.: deletion by technological methods in which restoration is not possible
Chapter 7. Sharing and Provision of Collected Personal Information

The Company uses customers’ personal information within the scope specified in the “Standard Terms and Conditions of Usage of Service” or “Personal Information Handling Policy”.  The Company does not share or provide such information to third parties outside such specified scope.  However, where there is the relevant customer’s prior consent or special provisions under the relevant statutes (the Protection of Communications Secrets Act, the Telecommunications Business Act, and the Framework Act on National Taxes, etc.), providing such information under the provisions and procedures set forth in the statutes shall be deemed as exceptions.


1. The Company provides as follows for the customers that consented to the subscription of service.

 
Recipient Party Items of Personal Information Provided Purposes of Use by Recipient Party
kt mhows Co., Ltd. ID, name, mobile phone number, name of company, and email address Provision of Gifti-show service
Seoul Information System Co., Ltd. ID, name, mobile phone number, name of company, and email address Provision of web-fax service
Galaxiacommunications Co., Ltd. ID, mobile phone number, name of company, and email address Provision of EZ-Money service
Korea Enterprise Data ID, name, mobile phone number, name of company, email address, and date of birth Provision of enterprise credit information service
LG CNS Co., Ltd. ID, name, and company name Provision of welfare mall service
kt commerce Co., Ltd. ID, name, mobile phone number, name of company, email address
2. Period of Use and Possession of Information Provided: They shall be used during the service subscription period (subscription date ~ cancellation date) and possessed for 6 months following the cancellation for the purpose of preparation against disputes such as fee payment and erroneous/excessive fee payment, etc.; in case of non-payment/excessive payment of fees, they shall be possessed until its resolution (however, they shall be stored pursuant to the relevant laws and regulations if there are special provisions therein).  However, exceptions are provided in the following cases.
  • - Where the relevant customer consented in advance or where the relevant personal information is necessary for the implementation of contracts related to the provision of service and obtaining his/her consent is economically / technologically significantly difficult
  • - Where it is necessary for the payment of fees following the provision of service
  • - Where it is based on the provisions of law or where there is a request for the investigation purpose from an investigative authority made pursuant to the procedures and methods set forth under law, they may be provided under lawful procedures.
Chapter 8. Delegation of Handling of Personal Information
For the purposes of implementation of the contracts relating to the provision of service and promotion of customers’ convenience, etc., the Company consigns handling of personal information to external specialists.  The Company manages such consignees by specifying in the “delegation agreement” compliance with the relevant laws and regulations and policies, information protection and confidentiality, prohibition of provision to third parties, liability in case of accidents, and duty of immediate return/destruction of personal information at the end of delegation period, etc.

ㅇ Consignees and Consigned Tasks of Handling of Personal Information
 
Consignees Consigned Tasks
KTIS Consultation related to service, handling of complaints, and responding to customers in relation to subscription and cancellation
KTCS Operation of call center such as handling of new subscription / transfer / cancellation and fee payment, etc.
Korea Investors Service, Inc. Payment default management
NICE Holdings Co., Ltd.
Mirae Credit Information Co., Ltd.
Koryo Credit Information Co., Ltd.
Korea Mobile Certification Inc. Mobile phone identity certification agency, identity check information, connection information (CI) and duplication information (DI) communication, etc.
LG CNS - Service operation and customer management
- Customer DB computer system operation and management
- Customer consultation and complaint handling
KWIC Co., Ltd. Provision of scrapping service for trading counterparties, accounting, and supporting evidence
Brenex Ltd. Provision of e-tax invoice service
ANT Ltd. Account, Human Resource service
Uangel Corporation Provision of call service
Byto
Daou Tech, Inc. Card automatic payment
KIBNET CMS account transfer
Chapter 9. Rights of Users and Legal Representatives and Method of Exercise of Such Rights
  • 1. Customers can check or revise their personal information in the member information menu at any time and they can withdraw their consents to the collection and use of personal information through the membership withdrawal menu.
  • 2. For the purposes of viewing and correction of customers’ personal information, etc., the relevant customer (legal representative) can directly view and correct (including selective consent withdrawal) by visiting the Company directly, calling the customer center, or clicking on my “information revision” in the website.  For the purpose of subscription cancellation (consent withdrawal), the customer can withdraw after preparing and submitting to the Company the “cancellation application” or, in case of website customers, clicking the “subscription withdrawal” and undergoing the identity check procedure.
  • 3. Where the customer requests for viewing or correction of his/her personal information, etc. or withdraws his/her consent of collection, use, and provision, etc. of his/her personal information, his/her identity will be confirmed by receiving an identity proof (copy) that can demonstrate his/her identity such as citizen registration card, passport, and driver’s license (new type), etc.
  • 4. Where the customer’s agent requests for viewing or correction of the customer’s personal information, etc. or withdraws the customer’s consent of collection, use, and provision, etc. of the customer’s personal information, whether he/she is a lawful agent will be confirmed by receiving certificates such as a power of attorney showing the agency relationship, personal seal certificate of the customer, and the agent’s identification card, etc.
  • 5. The customer can request for viewing or provision of personal information, etc. and the Company shall take necessary measures without delay in response to such request.
  • 6. Where the customer requested for correction of errors of personal information, etc., the Company shall take necessary measures such as correcting the error without delay or notifying a reason of inability to correct to the user, etc., and the Company shall not use or provide the relevant personal information until the necessary measure is taken.  Moreover, where the Company already provided the incorrect personal information to a third party, the Company shall notify the result of correction to the third party without delay so that the correction can be made.  However, where the Company is requested to provide the personal information pursuant to other laws, such personal information can be provided or used.
  • 7. The Company handles the personal information cancelled or deleted pursuant to the customer’s request based on what is set forth under the “Period of Possession and Use of Personal Information” and the Company handles them in a way that they cannot be viewed or used for any other purposes.
Chapter 10. Matters relating to Installation, Operation and Refusal of Personal Information Automatic Collection Tools
If necessary for the operation of website, the Company operates “Cookie” that finds and stores customers’ information.  Cookies are very small text files that the server, which is used for the operation of the Company’s website, to the customers’ browsers, and they are stored in the customers’ computer hard discs.  The customers can decide whether to allow or refuse the collection of information by cookies through the web browsers’ security policy.
  • 1. Information collected by Cookies and purposes of use
    • A. Collected information: service use information such as ID, access IP, access log, and contents used, etc.
    • B. Purposes of Use
      ㅇ Differentiated information are provided depending on the customer’s interest areas.
      ㅇ The customer’s access frequencies or visit hours, etc. are analyzed and used as a yardstick for the suggestion of additional solutions necessary for the user’s work and service reform, etc.
  • 2. The customer has a right of choice in relation to the installation of Cookies.  Therefore, by setting options in the web browsers, he/she can adjust his/her selection of the level of information collection by Cookies.
    • A. In the “Tools” menu of web browser, one can determine the level of information collection by Cookies by selecting [Internet Option] -> [Security] -> [Custom Level].
    • B. Through the above menus, the customer may check whenever the Cookies are stored or the customer may refuse the storage of all Cookies.  However, when the customer refused the installation of Cookies, there may be difficulties with the provision of service.
Chapter 11. Technological and Managerial Protection of Personal Information
The Company has the following technological and managerial measures in place for the purpose of securing security so that customers’ personal information are not lost, stolen, leaked, forged/falsified or damaged.
 
[Technological Protective Measures]
  • 1. Personal information is protected by passwords, and important data are protected by additional security functions such as encrypting files and transmitted data or using the file lock function, etc.
  • 2. The Company is taking measures to prevent losses from computer virus, etc. by using vaccine software.  Vaccine software is regularly updated.  In case of emergence of sudden virus, vaccines are introduced and applied as soon as they become available – thereby preventing infringements of personal information.
  • 3. The Company selected the Secure Sockets Layer (SSL) so that personal information and personal certification information in the network can be transmitted safely.
  • 4. In order to prevent the leakage of customers’ personal information through hacking, etc., the system is installed in a zone for which access from outside is controlled.  The Company is also using devices that block infringements and monitoring 24 hours infringements by installing the infringement detection system.
[Managerial Protective Measures]
  • 1. The Company has prepared the internal management plan in order to safely handle customers’ personal information and caused its executives and employees to understand and comply with the plan.  The Company is regularly monitoring its compliance.
  • 2. The Company has restricted the persons that can handle customers’ personal information to its minimum and managed the right of access.  The Company is causing them to comply with laws and policies through regular internal training and external delegated training about the acquisition of new security technologies and the duty of protection of personal information, etc.  The persons that handle customers’ personal information are as follows.
    • A. Persons that conduct marketing works by directly or indirectly deal with customers
    • B. Persons in charge of management of personal information and personal information protection works such as the person responsible for protection of personal information and the persons in charge of protection of personal information, etc.
    • C. Other person for which handling of personal information is inevitable given their work duties.
  • 3. By requiring signatures to the information protection oath at the time of hiring new employees and from all executives and employees once a year, information (including personal information) leakage by employees is prevented in advance and the duty of protection of personal information is reminded frequently.  The Company has prepared and implemented the internal procedures to audit their compliance.
  • 4. Takeover of work of persons handling personal information is conducted thoroughly while security is maintained, and liabilities for infringements of personal information after joining and leaving the Company are clearly specified.
  • 5. The Company established the computer rooms and material storage rooms as control zones and controls their entries and exits.
  • 6. In case of collecting or providing to the customer information about payment such as the customer’s bank payment account and credit card number, etc. for the purpose of execution of service contract or provision of service, the Company is taking necessary measures to check the identity of relevant customer.
  • 7. The Company does not take any responsibility for events caused by the customer’s personal mistake or basic internet risk.  In order to protect his/her personal information, the customer needs to strictly manage his/her ID and password and take responsibilities.
Chapter 12. Responsible Department for Protection of Personal Information and Contact Details
In order to protect customers’ personal information and handle complaints and inquiries about personal information, the Company has designated and operates the following department.  Moreover, the Company deems customers’ opinions as very valuable.  If customers have any inquiries, please visit the Company’s branch office or inquire with the call center or the person responsible for protection of personal information in which case prompt and precise answers will be provided.
  • 1. Responsible department for protection of personal information and contact details
    • A. Person responsible for protection of personal information: In charge of KT Corporate Solution Business, Managing Director Sang-Gon Kim
      ㅇ Ph: 080-2580-007
      ㅇ Email: ss.jang@kt.com
    • B. Person in charge of protection of personal information: In charge of KT Corporate Solution Business, Deputy Head of Department Sung-Won Kim
      ㅇ Ph: 080-2580-007
      ㅇ Email: sungwon.kim@kt.com
  • 2. If one needs to report or consult about other infringement of personal information, please inquire with the following agencies.
    • A. Personal Information Infringement Report Center: http://privacy.kisa.or.kr / (without a telephone exchange number) 118
    • B. Supreme Prosecutor’s Office Cyber Investigation Department: http://www.spo.go.kr / 02-3480-3571
    • C. National Police Agency Cyber Security Department: http://cyberbureau.police.go.kr/index.do / (without a telephone exchange number) 182
Chapter 13. Announcement of Personal Information Handling Policy
The date of public announcement of Personal Information Handling Policy: July 9, 2018
The date of implementation of Personal Information Handling Policy: July 9, 2018