Despite the scale and diversity of services, we never give up
on a simple and effective people-centered approach.
안녕하세요. 지온입니다. 오늘은 지온에서 오픈한 SNS 채널들을 알려드리려 왔어요! 지온은 현재 블로그, 인스타그램, 유튜브 채널을 통하여 지온의 소식, 제품소개 등다양한 이벤트와 혜택을 알려드리려 합니다.
ZION (hereinafter referred to as the Company) has the following processing policies to protect users’ personal information and rights and interests in accordance with the Personal Information Protection Act and to smoothly handle user complaints related to personal information.
When the company revises its privacy policy, it will be notified through website notices (or individual notices).
1. Purpose of collecting and using personal information
The company processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following purposes, and prior consent will be sought when the purpose of use is changed.
a. Managing homepage
We process personal information for the purpose of handling complaints and preserving records for dispute resolution.
b. Civil affairs processing
Personal information is processed for the purpose of verifying the identity of the complainant, confirming the complaints, contacting and notifying for fact-finding, and notifying the results of processing.
2. Items of personal information to be collected and collection method
① Collection items
a. Automatic collection
– Access IP information, cookies, service use records, access logs, etc.
② Collection method
Personal information is collected in the following ways.
– Access IP information, cookies, service use records, access logs: Automatically collected when accessing the homepage (membership)
3. Consent to collection of personal information
The company has prepared a procedure for you to check the “I agree” button for the contents of the company’s privacy policy or terms of use, and if you check the “I agree” button, you are deemed to have agreed to the collection of personal information.
4. Matters concerning the installation, operation and rejection of automatic personal information collection devices
① In order to provide personalized service, we use ‘cookies’ that store and retrieve usage information from time to time.
② Cookies are a small amount of information sent to the user’s computer browser by the server (http) used to operate the website, and may be stored on the hard disk in the user’s PC computer.
a. Purpose of use of cookies: It is used to provide optimized information to users by identifying the types of visits and usage, popular search terms, secure access, etc. for each service and website visited by the user.
b. Installation, operation, and rejection of cookies: You can refuse to store cookies by setting options in the’Tools> Internet Options> Personal Information’ menu at the top of the web browser.
c. If you refuse to store cookies, you may experience difficulties in using customized services.
5. Personal information processing and retention period
a. The company processes and retains personal information within the period of retention and use of personal information in accordance with laws or the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
b. Each personal information processing and retention period is destroyed when the purpose of collection or provision is achieved as follows.
– Membership registration information: When the member withdraws or is expelled from the member
– When collected for temporary purposes such as a survey or event: When the survey or event is terminated
c. However, if it is necessary to hold it for a certain period of time due to confirmation of the relationship of rights and obligations related to transactions as follows in accordance with the Commercial Act and related laws such as the ‘Consumer Protection Act in Electronic Commerce, etc.’, it is retained for a certain period of time.
-Records on contract or subscription withdrawal: 5 years
-Records on consumer complaints or dispute settlement: 3 years
6. Provision and sharing of personal information to third parties
In any case, except for the consent of the user or in accordance with relevant laws and regulations, the Company shall in any case exceed the scope notified in “Personal Information Collection Items and Purposes” and “Purpose of Using Personal Information”. Do not use or provide to third parties. However, with the exception of the following cases.
-When users agree in advance.
-When it is necessary for the settlement of fees for service provision.
-When necessary for contract execution (product delivery/installation, service work)
-When there is sufficient grounds to believe that customer information should be disclosed in order to take legal action against others by causing mental or material damage.
-When it is necessary for statistics, marketing analysis, or market research, and it is processed into a form that cannot identify a specific individual and provided to an external institution or organization.
-When there is a request from an investigative agency in accordance with the provisions of other relevant laws or in accordance with the procedures and methods specified in the laws for investigation purposes.
-When it is remarkably difficult to obtain normal consent due to economic/technical reasons as personal information necessary for the execution of a contract regarding the provision of services.
7. Rights and obligations of the information subject and how to exercise the user As a personal information subject, the user can exercise the following rights.
a. The information subject may exercise the following rights related to personal information protection at any time to the company.
-Request to view personal information
-Request for correction if there is an error
-Delete request
-Request to stop processing
b. The exercise of the rights pursuant to Paragraph 1 may be made in writing, e-mail, fax, etc. to the Company in accordance with the form of Appendix 8 of the Enforcement Rules of the Personal Information Protection Act, and the Company will take action without delay.
c. If the information subject requests correction or deletion of errors in personal information, the company will not use or provide the personal information until the correction or deletion is completed.
d. The exercise of the rights pursuant to Paragraph 1 can be done through the legal representative of the information subject or through an agent such as a person who has been delegated. In this case, you must submit a power of attorney in accordance with the form of Attachment 11 of the Enforcement Regulations of the Personal Information Protection Act.
8. Destruction of personal information In principle, when the purpose of processing personal information is achieved, the company destroys the personal information without delay. The procedure, deadline, and method of destruction are as follows.
a. Destruction procedure
The information entered by the user is transferred to a separate DB (separate documents in the case of paper) after the purpose is achieved, and is stored for a certain period of time or immediately destroyed in accordance with internal policies and other related laws. At this time, the personal information transferred to the DB is not used for other purposes unless it is required by law.
b. Expiration date
When the personal information of the user has elapsed, within 5 days from the end of the retention period, when the personal information becomes unnecessary, such as achievement of the purpose of processing personal information, abolition of the service, termination of business, etc. The personal information will be destroyed within 5 days from the date it is recognized as unnecessary to process.
c. Method of destruction
Information in the form of electronic files uses a technical method that cannot reproduce the record.
Personal information printed on paper is destroyed by shredding or incineration.
9. Measures to ensure the safety of personal information The Company takes technical/administrative and physical measures necessary to ensure safety as follows in accordance with Article 29 of the Personal Information Protection Act.
a. Minimization and training of personnel handling personal information
We are implementing measures to manage personal information by designating employees who handle personal information and minimizing them by limiting them to the person in charge.
b. Conduct regular self-audit
We conduct our own audits on a regular basis (quarterly) to ensure the safety of handling personal information.
c. Establishment and implementation of internal management plan
We have established and implemented an internal management plan for the safe processing of personal information.
d. Encryption of personal information
The user’s personal information is encrypted and stored and managed, so only the person can know it, and for important data, separate security functions such as encrypting files and transmission data or using a file lock function are used.
e. Technical measures against hacking, etc.
The company installs a security program to prevent leakage and damage of personal information due to hacking or computer viruses, periodically updates and checks, installs a system in an area where access is controlled from outside, and monitors and blocks technically and physically.
f. Restricted access to personal information
Necessary measures are taken to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and unauthorized access from outside is controlled using an intrusion prevention system.
g. Storage of access records and prevention of forgery
The records of access to the personal information processing system are stored and managed for at least 6 months, and security functions are used to prevent forgery, theft, and loss of access records.
h. Use of locking device for document security
Documents containing personal information and auxiliary storage media are stored in a safe place with a lock.
l. Access control for unauthorized persons
A separate physical storage place for storing personal information is established and access control procedures are established and operated.
10. Personal Information Protection Officer
a. The company is responsible for the handling of personal information and appoints the person in charge of personal information protection as follows for the handling of complaints and damage relief of the information subject related to personal information processing.
Telephone Number: 050-2007-2875
Fax number: 050-2008-2875
E-mail: Zionmedi@daum.net
b. The information subject can inquire to the person in charge of personal information protection and the department in charge of all personal information protection related inquiries, complaint handling, damage relief, etc. that occurred while using the company’s service (or business). The company will respond and handle inquiries from the information subject without delay.
11. Changes to the privacy policy
a. This personal information processing policy is applied from the effective date, and if there are any additions, deletions, or corrections in accordance with laws and policies, we will notify you through the notice from 7 days before the enforcement of the changes.