Privacy Policy
All personal information handled while using the BESA website and users' rights is protected by following the privacy regulations of the related laws such as the Personal Information Protection Act, and the following policy is provided in order to smoothly handle users' complaints related to personal information.
The Purpose of Processing Personal Information
BESA handles personal information for the following purposes. The processed personal information will not be used for any purpose other than the following purposes, and if the purpose of use is changed, prior consent will be sought.
Provide the quote request service on the BESA website.
Personal Information Processing and Retention Period
Personal Information processing and retention period is as follows.
Personal information file name: Management of quote request on the BESA website
Retention basis: consent from the information subject
Retention period: five years
※ Information about the collected and held personal data files is provided through the Comprehensive Support Portal for Personal Data Protection.
Comprehensive Support Portal for Personal Data Protection(www.privacy.go.kr) → Personal Information Request → Request Personal Information Access → Use the 'Search Personal Information Files' menu.
Sharing the collected personal information with the third party
BESA handles the personal information of the user within the scope specified in Article 1 (Purpose of processing personal information) and does not process it beyond the original scope without prior consent of the user or provide it to the third party. However, exceptions are made when it is subject to Article 18 of the Personal Information Protection Act, such as when there are special regulations in other laws or investigation of crimes.
When the personal information is shared with the third party, the recipient (institution), the basis and purpose of sharing, the items of personal information to be shared, and the retention and use period of personal information of the recipient (institution) will be notified.
Consignment of Personal Information Processing
Details of Consignment:
Implementation of technical measures for handling personal information due to the correction and maintenance of BESA
Items of Consignment:
BESA clearly stipulates, in writing and electronically, the compliance with the regulations related to the privacy of service providers, confidentiality of personal information, the prohibition of third party provision of personal information, and the responsibility. When the consignee company is changed, it will be notified by the notice and personal information processing policy.
Processed Personal Information Items
BESA processes personal information only by the regulations and the consent of the subject of information.
The personal information that the BESA processes based on the provisions of the Act is as follows.
Mandatory Items: Company Name, Address, Person in charge, Contact phone number, e-mail address, contact details
Optional Items: Website address, material, quantity, square type, circular type, angle, purpose of use
The Rights, Obligations and methods of exercise of information principal and legal representatives
Information subject (legal representative for person under 14 years of age) may exercise one's right to access personal information, or to request for revision, deletion, and stopping the processing of personal information at any time.
The exercise of the rights under Paragraph 1 shall be completed in accordance with the form No. 8 of the Enforcement Regulations of the Personal information Protection Act and shall be carried out in writing, e-mail, and fax, and it will be handled without delay.
The rights under paragraph (1) may be exercised through a representative or the agent who has been delegated. In this case, a letter of attorney according to Form 11 of the Enforcement Regulations of the Personal Information Protection Act must be submitted.
The requests for the access of personal information and suspension may be restricted under Article 35 paragraph 5 and Article 37 paragraph 2 of the Privacy Act.
The request for the correction and deletion of personal information can not be requested if the other personal information is specified as the object of collection under another Act.
The person who makes the request for access according to the right of the subject of information, request for correction, deletion, and request for suspension of processing will be confirmed whether the person is him/herself or a legal representative.
Personal Information Disposal Procedure and Method
The personal information of the users shall be disposed without delay when the collection and purpose of personal information expires. If the personal information becomes unnecessary, such as the expiration of the period of personal information retention and the achievement of processing purpose, the personal information shall be destroyed without delay.
If the personal information has to be preserved in accordance with other laws and regulations despite the expiration of retention period agreed by the information subject or the purpose of processing, the relevant personal information (or personal information file) shall be moved to a separate data base(DB) or stored at different storage locations.
Procedures and methods of personal information disposal are as follows.
Disposal Procedure:
BESA establishes the destruction plans and dispose the personal information (or personal information files) that should be destroyed. In the event of destruction, the personal information (or personal information file) in which the reason for the destruction occurred is selected, and the personal information (or personal information file) is destroyed with the approval of the personal information protection manager.
Disposal Method:
A) In case of electronic file format, permanently deleted in an unrecoverable manner
B) In case of recorded, printed, written or other recording media other than in the form of electronic files, crushed or incinerated
Installation, operation and rejection of automatic personal information collecting device
To provide personalized service to users, 'cookie' is used to store and retrieve information from time to time.
Cookie is a small amount of information that is sent from the server used to run the website to the user's computer browser and is sometimes stored on the user's PC's hard disk.
A) Purpose of Cookie: Used to provide optimized information to users by identifying visits, usage patterns, popular searching terms, and security access to each service and websites visited by users
B) Installation, operation and rejection of cookie: Tools at the top of the web browser>Internet Options>Personal Information menu option seetings can be used to reject cookie.
C) If saving of cookie is rejected, then difficulty of using customized services may occur.
Measures to ensure the safety of personal information
In accordance with the section 29 of the Privacy Act, BESA makes the following technical, administrative and physical actions necessary to ensure safety.
The internal management plan ('11.9.30) is established and implemented in accordance with the 'Measures to Ensure the Safety of Personal Information' (Ministry of Public Administration and Security Notice No. 2011-43).
Designation of personal information managers is minimized and provided regular education.
Access to personal information is controlled by granting, changing, and terminating access to the database system for processing personal information, unauthorized access from outside network is controlled by using the intrusion prevention system and detection system, and the virtual Private network (VPN) is used if a person accessing the personal information processing system from outside through the information and communication network. Also, the history of authorization, change, or termination is recorded and this record is held for at least three years.
Records (web logs, summary information, and etc.) accessed to the personal information processing system are kept and managed for at least six months, and this records of access are managed to prevent forgery, theft, or loss.
The users' personal information is encrypted, stored and managed. In addition, sensitive data uses separate security functions, such as cryptographically used for storage and transmission.
BESA installs security programs, periodically updates and checks to prevent personal information leakage and damage caused by hacking or computer viruses, installs systems in externally controlled areas, and monitors and blocks systems technically and physically.
The physical storage of personal information systems is separated, and access procedures are established and operated accordingly.
Chief Privacy Officer and Contacts Information
BESA is responsible for the overall personal information processing activities, and designated the person in charge of personal information protection as follows for complaints and damages of the information subjects.
The person in charge of personal information protection and contact information
Chief Information Officer
Name: Lee Jae-hyung
Position: Head of Overseas Sales
Position: Manager
Phone: 053 588 0800
Email: besa@besablade.com
Department of Personal Information Protection
Department Name: Sales Department
Personnel: Lee Jae-hyung
Phone: 053 588 0800
Remedies for Infringement
Information subject can inquire about the infringement of personal information and consultation to the following organizations.
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
Personal Information Infringement Center: 118 (privacy.kisa.or.kr)
Cyber Criminal Investigation Section of Supreme Prosecutors' Office: 1301, cid@spo.go.kr (www.spo.go.kr)
National Police Agency Cyber Bureau: 182 (cyberbureau.police.go.kr)
Change of the privacy policy
This Privacy Policy will be applied starting in 2018. 10. 1.