Hyundai Engineering & Construction Co., Ltd. (hereinafter referred to as “the Company”) has
efficiently deal with any grievances faced by the users with respect to personal information.
- 1. Purpose for Collection and Use of the Personal Information
- The Company collects and uses the personal information of users for the purposes described below. Any personal
information processed shall not be used for purposes other than stated below. If changes to originally prescribed
purposes are necessary, the Company will take measures required, such as obtaining user’s prior consent.
Purpose : To register and reply to filed reports (via online, paper, phone call) related to the Company's
corruption, irregularities, and others
- 2. Period of Retention and Use of Personal Information
- The Company shall process and retain personal information on the basis of the legislation or within the scope of the
consent received. All personal information shall be destroyed after being stored for three years. However, any
information that is destroyed after being stored for a certain period under the internal policies and laws is as follows:
① Act on the Consumer Protection in Electronic Commerce, Etc.: Record regarding customer complaints or
dispute resolutions (3 years)
② Protection of Communications Secrets Act: : Log record data, communications confirmation data such as
trace record of access location, etc. (3 months)
③ If consented by users: Until the end of the period consented by the user
3. Disclosure of Personal Information to 3rd Parties
1. The Company processes the personal information in accordance with Article 1 (Purpose for
Collection and Use of the Personal Information). Transfer of personal information is only
permissible under applicable laws and regulations or through the separate consent of the subject
of personal information.
2. If the report is related to the Company’s affiliates, the personal information may be provided
to the third party. In this case, the third party will include but not limited to our affiliates.
- The Company’s Affiliates:
Hyundai Engineering, Hyundai Steel Industries, Hyundai Architects & Engineers assoc, Hyundai Autoever, Hyundai City Corp, Hyundai farm land & development
- Purpose of providing personal information:
To verify the validity of the reports filed and any response thereof
- Provided Information: Name, Telephone number, e-mail address, Contents and Attachments files
- Period of retention and use: 3 years from the date of receipt
4. Consignment of personal information processing
- 1. The personal information collected by the Company is outsourced to the third parties below
for personal information processing.
- Assignee: Hyundai Autoever Corp
- Commissioned operation: Server and system management
- Personal information provided is specified in Article 6.
- Period of retention and use is specified in Article 2.
2. When the Company enters into the consignment contract with the Assignee, the following
contents will be specified: prohibition of processing personal information outside the assigned
purpose, technical and managerial protection measures, limitation of re-consignment,
management, and supervision on the Assignee, remedies, etc. The Company oversees whether
the Assignee collects and uses personal information in a safe and appropriate manner.
3. When the scope of assigned work or the Assignee is changed, the Company will reflect such
- 5. Rights of Users and Their Legal Representatives and How to Execute
1. Users may exercise the following rights to the Company, with regards to the protection of their
① Right of access
② Right to rectification
③ Right to erasure
④ Right to restriction of processing
2. Users may contact our Personal Information Manager at any time to exercise the
aforementioned rights, in paper or electronic format such
as e-mail. In this case, the
Company will take necessary measures without undue delay.
3. When users request the rectification or erasure of their personal information, such information
will not be used or provided to third parties until the necessary measure is taken.
- 6. Personal Information to be Collected and Used
The company collects the following personal information.
① Cyber Audit Office Homepage
- Name, Contact (telephone) number, e-mail address, Connection
Log, IP address
② Paper or Telephone, and email reports
- Name, Contact (telephone) number, e-mail address, Address.
- 7. Destruction of Personal Information
1. The Company will destroy personal information without delay after the purpose of use is
2. If the personal information retention period agreed by the user has elapsed or the personal
information has to be kept in accordance with other laws despite the achievement of the purpose
of processing, the personal information may be moved to a separate database (DB) or stored in
a different location.
3. The destruction procedures and methods are as follows:
① Procedure : The Company selects personal information to be destroyed and destroys it under the approval
of the Company’s Personal Information Manager.
② Destruction method : Personal information recorded or stored in electronic format will be destroyed in non-restorable
manner. Personal information recorded or stored in printed (paper) format will be shredded or
- 8. Safeguard of Personal Information
- The Company takes the following technical, managerial, and physical measures to secure stability
to prevent loss, theft, exposure, falsification, or damage of the personal information pursuant to
Article 29 of the Personal Information Protection Act. However, the Company will not be
responsible for any damages caused by the negligence of user or online accidents outside the
scope of management by the Company
1. Establishment of personal information management system
The Company's internal management policy is established and implemented in compliance with
the internal management guidelines of the Ministry of the Interior and Safety.
2. Minimizing Number of Employees Authorized to Handle Personal Information and Education:
The Company designates selected employees to handle personal information and provides
education and training on personal information protection.
3. Restriction on the access of personal information
The Company takes necessary measures to restrict access to the personal information database
system and uses a prevention system to control unauthorized access from outside.
4. Retention of access log and prevention of forgery and modification
All logs accessing the personal information processing system (weblog, summary information,
etc.) are retained and managed for at least two years. Security features are applied to prevent
access logs from being modified, forged, stolen, or lost.
5. Encryption of personal information
The user's personal information is encrypted. Additional security features are applied so that
important data are encrypted before use when stored or transmitted.
6. Countermeasures against hacking
The Company installs and regularly updates security programs to prevent leakage or damage of
the personal information due to possible hacking or computer viruses. Systems are installed in
areas restricted from external factors. In addition, a monitoring system has been established to
technically and physically oversee network traffic and to detect and block any hacking attempts,
including any illegal attempt to change information.
7. Limited access for unauthorized users
The Company has established and currently operates access control procedures, setting separate
physical storage of the system retaining personal data. In addition, it has physical measures in
place, including the installation of a locking device to safely store documents containing personal
- 9. Automatic collection tool for cookies and the denial thereof
The Company does not use ‘cookies’ which are automatically generated when users use internet
service in the website.
- 10. Personal Information Manager
In order to protect personal information and handle complaint with regards to personal
information, the Company has appointed personal data protection personnel as below.
- ▶ Privacy officer in charge of personal information protection
- - Kim, Ki Hong / Vice President
- - Business support group
- - Phone Number: 1577-7755, email@example.com
- ▶ Department for personal data protection related service:
- - Yang, Ji Hyuk / Senior Manager
- - Auditing group
- - Phone Number: 02-746-3696, jihyuk.yang @hdec.co.kr
Should users have any inquiries about the protection of their personal information, the handling
of complaints, or the remedy for damages while using the services provided by the Company,
users may contact our Personal Information Manager. In this case, the Company will answer the
inquiries promptly and sincerely.
- 11. Additional Remedies for infringement of personal information
Users can contact the institutions below if you have further inquiries or wish to report other
infringement of personal information.
- ▶ Personal Information Infringement Report Center
- - https://privacy.kisa.or.kr 118
- ▶ Personal Information Dispute Mediation Committee
- - https://www.kopico.go.kr 1833-6972
- ▶ Cyber Crime Investigation Division of the Supreme Prosecutors' Office
- - http://www.spo.go.kr 02-3480-3573
- ▶ Cyber Terror Response Centre of the National Police Agency
- - https://cyberbureau.police.go.kr 182
further additions, deletions, or amendments in accordance with the establishment/amendment of
applicable laws, changes in government policies, the Company will post reasons for changes and
its details on the website at least seven days prior to the amendment.