1. Items of Collected Personal Information
Korea Smart Card Co., Ltd. collects the following personal information for the reservation of the intercity bus ticket, the provision of the supplementary service, and the customer consultation.
▶ Items of Collected Personal Information :
Credit Card Number, Card validity period, date of birth, mobile phone number, email
2. How to collect Personal Information
The company collects personal information in following ways.
▶ Collected from information automatically generated at a time of use of the Internet
(Collected from credit card information earned at a time of a reservation)
3. Purpose of Collection and Use of Personal Information
The company collects personal information for following purposes and uses collected personal information only for pertinent purposes.
▶ Settlement of tickets and payment of tickets
▶ preservation of records for adjustment of disputes, handling of civil applications including complaints,
▶ the latest information including announcement, information on change in services,
▶ delivery of marketing and promotional information related to the service
4. Share and provide your personal information
Except for the case of Chapter 3 above, the Company shall use the personal information of the user within the scope of the notice stated in the
"Purpose of Collection and Use of Personal Information" and shall not provide it to any third party.
However, except as follows.
▶ If users agree in advance
▶ If there is a request from the investigating agency in accordance with the provisions of
the Act or the procedure and method prescribed by the Act for the purpose of investigation
▶ Providing to government agencies or research organizations in the form of unidentifiable individuals for statistical writing, academic research or market research.
5. Entrustment of Collected Personal Information
The company uses outside services in charge of customers’ personal information in order to provide services and designates provisions on safe management
of personal information at a time of entrustment contract in accordance with related laws and regulations.
The present personal information processing entrustment institution and its obligations are as follows.
||Information Retention and Use Period
|Korea Smart Card Co., Ltd. CS Partners
||Customer center management consulting service to improve consulting efficiency
||Until end of consignment contract
In addition to the above, the Company will not entrust the handling of the user's personal information to an outside company without the consent of the user.
In the event that such a need arises in the future, we will notify the user of the entrusted person and the contents of the entrusted business and will receive prior consent.
6. The Period of Ownership and Use of Personal Information
Personal information on customers shall be immediately destroyed once it fulfills the purpose of collection and use of personal information in principle, provided that the following information shall be preserved for a specified period of time for reasons specified as below.
▶ Fraud history
▶ Reason for retention: Prevention of fraud
▶ Retention period: 1 year
▶ Records on contracts and revocation: Five (5) years (Act on the Consumer Protection in the Electronic Transactions, etc.)
▶ Records on handling of consumer complaints and resolution to disputes: Three (3) years Act on the Consumer Protection in the Electronic Transactions, etc.)
7. Procedures for Destruction of Personal Information and Pertinent Methods
Personal information on customers shall be immediately destroyed once it fulfills the purpose of collection and use of personal information in principle.
Procedures for destruction of personal information by the company and its method shall be as follows.
Procedures for destruction
Information that users entered to subscribe to membership shall be immediately destroyed in accordance with reasons (refer to the period of ownership and usage) for information protection specified in internal principles and other related laws and regulations once it fulfills intended purposes.
Methods of destruction
Printed personal information shall be shredded or incinerated.
Personal information saved in electronic files shall be deleted through the use of irrevocable technical methods.
8. Rights of Users and Their Legal Representatives and a Method of Exercise
You and your legal representative may at any time ask for your personal information to be viewed or corrected or corrected for errors.
If it is impossible to exercise rights on the homepage, make sure to contact personnel in charge of protecting personal information in writing or via phone or email.
Then, the company will take necessary measures immediately. If users made a request to correct errors in personal information,
the pertinent personal information shall not be used or provided until correction is completed. In addition, if incorrect personal information was already provided to a third party, the result of correction shall be immediately notified to rectify situation.
The company shall deal with personal information cancelled or deleted as per requests made by a user or a legal representative in accordance with "Period of Ownership and Usage of Personal Information"
and ensure that it shall not be viewed or used for other purposes.
The responsibility of the accident that occurs when the user enters the incorrect information belongs to the user, and the use of the service may be restricted if false information such as theft of the other information is entered.
9. Technological/Administrative Measures for Protection of Personal Information and Notification on Leakage
The company shall take the following technological/administrative measures in order to secure stability so that personal information on customers cannot be lost, stolen, leaked, altered or damaged.
The Company is doing its best to prevent personal information from being leaked or damaged by hacking or computer viruses.
In order to protect personal information from damage, we are backing up the data from time to time. We use the latest vaccine program to prevent personal information or data from being leaked or damaged, and we can securely transmit personal information on the network through encryption algorithms.
We use unauthorized access from outside by using intrusion prevention system, and try to have all possible technical devices to secure system stability.
The Company restricts the handling of personal information of users to specific personnel, and a separate password is given to them for periodic updating.
In addition, through the internal audit organization, we check whether the personal information handling policy of the person in charge of handling and managing personal information is complied with, and if any problem is found, we are working to correct it immediately. However, the Company does not take any responsibility for any problems caused by leakage of personal information due to user's carelessness.
10. Contact Information on Privacy Supervisor
In order to protect user's personal information and to deal with complaints related to personal information, the Company has designated the related department and personal information manager as follows.
Name of Department : IT Division
Name : Lee Jin Wook
Position Division Head
Telephone : 02-1644-0088
email : firstname.lastname@example.org
Customers may report all complaints related to protection of personal information by using corporate service to Privacy Supervisor.
The company shall provide prompt and detailed responses to complaints lodged by users.
Date of public notification : April 19, 2016
Date of implementation : April 19, 2016