ORIX Rentec (Korea) Corporation (also hereinafterreferred to as the “Company”) places an utmost importance on maintaining the privacyof users’ information, and to that end the Company is committed to complyingwith all other relevant laws and regulations such as the law regarding thepromotion of information and communication network use and protection ofinformation (the “Information and Communication Networks Act”), and the PrivacyProtection Act.
Name, Phone Number, E-mail Address
The Company collects personal information in thefollowing way.
- Entered information via Q&A(Enquiry)form
Personal InformationCollection and Purpose of Usage
The company utilizes the collected personal informationfor the following purposes.
- To receive and reply fromthe user’s enquiry
Period of Retainingand Utilizing Collected Personal Information
- The Company will generallyonly retain personal information we collect for a period of time reasonablynecessary to achieve the particular purposes for which we collected thepersonal information.
- Retaining for thespecified period in case of notifying retention period to users in advance andreceiving a prior agreement from user individually.
Procedure and Methodsof Destruction of Personal Information
In principle, the company destroys the informationwithout delay once the acquisition and utilization of the personal informationis achieved. The destruction procedure and method are as follows
- Destruction procedure
The collected information shall be stored for a period time after the endof the purpose and will be destroyed according to internal regulations and thereasons for the information protection (refer retention and usage period) byother relevant laws. And personal information shall not be used for otherpurposes except in cases where it is not provided by law and used only forretention.
- Destruction method
Personal information stored in an electronic file format is deleted, usinga technique that cannot be played electronically.
Disclosure andSharing of Collected Personal Information
In principle, the company shall not provide users'personal information to the outside. However, the following cases areexceptions.
- When users consent in advance
- When duly and reasonablyrequested by an investigation authority for investigation purposes
Consignment of Handlingof Collected Personal Information
In order to provide improved services to users, thecompany may outsource the handling of users’ personal information.
- If the company outsourcesthe handling of users’ personal information, it will notify the users inadvance.
- In the case of outsourcingthe handling of users’ personal information, the company clearly stipulates theobservance of the personal information protection policy of theoutsourcing provider, theconfidentiality of personal information, the prohibition of provision to athird party, the responsibility for leakage accidents and will keep theagreement in writing or electronically.
Rights and Exerciseof the Users and the Legal Representatives
Users can exercise the following rights to the extentpermitted by laws and regulations of the country or region in which users reside.
- Notice of intended use ofpersonal information
Users can request we inform users of our intended use for users’ personalinformation that we possess. In the event users make such a request, we willrespond to the request promptly and appropriately in accordance with applicablelaws and regulations.
- Access to personalinformation
Users have the right to verify whether or not we process personalinformation about users and, if we process such personal information, users havethe right to request access to it. Users also have the right to obtain a copyof users’ personal information that we process. In the event users request wedisclosure users’ personal information to users, we will respond to the requestpromptly and appropriately in accordance with applicable laws and regulations.
- Correction of personalinformation
If users’ personal information is inaccurate or incomplete, users have theright to request that we correct, supplement or otherwise complete suchpersonal information ("Rectify"). In the event users request weRectify users’ personal information, we will respond to such request promptlyand appropriately in accordance with applicable laws and regulations.
- Deletion of personalinformation
Users have the right to require us to delete any of users’ personalinformation that we process. Provided, however, that we are not obligated totake such action if our retention of such personal information is necessary tocomply with our legal obligations or to assert, enforce or defend our legalrights.
- Restrictions on theprocessing of personal information
If users’ personal information processed by the Company is inaccurate, theprocessing by the Company is illegal or it is no longer necessary for the Companyto process the personal information for a particular purpose, users have theright to restrict the processing of users’ personal information. However, if theCompany is unable to delete users’ personal information due to the need tocomply with legal or other obligations or users do not request deletion of users’personal information by the Company, we are not obligated to take such action.
- Withdrawal of consent
If users consent to processing of users’ personal information, users havethe right to withdraw users’ consent at any time.
Users have the right tofile a complaint about the processing of users’ personal information by us.
Measures forSecurity of Personal Information
In handling users' personal information, the company usesthe best efforts to prevent such information from being lost, stolen, leaked,falsified or damaged by taking the following technical, administrative andphysical measures for security assurance:
- Training for the person incharge of personal information management
Regular training related with personal information isprovided to personal information workers.
- Encryption of personalinformation
Personal information ofusers is protected and stored and managed in encrypted form (SSL).
- Technical measures againsthacking
Personal information is protected by security software for the preventionof leakage, damage or tampering due to hacking or computer virus infection, andthe software is periodically updated and tested. All systems are technicallyand physically monitor and block access from outside.
Protection of PersonalInformation of Children
- If the Company need tocollect personal information of the minors under the age of 14, we will getconsent from their legal representatives or guardians.
- Legal representatives ofchildren have a right to access to Personal Information of thatchildren/correction or deletion of Personal Information/temporary suspension oftreatment of Personal Information/ and request for withdrawal of their consentprovided before, and the company shall accept these requests immediately.
The Company has appointed the following departments andpersons to be responsible for protecting its users’ privacy and personalinformation and for gathering their opinions and handling their complaints:
- Privacy Officer
General Administration Headquarters
- Person in charge of InformationSecurity
- General AdministrationHeadquarters
Report and Complaintagainst Privacy Violations
If you need to report or consult other privacyviolations, please contact the following institution.
- Personal Dispute MediationCommittee : 1833-6972 (www.kopico.go.kr)
- Information ProtectionMark Certification Committee: 02-550-9531~2 (www.eprivacy.or.kr)
- National Police Cyber Security Agency : 182 ()
- Privacy Committee of theAnti-Corruption and Civil Rights Commission : 044-200-7130 (www.acrc.go.kr)
- Personal InformationInfringement Reporting Center : 118 ()
- Cyber Crime Division ofthe Supreme Public Prosecutor's Office : 1301 (www.spo.go.kr)