Purpose of processing personal information 'Company' processes personal information for the following purposes.
The processed personal information will not be used for any purpose other than the following, and prior consent
will be sought when the purpose of use is changed.
Company will notify you through website announcements and e-mails when revising the personal
information processing policy.
○ This policy applies to the use of services on the company's website
('https://moneyonline.kr'), effective July 1, 2022.
- 가. Website membership registration and management
- Personal information is processed for the purpose of confirming the intention to sign up for membership,
identification and authentication of the member in accordance with the provision of membership service,
maintenance and management of membership, prevention of illegal use of services, various notices and
notifications, handling of grievances, and preservation of records for dispute resolution.
- 나. Provision of goods or services
- Personal information is processed for the purpose of providing small overseas remittance service, real name
verification, and identity verification.
- 다. Use in Marketing and Advertising
- For the purpose of developing new services and providing customized services, providing event and
advertising information and participation opportunities, providing services and posting advertisements
according to demographic characteristics, verifying service validity, identifying access frequency, or
statistics on member service use We process personal data.
- 라. Fulfillment of obligations under laws and regulations
- Personal information is processed for the purpose of fulfilling the reporting obligations stipulated in the
Foreign Exchange Transactions Act, the Enforcement Decree of the Foreign Exchange Transactions Act, the
Foreign Exchange Transactions Regulations and related laws and regulations in accordance with the provision
of small-value overseas remittance services.
2. Processing and retention period of personal information
- ① The company processes and retains personal information within the period of retention and use of personal
information in accordance with laws and regulations or within the period of retention and use of personal
information agreed upon when collecting personal information from the information subject.
- ② Each personal information processing and retention period is as follows.
- 가. Personal information file name: member information
-
- - Personal information items: name, date of birth, gender, nationality, resident
registration number, passport number, alien registration number, email, mobile phone number,
home address, home phone number, bank account information, password, login ID, service use
record, access log , cookies, access IP information
- - Collection method: website, written form, member present original ID card or submit a
copy
- - Basis for retention: Consent of members for continuous use of services and related laws
- - Retention period: period determined by laws and regulations
- - Relevant laws:
- Records on handling consumer complaints or disputes: Act on Consumer Protection in
Electronic Commerce, etc. (3 years) Records on payment and supply of goods: Act on
Consumer Protection in Electronic Commerce, etc. (5 years)
- Records on contract or subscription withdrawal: Act on Consumer Protection in
Electronic Commerce, etc. (5 years) Records on Display/Advertising: Act on Consumer
Protection in Electronic Commerce, etc. (6 months)
- Personal information related to service use: Communication Secret Protection Act (3
months)
- 나. Personal information file name: Real name verification record
-
- - Personal information items: name, date of birth, gender, nationality, resident
registration number, passport number, alien registration number, driver's license number,
identification number, identification authenticity, identification validity period, mobile
phone number, home address, home phone number
- - Collection method: The member himself/herself submits an ID card or a copy of the ID card
through the website, written form, mail, or face-to-face
- - Basis of retention: Business regulations on anti-money laundering and prohibition of
public intimidation financing
- - Retention period: 5 years
- - Relevant laws: Act on the Reporting and Use of Specific Financial Transaction
Information
- 다. Personal information file name: Overseas remittance transaction record
-
- - Personal information items: name, date of birth, gender, resident registration number,
passport number, alien registration number, driver's license number, identification number,
mobile phone number, home address, home phone number, confirmation of financial sanctions
subject, confirmation of important foreign political figures record
- - Collection method: website, written form - Basis of retention: Foreign exchange
transaction regulations, business regulations on the prevention of money laundering and
public threat financing - Retention period: 5 years
- - Relevant laws: Foreign Exchange Transactions Act, Act on Reporting and Use of Specific
Financial Transaction Information, etc.
- 라. Personal information file name: subject to financial sanctions
-
- - Personal information items: name, nickname, business name, group name, organization name,
date of birth, gender, nationality, place of birth, resident registration number, passport
number, alien registration number, passport issuance date, passport validity date, mobile
phone number, address, phone number
- - Collection method: Announced by the Ministry of Strategy and Finance
- - Basis of retention: Guidelines for permission to pay and receive for the fulfillment of
obligations such as maintaining international peace and safety
- - Retention period: the period determined by laws and regulations, until the time of
deletion from the list of financial sanctioners
- - Relevant laws: Foreign Exchange Transactions Act D. Personal information file name:
foreign political figures
- - Personal information items: name, business name, group name, date of birth, gender,
nationality, organization name, position, relationship with major foreign political figures,
place of birth, passport number, passport issuance date, passport validity date, alien
registration number, mobile phone number, address , Phone number - Collection method:
Reporting of members when using the service, providing information from related
organizations, providing information from overseas organizations, and providing information
from partner companies
- - Basis of retention: Guidelines for permission to pay and receive for the fulfillment of
obligations such as maintaining international peace and safety
- - Retention period: period determined by laws and regulations
- - Relevant laws: Foreign Exchange Transactions Act
- ③ The company installs and operates cookies, and the information subject may reject them. However, if you
refuse to install cookies, you may experience inconvenience in using the service or there may be
difficulties in using some services.3. 개인정보의
3. Matters concerning provision to third parties
In principle, the company processes the personal information of the information subject within the
range specified for the purpose of collection and use, and only removes personal information if it falls under
Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the information subject or
special provisions of the law. Give it to 3rd party.
4. Consignment of personal information processing
- 가.
('Company') entrusts the following personal information processing tasks for
smooth personal information processing
-
1. |
Persons to whom personal information is provided |
C-Square Inc. |
Purpose of use of personal information by the recipient |
Provision of small overseas remittance service and fulfillment of obligations under the laws of
the respective country
|
Recipient's retention and use period |
7 years from the time it was provided in accordance with the relevant laws and regulations of
the country concerned
|
2. |
Persons to whom personal information is provided |
MoneyGram International B.V |
Purpose of use of personal information by the recipient |
Provision of small overseas remittance service and fulfillment of obligations under the laws of
the respective country
|
Recipient's retention and use period |
5 years from the time it was provided in accordance with the relevant laws and regulations of
the country concerned
|
3. |
Persons to whom personal information is provided |
Shinhan Bank |
Purpose of use of personal information by the recipient |
Provision of small overseas remittance service and fulfillment of obligations under the laws of
the respective country
|
Recipient's retention and use period |
period prescribed by law |
4. |
Persons to whom personal information is provided |
Gwangju Bank |
Purpose of use of personal information by the recipient |
Direct deposit payment |
Recipient's retention and use period |
period prescribed by law |
5. |
Persons to whom personal information is provided |
Korea Financial Telecommunications & Clearings Institute |
Purpose of use of personal information by the recipient |
Matters regarding the use of open banking and automatic payment registration |
Recipient's retention and use period |
period prescribed by law |
- 나. When the company concludes a consignment contract, in accordance with Article 25 of the
Personal Information Protection Act, the company shall provide for matters related to responsibilities such
as prohibition of personal information processing other than the purpose of performing entrusted work,
technical and administrative protection measures, restrictions on re-entrustment, management and supervision
of the trustee, compensation for damages, etc. It is specified in the document and supervises whether the
trustee handles personal information safely.
- 다. If the contents of the consignment work or the consignee is changed, we will disclose it
through this personal information processing policy without delay.
5. Rights and obligations of information subjects and how to exercise them
Users can exercise the following rights as the subject of personal information.
가. The information subject can exercise the following personal information protection rights
against the company at any time.
- ① Request to read personal information
- ② Request for correction if there is an error, etc.
- ③ Request for deletion
- ④ Request to stop processing
나. The exercise of the rights pursuant to Paragraph 1 can be done in writing, by e-mail, or by
fax (FAX) in accordance with Form 8 of Attachment No. 8 of the Enforcement Rule of the Personal Information
Protection Act, and the company will take action without delay.
다. If the information subject requests correction or deletion of personal information, the
company will not use or provide the personal information until the correction or deletion is completed.
라. The exercise of rights pursuant to Paragraph 1 may be done through an agent such as the legal
representative of the information subject or a person who has been delegated. In this case, you must submit a
power of attorney in accordance with Form 11 of the Enforcement Regulations of the Personal Information
Protection Act.
6. Destruction of personal information
In principle, when the purpose of personal information processing is achieved, the company
destroys the personal information without delay. The procedures, deadlines and methods of destruction are as
follows.
- 가. destruction procedure
- The information entered by the user is transferred to a separate DB after the purpose is achieved (a
separate document in the case of paper) and is destroyed after being stored for a certain period according
to internal policies and other related laws or immediately. At this time, the personal information
transferred to the DB will not be used for any other purpose unless it is in accordance with the law.
- 나. When the personal information of the destroyed user becomes unnecessary within 5 days from
the end of the retention period when the retention period of personal information has elapsed, the personal
information becomes unnecessary, such as achieving the purpose of processing personal information,
abolishing the service, or terminating the business We destroy the personal information within 5 days from
the date on which the processing of personal information is deemed unnecessary.
- 다. Destruction method Information in the form of electronic files uses a technical method
that cannot reproduce the record. Personal information printed on paper is shredded with a shredder or
destroyed through incineration.
7. Measures to ensure the safety of personal information
In accordance with Article 29 of the Personal Information Protection Act, the company is taking
the following technical/administrative and physical measures necessary to secure safety.
- 가. Conduct regular self-audits
- We conduct regular self-audits to ensure stability in handling personal information
- 나. Minimization and training of personnel handling personal information
- We are implementing measures to manage personal information by designating employees who handle personal
information and limiting them to the person in charge.
- 다. Establishment and implementation of internal management plan
- We have established and implemented an internal management plan for safe handling of personal information.
- 라. Technical measures against hacking, etc.
- In order to prevent leakage and damage of personal information caused by hacking or computer viruses, the
company installs security programs, periodically updates and checks, installs systems in areas where access
is controlled from outside, and technically and physically monitors and blocks them.
- 마. Storage of access records and prevention of forgery
- The records of access to the personal information processing system are stored and managed for at least 6
months, and security functions are used to prevent forgery, theft, or loss of access records..
- 바. Restricting access to personal information
- We take necessary measures to control access to personal information by granting, changing, and canceling
access rights to the database system that processes personal information, and we use an intrusion prevention
system to control unauthorized access from outside..
- 사. Encryption of personal information
- 아. Use of locks for document security Documents and auxiliary storage media containing
personal information are stored in a safe place with a locking device.
- 차. Access Control for Unauthorized Persons We establish and operate access control procedures
in a separate physical storage location that stores personal information.
8. Created by the person in charge of personal information protection
- 가. The company is responsible for overall handling of personal information, and has designated a person in
charge of personal information protection as follows to handle complaints and damage relief from information
subjects related to personal information processing.
-
- ▶ Personal Information Protection Officer
-
- Name: Jung Joong-ki
- Position: CEO
- Contact : 02-6956-0309, privacy.kr@c-square.net
t
※ You will be directed to the department in charge of personal information protection.
- ▶ Department in charge of personal information protection
-
- Contact Person : Jinho Kang
- Contact :02-6956-0309, compliance.kr@c-square.net
- 나. The information subject is responsible for all personal information protection-related
inquiries, complaint handling, and damage relief that occurred while using the company's services.
- You can inquire about matters related to personal information protection to the person in charge of personal
information protection and the department in charge. The company will respond and handle the inquiries of
the information subject without delay.
9. Request to view personal information
- 가. The information subject may file a request for access to personal information in accordance with Article
35 of the Personal Information Protection Act to the following departments. The company will make every
effort to promptly process the personal information access request of the information subject.
-
- ▶ Reception and processing department of personal information access request
-
- Contact Person : Kim Hyun-jung
- Contact: 02-6956-0309, compliance.kr@c-square.net
- 나. In addition to the department for processing requests for access requests, information
subjects can also request access to personal information through the ‘Comprehensive Support Portal for
Personal Information Protection’ website (www.privacy.go.kr) of the Ministry of Public Administration and
Security.
-
- ▶ Ministry of Public Administration and Security's Personal Information Protection Comprehensive
Support Portal → Personal Information Complaints → Personal Information Access Request
- (You must have an I-PIN to verify your identity)
- 다. The following organizations are separate organizations from the company. If you are not
satisfied with the company's own personal information complaint handling and damage relief results, or if
you need more detailed help, please contact us.
-
- ▶ Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
-
- - Responsibilities: Report personal information infringement, apply for counseling
- - Homepage: privacy.kisa.or.kr
- - Phone: (without area code) 118
- - Address: (58324) 9 Jinheung-gil, Naju-si, Jeollanam-do, Personal Information Infringement
Report Center
- ▶ Personal Information Dispute Mediation Committee (operated by Korea Internet &
Security Agency)
-
- - Responsibilities: Personal information dispute mediation application, collective dispute
mediation (civil resolution)
- - Website: www.kopico.go.kr
- - Tel: (without area code) 1833-6972
- - Address: (03171) Personal Information Dispute Mediation Committee, 12th Floor, Government
Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul (03171)
- ▶ Supreme Prosecutor's Office Cyber Crime Investigation Team: (without area code)
1301 (www.spo.go.kr)
- ▶ National Police Agency Cyber Crime Investigation Team: (without area code) 182
(ecrm.police.go.kr)
10. Changes to the Privacy Policy
This personal information processing policy is effective from the effective date, and if there are
additions, deletions, or corrections of changes according to laws and regulations, we will notify you through a
notice 7 days before the implementation of the changes.