1. Introduction

This Privacy Policy outlines the guidelines that the company must comply with to ensure users can use the services with confidence. SI Analytics (hereinafter referred to as the “Company”) provides this Privacy Policy in compliance with relevant laws, regulations, and guidelines that personal information processors must adhere to for personal information protection.

2. Collection and Use of Personal Information

2.1.  Site Visits 

Personal information is collected directly from customers or through their web browsers when accessing the company’s site. The purposes of processing include compiling statistics, developing new products, improving products and services, optimizing user experience and site functionality, and understanding which parts of the site visitors find most interesting.

2.2. Email Subscription

When subscribing to email newsletters, the company collects customers’ names, email addresses, contact information, company names, job titles, positions, countries, customers’ IP addresses, and language preferences. The purpose of collecting customers’ personal information is for marketing and promotional purposes, including notices related to product improvements, warranties, and renewals based on customers’ requirements and interests.

2.3. Social Media

The company’s site may utilize social media features such as Facebook’s ‘Like’ button. These features may collect users’ IP addresses and pages visited on the company’s site and may use cookies, pixels, beacons, or similar technologies to ensure their proper functioning.

These features support options to post customers’ activity information related to the company’s products and services on their profile pages on third-party social media networks, allowing them to share with others within their network

 

3. Provision of Personal Information 

Cross-Border Transfer of Personal Information

Customer’s personal information may be stored and processed in any country where the company has facilities or service providers operate, and by accessing the company’s site, customers understand that their data may be transferred to countries such as the United States where data protection rules may differ from those in their country of residence. In certain circumstances, authorities such as courts, law enforcement agencies, regulatory agencies, or security agencies in those countries may have access to customers’ personal information.

Residents of the European Economic Area (EEA)

Some non-EEA countries are recognized by the European Commission (EC) as providing an adequate level of data protection under the EEA. In cases where information is transferred to countries not considered adequate by the EC in the EEA, the company takes appropriate measures including EU Standard Contractual Clauses to protect customers’ personal information.

  4. Personal Information Destruction Procedure and Method

Personal information is promptly destroyed when the purpose of processing personal information is achieved or when the retention and use period has expired. The company’s procedure and method for destroying personal information are as follows

  • Personal information printed on paper is shredded or incinerated for destruction, and records stored in electronic file formats are deleted using technology that cannot reproduce them.

While personal information is generally processed according to the designated retention and use period, the following information is retained for a certain period of time according to legal requirements

Retention Item Legal BasisRetention Period
Service visit recordsCommunications Privacy Act 3 months

 

 5.Installation, Operation, and Refusal of Devices for Automatically Collecting Personal Information

We may install and operate cookies for providing web-based services.

We use cookies to support fast and convenient website usage and provide personalized services.

  • What are cookies?
    Cookies are very small text files sent by the website to the user’s browser when the user visits the website, and they are stored on the user’s PC.
  • Purpose of use
    We use cookies to store and retrieve user information to provide personalized services. When users visit the website, the website server reads the cookies stored on the user’s device to maintain user preferences and provide personalized services. Cookies help users connect to and use the website as configured. Additionally, cookies are used to provide optimized advertisements and personalized information based on the user’s website visit history and usage patterns.
  • Refusal of cookie collection
    Users have the choice to accept or refuse cookie installation. Users can allow or refuse cookies through cookie settings in the web browser at “Settings > Privacy > Cookies and other site data” path. However, refusing to install cookies may make web usage inconvenient and may make it difficult to use some services that require login.

We may provide links to third-party websites and services.

The third-party websites and services are not subject to this privacy policy. Customers visiting such websites should review the privacy policy of the respective website.

 6. Measures to Ensure the Security of Personal Information

The company takes appropriate security measures to prevent unauthorized access, loss, alteration, or disclosure of customers’ personal information. Only relevant and reasonably required employees and contractors are allowed to access customers’ personal information for necessary tasks.

 7. Rights, Duties, and Exercise Methods of Users and Legal Representatives

For visitors/customers residing in the EEA and the UK, the company manages personal information. However, the company generally collects personal information only with the customer’s consent, when necessary to fulfill the contract with the customer, or when the processing of information conforms to the legitimate interests of the company while ensuring the rights, fundamental freedoms, and interests of the customer are protected.

  • Access:  Customers have the right to request access to personal information. Through this, they can confirm their personal information and check whether the company is processing information lawfully.
  • Modification: Customers have the right to request modifications to their personal information. This allows them to correct incomplete or inaccurate information.
  • Deletion:  Customers have the right to request the deletion of personal information. If the company has no legitimate reason to continue processing the personal information, customers can request the company to delete or remove their personal information. However, if the company is required to comply with legal obligations or establish, exercise, or defend legal claims, the company may not need to delete the customer’s personal information.
  • Objection:Customers have the right to object to the processing of their personal information based on legitimate interests (or the interests of third parties) of the company in certain situations. 
  • Restriction:  Customers have the right to request a restriction on the processing of personal information. In situations where the company needs to establish the accuracy of information or the reasons for processing, customers can request the suspension of the processing of personal information.
  • Portability:  Customers have the right to receive their provided personal information in a structured, commonly used, and machine-readable format and have the right to transmit that information to another data controller without hindrance where technically feasible.
  • Withdrawal: If personal information processing is based on the customer’s consent, customers can withdraw consent at any time. The withdrawal of consent does not affect the lawfulness of processing performed before the withdrawal.
  • Complaints: If customers are dissatisfied with the way the company processes their personal information, they can file a complaint with the data protection authorities of their country of residence or the country where the alleged violation of data protection laws occurred.
  • France:Under the French Data Protection Act, customers have the right to decide in advance whether personal information should be stored, deleted, or disclosed after their death. 
Protection of Children’s Personal Information

The company’s website is not directed at children under 18 years of age, and the company does not intentionally collect personal information from children under 18 years of age without parental consent. If it is believed that the company has collected personal information from children under 18 years of age, please contact the company immediately for prompt action.

 8. Operation and Management of Video Information Processing Devices

The company strives to legally and appropriately manage video information processing devices installed and operated for purposes such as facility safety, crime prevention, and fire prevention, in accordance with relevant laws and regulations, to ensure that the rights and interests of data subjects are not infringed upon.

Basis for Installation and Purpose of Video Information Processing Devices

  • Facility Safety and Fire Prevention
  • Crime Prevention for the Safety of Employees and Visitors
  • Prevention of Unauthorized Intrusion by External Parties

Number of Installed Video Information Processing Devices, Installation Locations, and Coverage Area

Installation Location Number of Installations Location Coverage Area
Daejeon 5 units Office entrance, corridors, controlled areas, etc. Entrance and exit personnel

 

Manager and Authorized Personnel

Recording Time, Retention Period, Storage Location, and Processing Method of Video Information

  • Recording Time: 24 hours
  • Retention Period: 15 days from the date of recording
  • Storage Location: Respective server
  • Processing Method: Record and manage matters related to the use for purposes other than the intended personal video information, provision to third parties, destruction, viewing requests, etc. Personal video information will be permanently deleted by a method that cannot be restored upon expiration of the retention period

Outsourcing of Installation and Management of Video Information Processing Devices

The company outsources the installation and management of video information processing devices to ‘KT Telecop’ and specifies necessary matters in the outsourcing contract to ensure the safe management of personal video information in accordance with relevant laws and regulations. 

Method and Location for Checking Personal Video Information

  • Method: Contact the video information management manager or authorized personnel in advance and arrange a visit
  • Location: Seoul/Daejeon office

Measures for Requests to View Personal Video Information, etc., by Data Subjects:

Data subjects may request to view, verify, or delete their own personal video information. However, this is limited to personal video information in which the data subject is clearly identifiable or where there is an urgent need to prevent harm to life, body, property, or substantial rights or interests.

The company will promptly take necessary measures upon requests for viewing, verifying, or deleting personal video information. However, the company may refuse requests for viewing personal video information under the following circumstances

  • When the retention period of personal video information has expired and it has been destroyed
  • When it significantly impedes criminal investigations, prosecution, or trial enforcement
  • When there is a significant risk of infringing on the privacy of others by taking measures to respond to viewing requests
  • When there are legitimate reasons for refusing the data subject’s requests for viewing, etc

Measures to Ensure the Security of Video Information

  • To protect personal video information, we do not collect video information or use recording functions arbitrarily.
  • Access to stored video information is controlled except for those authorized.
  • Upon expiration of the retention period, video information collected through video information devices is permanently deleted to prevent restoration.

9. Remedies for Violation of Data Subject Rights

You can contact the following agencies for reporting and consulting on damages due to personal information infringement

Personal Information Infringement Report Center

Cyber Investigation Department of the Supreme Prosecutors’ Office  

Cyber Investigation Bureau of the National Police Agency  

10. Implementation and Amendment of Privacy Policy

We may modify the Privacy Policy for purposes such as reflecting changes in laws or services. If the modification significantly affects the rights or obligations of customers under this agreement, we will make reasonable efforts to notify customers of the changes and obtain their consent if legally required.

11. Contact Information

If you have any questions or comments regarding this Privacy Policy, please contact us at the following.

 

Date of Announcement: May 1, 2024

Effective Date: May 1, 2024

 

KR