Macquarie Korea Asset Management Co., Limited (the Company) has a Standards on Processing of Personal Information (the Standards) as follows in an effort to protect the personal information and rights of the principal of information (Information Principal) and to smoothly address the grievance suffered by the Information Principal related to the personal information pursuant to Article 30 of the Personal Information Protection Act (PIPA) and Article 27-2 of the Act on Promotion of Information and Telecommunication Network Utilization and Information Protection, etc.
The Company processes personal information for the purposes described in each of the following sections. The processed personal information will not be used for any other purposes than as set out below. Unless otherwise permitted by relevant law, the Company will notify and where required obtain prior consent from information principals in case of any changes to the following purposes of use:
(1) The items of personal information to be processed and method of collection thereof in order for the Company to attain the purposes set forth in Article 1 are as follows:
(2) In principle, the Company does not collect sensitive information that may threaten to infringe upon the privacy of the Information Principal. If necessary, the Company collects sensitive information by obtaining additional consent of the Information Principal and uses the same only for the limited purposes so consented; provided, however, that the Company checks the accuracy and currency of the sensitive information on a regular basis.
(3) The information of employees is collected via webpage, interview, document, fax, telephone, e-mail, information collection program, etc, from time to time as needed. However, the information of individual customer or officers and employees of corporate customers, on the presumption that the providing corporate customer duly provides the personal information of relevant officers and employees, is collected via various documents including business card, transaction document or working group list, telephone, e-mail, etc.
The personal (credit) information of the Information Principal collected for the purposes described in Article 1 will be retained and used until the above stated purposes of provision are all accomplished. The concerned personal (credit) information will be destroyed when it is confirmed to be unnecessary unless there exists an obligation to retain it pursuant to the laws and regulations.
(1) In principle, the Company will process the Information Principal’s personal information within the scope of the purpose outlined in Article 1 and will not process information exceeding the primary scope or provide it to a third party without the consent of the Information Principal in advance. However, in any of the following cases, except where there is a concern of unfairly infringing upon the interests of the Information Principal or a third party, the personal information may be used for other purposes or provided to a third party.
(2) The Company provides the staff’s personal information as stated in each item below.
(3) When the Company obtains consent of the Information Principal or provides personal information in accordance with Article 15, Paragraph (1), Items 2, 3 and 5 of the PIPA, the Company will not notify the Information Principal of each of Article 17, Paragraph (2) of the PIPA and the Information Principal’s right to request inspection, correction, deletion and suspension of processing of, the personal information.
(1) In principle, the Company does not delegate the processing of the concerned personal information to others without the consent of the Information Principal. However, in each of the following cases as set forth in Article 26 of the PIPA, the Company may delegate the processing of personal information.
(1) The Information Principal may request to inspect his/her own personal information or that of children under age 14 (applicable only to their legal representatives) that are processed by the Company.
(2) The Information Principal who inspected his/her own personal information may request the Company to correct or delete his/her personal information that are not verifiable or inconsistent with the facts. However, in cases where such personal information is stipulated to be collected in other laws and regulations, the Information Principal may not request the deletion of such information.
(3) In cases where the Information Principal requests correction or deletion of personal information, relevant personal information will not be used or provided until the correction or deletion is completed. In such cases, if incorrect personal information has been used or provided, such personal information will be immediately corrected.
(4) The Information Principal may request the Company to suspend the processing of his/her own personal information. However, in any of the following cases, the Company may refuse such request after notifying the Information Principal of the reason of such refusal:
(5) The personal information that is terminated or deleted by the Company upon request of the Information Principal will be disposed of pursuant to the period of process and retention of personal information under Article 3 hereof.
(1) If the expiration of the retention period of personal information, the Company will destroy such information as soon as practically possible from the expiration date of the retention period, unless any of the followings occurs. If such personal information becomes no longer needed for reasons that the purpose of processing such information has been achieved, the business has been closed, etc, the Company will destroy such information as soon as practically possible from the date on which the processing of such information is deemed unnecessary, unless any of the following occurs:
(2) Any printout, document, etc. containing personal information will be destroyed by incinerating or shredding them into pieces, and personal information in the form of electronic file will be destroyed by permanently deleting it in an irrevocable manner.
The Company takes following technical, administrative and physical actions required to ensure the safety of personal information in accordance with Article 29 of the PIPA:
In order to protect personal information and deal with complaints about personal information, the Company designates Compliance manager (phone number: 822 3705 4950) as Privacy Officer under Article 31(1) of the PIPA.
The Company installs and operates imagery information processor as follows.
Facility safety, crime prevention, collection of evidences, etc. for the Company
Number of processors installed, location of installation, scope of filming
Responsible manager and department and persons having access to the imagery information
Imagery information filming hours, retention period and place, and processing method
Method for inspection of imagery information
Measures in response to the request of the Information Principal for inspection, etc. of imagery information
In order for the Information Principal to access imagery information, he/she shall file an application for access with the Company in a form of application for inspection/confirmation of existence of the personal imagery information. The Company allows access to the imagery information only when the Information Principal himself/herself is filmed, or when it is explicitly required for benefit in life, body, and asset of the Information Principal.
For protecting imagery information, the Company takes actions including maintaining an internal management plan, control of access and restriction of accessing authority, safe storing of the imagery information, application of transfer technology, storing of processing records and measures for preventing forgery or alteration, preparation of storage facility and installation of lock.
The Standards will apply from the enforcement date set out below. Any addition, deletion and correction of the Standards made pursuant to applicable laws and regulations will be notified via email seven days prior to the enforcement date of such change.
If the Information Principal needs to file a report or receive counseling with respect to the infringement of personal information, the Information Principal may contact the following organizations: