COVI Group Co., Ltd. (hereinafter the “Company”) places great importance on the protection of customers’ personal information.We comply with all relevant laws and regulations that businesses must observe, including the Act on Promotion of Information and Communications Network Utilization and Information Protection and the Personal Information Protection Act. In accordance with these laws, the Company establishes and discloses this Privacy Policy to protect users’ rights and interests.The Company’s official website (website address) does not collect any personal information, as it does not operate a membership registration process. However, when a user submits an inquiry through the “Advertising Inquiry” form on the website, we collect the following personal information solely for the purpose of accurately understanding and responding to the inquiry:
- Company name
- Name
- Contact number
- Email address
Through this Privacy Policy, the Company explains how personal information is used, processed, and protected, as well as the measures taken to safeguard it. We also provide this information to ensure that any related inquiries or complaints can be handled promptly and smoothly.
1. Purpose of Collection and Use of Personal Information
- The Company processes personal information only for specified purposes.
- If the purpose changes, necessary measures will be taken in accordance with Article 18 of the Personal Information Protection Act.
- Main Purpose: To contact customers regarding advertising inquiries.
2. Items of Personal Information Collected & Collection Method
A. Items Collected
- Minimum information necessary for processing customer inquiries.
- Advertising Inquiry:
- Company name
- Name
- Email address
- Phone number
- Mobile number
B. Method of Collection
- Information collected directly from customers through the homepage form.
3. Restrictions on Collection of Sensitive Information
- The Company does not collect sensitive information (e.g., ideology, beliefs, medical history).
- Exceptions apply only when required by law or with explicit consent.
4. Retention and Use Period of Personal Information
- Personal information is destroyed without delay once the purpose has been achieved.
5. Procedures and Methods for Personal Information Destruction
A. Destruction Procedures
- After purpose achievement, information is transferred to a separate DB or physical storage.
- Retained for a certain period per retention policy and destroyed afterward.
- Information in separate DB will only be used for retention unless required by law.
B. Destruction Methods
- Printed documents → Shredding or incineration.
- Electronic files → Technical deletion preventing recovery.
6. Provision of Personal Information to Third Parties
A. Basic Principle
- No use or provision beyond stated purposes unless:
- Data subject consents, or
- Required by law.
B. When Provision Occurs (b)
- Data subjects will be notified in advance of:
- Recipient identity
- Recipient’s business
- Personal information items
- Purpose of provision
- Separate consent will be obtained.
7. Outsourcing of Personal Information Processing
- The Company does not outsource personal information processing.
- Internal management includes:
- Compliance with personal information protection instructions
- Restrictions on use
- Defined responsibilities for incidents
8. Consent to Collection, Use, and Provision
- Customers may choose whether to consent before providing personal information.
- Personal information for identity verification is not collected or retained by the Company.
9. Rights of Data Subjects & Exercise Methods
Data subjects may request:
-
- Access
- Correction or deletion
- Suspension of processing
- Withdrawal of consent
10. Measures to Ensure the Security of Personal Information
A. Internal Management Plans
- Plans established and implemented per Ministry of the Interior and Safety guidelines.
B. Minimization & Education
- Responsible personnel minimized and regularly trained.
C. Access Restrictions
- Access rights granted/changed/terminated.
- Unauthorized external access blocked.
D. Access Log Retention
- Logs stored for at least 1 year with protection against tampering.
E. Encryption
- Critical personal information encrypted for storage and transmission.
F. Technical Security Measures
- Regular backup
- Antivirus use
- Encrypted communication
- Intrusion prevention system
G. Physical Security Measures
- Separate storage locations with access control and locking systems.
H. Personal Information Protection Organization
- Internal organization oversees protection and compliance.
11. Automatic Collection Devices (Cookies)
A. Purpose of Cookies
- Analyze visit frequency, preferences, event participation, targeted marketing, etc.
B. User Choice
- Users may accept or refuse cookies.
C. Refusing Cookies
- Browser settings allow cookie control.
- Example (Internet Explorer): Tools > Internet Options > Privacy
- Blocking cookies may affect service functionality.
12. Personal Information Protection Officer
- The Company designates a protection officer and responsible team for handling inquiries and complaints.
13. Department for Handling Access Requests
Customer Service Department
14. Remedies for Infringement of Rights
15. Changes to the Privacy Policy
-
- Revisions will be announced via website notices.
- Effective Date: December 1, 2025.
