Charis Co., Ltd. (hereinafter referred to as “Company” or “charis”) complies with the personal information protection regulations of relevant laws and regulations, including the Personal Information Protection Act, and is doing its best to protect user rights and interests by establishing a personal information processing policy in accordance with relevant laws and regulations.

Chapter 1. Purpose of collection and use of personal information
Chapter 2 Personal information items collected and collection methods
Chapter 3 Retention and use period of collected personal information
Chapter 4 Personal information destruction procedures and methods
Chapter 5 Provision and sharing of personal information
Chapter 6 Personal information consignment processing company
Chapter 7 Matters concerning the installation, operation and rejection of automatic personal information collection devices
Chapter 8 Measures to ensure the safety of personal information
Chapter 9 User rights and methods of exercising them
Chapter 10 Personal information protection manager and staff information
Chapter 11 Notice

Chapter 1. Purpose of collection and use of personal information

Personal information collected by charis solutions is used for the following purposes.
1. Agreement on service provision and settlement of service fees
Content provision, product delivery or invoice amount, identity verification and purchase, fee payment, fee collection
2. Membership management
Verification of identity according to the use of membership services, personal identification, refusal of use by delinquent members and rejection of unauthorized use, confirmation of intention to join, restriction of membership and number of times of membership, record keeping of tide adjustment, handling of complaints such as complaint handling, delivery of notices
3. Used for marketing and advertising
Development and specialization of services (products), identification of users, statistics on members’ service use, and delivery of new advertising information such as events

Chapter 2. Personal information items collected and collection methods

[Personal information items collected]

1. When first registering as a member, the following information is collected to identify members and provide optimized services.
– Required items: ID, password, name, name in charge (for corporate members), email address, mobile phone number, CI
2. When modifying personal information, the following information is optionally additionally collected.
– Address, fax number, phone number, English name, English address
3. When registering as a charissolution.com social member, the following information is collected to connect to SNS and provide smooth service.
– Required collection items: name (nickname), social email address, social unique key value
– Additional collected items: Information for personal identification such as profile information (profile photo), language preferences, etc.
*For additional collection items, information is collected to verify identity, but is not stored.

4. We collect the following personal information for consultation services.
– (Required) Name, phone number, email
5. The company may use user location information in certain services with the user’s consent.
– Location information is not used for any purpose other than using groupware services (attendance), and the company does not collect or store user location information on the server.
6. Additional personal information may be collected during the use of individual services, and the items are as follows.

The company collects personal information in the following ways.
1. Membership registration through the website, consultation bulletin board, sweepstakes application, delivery request
2. Collection through generated information collection tool
3. Collection based on service application and use

Chapter 3. Retention and use period of collected personal information

Personal information is processed and retained only within the personal information retention and use period agreed upon when collecting personal information from the information subject, and is never used for any other purpose.
However, if there is a need to preserve personal information in accordance with the provisions of related laws such as the Act on Consumer Protection in Electronic Commerce, etc. and the Communications Secrets Protection Act, the company stores personal information for a certain period of time specified in the relevant laws and the retention period is as follows.

– Records of contracts or subscription withdrawals, etc.
ㆍReason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
ㆍRetention period: 5 years
– Records of payment and supply of goods, etc.
ㆍReason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
ㆍRetention period: 5 years
– Records of consumer complaints or dispute resolution
ㆍReason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
ㆍRetention period: 3 years
– Records of visits (service use records, access logs, access IP information)
ㆍReason for preservation: Communication Secrets Protection Act
ㆍPreservation period: 3 months

Chapter 4. Personal information destruction procedures and methods

In principle, the company destroys the information without delay after the purpose of collecting and using personal information has been achieved or the retention and use period has elapsed. However, in order to prevent unauthorized use and resolve disputes regarding service use period and fees, member information (ID, order processing information) is kept for one year from the date of membership withdrawal. In addition, in accordance with the ‘personal information expiration date system’, if a member has no usage record for one year, the company notifies the member in advance and manages the personal information separately for one year and then destroys it.
Destruction procedures and methods are as follows.1. Destruction procedure
The information entered by members for membership registration, etc. is stored for a certain period of time and then destroyed in accordance with internal policies and related laws after the purpose is achieved.
2. Method of destruction
Personal information printed on paper is destroyed by shredding or incineration, and personal information stored in electronic file format is deleted using technical methods that render the records unrecoverable.

Chapter 5. Provision and sharing of personal information

In principle, the company uses members’ personal information only for the purpose of collection and use and does not disclose it to other people or other companies/organizations. However, exceptions are made in the following cases.
1. When the user consents in advance
2. When there is a request from an investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods set forth in the law for the purpose of investigation.
3. Use and provision of personal information consistent with the purpose of use
– When member information is used for business contact
4. In other cases, where it is necessary to provide personal information to a third party, personal information may be provided to a third party through legal procedures, such as obtaining the user’s consent.

Chapter 6. Entrustment of collected personal information

In order to improve services, the company entrusts personal information as follows, and stipulates necessary matters to ensure that personal information is safely managed when entering into a consignment contract in accordance with relevant laws and regulations.
The company’s personal information consignment processing agency and consignment work details are as follows and may change depending on changes in the relevant service and contract period. Any changes will be notified through the personal information processing policy.

Chapter 7. Measures to ensure the safety of personal information

charis is taking the following technical/administrative and physical measures necessary to ensure safety in accordance with Article 29 of the Personal Information Protection Act.

1. Minimization and training of employees handling personal information
– We are implementing measures to manage personal information by designating and minimizing the number of employees who handle personal information.
2. Establishment and implementation of internal management plan
– We have established and implemented personal information protection guidelines to ensure safe processing of personal information.
3. Technical measures against hacking, etc.
– In order to prevent leakage and damage of personal information due to hacking or computer viruses, Charis installs security programs, periodically updates and inspects them, and installs systems in areas where access from the outside is controlled, and monitors and blocks them technically and physically. .

4. Encryption of personal information
– The user’s personal information and password are encrypted, stored and managed, so only the user can know them. Separate security functions are used for important data, such as encrypting files and transmission data or using the file lock function.
5. Storage of access records and prevention of forgery and alteration
– Records of access to the personal information processing system are stored and managed for at least 2 years, and security functions are used to prevent access records from being forged, altered, stolen, or lost.
6. Restrictions on access to personal information
– Necessary measures (control) are being taken on access to personal information by granting, changing, and deleting access to the personal information processing system, and unauthorized access from outside is controlled using an intrusion prevention system.
7. Use of locking device for document security
– Documents and auxiliary storage media containing personal information are stored in a safe place with a lock.
8. Access control for unauthorized persons
– We have a separate physical storage location where personal information is stored, and access control procedures are established and operated for this.

Chapter 8. User rights and methods of exercising them

[Technical measures]

1. Users can view or modify their registered personal information at any time and request cancellation of membership. You can view and edit your personal information at ‘Mypage > Membership Information’, and cancel your membership at ‘Mypage > Withdrawal of Membership’.
2. Users can exercise their rights to request viewing, modification, withdrawal, and suspension of processing of personal information, and the reception and processing departments are as follows.
– Department: Service operation/management team

-TEL. 02-1234-5678, FAX. 02-9876-5432
Maxpia ICT4 Co., Ltd. 215-5, Daram-ro 36beon-gil, Docheok-myeon, Gwangju-si, Gyeonggi-do, 12809
[About membership registration for children under 14 years of age]

charis does not accept membership from children under 14 years of age.

Chapter 9. Personal Information Protection Manager and Consultation and Reporting

In order to protect members’ personal information and handle complaints related to personal information, the company has a personal information protection manager. For inquiries regarding members’ personal information, please contact the personal information protection manager or personal information protection officer below.

Chapter 10. Notice

If there are additions, deletions or modifications to content due to changes in laws, policies or security technology, notification will be made through a notice on the company website 7 days prior to the effective date of the changes. However, if it contains information that is unfavorable to members, notification will be made 30 days prior to the effective date of the change.
– Announcement date: August 23, 2023
– Effective date: August 30, 2023