1. Items and method of personal information collection
A. Essential items
Short-term accessors- General Information : Name, cell phone number, affiliated company, video clip from CCTV
Employee- General Information : Name, address, date of birth, gender, phone number, cell phone number, affiliated company, educational background, work experience, vehicle registration number, video clip from CCTV
Shipping Driver- General Information : Name, address, date of birth, gender, cell phone number, affiliated company, vehicle registration number, vehicle ownership, biometric data (fingerprint), location information, video clip from CCTV
Homepage(E-MAIL US) User- General Information : Name, cell phone number, E-mail
B. Method of collection
Via website, written document, GPS, CCTV, cookie
2. Purpose of personal information management
The ‘company’ manages personal information for the following purposes: approval and registration of entrance access to restricted areas, protection and observance of law related to nationally secured facilities, protection and observance of law related to Security of International Vessels and Port Facilities, revisit or entrance management, entrance control in accordance with the company’s security regulations, operation record management, security management, verification of work performance, fulfillment of contract, and linkage of the company’s operation system for related work execution.
3. Personal information management & period of information held
The ‘company’ will keep personal information until its purpose is achieved.
4. Entrustment of personal information management
The ‘company’ entrusts tasks in relation to personal information management as listed below. In case of entrustment contract, according to its relevant legislations, the ‘company’ makes necessary actions to assure that personal information is safely managed. Entrusted information is limited to minimum extent necessary for the tasks.
Entrusted Companies Contents of entrusted duty
Entrusted Companies |
Contents of entrusted duty |
GS ITM, Yullin Technologies, nlln |
Maintenance and system management |
SeoUn STS, Jin Myung Staffs, PROSCOM, S&I Corp, Capstec, C&S Corp |
Guidance and registration of entrance access Control of entrance door to restricted area |
5. Disclosure of personal information to third party
The Company discloses personal information of “Subject of Information” (as defined in Personal Information Protection Act) after obtaining consent of such Subject of information to third party as set forth below. Such personal information shall be managed only for the Purpose.
Recipient Purpose of Disclosure Contents of disclosed personal information Storage/Usage Period
Recipient |
Purpose of Disclosure |
Contents of disclosed personal information |
Storage/Usage Period |
Korea Transportation Safety Authority |
Safety management of dangerous materials transport pursuant to Articles 29 and 29-2 of the Framework Act on Logistics Policies (accident prevention, monitoring, accident response, etc.) |
Transportation business operator information (mutual, business registration number, address, representative, person in charge/contact)
Induced quantity information (vehicle number, total load)
Driver information (name, contact number, transportation registration number)
Carrying material information (dangerous substance name, quantity)
Transport site information (start/arrival/Way Point/address/latitude coordinates) |
3 year |
However, the Company can disclose personal information without the consent of the Subject of Information upon occurrence of any of followings:- The law expressly provides for an exception to the above consent requirement. - Disclosure is required to comply with duties imposed by the law. - Personal information has been modified into a form that is not capable of identifying any particular individual and is being disclosed for statistics, research or market investigation purposes.
6 .Procedure and method of personal information destruction
A. Procedure of destructionThe ‘company’ will destruct personal information immediately when it becomes unnecessary by termination of retention period or achievement of purpose. However, if the personal information has to be stored continuously to comply with company’s internal policies or other laws, it will be moved to separate data base or different location of the storage.
B. Method of destruction For the personal information in electronic file format, technical methods that prevent repair or regeneration of the record will be used. Printed personal information copies will be destroyed by paper shredder or incineration.
7. Subject’s right?duty and mean of exertion
A. The subject of information can exert the following rights to the ‘company’ anytime. However, it can be limited according to Paragraph 3 in Article 35, Paragraph 1 in Article 36, and Paragraph 2 in Article 37 as per the Personal Information Protection Act.① Reading request for personal information ② Suspension request for personal information management ③ Revision or deletion request for personal information
B. Mean of exertion is as in the following,① Exertion of right is available through written document and e-mail in a separate format, to which the ‘company’ will take steps with no delay. ② If revision or deletion of personal information is requested, the ‘company’ will not use or provide the personal information until the request is complete. ③ If subject of information wishes to exert the right through legal representative or delegated substitute, power of attorney should be submitted.
8. Measures confirming security of personal information
The ‘company’ makes the following steps to assure security of personal information.
A. Administrative Measures : Establishment?enforcement of internal administrative plan, periodic training for employees etc..
B. Technical Measures : Management of access right such as personal information management system, installation of access control system, encryption of Unique Identifying Information, installation of security program etc..
C. Physical Measures : Access control to computer room and data storage etc..
9. Chief Privacy Officer
Subject Person in charge Contact
Subject |
Person in charge |
Contact |
Head Office |
HR Office
Yong Chan Kim
Vice President |
02-2005-6500 |
YeoSu Plant (Shipping Driver) |
Storage & Shipping
Chong Yong Han
Vice president |
061-680-2603 |
YeoSu Plant (Visitors and Employee) |
Safety & Enviroment
Doo Cheon Choibr
Vice president |
061-680-3658 |
Local Terminal |
Logistics
Woo Young Heo
Vice president |
02-2005-6038 |
Local Business Site such as Oil Storage etc |
cal Business Vice president |
1544-5151 |
10. Manage of Personal Information Security
Subject Person in charge Contact
Subject |
Person in charge |
Contact |
Head Office |
General Affairs Team
Sung Jin Park
Team Leader |
02-2005-6500 |
YeoSu Plant (Shipping Driver) |
Product Shipping Team
Won Joon Boo
Team Leader |
061-680-2561 |
YeoSu Plant (Visitors and Employee) |
Emergency Response Team
Young Sul Youn
Team Leader |
061-680-2120 |
Local Business Site such as Oil Storage etc |
Local Business Manager |
1544-5151 |
Institute of Technology |
Research Support Team
Jung He Cho
Team Leader |
042-866-1820 |
11. Officer of Personal Information Security
Subject Person in charge Contact
Subject |
Person in charge |
Contact |
Head Office |
General Affairs Team
Seok Ryul Hong
Staff |
02-2005-6534 |
YeoSu Plant (Shipping Driver) |
Product Shipping Team
Chang Sub Kim
Sub Team Leader |
061-680-2561 |
YeoSu Plant (Visitors and Employee) |
Emergency Response Team
Young Jo Yoon
Staff |
061-680-2136 |
Local Business Site such as Oil Storage etc |
Local Business Manager |
1544-5151 |
Institute of Technology |
Research Support Team
Sang Jun Jeon
Staff |
042-866-1826 |
Addendum
Enforcement Date : Apr. 13, 2020