PRIVACY
POLICY

Date of implementation
: January 16, 2017

Naver Labs Corporation Privacy Policy

Naver Labs would like to welcome all of our visitors

Naver Labs Corporation (hereinafter referred to as the “Company”) is committed to protecting the rights and interests of our users by strictly adhering to the regulations in place for the protection of personal information. As an information and communication service providers, the Company is required to comply with the provisions of all laws including and related to the Personal Information Protection Act, the Information Communication Network Use Promotion and Information Protection Act, the Protection of Communications Secrets Act, and the Telecommunications Business Act by establishing policies for processing personal information based on the requirements in the related laws. The following sections include the Company’s policies for processing personal information.

1. Personal information collection

First, the Company collects the following personal information for employment applications, inquiries and responses related to employment, and protection and verification of applicants for employment.

- Required information includes: Name, password verification, email address, telephone number, date of birth, gender, nationality, academic background (school name, year/month of entering and graduation from school, major, area of study, grade, and graduation status), work experience (company name, duties position, department name, and term), military duties, Korea veterans (if applicable), disabilities (if applicable).
- Optional information includes: Work experience (if not applicable or for recent graduates), qualifications/language studies (types of certificates, levels, scores, and date of certificate)

Second, the Company collects the following personal information for business partnership proposals and applications.

- Required information: Company name, name of applicant, telephone number, email address
- Optional information: Website, fax number

Third, the Company collects the following personal information when submitting information to the ethics consultation center.

- Required information: Name, contact information, email address, password for verification of consultation results (personal information is not collected for anonymous submissions)

Fourth, the Company collects the following personal information to prepare and process partners’ lines.

- Required information: name of proposer, partner (company) name, contact information, email address

In addition, the following information may be automatically generated and/or collected when using this service or while processing the business.

- Users' browser types, OS, record of sites visited (IP address, access time), cookies

The Company collects personal information by having users enter the information into a form on the homepage (http://www.naverlabs.com). Additional required information may be collected via hard copies of documents or through email.

2. Purpose of collecting personal information

A. Employment application processing, application modification, confirmation of employment, and seamless communications with applicants
B. Business partnership proposal applications and processing results
C. Submission of information for consultation with the ethics consultation center and processing results
D. Submission and processing of partner lines

3. Personal information disclosure to thrid parties

The Company uses personal information within the scope specified in the “2. Purpose of collecting personal information” and does not use or disclose personal information outside of the aforementioned scope without advanced agreements of permissions with the exception of the following.

- If information holders agree in advance
- If release of personal information is required by law or other government or law enforcement authority or regulatory agency procedures and methods.

On occasion, employment applicants may be referred to companies (subsidiaries or affiliates, etc.) that maintain close relationships with the Company. In this case, the applicants will be individually contacted in advance to request their approval prior to transferring the application to the relevant company.

4. Entrustment for the processing of personal information

The Company is entrusted to seamlessly process personal information as follows and to specify requirements in order to safely manage and protect personal information as stated in the entrustment contract in accordance with relevant laws.

Organizations entrusted to process personal information and work contents of the Company are as follows.

개인정보 위탁처리 기관 및 위탁업무 내용
Entrusted company Entrusted work contents Retention of personal information and period of usage
Naver Business Platform Corporation Website development and maintenance system operation and management Until work completion
In-Comms Corporation Research investigation and inquiries process

5. Personal information processing and retention period

Personal information is processed within the retention period that has been agreed upon when the personal information was collected. Personal information is immediately destroyed after work completion on principle.

If, however, personal information from the employment application is saved in the Company records, the personal information shall be used and stored during the employment period by human resources. If applications prefer to delete their personal information, the relevant information shall be removed immediately.

6. Personal information deletion procedures and methods

Personal information is immediately destroyed when the purpose for which it was collected has been achieved. Procedures and methods for the destruction of personal information in the Company are as follows.

A. Disposal procedures

- Information submitted by the information holder is transferred to separate DB after the purpose for which the information was submitted is achieved (separate filing cabinets are allocated for hard copies). The information is then destroyed after it is retained for a specified period of time in accordance with regulations (refer to “5. Processing and retaining period of personal information”).
- Subject personal information is not used for any purposes other than the retention unless otherwise required by law.

B. Disposal method

- Hard copies with personal information are shredded or incinerated.
- Electronic forms of personal information are deleted through secure methods to ensure that the records cannot be restored.

7. Information holder’s rights, obligations, and exercise of these rights

You may inquire or modify your registered personal information at any time and may also submit requests to delete or stop processing the information. If a request to delete or stop processing the information is submitted, immediate actions shall be taken when the request is made via written form, telephone, or email to the person in charge of protecting personal information.

8. Measures for securing safety of personal information

The Company shall take protective measures to secure the safety of personal information so that the information is not lost, stolen, exposed, falsified, or damaged when processing them.

A. Password encryption

The password setup when using the homepage is encrypted, saved and managed so that only the user knows the password. Confirmation or modification of the password may only be done by the user who knows the password.

B. Measures to prepare and prevent hacking and related events

The Company puts forth the greatest efforts to prevent personal information from being exposed or damaged by hacking or computer viruses. In preparation of possible damages related to personal information, the Company frequently backs-up its database, while state-of-the-art antivirus software programs are used to prevent the personal information or user’s data from being exposed or damaged. In addition, the Company safely transmits personal information on the network through encrypted communications.
In addition, countermeasures are taken to control and prevent the system from being used through illegal access from the outside. The company takes every effort to be equipped with technological devices to maintain the security of the system.

C. Minimal number of employees processing personal information and training of these employee

Employees at the company who process personal information are limited to certain employees in charge. In order to achieve this, separate passwords are granted and renewed on a regular basis while providing frequent training sessions for people in charge to ensure the protection of personal information.

D. Operation of exclusive department for protecting personal information

With the in-house exclusive department appointed to protect personal information, immediate actions are taken to correct issues, if any, by confirming whether policies for the protection of personal information are followed. The Company, however, is not responsible for damages that are not attributed to the Company such as carelessness of users or accidents in areas that are not managed by the Company despite the fact that the Company makes every effort to protect personal information.

9. Persons responsible for protecting personal information and contact information

You are eligible to file civil complaints with the responsible person related to personal information protection that occur while using the homepage. The Company will provide a swift and sufficient response to claimed issues.

개인정보보호 책임자
Individual responsible for the protection of personal employment information Individual responsible for business proposals, company ethics consultation center, partners line, and protection of personal information
Name: Jinrye Choi
Affiliation: people & operations
Position: Leader
Email: jinrye.choi@naverlabs.com
Name: Changhyun Song
Affiliation: Naver Labs
Position: CEO
Email: chang-song@naverlabs.com

Please submit inquiries to the following organizations if you need to report other issues related to the protection or loss of personal information and consult with the associates.

KISA (http://privacy.kisa.or.kr / 118 without area code)
Supreme Prosecutor’s Office Cyber Investigation Office (http://www.spo.go.kr / 1301 without area code)
The National Police Agency Cyber Bureau (http://cyberbureau.police.go.kr / 182 without area code)

10. Others

“Personal information collection policies of Naver Labs Corporation” is not applied to personal information collected by websites linked to this homepage.

11. Modification of policies for collecting personal information

Addition, deletion, or modification of contents in the current policies for collecting personal information will be posted on the ‘notifications’ of the homepage at least 7 days before implementation. Significant changes in the rights of users such as the collection and utilization of personal information or provision of personal information to a third party, however, will be announced at least 30 days before implementation.

- Date of implementation: January 16, 2017