Lee&Lee Law office (hereinafter referred to as “the Company”) collects, holds, and processes all personal information based on relevant laws and regulations such as the Personal Information Protection Act or with the consent of the information subject.
Article 1 Purpose for Processing of Personal Information
The personal information collected and processed by the Company will not be used for purposes other than the specified purpose and if the purpose is changed, the necessary measures will be implemented, such as obtaining separate consent in accordance with the Personal Information Protection Act.
Article 2 Processing and Retention Period of Personal Information
When the purpose of the collected personal information is achieved, such information will be destroyed without delay and the personal information will be processed and retained to the extent of the possession and use period of the personal information agreed upon collection of such personal information under the Company’s internal policy or from the information entity as well as within the permitted scope under the applicable laws and regulations.
Article 3 Third-Party Provision of Personal Information
The Company uses the personal information within the scope of notice and does not use such information beyond the scope without the prior consent of the information subject or disclose the personal information of the information subject to the outside, except as required by other laws and regulations.
Article 4 Consignment of Personal Information Processing
In principle, the Company does not consign processing of personal information to any third party without the consent from the information subject.
Article 5 Rights, Duties and Exercising Methods of Information Subjects
The information subject may exercise any of the following rights relating to privacy to the Company at any time:
1. Request for personal information peruse;
2. Request for correction if there exists any error;
3. Request for deletion; or
4. Request for suspension of processing.
In the event that the information subject has requested correction or deletion of the personal information, the Company will not use or provide such personal information until the correction or deletion is completed.
Article 6 Personal Information Processing Items
The personal information processed by the Company only deals with the items provided by the information subject (name, regular phone number, e-mail, etc.).
Article 7 Destruction of Personal Information
In case that the personal information becomes unnecessary such as the lapse of the personal information retention period or achievement of the processing purpose, the Company will immediately destroy such personal information. If the personal information should be kept in accordance with other laws and regulations despite the expiration of the retention period of personal information agreed by the information subject or the purpose of processing has been accomplished, such personal information will be transferred to a separate database or kept in a different storage place.
Procedure and method of personal information destruction are as follows:
Procedure for destruction
The Company selects the personal information that caused the reason for destruction and then destroys the personal information upon the approval of the Company’s Chief Privacy Officer.
Method of destruction
The Company destroys the information which was recorded and stored in the form of an electronic file so that such record can not be restored. And the personal information recorded and stored in the paper document is destroyed by a crusher or incinerated.
Article 8 Measures to Ensure the Safety of Personal Information
The Company takes technical, administrative, and physical measures necessary to ensure the safety of collected personal information as follows:
Administrative measures: Establishment and implementation of internal management plans, regular staff training, etc.
Technical measures: Management of access authorities such as the personal information processing system, operation of the access control system, encryption of unique identification information, operation of a security program, etc.
Physical measures: Access control of computer room, data storage room, etc.
Article 9 Chief Privacy Officer for Personal Information Protection
The Company has designated a Chief Privacy Officer as follows in order to protect the personal information and to deal with complaints and provide relief related to the personal information:
Classification Name Contact
CSO Chrystal Ji-Hye Lee +82 2 -6952-0116
Article 10 Remedies for Infringement of Rights and Interests
The information subject can inquire about dispute settlement or consultation on personal information infringement to the Personal Information Dispute Mediation Committee, Personal Information Infringement Reporting Center of the Korea Internet & Security Agency and so on in order to receive damage relief and consultation in relation to personal information infringement(Korea National number + 82).
– Personal Information Dispute Mediation Committee: (Without a telephone exchange number) 1833-6972 (www.kopico.go.kr)
– Personal Information Infringement Reporting Center: (Without a telephone exchange number) 118 (privacy.kisa.or.kr)
– Investigation Department for Cyber Crimes in the Supreme Prosecutors’ Office: 02-3480-3573 (www.spo.go.kr)
– National Police Agency Cyber Bureau: 02-3150-2659 (cyberbureau.police.go.kr)
Article 11 History of Changes in Personal Information Processing Policy