Go to main contents

Doosan

Language

Go

Privacy and information Processing Policy, etc.

Corporation (“Doosan”) complies with the relevant laws and regulations dealing with personal information protection including the Personal Information Protection Act and the Act on Information Communications Network Use Promotion and Information Protection. Doosan strives to protect the rights and interests of persons providing personal information, such as customers, employees, and Website users through its Privacy and Information Processing Policy and the Privacy and Information Handling Policy. Doosan notifies you of how and for what purposes we may use your information and what measures have been taken to protect your personal information through its policies regarding personal data privacy and information processing.. In the event any of the provisions of the relevant policies are amended, we will publicly notify you of such amendments through this Website or individually.

The Company’s policy related to personal information consists of the following: 1) the Privacy and Information Processing Policy regarding the personal information protection of all persons providing their own personal information, 2) the Privacy and Information Handling Policy regarding the personal information protection of this Website's users, and 3) the Image Information Processing Equipment Operation & Management Policy regarding personal image information protection. However, privacy and Information handling policies related to other Doosan affiliates’’ websites are respectively set forth on those websites.

1. Privacy and Information Processing Policy

01. General Rules

Personal information is information regarding a living person. That is, personal information refers to information that through which a person can be identified such as name, resident registration number, and image. This includes information which may not identify a person on its own, but when combined with other information, may identify a person.
Personal information provider is a person who can be identified by the processed information.
Doosan will disclose the Privacy and Information Processing Policy on the first page of its Website(www.doosan.com) so that you can always easily check the policy. When the Policy is amended, we will publically notify you of the amendment through a notice on our Website or individually.

02. Processed Personal Information and Processing Purpose

Unless permitted by relevant laws and regulations or with the personal information provider’s prior consent, Doosan will not process any sensitive information and personal identification information issued for the purpose of identifying an individual that may seriously infringe the privacy of :

A. Processed Information

[Concerning the customer]
Name, postal address, email, company name, service usage data, access information, cookies, and IP address.

[Concerning employment]
Name, resident registration number, photo, password, postal address, telephone number, cellphone number, email, education, military service, foreign language competence, computer competence, license/certificate, family, and work experience.

B. Purpose of Processing

[Concerning the customer]
- Member management and customer service including handling of complaints.
- Online market research or opinion poll.
- Marketing or advertising.
- Service offerings and settlement of fees.

[Concerning employment]
- Recruitment screening and contact with applicants, wage/salary payment, fringe benefits, HR management including various job performance supports, and evaluations.

03. Processing and the Retention Period of Personal Information

Once the purpose of collection and the use of personal information are met and completed, as a fundamental rule, the relevant information will be immediately destroyed. However, we will retain the following information during the period specified below and for the reasons specified below, and we will obtain consent from the person who provided his or her own personal information, as necessary.

  • - Retained information: Name, postal address, email, and company name.
  • - Retention period: One year.
  • - Reason of retention: User inquiries/requests control, user identification, etc.
  • - Retained information: Service usage data, access information, cookies, and IP address.
  • - Retention period: Three years.
  • - Reason of retention: Improve service quality through data analysis of the user’s service usage.
  • - Retained information: Name, resident registration number, photo, password, postal address, telephone number, cellphone number, email, education, military service, foreign language competence, computer competence, license/certificate, family, and work experience.
  • - Retention period: Until the expiration of employment relationship.
    ※ However, the personal information of an applicant for employment, who was not employed, will be retained for 5 years for future employment management purposes with the person’s consent.
  • - Reason for retention: wage/salary payment, fringe benefit, HR management including various job performance supports, and evaluations.

04. How Personal Information is Destroyed

Any personal information saved in an electronic file format will be deleted using a technology that prevents the recovery of the deleted records.
The personal information retained on paper will be shredded or burned.

05. Disclosure of Personal Information to a Third Party

Doosan will collect personal information within the scope of the purpose of the collection, and will not use your personal information beyond the scope of collection purpose or offer or disclose it to a third party. However, the following are the exception to the above rule:

  • - Consent was received from the person who provided his or her own personal information.
  • - According to specific provisions in other relevant laws.
  • - The person providing their own personal information or his/her legal representative is in a state in which an opinion/intention cannot be expressed, or prior consent cannot be gained due to an invalid address, but disclosure to a third party is urgently needed for the sake of the data provider or a third party’s life, body, and property.
  • - Necessary for statistical purposes and academic studies, where personal information is provided in a way as not to identify a specific individual.

Doosan currently offers personal information as follows:

  • - Institutions receiving personal information: Credu, TOEIC Korea, and the Korea Chamber of Commerce and Industry.
  • - Offered personal information: Name and birthdate.
  • - Usage purpose: Verify qualification.
  • - Retention and use period: Destroyed immediately.

06. Commissioning of Personal Information Processing

Doosan will not commission personal information processing to an outside agency without your consent. We commission personal information processing as follows, and regulate necessary matters/issues so that personal information can be safely managed upon commission of service as contracted under the relevant laws and regulations:

  • - Commissioned agency: KDB Bank, Woori Bank, Hana Bank, NH Bank, Korea Exchange Bank, Shinhan Bank, Kookmin Bank, IBK, Kyongnam Bank, Kyobo Life Insurance, Tongyang Life Insurance, Hanwha Life Insurance, Mirae Asset Life Insurance, Samsung Life Insurance, Dongbu Insurance, KDB Life Insurance
  • - Details of commissioned service: DB-type retirement pension operator (Combined operation of Outside Accumulation of Severance Pay and DC-type retirement pension)
  • - Commissioned agency: Tongyang Securities, Shinyoung Securities, Korea Investment & Securities, Woori Investment & Securities, KDB Daewoo Securities, Hyundai Securities, Hana Daetoo Securities, Mirae Asset Securities, Shinhan Investment Corp., Shinhan Life
  • - Details of commissioned service: DC-type retirement pension operator (Investment and management of severance pay)
  • - Commissioned agency: Mercer Korea Co., Ltd.
  • - Details of commissioned service: Actuarial Assessment of Pension Debts(Calculation and Public Announcement of Pension Debts)
  • - Commissioned agency: N-shaper
  • - Details of commissioned service: Wage/salary management, fringe benefits, etc.
  • - Commissioned agency: Lexken
  • - Details of commissioned service: HR evaluation system operation.
  • - Commissioned agency: DSIA (Doosan Information & Communications America)
  • - Details of commissioned service: Backup of HR management system

07. Rights and Obligations of the Person Providing Their Own Personal Information and Method to Exercise the Rights

All the persons providing their personal information may request for the inspection, revision, deletion, and cessation of the processing of their personal information. However, Doosan may reject or restrict such a request in the following cases:

  • - When specifically required under the law or to comply with obligations under laws and regulations.
  • - When there is a concern for harm to another person’s life or body, or when there is a concern of unlawfully infringing upon another person’s property and profits.
  • - In a case where the service contracted with the personal information provider cannot be offered without processing his or her personal information, or when it is difficult to perform the service contracted with the personal information provider, but her or she does not clearly express his/her intention to terminate the contract.

[Method and Procedure to Exercise Rights]
A person wanting to exercise the above rights regarding their personal information may complete the Read/Inspect, Revise, Delete, and Suspend the Processing Form and sent it by email or fax to the department in charge of personal information (See “09. Customer Request Service on Personal Information” concerning the department).
Unless there is a legitimate reason, Doosan will take a proper action within 10 days of receiving such a request. When there is a reason to reject or restrict the request, we will inform you of the reason and a method to appeal the decision within 5 days upon receiving the request. When the concerned person or legal representative makes a request as above, we can confirm the identity of the person or legal representatives by checking their identification cards such as a resident registration card or a recognized electronic signature.

08. Technical, Administrative, and Physical Protection Measures for Personal Information

Doosan takes the following safeguards in handling personal information so that it will not be lost, stolen, leaked, modified, or damaged:

[Technical actions]
Doosan complies with the criteria set forth by laws and regulations for the safe storage and transmission of personal information.
We protect against computer virus by using a vaccine program. The vaccine program is periodically updated, but if there is a sudden emergence of a new virus, we will implement the appropriate vaccine as soon as it becomes available so that personal information infringement can be prevented.
To deal with outside infiltration, including hacking, we use an infiltration interruption system and a weakness analysis system.

[Administrative actions]
Doosan restricts the rights to access personal information to the following cases: a person carrying out sales and marketing activity involving the personal information provider, a person engaging in personal information management, and a person whose task requires the use of personal information.
We conduct regular in-house training and external commissioned training for those employees that handle personal information, and we thoroughly manage and supervise them to comply with the laws and regulations regarding personal information protection.

[Physical actions]
To protect personal information, we limit physical access to the information through the use of locks and similar devices.
We control access to the computer room and archives by designating and operating them as specially protected areas.

09. Customer Request Service for Personal Information

Doosan has appointed the following department and personal information protection administrator to protect personal information and to process complaints related to personal information:

  • A. Department in Charge of Personal Information
  • - Department: Management Support Team of Management Division, Doosan Corporation
  • - Tel: 02-3398-3955
  • - Fax: 02-3398-1135
  • - Email : webmaster@doosan.com
  • - Business hours: (Mon.-Fri.) 09:30 – 18:00, and closed on Saturdays and Sundays
  • B. Personal information Protection Administrator
  • - Name: Jo Yong-man
  • - Tel: 02-3398-1125
  • - Email : webmaster@doosan.com

Should you need to report a personal information infringement or receive consultation regarding infringement, please contact the following agencies:

10. Obligation of Public Notification

When the current Privacy and information Processing Policy is amended or deleted, we will provide notice on our Website 10 days before such amendment or deletion takes place.

Date of Public Notification: September 30, 2011
Date of Enforcement: September 30, 2011