2015.01.01

Announcement of business name change

privacy Policy

Privacy Policy

IDP Co., Ltd. (hereinafter referred to as the “Company”) regards the protection of personal data of customers who use card printing solution and all related services (hereinafter referred to as “Services”) as very important, and the Company complies with applicable laws and regulations such as GDPR, law on protection of personal data.

Article 1 (Items of Personal Data and Method of Collection)

Article 2 (Purpose of Collection and Use of Personal Data)

Article 3 (The Disposal of Special Categories of Personal Data)

The Company shall not collect any sensitive personal data (such as race or ethnic origin, ideology, creed, birthplace, domicile, political propensity and criminal record, health status and sex life) that may be of concern to the customers’ basic human rights violations, but inevitable when the Company must collect the data, the Company must get the customers’ prior consent.

Article 4 (Term of Retaining and Use of Personal Data)

Article 5 (Customer’s Rights and Methods to Execute Customer’s Rights)

Customer has the right, at any time, to access or rectify his/her personal data, and customer may request to erase the data. the Company shall take measures if customer contacts the data protection officer by writing, telephone or e-mail after the identity verification process. If customer requests rectification of an error in personal data, the Company will not use or provide the personal data until the rectification is completed. In addition, if wrongful personal data has already been provided to a third party, the result of rectification will be notified to the third party so that the rectification can be made. The Company treats personal data that has been erased at customer's request as described in “Term of Retaining and Use of Personal Data” and prohibits the data from being accessed or used for other purposes.

If customer exercises ‘right to object’ on data collected for marketing purposes by the Company, the Company immediately ceases processing the personal data. Notwithstanding, the Company may process personal data if the Company can demonstrate that its compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the data subject, or if the processing is for the determination, exercise or defense of legal claims.

Article 6 (Outsourcing of Processing of Personal Data)

Article 7 (Processing of Children’s Personal Data)

The Company does not process personal data of children under 14 (In Europe, children under16). The Company may verify the age at the time of collecting personal data.

Article 8 (Data Protection Officer)

The Company has designated customer center and a data protection officer to protect the personal data and cope with relevant complaint.

1. Republic of Korea
KISA Privacy Center privacy.kisa.or.kr / 118
Supreme Prosecutors’ Office of the Republic of Korea www.spo.go.kr / 1301
Cyber Terror Response Center cyberbureau.police.go.kr / 182
2. Other Countries
Country URL Country URL
EU www.edps.europa.eu/EDPSweb Greece www.dpa.gr
Austria www.dsb.gv.at Hungary www.naih.hu
Belgium www.privacycommission.be Italy www.garanteprivacy.it
Bulgaria www.cpdp.bg Latvia www.dvi.gov.lv
Croatia www.azop.hr Lithuania www.ada.lt
Cyprus www.dataprotection.gov.cy Luxembourg www.cnpd.lu
Czech Rep. www.uoou.cz Malta www.dataprotection.gov.mt
Denmark www.datatilsynet.dk Netherlands www.autoriteipersoonsgegeve ns.nl/nl
Estonia www.aki.ee Poland www.giodo.gov.pl
Finland www.tietosuoja.fi Portugal www.cnpd.pt
France www.cnil.fr Romania www.dataprotection.ro
Germany www.bfdi.bund.de Slovakia www.dataprotection.gov.sk
Ireland www.dataprotection.ie

Article 9 (Modification and Notification of Privacy Policy)

Additions, deletions, modifications to this privacy policy will be notified through the homepage of the websites, etc.

Addendum

This privacy policy takes effect on May 1, 2020.