slab Asia Co., Ltd. (hereinafter referred to as the "Company") complies with the personal information protection regulations under the relevant laws and regulations that information and communication service providers must comply with, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, the Protection of Communications Secrets Act, the Telecommunications Business Act, etc., and is doing its best to protect the rights and interests of users by establishing a personal information handling policy in accordance with the relevant laws and regulations.
slab Healthcare transportation service operated by the "Company" (hereinafter referred to as the "Service") All customers' personal information handled by is collected, retained, and processed in accordance with relevant laws and regulations or with the consent of the information subject. This Privacy Policy applies to the use of "services" (including mobile web/apps) provided by the "Company" and contains the following contents.
Article 1 [Purpose of Collection and Processing of Personal Information]
The company collects and processes personal information for the following purposes. The personal information being processed will not be used for any purpose other than the following, and if the purpose of use changes, separate consent will be sought in accordance with Article 18 of the Personal Information Protection Act.
- Membership registration and management
Personal information is processed for the purpose of confirming the customer's intention to join, verifying the identity of the customer according to the provision of paid services, personal identification, preventing illegal use and unauthorized use by bad customers, verifying the identity of the legal representative, keeping records for dispute settlement, handling complaints such as customer complaints, and delivering notices.
- Settlement of fees according to the implementation of information use contracts and service provision
Personal information is processed for the purpose of verifying the identity of financial transactions, paying bills, shipping goods or sending invoices, providing services and contents, collecting charges, and settling personal information.
- Handling of civil affairs
Personal information is processed for the purpose of identification, confirmation of complaints, contact for fact-finding, notification, notification of processing results, etc.
- Development of new services and use for marketing/advertising
Personal information is processed for the purpose of developing new services and providing customized services, providing services and posting advertisements according to demographic characteristics, validating services, identifying access frequencies, or statistics on customer service use.
- Performance report management
Personal information is processed for the purpose of reporting the customer's cargo transportation performance data to the FPIS system in accordance with the mandatory reporting items pursuant to Article 2 of the Implementation Guidelines for the Cargo Transportation Performance Reporting System.
- How to collect personal information
The company collects personal information in the following lawful and fair ways.
- In the process of registering as a member and using the service, the user agrees to the collection of personal information and directly enters the information
- When personal information is provided by affiliated services or organizations, etc.
- During the consultation process through the customer center, web pages, e-mails, faxes, telephones, etc.
- Participation in events/events held online and offline
- Refusal and Restriction of Consent to Personal Information
- Users who wish to register as members require consent to personal information and the provision of personal information to a third party, and without consent to personal information, registration and use of this service will be restricted.
- The member may withdraw his/her consent to the provision of personal information to a third party at any time, and in this case, the use of the service will be restricted by the service use policy in the provisional paragraph. Changes to the consent of personal information and the provision of personal information to third parties will be notified and separately notified.
Article 2 [ Processing of personal information, items of personal information, period of retention and use, collection method ]
- Processing of Personal Information
- We process personal information that has been agreed to collect by the information subject and personal information in accordance with laws and regulations. When signing up for the first customer, the following information is collected for personal identification and service provision.
entry Purpose of Collection Collected items Period of Retention and Use Sign up and manage your membership Confirmation of intention to become a member, identity identification and authentication. Maintaining membership. Prevention of fraudulent use of the Services. Various notices and notices *Required: Contact information (name, phone number, email, password) *Optional: Company information (department name, business name, business registration number, tax invoice e-mail, business registration certificate) Until withdrawal of membership (or retention period in accordance with applicable laws) Service Usage Information Transportation of goods, provision of services, calculation of freight costs *Required: sender's name and phone number, recipient's name and phone number, transportation application information (departure address, destination address, desired date and time of loading, vehicle type, cargo information, cargo quantity) *Optional: Cargo size, cargo handling precautions, transport package and data logger type and required number of Until withdrawal of membership (or retention period in accordance with applicable laws)
- The following information may be automatically generated and collected in the process of using the service or processing the business.
Purpose of Collection What to collect In case of bad use and infringement of personal information, record retention for dispute settlement. IP address, cookies, date and time of visit, service use record, access log, payment record, transportation performance information, bad use record (record of restricted use, etc.)
- We process personal information that has been agreed to collect by the information subject and personal information in accordance with laws and regulations. When signing up for the first customer, the following information is collected for personal identification and service provision.
- Period of Retention and Use of Personal Information
In principle, after the purpose of collecting and using personal information is achieved, the customer's personal information is destroyed without delay. However, the following information will be retained for the period specified for the reasons for retention.
- Reasons for retaining information according to the company's internal policy
- Archive: Email address
- Reason for storage: To check the re-enrollment period
- Retention period: 365 days after withdrawal
- Reasons for retaining information according to relevant laws If it is necessary to preserve it in accordance with the provisions of related laws and regulations, such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, etc., the company retains customer information for a certain period of time as stipulated by the relevant laws and regulations. In this case, the company uses the information it keeps only for the purpose of retention, and the retention period is as follows.
- Records on contract or withdrawal of subscription: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Records on payment and supply of goods, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Records on consumer complaints or dispute handling: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Website visit record: 3 months (Protection of Communications Secrets Act)
- Reasons for retaining information according to the company's internal policy
Article 3 [Provision of Personal Information to Third Parties]
In principle, the "Company" processes the personal information of the information subject within the scope specified in Article 2, and provides personal information to a third party only when it falls under Article 17 of the Personal Information Protection Act, such as the consent of the information subject and special provisions of the law.
- In the case of prior consent or separate consent from the information subject
- If there are special provisions in the law
- When the information subject or legal representative is unable to express his/her intention or cannot obtain prior consent due to unknown address, etc., and it is clearly deemed necessary for the immediate benefit of the information subject or a third party's life, body, or property.
- When personal information is provided in a form that does not identify a specific individual as necessary for the purpose of statistical preparation or academic research, etc.
- If personal information is used for purposes other than the purpose or is not provided to a third party, it is not possible to carry out the duties under the jurisdiction stipulated by other laws, and it has been deliberated and decided by the Protection Committee
- When it is necessary to provide foreign information or international organizations for the implementation of treaties and other international agreements.
- When it is necessary for the investigation of a crime and the filing and maintenance of a public prosecution
- When it is necessary for the performance of the court's judicial duties
- When it is necessary for the execution of sentences, custody, and protective dispositions.
Article 4 [Consignment of Personal Information Processing]
- The Company entrusts the following tasks in relation to the processing of personal information, and takes necessary measures to ensure that personal information is safely managed in the consignment contract in accordance with relevant laws and regulations. The Company considers the trustee's ability to take measures to protect personal information when signing a consignment contract, and periodically checks whether the trustee fulfills its obligations, such as safe management and destruction of personal information. In addition, the information entrusted is limited to the minimum information necessary to provide a smooth service.
- Consignment status of domestic processing of personal information
Consignee Outsourced work NICE Payments Payment processing (mobile phone, direct deposit, bank transfer) Channel Corporation Customer chat consultation (name, mobile phone) K-Drive Co., Ltd. Cargo delivery work, transportation means securing and management Amazon Web Services, Inc Management/operation of cloud infrastructure NAVER Cloud Co., Ltd. SMS and e-mail sending services
Article 5 [ Rights and Obligations of Information Subjects and Methods of Exercising Them ]
The information subject may exercise the following rights, and the legal representative may request access, correction, deletion, or suspension of processing of the customer's personal information after submitting a power of attorney.
- Request for access to personal information
Personal information files held by the "Company" may request access to their personal information in accordance with Article 35 (Access to Personal Information) of the Personal Information Protection Act. However, the request for access to personal information may be restricted as follows by Article 35(5) of the Act.
- When access is prohibited or restricted by law
- When there is a risk of harming the life or body of another person or unfairly infringing on another person's property and other interests
- In the event that a public institution causes a significant hindrance in carrying out the work that falls under any of the following items:
- Duties related to the imposition, collection or refund of taxes
- Examination and qualification examination related to educational background, skills and recruitment
- Ongoing evaluation or judgment on compensation calculation, etc.
- Audit and investigation in progress under other laws
- Request for correction and deletion of personal information
Personal information files held by the "Company" may be requested to be corrected or deleted in accordance with Article 36 of the Personal Information Protection Act (Correction and Deletion of Personal Information). However, if the personal information is specified as the subject of collection and preservation, such as Article 2, paragraph 2 of other laws and regulations and the personal information processing policy of the "Company", the deletion cannot be requested.
Article 6 [Destruction of Personal Information]
In principle, when personal information becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the purpose of processing, the "Company" destroys the personal information for which the purpose of processing has been achieved without delay. The procedure, deadline and method of destruction are as follows.
- If it is in the form of an electronic file, it should be safely deleted so that it cannot be recovered or reproduced, and in the case of other records, printed materials, writing, etc., it should be destroyed by shredding or incinerating.
- In order to prevent illegal use and minimize damage caused by the use of names, the company may retain the minimum information necessary for personal identification after requesting membership withdrawal in accordance with the service policy. However, the records of illegal use may be kept for one year to ensure the safety of the user, prevent illegal use of the service, and prevent disputes.
- In accordance with laws and regulations and the 'Personal Information Expiration Date System', the company separately stores, manages, or destroys the personal information of long-term unused members who have not used the service for one year.
- Personal information stored separately will be stored for 4 years and destroyed without delay.
※ "Illegal use record" means a record that has been restricted by the company due to illegal registration, violation of the terms of use, and transaction records that infringe on the rights or interests of others.
Article 7 [Measures Concerning Destruction of Personal Information of Non-Users]
- The "Company" converts users who have not used the service for one year into a dormant account and stores personal information separately. Personal information stored separately will be stored for one year and then destroyed without delay.
- The "Company" notifies the user of the fact that it will be stored separately, the scheduled date of dormancy, and the personal information items to be stored separately by e-mail or text message to the member who is scheduled to be dormant 30 days before the transition to dormancy.
- The separately stored information will be destroyed without delay after being stored for 4 years, and if you do not want to destroy it, you can log in to the service before the expiration of the period.
Article 8 [ Measures to Secure the Stability of Personal Information ]
The "Company" has the following technical/administrative measures for the protection of personal information.
- Administrative measures - establishment and implementation of internal management plans, regular employee training, etc.
- Technical measures - Management of access rights such as personal information processing system, installation of access control system, encryption of unique identification information, etc., installation of security programs
- Physical measures - Access control in computer rooms, data storage rooms, etc.
Article 9 [Individual's Responsibility for Management of Personal Information]
Fundamentally, you are responsible for managing your personal information.
- The Online service has the right to access personal information only to the person who knows the ID and password, and the person is also responsible for maintaining and managing the password. You must configure your password with information that only you can know, and you must refrain from using a password that can be easily stolen by others, such as a part of your social security number or a phone number.
- In addition, if you access the company's service from a commonly used PC and move to another site while logged in, or if you terminate the use of the service, please be sure to close the browser. Otherwise, there is a risk that the user's personal information, including ID, password, and resident registration number, will be easily leaked to others through the browser.
- The company is not responsible for any problems caused by the leakage of personal information such as ID, password, and resident registration number due to the user's own negligence or problems on the Internet.
Article 10 [ Contact Information of the Chief Privacy Officer ]
In order to handle complaints and remedy damages of information subjects related to the processing of personal information pursuant to Article 31(1) of the Personal Information Protection Act, we have designated a person in charge of personal information protection as follows.
Person in charge of personal information protection: Slab Asia Co., Ltd.
- Contact : +82-070-4755-9958
- Meil: security@slabglobal.com
If you need to report or consult about other personal information infringements, please contact the following organizations.
Article 11 [ Remedies for Infringement of Rights ]
- In order to receive relief due to personal information infringement, the information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Personal Information Infringement Report Center of the Korea Internet & Security Agency. For other personal information infringement reports and consultations, please contact the following organizations.
- Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code)
- Personal Information Dispute Mediation Committee: (www.kopico.go.kr / 1833-6972 without area code)
- Cyber Crime Investigation Unit, Supreme Prosecutors' Office (www.spo.go.kr /1301)
- National Police Agency Cyber Security Bureau (www.ctrc.go.kr / 182 without area code)
- A person whose rights or interests have been infringed due to the disposition or omission of the head of a public institution in response to a request pursuant to the provisions of Article 35 (Access to Personal Information), Article 36 (Correction and Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act may request an administrative appeal as prescribed by the Administrative Appeals Act.
- Central Administrative Appeals Commission: 110 (www.simpan.go.kr)
Article 12 [Miscellaneous]
Please note that this Privacy Policy does not apply to the collection of personal information by websites linked to the Web/App of the "Service".
Article 13 [ Duty of Notification ]
The current privacy policy was first enacted on December 19, 2022, and additions, deletions, and modifications may occur depending on government laws, policies, changes in security technology, or other reasons, and in this case, we will notify the reason and contents of the change through the website at least 7 days before the revision of the personal information processing policy.
Effective Date: September 1, 2023
[ Installation, operation and rejection of automatic personal information collection devices]
- The company operates 'Cookies' for the convenience of website users. A cookie is a small text file that a website sends to a customer's web browser and is stored on the customer's PC. Cookies are used as data to provide service reorganization and differentiated information by analyzing the customer's access frequency and visit time, and cookies are used to determine whether the customer has requested to 'not see' the provision of pop-up information.
- The customer has the option to install cookies, and can also allow all cookies through the web browser option settings, check each time a cookie is saved, or refuse to save all cookies. However, if the customer refuses to install cookies, there may be restrictions on the provision of services.
- How to specify whether to accept cookies (when using Internet Explorer)
- Select [Internet Options] from [Tools Menu]
- Click [Personal Information Tab]
- Set [Personal Information Protection Level]
- How to view the cookies you received (if you are using Internet Explorer)
- Select [Internet Options] from [Tools Menu]
- Click [Settings] in the [General tab (Basic tab)]
- Select [View Files]
- How to specify whether to accept cookies (when using Internet Explorer)
- In order to provide better services to information subjects, the "Company" analyzes the use of the customer's homepage using Google Analytics, a service provided by Google, Inc. (hereinafter referred to as "Google"). Google Analytics collects behavioral information of users of our website, and if you do not want Google to process your information, you can refuse to process your information by downloading and installing additional features for your web browser in tools.google.com/dlpage/gaoptout. For more information about Google's processing of information, please see the https://policies.google.com/privacy.
- The "Company" intends to provide advertising services to the data subject through Google AdMob in the customer's app. In order to provide these services, Google AdMob collects non-identifying information, such as cookies or mobile advertising IDs. You can refuse to provide Google AdMob information by refusing to collect advertising IDs in the OS-specific preferences in the mobile app.
(Android OS: Settings → Deselect 'Personalize Ads' in Google → Ads, Apple iOS: Settings → Privacy → Set 'Limit Ad Tracking' in Ads)
In addition, the de-identified behavioral information collected in this way may be used by Google AdMob for online advertising purposes.