Privacy Policy

Go Element Co., Ltd. ("Company") protects users’ privacy and rights in accordance with the Personal Information Protection Act, and handles privacy and data-related issues smoothly under the following Privacy Policy.

If any changes are made to the Company's Privacy Policy, we will notify via website announcements (or individual notices).

○ 본 방침은부터 2021년 1월 1일부터 시행됩니다.

1. Purpose of Using Personal Data The Company uses the collected personal data for the following purposes.

Processed personal data will not be used for purposes other than those stated, and any changes to the purpose of use will be subject to prior consent.

A. Website membership subscription and management

The Company processes personal data for identify verification and certification to provide membership services,

authenticate identity under the identity authentication system, and prevent the misuse of services.

B. Handling complaints and inquiries

Personal data is processed for verifying the identity of complainants, confirming the nature of complaints, contacting individuals for fact-finding inquiries, and notifying them of processing outcomes.

C. Provision of goods and services

The Company collects and uses personal data to provide services.

D. Utilization of marketing and advertising activities

Personal data is processed for validating the effectiveness of services, assessing access frequency, or compiling statistics on members’ service use.

2. Status of Personal Data Files

1. Personal Data File Name: Personal data

Personal Data Items: E-mail address, mobile phone number, company phone number, position, department, company name, access logs, access IP information, legal representative's name

Method of Collection: Website

Reasons for Retention: Consent for the use of personal data

Retention Period: 3 years

Legal Basis: Records on the collected and processed credit information: 3 years, Records on consumer complaints or dispute settlement: 3 years, Records on contracts or withdrawal of subscription, etc.: 5 years

3. Use and Retention Period of Personal Data

①The Company uses and retains personal data according to the use and retention period according to statutes or the period whose consent has been approved by the data subject upon the collection of personal data.

② The use and retention period for each type of personal data is as follows:

1. <Handling complaints and inquiries>

Personal data related to “handling complaints and inquiries” will be retained and used for the above purposes for up to <3 years> from the date of consent for collection and use.

Reasons for Retention: Consent for the use of personal data

Legal Basis: 1) Records on consumer complaints or dispute settlement: 3 years

2) Records on contracts or withdrawal of subscription, etc.: 5 years

4. Matters Concerning the Provision of Personal Data to Third Parties

①The Company provides personal data to third parties only in the event described under Articles 17 and 18 of the Personal Information Protection Act if the consent has been obtained from the data subject or special provisions allow such provision under the laws and regulations.

②The Company provides personal data to third parties as follows:

1. Company

Recipient of Personal Data: Company

Recipient's Purpose of Use of Personal Data: E-mail address, mobile phone number, gender, date of birth, name, company phone number, position, department, company name, name of legal representative, legal guardian's mobile phone number

Retention and Use Period for Recipient: 3 years

5. Rights and Duties of Data Subjects and Legal Representatives, and How to Exercise Them

Users are entitled to exercise the following rights as a personal data subject:

① The data subject is entitled to request the Company to view, modify, delete, or suspend processing of personal data at any time.

② The rights under Paragraph (1) may be exercised by written request, e-mail, or facsimile transmission (fax) to the Company according to the Enforcement Decree of the Personal Information Protection Act, and the Company will promptly address such request.

③ The rights under Paragraph (1) may be exercised by a representative, including the legal representative of the data subject or a person delegated by the data subject. In such a case, the data subject shall submit a power of attorney according to Attached Form 11 of the Enforcement Decree of the Personal Information Protection Act.

④ The rights of the data subject may be restricted in relation to the request to view and suspend processing of personal data per Article 35(5) and Article 37(2) of the Personal Information Protection Act.

⑤ The request to modify and delete personal data will not be accepted if the data is explicitly required to be collected under other laws and regulations.

⑥ If a request for access, modification, deletion, or suspension of processing is made in accordance with the rights of the data subject, the Company verifies the identity of the requester or their duly authorized representative.

6. List of Personal Data Processed

① The Company uses the following personal data items.

1<Handling complaints and inquiries>

E-mail address, mobile phone number, company phone number, position, department, company name, name of legal representative, legal representative's mobile phone number

- Optional Items:

7. Destruction of Personal Data

In principle, the Company shall immediately destroy personal data whose purpose of use has been fulfilled.

The procedure, period, and method of destruction are as follows:

- Destruction Procedure

The data entered by the user is transferred to a separate database once the purpose is served (for papers, stored separately as documents) and stored for a certain period of time or destroyed immediately in accordance with the internal policy and other applicable laws and regulations.

The data transferred to the database is not used except unless required by law.

- Deadline for Destruction

The retention period for user's personal data is within 5 days after the expiration of the retention period, or within 5 days after the personal data becomes unnecessary as the processing purpose is served, the service becomes discontinued, or the business comes to an end.

- Destruction Method

Data in electronic form shall be destroyed through technical methods in which the record cannot be recovered.

8. Matters Regarding Installation, Operation, and Denial of Automatic Personal Data Collection Device

The Company does not use “cookies,” which constantly save and load the data subject’s session on the website.

9. Privacy Officer

① The Company designates the following Personal Data Protection Officer to take overall responsibility for the tasks of personal data use, handling complaints regarding personal data use from data subjects, and relief of damages:

▶ Privacy Officer

Name :

Title :

Position :

Contact :

② The data subject may request all inquiries, complaints, and claims of damage relief regarding personal data protection during the use of the Company’s services or businesses from the privacy officer or the department in charge.

The Company shall immediately answer and process the data subject’s request.

10. Article 10 (Personal data manager and person in charge) Modification to the Privacy Policy

①This Privacy Policy shall apply from its enforcement date. Additions, deletions, and corrections of modified matters shall be notified through announcements 7 days before enforcement of changed terms in accordance with statutes and guidelines.

11. Personal Data Security Measures

The Company enacts the following managerial, technical, and physical measures according to Article 29 of the Personal Information Protection Act.

1. Minimization and training of personal data handling staff

Measures are in place to designate and restrict personal data handling to designated staff, thereby minimizing and managing the handling of personal data.

2. Technical measures against cyberattacks such as hacking

The Company installs and periodically updates and inspects security software to prevent leakage and damage of personal data caused by hacking or computer viruses, and installs security systems in an area where access from the outside is controlled to technically or physically monitor and block access.

3. Encryption of personal data

Users' personal data and passwords are encrypted, stored, and managed to ensure that only the owner is granted access to them. Important data is protected through the encryption of files and transmitted data or the use of file-locking features among other security features.

4. Storage of access records and prevention of forgery and falsification

The Company stores and manages records of access to the personal data processing system for at least 6 months and applies security features to prevent forgery, falsification, theft, or loss of access records.

5. Unauthorized access

The Company manages a separate physical storage location for storing personal data, with established access control procedures in place.