(Effective Date on December 01, 2019) Personal Information Processing Policy

Privacy Policy 

Oversea Customer Technical Support Site(hereinafter referred to as “Suprema Global Technical Support Website” or “the Website”) of SUPREMA Inc. (hereinafter referred to as “the Company”) has the following policy to protect users’ interest, right to privacy, and personal information in accordance with the PERSONAL INFORMATION PROTECTION ACT, and to smoothly deal with relevant complaints from users.


Article 1. Particulars of personal information to be collected and collection methods

1. Particulars of collection-

- In order to manage product-related inquiries, product technical support, the Company collects the following personal information.


- The definitions of terms by collection items are as follows.


TICKET: This means a post created by a customer or Suprema technical support team on a technical support site for overseas customers. Only the requester who created the ticket can access the ticket, and Suprema's technical support team with the agent's authority on the site can review the ticket for technical support.


TICKET CREATION: This means the first post will be registered. 

The ticket is created with the following path:

- It can be created after the customer logs in.

- Customers can request ticket creation via Chat-bot.

- Customers can automatically generate tickets by sending an email to tech_uk@supremainc.com.


CHAT-BOT : This is a chat-based automatic response service provided by the site.


Classification

Related service

Required information

Essential Information

When you join the membership

Name, Email, Company Name Country, Region, The name of the company that purchased, Company Type (Suprema Authorized Distributor, SI, End-User, Dealer, Reseller)

Optional Information

When you join the membership

Contact Number Information, Position, , Department

Essential Information

Requester Information management by creating a ticket

Name, Email

Optional Information

Requester Information management by creating a ticket

Region, Company Name, Country, The name of the company that purchased, Company Type(Suprema Authorized Distributor, SI, End-User, Dealer, Reseller)

Essential Information

Sending Email Verification for eliciting customer account registration

Name, Email


Essential Information

Sending Email response through FreshDesk by Suprema TS team

Name, Email



- Collection of information through web pages, e-mails, messengers, remote support, etc. in response to technical issues through tickets.


You have the right to deny collection of information. Provided, that if the user denies consent, Suprema Technical Support and Forum>Following posts, Seeing Posts in Forum may be limited.


2. collection methods

- Direct registration and creation by customers through the Website access

- Customer Request for creating ticket while using Chat-bot

- Ticket Response in accordance with customer information such as an email address by provided customers

- Once a customer sends an email to tech_uk@supremainc.com directly, the email creates a ticket content and the Website automatically sends a verification email to elicit the Website access and usage. The customer’s name and email are stored to the Website to send the verification email to the customer.



Article 2. Purpose of the processing (collection and use) of personal information

The Company collects and uses personal information for the following purposes. The personal information collected shall not be used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures under the law shall be taken by seeking prior consent, etc. Use the information for Technical Support : Handling Inquiry, Analysis and Following up of Technical Support Issue, Sending the response for registered ticket, Sending an email to allow to send announcement/known issue, etc from the Website-Forum.

Use for technical support trends: Use statistical analysis data for each customer, market research, product planning, quality issue analysis data


Article 3. Personal information processing entrustment and Consent to overseas transfer of personal information

The Company may transfer some or all of your personal information to overseas affiliates or trustees as follows for smooth service performance and processing of personal information.


1. Personal information processing entrustment


The Company entrusts personal information processing services as follows, and the Company also manages and oversees the subcontracted companies to ensure that they do not violate the related statutes. If the Company provides personal information to the entrusted company, the Company will manage and supervise the entrusted company not to violate the personal information protection laws and regulations.

If the contents of the consignment service or the fiduciary is changed, we will promptly disclose it through this personal information processing policy.

The companies entrusted with the personal information processing by the Company are as follows:


Supplied to

Country and Contact Information

Entrusted information

Time and method of entrustment

Delivery purpose and

Retention period

Freshworks, Inc.


(1250 Bayhill Drive, Suite 315, San Bruno, CA 94066 (1-650-513-0514))

USA,

+1 (866) 832-3090

support@freshdesk.com



Name, e-mail address, customer information, record on the user’s tickets, relevant data (Includes information originally collected and information that has changed through modification of the information)

Transfer via network upon request

Until the membership is cancelled, or the entrustment contract is terminated,

Until the request to modify privacy information and delete privacy information

C/S, Operation, Maintenance,

Sending an email response,

Sending announcement or etc. in Forum Posts



2. The right to deny consent and disadvantages caused by denial of consent

You have the right to deny collection of information. Provided, that if the user denies consent, Suprema Technical Support and Forum>Following posts, Seeing posts in Forum may be limited.




Article 4. Period for processing, using, and retaining personal information

Unless it is necessary to retain personal information under related laws, in principle the Company shall immediately destroy relevant information after fulfilling the purpose of the collection and use of personal information.

However, in the following cases, customer information will be kept for a certain period of time according to the relevant laws and regulations.

-When it is necessary to preserve according to the provisions of the Commercial Act, etc. despite the purpose of collecting or receiving

-If there is a reason for information protection by internal policy or other related laws.

In this case, the Company uses the information kept only for the purpose of keeping it and the retention period is as follows.

① Personal information about the use of the service

Relevant laws: Communications Secrets Protection Act

Retention Period:3 months

②Records on display and advertising

Relevant laws:

Act on the Consumer Protection in the Electronic Commerce Transactions, etc.

Retention Period:6 months

③ Records of contract or withdrawal, etc.

Relevant laws:Consumer Protection in the Electronic Commerce Transactions, etc.

Retention Period:5 years

④ Records regarding payments and/or provision of goods and services

Relevant laws:

Act on the Consumer Protection in the Electronic Commerce Transactions, etc.

Retention Period:5 years

⑤ Records regarding customer inquiries, claims, or disputes

Relevant laws:Act on the Protection of Consumers in Electronic Commerce, etc.

Retention Period:3 years

⑥ Records of user identification

Relevant laws:Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

Retention Period:6 months


Article 5. The rights and obligations of data subjects (customers), and how to exercise the rights

1. The data subject (customers) may exercise the rights related to personal information set forth in each of the following subparagraphs with respect to the Company any time.

① To request access to personal information

② To request correction of errors, etc. if any

③ To request deletion

④ To request stopping processing

2. The rights set forth in paragraph 1 above may be exercised in writing and by telephone, e-mail or fax, etc., and the Company shall take measures immediately after completing the user identification process.


Article 6. Procedure for and method of destroying personal information

In principle the Company shall destroy relevant information immediately after fulfilling the purpose of the collection and use of personal information or after the passage of the retention period. Procedure for and method of destroying it are as follows:


1. Destruction procedure

The Company shall determine personal information subject to destruction and destroy relevant personal information with the approval of the Privacy Officer.


2. Method of Deletion

The personal information printed in paper shall be destroyed with a shredder or by incineration and the personal information stored in an electronic file format shall be deleted by a technical method which makes it impossible to reproduce the records.


Article 7. Privacy Officer

The Company designates a related department and a person in charge of personal information management to protect personal information and deal with complaints related to personal information as follows:


Privacy Officer

Name: Park In-hwan

Email: ihpark@suprema.co.kr

Office: +82-31-710-5600

Fax: +82-31-783-4503


Privacy Manager

Name: Jeong Seung-ho

Email: shjung@suprema.co.kr

Office: +82-31-710-2406

Fax: +82-31-783-4503


If you need counseling on personal information infringement, you can contact the Personal Information Infringement Reporting Center, the Cyber Crime Investigation Department of the Supreme Prosecutors' Office, and the Cyber Security Department of the National Police Agency, and the like.

  • Personal Information Infringement Notification Center (operated by Korea Internet & Security Agency)
    • Jurisdiction: Report complaints about personal information infringement, apply for consultation
    • Website: http://privacy.kisa.or.kr
    • Telephone: (without area code) 118
  • Cyber Investigation Department, Supreme Prosecutors' Office
  • National Police Agency Cyber Safety Bureau


Article 8. Change of personal information processing policy

This Privacy Policy will be applied from the effective date. If any changes, additions, deletions or corrections are made in accordance with laws and policies, we will notify you through announcements to the implementation of the changes.

(https://support.supremainc.com/en/support/discussions/24000000209).



Article 9. Measures to ensure the safety of personal information

The Company takes technical and administrative measures necessary to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged:


1. Encryption of personal information

Personal information is protected by a password, and important data is protected using security features such as encrypting files and transmitted data or using the file lock function.


2. Technical measures against illegal intrusion

The company always monitors customers' personal information to prevent it from being leaked or damaged by hacking or computer viruses. We regularly maintain anti-virus programs to prevent personal information infringement.


3. Restrictions on Access to the Processing System of Personal Information

The Company is taking the necessary steps for a systematic database system that can process personal information.


4. Handling of personal information and training of employees

Personal information-related employees provide regular training for personnel on the acquisition of new security technologies and on their privacy obligations.


5. Managing personal passwords


In principle, a password is available only to the designated user. The Company is not liable for any issues arising from personal information (e.g. password) leakage caused by individual carelessness, or the general risks associated with the internet and online services. The Company urges users to have a strong awareness of security for their passwords, to frequently change their passwords, and to exercise caution when logging in to the services on public IP.


Article 10. Provision of personal information to a third party

Unless the user's consent is given or it is mandatory to provide personal information under related laws, the user's personal information shall not be used or provided to a third party in any case.



Article 11. Matters concerning the purpose of automatic collection of personal information, and denial thereof

The Company uses 'cookies' that store and retrieve the customer's information from time to time in order to provide customized services. Cookies are tiny text files that are sent by the server (HTTP) used to run the website to your computer browser. They are small amounts of information and are stored on your computer's hard disk.

The customer has the option to install cookies. As a result, customers can set options in their web browsers to allow all cookies, check each time a cookie is stored, or refuse to store all cookies. However, if the customer refuses to install cookies, the service may be inconvenient or the service may be restricted.


1. Purpose of using cookies

Cookies are used to provide information and services that are optimized for you by identifying the purpose of your visit and others.2. How to reject cookie settings


Internet Explorer : Select Tools menu > Select Internet Options > Click the Privacy tab > Advanced Privacy Settings > Cookie Level Settings


Chrome : Choose Settings menu > Display advanced settings > Select privacy and security > Select content settings > Cookie level settings


Safari : Select preferences menu > Personal Information tab > Cookies and website data level settings



Article 12. Notice obligation

The Company will notify the general amendments of the personal information processing policy through the 'Forum>Privacy Policy>Announcement' on the Website at least 7 days before the effective date.

  • (Notice Date) : November 01, 2019
  • (Effective Date) : December 01, 2019