Hyundai AutoEver Corporation (hereinafter the “Company”) values the processing of customers’ personal information above all else and is committed to protecting their personal information as actively and effectively as possible.
1. Personal Information Items Collected and Method of Collection
1. 1. Personal Information Items Collected① When a customer signs up for membership, the Company collects the following information to identify members and provide optimized services.- Required items : Vehicle model, Year, VIN(Vehicle Identification Number), Device ID, Purchase date and ID(Email).1. 2. Method and Scope of Collecting Personal Information② The Company collects personal information in the following ways:1)Membership registration on the website, consultation board, e-mail2)Provision from partner companies3)Tools to collect generated information③ However, the Company does not collect personal information that may significantly infringe on customers’ basic human rights, such as race and ethnicity, ideology and an creed, place of origin and domicile, political orientation and criminal record, health status and sexual life.
2. Providing and Sharing Personal Information
2. 1. The Company cannot use or provide the customer’s personal information to third parties beyond the notified scope without the customer’s consent. However, the following cases are exceptions:① Sale·M&AWhen the Company transfers all or part of its business or succeeds the rights and obligations of the service provider due to merger or inheritance, the Company shall notify the customer of that fact to guarantee the customer’s rights pursuant to the privacy policy.② When it is determined that personal information is required by relevant laws and regulations (e.g. when a government/investigative agency requests personal information in accordance with due process)
3. Entrusting Personal Information Processing
3. 1. The Company may entrust the processing of personal information to a specialized institution for the sake of service improvement, wherein the Company notifies the customer of that in advance, clearly stipulates the service provider’s compliance with instructions regarding the processing of personal information, the confidentiality of personal information, the prohibition of providing personal information to third parties as well as liability, and the contents of the contract are stored in writing or electronically to protect the rights and interests of customers.3. 2. The institution to which the Company entrusts the processing of personal information, the tasks to be entrusted, and the entrustment period are as follows:
Entrusted Institution | Tasks Entrusted | Period of Entrustment |
---|---|---|
Pentabreed | System maintenance | Until the end of the entrustment contra |
MapMyIndia(India) Vietmap(Vietnam) |
System maintenance/payment | Until the end of the entrustment contra |
4. Retention Period of Personal Information
4. 1. The Company will destroy any personal information collected immediately after the purpose of collecting and using the personal information has been achieved. However, the following information will be retained for the following reason for the specified period of time.① Retention of personal information for map updates Purpose :map update Period of retention : 7 years
5. Destroying Personal Information
5. 1. The user may destroy personal information by completing 『Membership Withdrawal』 on the website, and the Company shall destroy personal information without delay upon the user’s request.5. 2. However, users with authentication history cannot leave the membership, and they can withdraw by following the relevant procedure on the website.5. 3. The procedure and method of the Company destroying personal information are as follows:① Destruction procedureThe personal information that the customer enters for joining membership is transferred to a separate DB (if paper, to a separate filing cabinet) after the purpose is achieved, and is destroyed after a certain period of time in accordance with internal policies and relevant laws and regulations (see Period of retention and use of personal information).This personal information will not be used for any purpose other than retention unless required by law.② Destruction methodPersonal information printed on paper is destroyed by shredding or incinerating the paper. If stored in electronic files, it will be deleted in a technical way so that it cannot be reproduced.
6. Accounts of members who have not been active for more than four years after the map update is terminated due to vehicle discontinuation will be converted to dormant accounts. For users who accessed within 1 years after the end of the service, the dormant account is canceled, and if there is no access for 1 years from the period of access, the account is converted back to dormant account.
Details are as follows:
① The Company stores and manages the personal information of dormant accounts in a separate DB for the sake of security and does not use or provide it to third parties. An email will be sent to users of the account up to 30 days before switching to an inactive account.② Once an account is placed in a dormant state, users of that account will not be able to log in with the personal information of the dormant account and will not be able to use the member services. However, they can cancel the dormant status at any time after a separate application and verification process.6. 1. The Company keeps the personal information of dormant accounts for one years and then destroys it. Details are as follows:③ The Company will notify the user of the dormant account of the withdrawal process and the destruction of personal information (including the serial registered in the account) at least 30 days in advance.④ Those who want to sign up again after their personal information is destroyed cannot use the same ID.
7. Technical and Administrative Protection Measures of Personal Information
7. 1. The Company takes the following technical/administrative measures to ensure safety in handling personal information so that it is not lost, stolen, leaked, altered or damaged.7. 2 Password EncryptionSince the password of the member ID is stored and managed after encryption, only the member knows the actual password, which means that only the member himself can check and change his personal information.7. 3 Measures against HackingThe Company is doing its utmost to prevent leakage or damage of personal information of members by hacking or computer viruses. In order to prevent personal information from being affected, the Company regularly backups the data. The Company uses the latest anti-virus software to prevent users’ personal information or data from being leaked or damaged and to securely transmit personal information on the network through encrypted communication. In addition, the Company uses a firewall to control unauthorized access from the outside, and strives to have all possible technical devices to ensure security systematically.7. 4 Minimizing and Training Handling StaffThe Company’s handling of personal information is limited to the person in charge, and a separate password is assigned for this purpose and updated regularly. The Company constantly emphasizes the importance of compliance with the privacy policy through regular training of the person in charge.7. 5 However, if the user’s negligence or problems on the Internet cause leakage of personal information such as ID, password the Company shall not be held responsible at all
Hyundai AutoEver Corporation (hereinafter the “Company”) values the processing of customers’ personal information above all else and is committed to protecting their personal information as actively and effectively as possible.
1. Personal Information Items Collected and Method of Collection
1. 1. Personal Information Items Collected① When a customer signs up for membership, the Company collects the following information to identify members and provide optimized services.- Required items : Vehicle model, Year, VIN(Vehicle Identification Number), Device ID, Purchase date and ID(Email).1. 2. Method and Scope of Collecting Personal Information② The Company collects personal information in the following ways:1)Membership registration on the website, consultation board, e-mail2)Provision from partner companies3)Tools to collect generated information③ However, the Company does not collect personal information that may significantly infringe on customers’ basic human rights, such as race and ethnicity, ideology and an creed, place of origin and domicile, political orientation and criminal record, health status and sexual life.
2. Providing and Sharing Personal Information
2. 1. The Company cannot use or provide the customer’s personal information to third parties beyond the notified scope without the customer’s consent. However, the following cases are exceptions:① Sale·M&AWhen the Company transfers all or part of its business or succeeds the rights and obligations of the service provider due to merger or inheritance, the Company shall notify the customer of that fact to guarantee the customer’s rights pursuant to the privacy policy.② When it is determined that personal information is required by relevant laws and regulations (e.g. when a government/investigative agency requests personal information in accordance with due process)
3. Entrusting Personal Information Processing
3. 1. The Company may entrust the processing of personal information to a specialized institution for the sake of service improvement, wherein the Company notifies the customer of that in advance, clearly stipulates the service provider’s compliance with instructions regarding the processing of personal information, the confidentiality of personal information, the prohibition of providing personal information to third parties as well as liability, and the contents of the contract are stored in writing or electronically to protect the rights and interests of customers.3. 2. The institution to which the Company entrusts the processing of personal information, the tasks to be entrusted, and the entrustment period are as follows:
Entrusted Institution | Tasks Entrusted | Period of Entrustment |
---|---|---|
Pentacore | System maintenance | Until the end of the entrustment contra |
MapMyIndia(India) Vietmap(Vietnam) |
System maintenance/payment | Until the end of the entrustment contra |
4. Retention Period of Personal Information
4. 1. The Company will destroy any personal information collected immediately after the purpose of collecting and using the personal information has been achieved. However, the following information will be retained for the following reason for the specified period of time.① Retention of personal information for map updates Purpose :map update Period of retention : 7 years
5. Destroying Personal Information
5. 1. The user may destroy personal information by completing 『Membership Withdrawal』 on the website, and the Company shall destroy personal information without delay upon the user’s request.5. 2. However, users with authentication history cannot leave the membership, and they can withdraw by following the relevant procedure on the website.5. 3. The procedure and method of the Company destroying personal information are as follows:① Destruction procedureThe personal information that the customer enters for joining membership is transferred to a separate DB (if paper, to a separate filing cabinet) after the purpose is achieved, and is destroyed after a certain period of time in accordance with internal policies and relevant laws and regulations (see Period of retention and use of personal information).This personal information will not be used for any purpose other than retention unless required by law.② Destruction methodPersonal information printed on paper is destroyed by shredding or incinerating the paper. If stored in electronic files, it will be deleted in a technical way so that it cannot be reproduced.
6. Accounts of members who have not been active for more than four years after the map update is terminated due to vehicle discontinuation will be converted to dormant accounts. For users who accessed within 1 years after the end of the service, the dormant account is canceled, and if there is no access for 1 years from the period of access, the account is converted back to dormant account.
Details are as follows:
① The Company stores and manages the personal information of dormant accounts in a separate DB for the sake of security and does not use or provide it to third parties. An email will be sent to users of the account up to 30 days before switching to an inactive account.② Once an account is placed in a dormant state, users of that account will not be able to log in with the personal information of the dormant account and will not be able to use the member services. However, they can cancel the dormant status at any time after a separate application and verification process.6. 1. The Company keeps the personal information of dormant accounts for one years and then destroys it. Details are as follows:③ The Company will notify the user of the dormant account of the withdrawal process and the destruction of personal information (including the serial registered in the account) at least 30 days in advance.④ Those who want to sign up again after their personal information is destroyed cannot use the same ID.
7. Technical and Administrative Protection Measures of Personal Information
7. 1. The Company takes the following technical/administrative measures to ensure safety in handling personal information so that it is not lost, stolen, leaked, altered or damaged.7. 2 Password EncryptionSince the password of the member ID is stored and managed after encryption, only the member knows the actual password, which means that only the member himself can check and change his personal information.7. 3 Measures against HackingThe Company is doing its utmost to prevent leakage or damage of personal information of members by hacking or computer viruses. In order to prevent personal information from being affected, the Company regularly backups the data. The Company uses the latest anti-virus software to prevent users’ personal information or data from being leaked or damaged and to securely transmit personal information on the network through encrypted communication. In addition, the Company uses a firewall to control unauthorized access from the outside, and strives to have all possible technical devices to ensure security systematically.7. 4 Minimizing and Training Handling StaffThe Company’s handling of personal information is limited to the person in charge, and a separate password is assigned for this purpose and updated regularly. The Company constantly emphasizes the importance of compliance with the privacy policy through regular training of the person in charge.7. 5 However, if the user’s negligence or problems on the Internet cause leakage of personal information such as ID, password the Company shall not be held responsible at all