OMPASS
Effective Date: March 1, 2022
OneMoreSecurity (hereinafter "Company") providing 'OneMorePass' (hereinafter "OMPASS") service strives to protect users' personal information and complies with relevant laws such as the 'Act on Promotion of Information and Communications Network Utilization and Information Protection' and the 'Personal Information Protection Act'. The Company discloses this privacy policy in accordance with relevant laws so that users can easily understand how the Company processes personal information.
Supply of OMPASS administrator site and app services, identity verification and authentication for membership services, prevention of service misuse, securing contact information for customer support, complaint handling and civil complaint processing, statistics on members' service use, provision of advertising information, provision of customized services according to statistical characteristics
Administrator information collected with consent during site use
- First name, last name, email, country code, phone number, company/organization name
Sub-administrator information collected by administrator during site use
- First name, last name, email, country code, phone number
Administrator and sub-administrator information automatically generated and collected during service and site use processing
- OMPASS logs, policy logs, cookies, access IP information, visit time, visit location
User information automatically generated and collected during service use processing
- User ID, application name, authentication type, cookies, access IP information, login time
User information collected during identity verification process
- Email identity verification is conducted when using the service for the first time
Membership service registration, service use, phone consultation, email consultation, service inquiry, quotation inquiry
None
Information retention according to company policy
Information provided by users using membership services is retained from the time of membership registration until withdrawal.
For services other than membership services, personal information is deleted immediately when the purpose of use is achieved, and may be retained according to the retention period announced for each service.
Information retention according to relevant laws
When it is necessary to preserve according to the provisions of relevant laws such as the Commercial Act, preservation is made according to the law.
Records related to contracts or withdrawal of subscription: 5 years
Records related to payment and supply of goods: 5 years
Records related to consumer complaints or dispute resolution: 3 years
〈Personal Information Destruction Procedure〉
Collected personal information is destroyed immediately after achieving the collection purpose or expiration of the retention period, and when it needs to be retained for a certain period according to relevant laws, it is moved to a separate DB for storage and destroyed when the retention period expires.
〈Personal Information Destruction Method〉
Collected personal information is destroyed immediately after achieving the collection purpose or expiration of the retention period, and when it needs to be retained for a certain period according to relevant laws, it is moved to a separate DB for storage and destroyed when the retention period expires.
Personal information printed on paper is destroyed by shredding with a shredder.
Personal information stored in electronic file format is deleted using technical methods that cannot reproduce records.
Users can withdraw their consent regarding the use of personal information provided through service termination application. The 'Company' takes necessary measures immediately when there are requests for withdrawal of consent, access, or modification, and especially for information modification requests, the information is not used until the information is corrected. All personal information protection-related complaints arising from using OMPASS service can be requested through the contact information provided in this privacy policy.
The Company takes administrative, technical, and physical measures necessary for safety as follows when processing personal information.
Administrative measures: Establishment and implementation of internal management plans, regular education on personal information protection for employees, etc.
Technical measures: Access authority management for personal information processing systems, installation of encryption and security programs, etc.
Physical measures: Access control for personal information storage places such as server rooms and data storage rooms
The 'Company' uses 'cookies' to provide personalized services to users. 'Cookies' are data files sent from HTTP servers to users' browsers and stored on users' devices. Cookies may contain information about websites used and users' personal information. Users can adjust web browser options to accept all cookies, send notifications when cookies are installed, or refuse all cookies.
Personal Information Protection Officer
Personal Information Protection Officer: CEO Kim Min-sik
Contact for personal information protection inquiries: 070-4298-3070, ceo@omsecurity.kr
If you have any questions about personal information, you can inquire through the above contact at any time.
If you need to report or consult on other personal information violations, please contact the following institutions.
National Police Agency Cyber Investigation Bureau https://cyberbureau.police.go.kr/ / 182
Supreme Prosecutors' Office Cyber Investigation Division https://www.spo.go.kr/ / 1301
Personal Information Infringement Report Center (operated by Korea Internet & Security Agency) https://privacy.kisa.or.kr/ / 118
Personal Information Dispute Mediation Committee (operated by Korea Internet & Security Agency) https://www.kopico.go.kr/ / 1833-6972
This privacy policy is effective from March 1, 2022.
