Doosan Fuel Cell Co., Ltd. (hereinafter referred to as ‘Doosan’) recognizes the importance of privacy and data protection to our customers and website users (hereinafter the “Data subject”). We have committed to data and privacy protection across entire company and applications. Therefore, the Company complies with all applicable privacy and data protection laws, such as the Personal Information Protection Act and Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (hereinafter referred to as the” Act on Information and Communications Network).
1. What Data Doosan Collects
- 1. We collect your personal data in accordance with law and with transparency and fairness to you.
- 2. We only collect personal information which is essential to providing our services. We do not collect data which is, by its nature, particularly sensitive or might jeopardize the basic human right and privacy. (e.g., data revealing racial or ethnic origin, religion or other beliefs, birthplace, political opinions, sex life, sexual orientation, data concerning health, criminal background, etc.)
2. Information Collected about You and How We Collect
Here are the types of personal information we collect. Data stipulated in Clause 2 below might be automatically collected about your use of our website. We gather data in order to:
1. Deal with complaints
- - Required : Name, email
- - Optional : Location(city, province), phone(Contact No.), country, company
2. Analyze and improve services we provide: information involved here is automatically generated and collected through your online activities.
- - Your service use records, access log, cookies, originating IP address
3. Hire new employees
- - General information : name(Korean/Chinese/English), birthdate, gender, photo, password, phone numbers, home address, mobile, email, education, military service(status, duration, branch, rank), language skill, qualifications, veterans’ family (yes/no), career, experiences, R&D experience.
- - Sensitive data : disability and disability type/grade
3. Why We Use Personal Information?
Doosan Fuel Cell uses personal information to:
1. Develop relationships with our customers.
- - This may include: (i) analyzing your interactions with us, providing functionality, improving our website, and enhancing the usability and effectiveness of our services;
- - (ii) handling customers’ complaints. We use personal data to take steps to address complaints and communicate with. Also, we refer to data in order to provide notice how complaints have been processed, if applicable.
2. Hire new employees.
- - In the event where we hire new employees, we refer to personal information to identify applicants and their real names. In addition to this, we contact applicants using their contact information. To comply with the Act on the Honorable Treatment of and Support for Persons, etc. of Distinguished Service to the State and the Act on the Employment Promotion of Persons with Disabilities, personal information might be referenced to identify whether an applicant is a member of veteran’s family or has any impairments.
4. Retention of Personal Information
Doosan collects personal data to:
1. Resolve complaints;
- - Information stored: name, email, address (city, province), phone (contact no.), nation, company
- - Retention period: 1 year
2. Analyze and improve services we provide;
- - Information stored : Service use history, access log, cookies, originating IP address
- - Retention period : 3 years
3. Hire new employees
- - Information stored: name(Korean/Chinese/English), Photo, password, phone number, address, mobile, email, education, military service(status, duration, branch, rank), language skills, qualifications, veterans’ family (yes/no), career, experiences, R&D experience, sensitive data, such as disability and disability type/grade.
- - Retention period
- • For those who are not employed, their information is retained up to 5 years on the basis of their consent from the completion of our hiring process. Its intent is to build a potential candidate database.
- • For those who are hired, we retain their information until achievement of privacy statement on the premise of their agreement.
5. How We Delete Personal Data and Steps We Take
1. Within 5 days after the expiration of the retention period, personal data is deleted. In case Doosan no longer needs personal data for good reason such as achievement of privacy statement, service or business closure, the data is deleted within 5 days after when the information is regarded no longer needed.
2. How to delete
- a. Physical records revealing personal data: shredding or incinerating.
- b. Electronic records: permanently erased so as to ensure that they cannot be restored.
6. When We May Share Personal Information
We do not disclose or share personal information with third parties without the prior consent of data subjects and/or without good cause set forth in applicable laws except as described herein:
- - We may share your information with your permission.
- - We may share your personal information with third parties when we have a good faith belief that disclosure is indispensable for compliance with statutory obligations and regulations.
- - There may be a time when data subjects or their dully authorized representatives are unable to express their consent or out of reach while your or others life, body, or/and property is thought to be in danger. In this situation, we share your information without prior consent.
|Data shared with||Data we share||Why we share||Retention Period|
|MultiCampus Co., Ltd.||name, birthdate, test date, Applicant No., scores||To confirm authenticity of OPIc scores from identity check.||Deletes right after getting scores|
|Korea TOEIC Committee||name, birthdate, test date, Applicant No., scores||To confirm authenticity of TOEIC Speaking scores from identity check.||Deletes right after getting scores|
|Cube Communication||name(KOR/ENG), gender, phone (mobile)||To make name tags or a seating plan for new employee welcome party.||Deletes right after party|
7. Service Providers Who Handle Personal Data On Behalf of Us
We hire third parties to perform support services for data subjects. We control and supervise them to ensure personal information is processed in a safe manner pursuant to applicable laws and regulations. The table below describes personal information third parties manage on our behalf.
1. Data Storage Service
|Doosan Digital Innovation||Complaints archive and offer related services - name, email, address (city, province), phone (contact), nation, company|
2. Staff Training and Medical Checkup/Care
|Korean Industrial Health Association||Medical check-up and care for employees|
|Korean Industrial Safety Association||Education for employees|
|Hanshin Medipia, Philip Medical Center, Honseong Medical Center, Anjoong Baik Hospital, Na-eun Hospital, Dangin Hospital, Central Hospital, Inje University Haeundae Paik Hospital||Medical check-up for employees|
|Hansung Institute of Industrial Medicine||Medical care and consulting for employees|
8. Exercising Your Rights
- 1. You have the right to withdraw any consent previously granted or to request for search, correction, or amendment to your personal data. To exercise your rights, you can contact our Privacy Officer on the phone or email or write to us at the appropriate address.
- 2. Following your rectification request, we neither use nor share your personal information until we rectify your inaccurate information.
- 3. For children under the age of 14, their parents or legal guardians hold the right to view and update the kid’s personal information, and to withdraw consent to personal information collection and use.
- 4. If any personal information passes its expiration date or is erased upon request of data subjects or legal representatives, we will not view or use the information unless applicable laws otherwise clearly require.
9. Cookies and Your Choices
10. How Doosan Secures Your Information
Doosan retains data as required or permitted by Article 29 of the Personal Information Protection Act and Article 28 of the Act on Information and Communications Network. We keep your data secure by using a variety of security technologies and procedures such as;
1. Minimizing the number of authorized staff who handle personal data.
- - We minimize power and authority of those who process and handle personal data.
2. Regular trainings given to them.
- - Our privacy guidelines are communicated with our Privacy staff as part of regular trainings.
3. Regular internal audit.
- - To ensure your personal data is secure, we perform internal audit on a regular basis.
4. Internal Privacy Guidelines and Safeguards
- - We build privacy and security guidelines and strictly enforce privacy safeguards within the Company to protect your personal information from unauthorized access, alteration or destruction; maintain data accuracy; and help ensure the appropriate use of your information.
5. Personal Data Encryption
- - When your personal information and password is stored and maintained, they are encrypted. We protect your personal information during transit using security measures.
- - To prevent loss of data, unauthorized access or destruction, we utilize security program with limited access housed in facilities and update and inspect them on a regular basis using physical and technical security measures.
7. Access Control
- Access to personal data processing system are granted, changed or terminated for security as needed. Firewalls are utilized against unauthorized or unlawful access.
8. Access Log Keeping and Forging Protection
- - Personal data access log is maintained at least for 6 months. Access log is protected using security feature against forging, data loss, or leak.
9. Keep Documents Secure in Storage
- - Documents and portable storage devices containing personal information are kept in locked storage.
10. Restricting Unauthorized Access
- - We keep personal information in a separate place and have developed access control protocols to protect information from unauthorized access.
11. Chief Privacy and Data Protection Officer
- 2. If you have other unresolved privacy concerns, please contact institutions below.
When we change the policy, a notice will be posted on the website along with updates and reason before enforcing the change.