1. Purpose of Personal Data Processing
BARAM Portal ('baramcfd.org', hereinafter 'BARAM Portal') processes personal data for the following purposes and will not use it for any other purposes:
- To confirm the intention to join, identify and authenticate users, maintain and manage memberships, process payments for goods or services, and provide or deliver goods or services.
2. Processing and Retention Period of Personal Data
① BARAM Portal processes and retains personal data within the period for which consent was given or within the retention period required by law.
② The specific processing and retention periods for personal data are as follows:
- Customer registration and management: Until the service contract ends or the membership is canceled.
3. Outsourcing Personal Data Processing
① BARAM Portal outsources personal data processing to third parties as follows to facilitate efficient data processing:
② When outsourcing, BARAM Portal specifies the purposes for which the personal data will be processed, ensures that the third party complies with data protection laws, and monitors their compliance with technical and administrative protection measures.
③ If there are any changes to the outsourced services or the service provider, BARAM Portal will promptly disclose the updated privacy policy to inform users.
4. Rights of the Data Subject and How to Exercise Them
Data subjects may exercise the following rights regarding their personal data at any time:
-
1. Request access to personal data
-
2. Request correction of errors
-
3. Request deletion
-
4. Request cessation of processing
5. Types of Personal Data Processed
BARAM Portal processes the following types of personal data:
- Mandatory: Login ID, name, email address
- Optional: Security question and answer, password, mobile number, company name, company phone number, department
6. Data Retention and Destruction
① BARAM Portal will promptly destroy personal data when the purpose for processing is achieved.
- Procedure: Data entered by users will be transferred to a separate database and stored for a period, after which it will be destroyed.
- Retention Period: Personal data will be destroyed within 5 days after the retention period has expired.
7. Security Measures for Personal Data
-
1. Minimization and training of personnel handling personal data
-
2. Encryption of personal data
-
3. Restriction of access to personal data
-
4. Use of lock devices to ensure document security
8. Personal Data Protection Officer
▶ Personal Data Protection Officer
Name: Kyungjin Lee / Position: Team Leader / Title: Manager
Contact: 070-8796-3025, kjlee@nextfoam.co.kr, 02-838-7411
▶ Department Responsible for Personal Data Protection
Department: Business Development / Responsible Person: Dongkyu Kim
Contact: dkkim@nextfoam.co.kr
9. Changes to the Privacy Policy
This privacy policy is effective as of the implementation date, and any changes to laws or policies will be communicated through an announcement 7 days before implementation.
