About handling Users’ Personal Information, the Company shall implement the following protective measures to ensure safety so that Personal Information will not be lost, stolen, leaked, altered or damaged.
- Technical Safeguards
a) Users’ Personal Information is protected by a password, and important data is protected through separate security functions by encrypting files and transmitted data or using file Lock function.
b) The Company has taken various measures to prevent damage caused by computer viruses by using vaccine programs. Those programs are updated periodically, and in the event of a sudden virus outbreak, the programs shall be provided as soon as they are released in order to prevent infringement of Personal Information.
c) The Company adopts a security device (SSL) that can safely transmit Personal Information within the network utilizing a cryptographic algorithm.
d) The Company, in preparation for external intrusions such as hacking, each server uses an intrusion prevention system and a vulnerability analysis system to ensure security.
- Managerial Safeguards
a) The Company limits the right of access to Users’ Personal Information to a minimum number of people and those are as follows.
① A person who performs marketing tasks directly for Users (limited to cases where Users agree upon such marketing tasks)
② A person who handles complaints and inquiries about usage of services from customers
③ A person who carries out Personal Information Protection such as Privacy Officers
④ A person who should handle Personal Information due to his/her job description
b) The Company has prepared internal procedures to prevent leakage of information by employees through security pledges at the time of joining the Company, and to audit the implementation of Personal Information Processing Policy as well as compliance of such Policy by employees.
c) The transition of duties and responsibilities of Personal Information-related person in charge is carried out thoroughly, and the Company clarifies responsibilities for Personal Information accidents after the above person joins and leaves the Company.
d) The Company is not liable for any occurrences caused by Users’ personal mistakes or basic Internet risks. Each User must properly manage his/her ID and password to protect Personal Information and shall bear full responsibilities about such management.
e) In the event that Personal Information of Users is lost, leaked, altered or damaged due to mistakes by internal managers of the Company or accidents with regard to technical management, the Company will immediately notify Users and take appropriate countermeasures and compensation processes.