Privacy Policy

Personal information processing policy.Comax Co., Ltd. ("Company") values users' personal information and complies with the Personal Information Protection Regulations under the "Act on Promotion of Information and Communication Network Utilization and Information Protection" and the "Personal Information Protection Act". In addition, the company informs you that the personal information you provide is being used for some purpose and method through the personal information processing policy, and that we are always striving to effectively and actively protect personal information.This personal information processing policy applies to the entire smart home service provided by the company, and if revised, it will be announced through the application notice (or individual notice) that provides the company's smart home service.

1. Purpose of processing personal information.The company processes personal information for the following purposes. The personal information processed is not used for any purpose other than the following purposes, and if the purpose of use changes, necessary measures will be implemented, such as obtaining separate consent.

1) Membership registration and management.Personal information is processed for the purpose of confirming membership intention, maintaining and managing membership, preventing illegal use of services, various notices and notices, handling grievances, and preserving records for dispute settlement.

2) Handling civil complaints.Personal information is processed for the purpose of identifying civil petitioners, checking civil complaints, contacting and notifying them for fact-finding, and notifying them of the results of processing.

3) Smart home service provided.It provides a more improved smart home service experience through data collection and analysis, and processes personal information for the purpose of providing personalized/intelligent services.

2. Collection and use of personal information.The company collects, uses, and provides personal information based on the user's consent.

1) Personal information collection items.• ID, password, e-mail, residential complex, dong/ho number, equilibrium information, nickname (nickname), gender, age group• The following information can be automatically collected during the service use process or service provision processing process (device information used, service usage history, access log, etc.).

2) Collection method: Membership registration, device/application installation information, member information modification, phone, customer center inquiry, and collection through voluntary provision of users while using the service.

3) Grounds for retention: Service provision and response

4) Retention period: If a member withdraws his/her consent or withdraws his/her consent, it shall be destroyed without delay to protect personal information if not used for one year, but information to be kept under relevant laws and regulations shall be kept for a period of time.3. The rights and obligations of the user and the method of exercising them.Users can exercise the following rights as personal data subjects.1) The data subject may exercise the following privacy rights against the company at any time. Request to read personal information If there is an error, etc., request correction. Request deletion. Request for suspension of processing2) The exercise of rights can be made to the company in writing, by phone, or by e-mail in accordance with attached Form 8 of the Enforcement Rules of the Personal Information Protection Act, and the company will take action without delay.3) If the data subject requests correction or deletion of personal information errors, etc., the company will not use or provide the personal information until correction or deletion is completed.4) You can exercise your rights through an agent such as a legal representative of the data subject or a person who has been delegated. In this case, a power of attorney must be submitted in accordance with attached Form 11 of the Enforcement Rules of the Personal Information Protection Act.4. Destruction of personal information.In principle, if the purpose of processing personal information is achieved, the company will destroy the personal information without delay. The procedure, deadline, and method of destruction are as follows.1) The destruction procedure.After achieving the purpose, the information entered by the user will be transferred to a separate DB (separate documents in the case of paper) and stored for a certain period of time in accordance with internal policies and other related laws and regulations. At this time, the personal information transferred to the DB is not used for any other purpose except by law.2) How to do it.• Information in electronic file format is deleted using a technical method that cannot play records.• Personal information printed on paper is crushed or destroyed through incineration.5. Measures to secure personal information safety.In accordance with Article 29 of the Personal Information Protection Act, the company is taking technical/management and physical measures necessary to ensure safety as follows.1) Encryption of personal information.Users' personal information is encrypted, stored, and managed, so only they can know, and important data uses separate security functions such as encrypting files and transport data or using file lock functions.2) Technical measures against hacking, etc.To prevent personal information leakage and damage caused by hacking or computer viruses, the company installs security programs, periodically renews and inspects them, installs systems in areas where access is restricted from the outside, and monitors and blocks them technically and physically.3) Restrictions on access to personal information.It takes necessary measures to control access to personal information through granting, changing, and canceling access to the database system that processes personal information, and controls unauthorized access from outside using the intrusion blocking system.4) Minimization and training of employees handling personal information.We are implementing measures to manage personal information by designating employees who handle personal information and minimizing it only to the person in charge.5) Personal ID, password, and management.In principle, the ID and password used by the user are intended to be used only by the user. The company is not responsible for the leakage of personal information such as IDs and passwords due to the user's personal carelessness and the dangers of the basic Internet.6. The person in charge of personal information protection and the person in charge.The company is in charge of personal information processing, designates a person in charge of personal information protection as follows to handle complaints and relieve damages of information subjects related to personal information processing, and responds quickly and sincerely to personal information-related inquiries.Person in charge of personal information protection.Person in charge of personal information protection.Name: Hwang Incheol.Name: Kwon Hee Hoon.Affiliated: Affiliated research institute.Affiliated research institute/cloud team. Cloud team.Position: Director.Position: Senior researcher.Inquiries: COMAX Customer Center 82-1599-8667. How to remedy infringement of rights and interests (request for access to personal information)Where it is necessary to report or consult personal information infringement.Contact the institution below for help.Personal Information Infringement Report Center.http://privacy.kisa.or.kr118 without a national number.Cyber Investigation Department at the Supreme Prosecutors' Office.http://cybercid.spo.go.kr1301 without a national number.National Police Agency Cyber Safety Bureau.http://cyberbureau.police.go.kr182cm without a national number.8. Notice of Personal Information Processing Policy.• Personal information processing policy version number: v1.0• Implementation date of the personal information processing policy: August 31, 2020