Skip to content Skip to footer

Privacy Policy

This Privacy Policy explains how SecuLayer, Inc. is committed to protecting the personal information of its owner and addressing privacy concerns.

1.      Purpose of collecting and using personal information

SecuLayer, Inc. (hereinafter ‘company’) collects and uses personal information retrieved from the company’s website (www.seculayer.com), partner portal (partners.seculayer.com), and mobile applications upon the user’s consent. User’s personal information is used only for the purposes disclosed in this privacy policy. If any change occurs, users will be notified and asked for consent if necessary. The company uses personal information for the following purposes:

a.       Enabling downloads and sending newsletters for the marketing materials.

User’s affiliation, name, and email address will be collected and used to send the company’s brochures, white paper, and other marketing materials. 

b.      Membership registration on the company’s website. 

The company will use the personal information to confirm the registration, identify registered members, notify changes and address concerns raised by the users. 

c.       Identification of user’s information to provide mobile applications.

User’s biometrics (face/fingerprint) and the results of authentication*, and user’s ID, device information, and GPS. *Only the results of biometrics are used; actual biometrics are not collected and stored. 

d.      Addressing complaints and concerns.

Personal information is used in order to identify the complaint, contact for further investigation, and notify the results.

e.       Provision of goods and services.

Personal information is used in order to deliver goods, provide services, send contracts and receipts and provide contents

f.        Use of marketing and advertising

Personal information is used in order to provide new products, tailored services, events and chances to participate in, and advertising information based on the demographics.

2.      Retention of personal information

a.       The company uses and retains personal data only within the legally bounded periods and/or the periods that users consented to the collection  

b.      Retention and use of information vary as follows:

                                                                          i.      Addressing complaints and concerns.

1.      Personal information collected from the complaints and concerns raised via an email, phone call, and others are retained for up to 3 years upon the user’s consent and is only used for the above purposes

2.      Grounds for retention (Related legislation)

          recording of collecting and using personal credit data: 3 years

          recording of resolving user’s complaints and conflicts: 3 years

                                                                        ii.      Usage for marketing and advertising.

1.      Personal information related to marketing and advertising is used and retained for up to 3 years upon the user’s consent and is only used for the above purposes. 

2.      Grounds for retention (Related legislation)

          recording of collecting and using personal credit data: 3 years

          recording of resolving user’s complaints and conflicts: 3 years

                                                                      iii.      Provision of goods and services.

1.      Personal information related to providing goods and services are used and retained for up to 5 years upon the user’s consent and is only used for the above purposes. 

2.      Grounds for retention (Related legislation)

          recording of payment and providing goods and services: 5 years

          recording of contracts and withdrawal: 5 years 

3.      Provision of personal information to the 3rd party

a.       The company only uses personal information only within the range defined in the 1) Purpose of collecting and using personal information, and may provide personal information to the 3rd party only within the grounds of the Privacy Protection Legislation Article 17 and 18.

b.      The company provides personal information to the following 3rd party.

          Recipient party: DAOU Tech., INC.

          Purpose: sending a promotional and informational email 

          Receiving personal information: email, mobile phone number, name, affiliates, and company name

          Retention and use: 3 years

4.      Use of personal information by the 3rd party

a.       The company is outsourcing the use of personal information for effective use.

                                                                          i.      Sending informational and promotional emails regarding the company’s products and services

                                                                        ii.      Recipient party: DAOU Tech., INC.

                                                                      iii.      Outsourced tasks: providing information on the new products and tailored services and events regarding it and chance to participate in.

                                                                      iv.      Retention and use: 3 years

b.      The company ensures that the 3rd party is safely using the personal information, and states clearly the scope of the use, restriction, technical and managerial protection, compensation, and responsibilities on the contract.

c.       In case the recipient party is changed, the company will notify the users without delay. 

5.      Rights and obligation of the owners and legal representative of personal information

a.       Users, i.e. the owners of the personal information, may exercise their rights to view, correct, remove or cease the use of their own personal information

b.      The above right is protected by the Privacy Protection Legislation Article 41 Section 1. Users may contact the company via written or verbal forms such as letters, phone calls, and email and the company shall execute it immediately.

c.       A legal representative of the user may exercise the above right upon the submission of a form number 11 stated by the Use of Personal Information Number 2007-7

d.      Under the Privacy Protection Legislation Article 35 Section 4 and Article 37 and section 2, users may have limited rights to view and cease the use of personal information. 

e.       In case the other legislation and laws state explicitly to collect personal information, removal or correction of personal information cannot be executed.

f.        The company may ask for the identification of the users or the legal representative to ensure that they are the owners of the personal information in case they wish to exercise their rights to view, correct, remove or cease the use.  

6.      Use of personal information 

The company uses the following personal information.

a.       Marketing and advertising use (mandatory items): email, mobile phone number, name, affiliation, company name, service usage history, access log, cookies.

b.      Identifying users for providing mobile application service: Identification of users’ information to provide mobile applications. (User’s biometrics (face/fingerprint) and the results of authentication*, and user’s ID, device information, and GPS. *Only the results of biometrics are used; actual biometrics are not collected and stored.)

7.      Destruction of personal information

a.       The company will destruct when the personal information retention period expires, achieve the purpose of the uses, and any other occasion when the personal information is no longer needed.

b.      Under other explicit legislation or law requiring the retention of personal information, personal information can be further retained at a separate database and other specific storage, although the period of retention of the consented personal information expired or purpose is achieved.

                                                                          i.      Retaining personal information: name, mobile phone number, email, company name, affiliation, products of interest, and access log

c.       The procedure and method of destroying personal information are as follows.

                                                                          i.      Procedure: the personal information that needs to be destroyed will be identified first and removed upon the approval of the personal information protection officer.  

8.      Security of personal information

The company executes the following exercises in order to securely protect personal information.

a.       Minimizing the number of personnel who manage personal information and educating those who do. 

The company implements measures to manage personal information by designating a limited number of employees to handle personal information. 

b.      Internal management plan and measurement.

The company establishes and executes the internal management plan and measurement in order to safely use personal information.

c.       Technical plan to prepare for the hacking and other malicious attacks.

The company implemented security programs to prevent the breach and damage to personal information by computer viruses and hacking activities. This is regularly updated and deployed in order to technically and physically monitor and prevent external access.

d.      Encrypting personal information.

The user’s password is stored and managed as encrypted and only known by the users themselves. File and data transmission is encrypted or locked as a separate security measure.

e.       Retention of access log and prevention of forgery.

Access log to the personal information system is retained and managed for 6 months minimum. This is to prevent the forgery, theft, and loss of the logs.

f.        Restricted access to the personal information.

Database systems for personal information management have restricted access by granting, modifying, or canceling authority. An intrusion prevention system is implemented to prevent external access without authority.

9.      Use of cookies

a.       The company uses cookies that store and retrieve users’ usage logs to provide tailored services.

b.      Cookie is a small amount of information that the website’s server (HTTP) is sending to the user’s devices and this may be stored in the hard disk of the user’s device 

                                                                          i.      Purpose of using cookies: cookie is used to provide optimized service to the users by grasping the access logs to certain services and websites, user patterns, and search trends.

                                                                        ii.      Denial of using cookies: users can deny storing and use of cookies by ticking off the cookie setting under the privacy and security section of each browser (this may vary depending on the browser). Denying cookies may result in limited tailored services. 

10.  Personal information protection officer

a.       The company designated a person in charge of the personal information protection to address users’ complaints and concerns over the use of personal information.

                                                                          i.      Personal information protection officer

          Name: Lim Myunggun

          Department: Solution business

          Role: Executive Director

          Point of Contact: +82-70-4603-7320, myunggun.lim@seculayer.com

                                                                        ii.      Personal information protection department

          Department: Administration 

          Person in charge: Woo Wongu

          Point of Contact: +82-70-4603-7320, wongu.woo@seculayer.com

          Please contact here in case of inquiries or requests regarding personal information.

b.      The owner of the personal information may contact the officer or the department regarding inquiries, requests, complaints, or damage relief over the personal information protection while using the company’s goods or services. The company shall respond promptly.

11.  Access to personal information

The owner of the personal information may request to view the personal information under the Privacy Protection Legislation Article 35. The company shall promptly respond to the user’s request of viewing their personal information. 

a.       Personal information protection department

          Department: Administration

          Person in Charge: Woo Wongu

          Point of Contact: +82-70-4603-7320, wongu.woo@seculayer.com

12.  Questions regarding breach of personal information

The owner of the personal information may contact the following institutions in order to be relieved from the breach of personal information and other inquiries and reporting regarding personal information.

a.       Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)

b.      Korea Internet and Security Agency, Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)

c.       Prosecution Service: 1301 (www.spo.go.kr)

d.      National Police Agency: 182 (cyberbureau.police.go.kr) 

According to the Privacy Protection Legislation Article 35 (view of personal information), Article 36 (correction and removal of personal information), and Article 37 (ceasing the use of personal information), users may appeal for the breach of rights and infringement of one’s interest to the administrative trial. Detailed information about the administrative trial is found Online Administrative Appeals (www.simpan.go.kr). 

13.  Update on the privacy policy

a.       This Privacy Policy is enacted on July 6th, 2021, and is effective as of the day.