개인 정보 처리 방침
2021.04.22
※ This policy will be implemented from April 22, 2021.
'ESTsoft' (hereafter referred to as the 'Company') values the personal information of job applicants and complies with the 'Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.' The Company informs applicants through its privacy policy on how their personal information is being used and what measures are being taken to protect their personal information. Should there be any changes to the privacy policy, the Company will notify through website announcements. If you have any questions about the changes, you can visit the ESTsoft website at any time to check.
1. Personal Information Items Processed
The company allows you to apply for a job without a separate membership registration process, and to provide opportunities for job application, the following personal information is being collected through the website.
1) The range of personal information collected when applying for a job
- Required information: Photo, Name, Date of Birth, Gender, Password for modifying job application, Email address, Mobile phone number, Application route, Military service details, Whether you are a beneficiary of veterans' affairs (Including bonus rate for those eligible), Whether you are a disabled individual (Including details and grade of disability if applicable), Alma mater, Education level, Period of attendance, Department and grades completed, Certificate of last school grade, Career details (Experienced), Level of technical skills, Self-introduction
- Optional information: Marital status, Career details (Freshman), Language and other qualifications, Awards history
2. Purpose of Personal Information Processing
1) Verification of the applicant's identity, qualifications, employment status check, amendment of job application, delivery of notifications, manage smooth communication with applicants, management of future possible resources
Provision of personal information to third parties
1) The company, in principle, does not use or provide personal information beyond the scope of the collection and usage purposes notified in Article 2. However, the following cases are exceptions:
- When the applicants have agreed in advance to public disclosure
- In other cases where it is in good faith deemed required by law (for example: when there is a request from the government/law enforcement agencies as per legal procedures)
2) Even in exceptional cases, if information is provided as required by laws or upon the request of law enforcement agencies, it is a principle to notify the parties concerned. However, there may be cases where notification cannot be made due to legal grounds. We will ensure that information is not provided indiscriminately against the original purpose of collection and use.
3) Moreover, the company will not entrust the applicant's information to external companies without the consent of the applicant. Should such a need arise in the future, we will notify the applicant of the consignee and the content of the consignment and obtain prior consent if necessary.
4) Occasionally, the company may offer job proposals to applicants who have special relationships with the company (subsidiaries, affiliates), and in this case, individual contact is made with the applicants for consent before transferring the application to the respective company.
4 Personal Information Collection and Processing Consignment
To provide enhanced services, your personal information may be entrusted to external parties for processing. In the event of entrusting the processing of personal information, we will inform you in advance.
The entrusted personal information processing companies and their contents are as follows:
· Trustee: (주)MIDAS IT
· Scope of entrustment: Operation of recruitment website and recruitment management computer system and related civil complaints
· Shared Information: Personal information on the job application form
· Retention and use period of shared information: Until the job application form of the hiring company is deleted or the entrustment contract is terminated
Processing and Retention Period of Personal Information
1) As a principle, personal information will be destroyed without delay after the purpose of collecting and using it has been achieved. However, personal information will be retained for a period of time agreed upon at the time of information collection, and for a certain period of time as stipulated by other relevant laws and regulations. However, if the applicant withdraws consent to provide personal information, the relevant personal information will be deleted immediately.
6 Privacy Information Destruction Procedure and Method
1) The personal information of job applicants is, in principle, destroyed without delay once the purpose of processing the personal information has been achieved. The company's personal information destruction procedures and methods are as follows:
2) Destruction procedure
- Information entered by users for job applications, etc., is transferred to a separate DB after the purpose has been achieved (in the case of paper, to a separate file box) and stored for a certain period according to internal policies and other relevant laws (see retention and use period) before being destroyed.
- Such personal information will not be used for any other purpose than retention unless required by law.
3) Destruction method
- Printed personal information is destroyed by shredding or incineration.
- Personal information stored in electronic file format is deleted using technical methods that make it impossible to reproduce the record.
7 Rights, Obligations and Methods of Exercise for Users
1) Personal information provided during job application may be accessed, modified, and deleted freely after identity verification (real-name authentication) until the recruitment process ends.
2) After the completion of the recruitment process, modifications and deletions are not possible. However, if the applicant wishes, they can request deletion by contacting the customer service center or the personal information protection grievance department on the ESTsoft website. The company processes the deleted personal information in accordance with the provisions specified in "Handling and Retention Period of Personal Information Collected by the Company" and ensures that it is not viewed or used for any other purposes.
3) Users must not infringe on their own or another person's personal information and privacy, which are being processed in accordance with this privacy policy, in violation of the Personal Information Protection Act or other related laws.
4) For children under the age of 14, legal guardians have the right to view or modify the child's personal information, and the right to withdraw consent to its collection and use. In such cases, the minimum personal information of the legal guardian can be collected from the child.
8 Technical/Administrative Protective Measures for Personal Information
1) To ensure the security of applicants' personal information and prevent it from being lost, stolen, leaked, altered, or damaged, the company has devised the following technical/administrative measures:
2) Password Encryption
- The password set during company application is encrypted and managed so that only the individual is aware of it, and confirmation and modification of personal information are only possible by the individual who knows the password.
3) Measures against Hacking
- The company is doing its best to prevent applicants' personal information from being leaked or damaged due to hacking or computer viruses. To prepare for any damage to personal information, data is backed up at all times, and the latest antivirus programs are used to prevent applicants' personal information and data from being leaked or damaged. In addition, encrypted communication is used to safely transmit personal information over the network, and an intrusion prevention system is employed to control unauthorized access from the outside. Moreover, we strive to equip all possible technical devices to ensure the security of the system.
4) Minimizing and Training Personal Information Processing Staff
- The company limits the number of staff who handle personal information and assigns separate passwords that are regularly renewed. Continuous training is conducted for the staff, emphasizing the protection of applicants' personal information.
5) Operation of Dedicated Personal Information Protection Organ
- Through in-house dedicated organizations for personal information protection and others, the implementation of the company's personal information handling policy and compliance by responsible persons are verified. Immediate corrections are made to address any issues found. However, the company is not responsible for any problems arising from the user's negligence or internet-related issues, such as the leakage of passwords, social security numbers, or other personal information.
9 Details on the installation and operation of devices that automatically collect personal information such as internet access files, and matters regarding their refusal
'The company' uses cookies to provide personalized services to users.
Cookies are small data files sent by an HTTP server to the user's browser and are stored on the user's device. Cookies may record information about websites used and personal information of users, and this information is shared with the server.
Users can choose to allow all cookies, go through confirmation every time a cookie is stored, or reject the storage of all cookies in the web browser's options (based on IE) by selecting [Tools] > [Internet Options] > [Security] > [Custom Level].
10 Privacy Officer and Related Work Department Information Guide
1) You can report any privacy complaints related to the use of the company's online job application process to the personal information protection officer or the relevant department. The company will provide prompt and adequate responses to users' reports.
2) Personal Information Protection Officer and Personal Information Protection Work Department
-Personal Information Protection Officer : Chief of IT Planning Office
-Related Work Department : Information Security Team
-Telephone : 02-583-4620
-Contact : privacy@estsoft.com
3) If you have any inquiries related to personal information for recruitment, please contact the following related department:
- Responsible Department : People Partner Team
- Email : recruit@estsoft.com
4) Users can apply for dispute resolution or counseling to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency Personal Information Infringement Center, etc., to get a remedy for personal information infringement. For other reports and counseling on personal information infringement, please contact the following institutions:
- Personal Information Infringement Report Center (Operated by Korea Internet & Security Agency) (https://privacy.kisa.or.kr / Dial 118 without a code)
- Supreme Prosecutors' Office Cyber Investigation Department (http://www.spo.go.kr / Dial 1301 without a code)
- Korea National Police Agency Cyber Security Bureau (http://cyberbureau.police.go.kr / Dial 182 without a code)
- Personal Information Dispute Mediation Committee (https://www.kopico.go.kr/)
The Duty of the 11th Hill
1) In the event of additions, deletions, or modifications to the current Privacy Policy, they will be notified through the 'Notices' section of the website at least 7 days prior to the amendment. However, if there are significant changes to user rights such as the collection and use of personal information, or provision to third parties, the changes will be notified at least 30 days in advance.
2) Announcement Date: April 19, 2021
3) Effective Date: April 22, 2021
