Bixolon Co., Ltd. (hereinafter referred to as the “Company”) regards the protection of personal data of customers who use printing solution and all related services (hereinafter referred to as “Services”) as very important, and the Company complies with applicable laws and regulations such as GDPR, law on protection of personal data.
Article 1 (Items of Personal Data and Method of Collection)
① The Company collects the following personal data.
- When registering in VOC: No personal data
- When collecting data for marketing purpose: Name, e-mail address, company name, position
② The Company collects personal data through the methods listed below.
- Entering via ‘Subscribe’ page and event pages
- Collection at publicity events such as exhibitions
- Collection via Company SNS
Article 2 (Purpose of Collection and Use of Personal Data)
① The Company uses collected personal data of customers for membership services provision, improvement, and the development of new services, etc.
- Technical support, purchase and delivery, etc. according to customer’s request
- Provision of various services such as new service development
- Handling of inquiry and complaint, notification
- Use for checking event participation, marketing and advertisement, etc.
- Use of statistics on service usage history, access frequency and service utilization, establishment of service environment in terms of privacy protection, and service improvement
Article 3 (The Disposal of Special Categories of Personal Data)
The Company shall not collect any sensitive personal data (such as race or ethnic origin, ideology, creed, birthplace, domicile, political propensity and criminal record, health status and sex life) that may be of concern to the customers’ basic human rights violations, but inevitable when the Company must collect the data, the Company must get the customers’ prior consent.
Article 4 (Term of Retaining and Use of Personal Data)
① The personal data of customer is destroyed when the purpose of collecting personal data is achieved as follows. However, when there is a need to maintain the personal data for reason such as the confirmation of rights and obligations related to transactions, etc. for a certain period of time in accordance with the relevant laws, such as the law on consumer protection in electronic commerce transactions, commercial law, the Company may maintain the customer’s personal data.
In the case of VOC-related data : 1 year after achieving the purpose
Records on contracts and withdrawal, etc.: 5 years
Records on payment and supply of goods, etc.: 5 years
Records on consumer complaints or disputes: 3 years
② When customer requests access to the data which the Company retains with the customer’s consent such as transaction data, etc., the Company shall take measures to ensure that it can be accessed and confirmed.
Article 5 (Customer’s Rights and Methods to Execute Customer’s Rights)
Customer has the right, at any time, to access or rectify his/her personal data, and customer may request to erase the data. the Company shall take measures if customer contacts the data protection officer by writing, telephone or e-mail after the identity verification process. If customer requests rectification of an error in personal data, the Company will not use or provide the personal data until the rectification is completed. In addition, if wrongful personal data has already been provided to a third party, the result of rectification will be notified to the third party so that the rectification can be made. The Company treats personal data that has been erased at customer’s request as described in “Term of Retaining and Use of Personal Data” and prohibits the data from being accessed or used for other purposes.
If customer exercises ‘right to object’ on data collected for marketing purposes by the Company, the Company immediately ceases processing the personal data. Notwithstanding, the Company may process personal data if the Company can demonstrate that its compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the data subject, or if the processing is for the determination, exercise or defense of legal claims.
Article 6 (Outsourcing of Processing of Personal Data)
① In order to improve the service, if necessary, the Company may outsource the process of collection, processing, and management of the customer’s personal data with legal requirements such as customer’s consent, and provide it to a third party. The Company is outsourcing the tasks related to the processing of personal data as listed below and stipulates necessary details for personal data to be managed safely during outsourcing in accordance with relevant laws and regulations. Also, sharing data is limited to the minimum amount needed to fulfill that purpose. Also, sharing data is limited to the minimum amount needed to fulfill that purpose.
② The Company outsources handling of personal data in the following manner:
|Outsourced Company||Outsourced Work|
|Bixolon Europe GmbH||Personal information||Marketing||Refer to Article 4|
③ The Company provides customer’s data to a third party in the following manner:
Article 7 (Processing of Children’s Personal Data)
The Company does not process personal data of children under 14 (In Europe, children under16). The Company may verify the age at the time of collecting personal data.
Article 8 (Data Protection Officer)
The Company has designated customer center and a data protection officer to protect the personal data and cope with relevant complaint.
① [Customer Center] Telephone: +82-31-218-5559 / E-mail: GDPR@bixolon.com
② [Data protection officer] Name: Kim, SeungYong/ Department: Technology Planning Team
③ For reports or consultations on infringements of privacy rights, please contact the following organizations:
1. Republic of Korea
|KISA Privacy Center||privacy.kisa.or.kr / 118|
|Supreme Prosecutors’ Office of the Republic of Korea||www.spo.go.kr / 1301|
|Cyber Terror Response Center||cyberbureau.police.go.kr / 182|
2. Other Countries