Privacy Policy

OmniOne Open DID has established and disclosed the following Personal Information Processing Policy in accordance with the relevant laws under the Personal Information Protection Act to protect users' personal information and rights, and to smoothly handle any complaints related to personal information.

 

Article 1 (Categories of Personal Information Collected and Retention Period)

OmniOne Open DID collects and processes the following categories of personal information.

Main Category

Subcategory

Items Collected

Purpose of Collection

Retention Period

Inquiry Response

Support

[Required] Name, Email

To respond to inquiries

Deleted immediately after responding to inquiry

Service Usage

OmniOne Open DID Community

[Required] Name, Nationality, Email

Identity verification, membership management, inquiry response, user activity statistics

Deleted immediately upon service termination

Other

During internet usage, the following information may be automatically collected:
IP address, Cookies, MAC address, service usage records, visit logs

  1. A. Records related to transactions under the Act on the Consumer Protection in Electronic Commerce

    • ① Records on advertisements and displays: 6 months

    • ② Records on contracts, cancellations, payment, and supply of goods: 5 years

    • ③ Records on consumer complaints or dispute resolution: 3 years처리

  2. B. Retention of communication confirmation data under the Protection of Communications Secrets Act

    • ① Subscriber’s telecommunications time, start/end time, counterpart’s subscriber number, frequency of use, location tracking data of the originating base station: 1 year

    • ② Computer communication, internet log records, access tracking data: 3 months

 

Article 2 (Destruction of Personal Information)

  1. ① OmniOne Open DID will promptly destroy personal information without delay when the retention period expires or the purpose of processing has been achieved, making the information unnecessary
  2. ② If personal information must be retained beyond the agreed retention period or the purpose of processing has been achieved, as required by other laws, the information will be stored separately in a different database (DB) or storage location.
  3. ③ The procedure and method for destroying personal information are as follows:

    • i. Destruction Procedure: OmniOne Open DID selects personal information subject to destruction and, with the approval of the personal information protection officer, proceeds with destruction.

    • ii. Destruction Method: Personal information stored in electronic files is destroyed in a way that makes the records unrecoverable, while personal information stored in paper documents is destroyed by shredding or incineration.

 

Article 3 (Provision of Personal Information to Third Parties)

  1. ① OmniOne Open DID processes personal information of data subjects only within the scope specified in Article 1 (Purpose of Processing Personal Information). Personal information will only be provided to third parties with the consent of the data subject or in accordance with the special provisions of law as specified in Articles 17 and 18 of the Personal Information Protection Act.
  2. ② OmniOne Open DID does not provide personal information to third parties.

 

Article 4 (Outsourcing of Personal Information Processing)

  1. ① OmniOne Open DID does not outsource any personal information processing tasks.
  2. ② In the event that outsourcing contracts are established, OmniOne Open DID will specify in written documents, including contracts, the prohibition of processing personal information for purposes other than the performance of the contracted work, technical and managerial protective measures, restrictions on re-outsourcing, management and supervision of the trustee, and responsibilities for damages, in accordance with the Personal Information Protection Act. OmniOne Open DID will supervise whether the trustee processes personal information safely.
  3. ③ In the event that the contents of the outsourced work or the trustee changes, OmniOne Open DID will promptly disclose this information through this Personal Information Processing Policy.

 

Article 5 (Rights and Duties of Data Subjects and Legal Representatives, and Methods of Exercise)

  1. ① Data subjects may exercise their rights, including the right to access, correct, delete, or request the suspension of processing their personal information, at any time against OmniOne Open DID.
  2. ② The exercise of rights under paragraph 1 can be made to OmniOne Open DID in writing, via email, fax, etc., in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act, and OmniOne Open DID will take action without delay.
  3. ③ The rights under paragraph 1 can also be exercised through a legal representative or an authorized person. In this case, a power of attorney in accordance with Form 11 of the “Notice on Methods of Processing Personal Information” must be submitted.
  4. ④ Requests for access to personal information and suspension of processing may be restricted under Articles 35 and 37 of the Personal Information Protection Act.
  5. ⑤ Requests for correction and deletion of personal information may not be granted if the information is specified as subject to collection under other laws.
  6. ⑥ OmniOne Open DID verifies whether the individual making requests for access, correction, deletion, or suspension of processing is the data subject or a legitimate representative.

 

Article 6 (Measures to Ensure the Security of Personal Information)

OmniOne Open DID takes the following measures to ensure the security of personal information:

  1. 1. Administrative Measures

    • A. Establishment and implementation of an internal management plan. Minimization of personal information handlers and regular staff training.

    • B. Access control through granting, changing, and revoking access rights to the personal information processing system.

    • C. Compliance with security pledges by all employees.

  2. 2. Technical Measures

    • A. Management of access rights to the personal information processing system and related resources.

    • B. Implementation and operation of antivirus programs and various security solutions.

    • C. Protection of user personal information through passwords, and encryption of files and transmitted data.

    • D. Storage of access logs and prevention of tampering.

  3. 3. Physical Measures

    • A. Designation of key protection areas as controlled or restricted zones.

    • B. Control of access by unauthorized individuals to protected areas such as offices and data processing rooms.

    • C. Monitoring through the installation of CCTV.

 

Article 7 (Installation and Operation of Automatic Personal Information Collection Devices and Refusal)

  1. ① OmniOne Open DID uses cookies to store and retrieve usage information in order to provide users with personalized services.
  2. ② A cookie is a small amount of information sent from the server (HTTP) operating the website to the user's computer browser and may be stored on the user's PC hard disk.

    • A. Purpose of Using Cookies: Cookies are used to understand users' visit and usage patterns for each service and website they visit, popular search terms, security connection status, etc., in order to provide optimized information to users.

    • B. Installation, Operation, and Refusal of Cookies: Users can refuse the storage of cookies by adjusting the options in the Internet Options menu found under Tools > Internet Options > Privacy in the web browser.

    • C. Consequences of Refusing Cookie Storage: Refusing to store cookies may lead to difficulties in utilizing personalized services.

 

Article 8 (Personal Information Protection Officer)

  • ① OmniOne Open DID has designated a Personal Information Protection Officer to oversee and be responsible for personal information processing activities and to handle complaints and remedies related to the processing of personal information. The details are as follows:

Category

Personal Information Protection Officer

Personal Information Protection Manager

Department/Name

Director Kang In-kyu, Service Technology Research Institute

Team Leader Cha Young-rok, IT Planning/Operations Team

Email

privacy@raoncorp.com

  • ② Data subjects may contact the Personal Information Protection Officer or the relevant department regarding any inquiries, complaints, or remedies related to personal information protection that arise while using OmniOne Open DID's services. OmniOne Open DID will respond to and address the inquiries of data subjects without delay.

 

Article 9 (Remedies for Infringement of Rights)

Data subjects may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Reporting Center, etc., to seek remedies for personal information infringements. For other reports or consultations regarding personal information infringements, please contact the institutions listed below:

  1. 1. Personal Information Dispute Mediation Committee: (No area code) 1833-6972 (www.kopico.go.kr)
  2. 2. Personal Information Infringement Reporting Center: (No area code) 118 (privacy.kisa.or.kr)
  3. 3. Supreme Prosecutors' Office: (No area code) 1301 (www.spo.go.kr)
  4. 4. Korea National Police Agency: (No area code) 182 (https://ecrm.police.go.kr)

 

Appendix

The Personal Information Processing Policy of OmniOne Open DID will be updated promptly through notifications on the website and other means in the event of any additions, deletions, or modifications due to changes in relevant laws, guidelines, or internal personal information management policies.

 

Personal Information Processing Policy Version Number: 1.0

Effective Date of Personal Information Processing Policy: September 12, 2024

© OMNIONE.LTD All rights reserved.