MIDAS USER Privacy Policy

MIDAS IT complies with applicable laws, personal information protection regulations and guidelines of the Republic of Korea, which must be obeyed by information communication service provider such as Promotion of Information and Communications Network Utilization and Information Protection Act, Protection of Communications Secrets Act and Telecommunications Business Act, making the best efforts in protecting user's rights by specifying privacy policy in accordance with relevant regulations.

1. What is Privacy Policy?

MIDAS IT Co., Ltd. (hereinafter referred to as the “Company”) is ‘collecting, using and providing personal information based on a consent’ from a user, and is ‘actively ensuring the user’s right (self-determination for personal information)’. The Company complies with the relevant laws and regulations of the Republic of Korea, privacy regulations and guidelines which shall be abided by a telecommunications service provider. “Privacy Policy” refers to a guideline the Company is required to follow in order to ensure that the user uses the services without anxiety by protecting the user’s valuable personal information. This Privacy Policy applies to MIDAS IT service (www.midasMECH.com, www.midasMECH.com, www.midasBRIDGE.com, www.midasSTRUCTURE.com, www.midasGEOTECH.com).

2. Collection of Personal Information

The minimum amount of personal information required for the provision of the service is being collected. In the process of the sign-up for membership or the use of the service, the Company is collecting the minimum amount of personal information required to provide the service through a separate application or program as follows:

The following personal information is being collected:
- Required information: the information needed for carrying out essential function of the service
- Optional information: the information to be additionally collected for providing more specialized service. (Use of service shall not be restricted even if you do not enter the optional information)

[To sign up for membership and use the service]

- Required: email, ID, password, name, mobile number, country, company name, position, service use history.

[To verify one's identity]

- Name, email, mobile number, encrypted user verification value (CI), duplicate information (DI)

[To purchase products and use paid-services]

- Payment by credit card: card number (partial), name of a card company, etc. - Payment by wire transfer: name of an account holder, account number, etc.

[To issue cash receipt]

- Mobile number, cash receipt, card number.

[To send inquiries and use Customer Center]

- Required: name, company name, country, mobile number, company email, department, position, contents of inquiries

In order to provide more specialized functions, additional personal information may be collected in some services upon consent from the user in addition to the information commonly collected by the Company’s service.
When collecting the personal information, the Company makes sure to inform the user in advance and request for the user’s approval. The personal information is being collected in the following ways:

- When the user consents to the collection of his/her personal information and directly fills in such information in the process of signing up for membership and using the service;
- When the personal information is provided through partnership services or from other entities;
- When the information such as web page, email, fax and telephone number is collected in the course of counseling through customer center; and
- When participating in events on/offline.

The personal information to be collected from the user in using the service is as follows:

- Data including device information in the process of using PC web, mobile web/application (OS, screen size, device ID, mobile phone model, device model), IP address, cookie, access time, history of unjust usage, service use history may be automated created and collected.

3. Use of Personal Information

The Company uses the personal information for the following purposes including managing membership, providing and improving customized services, calculating fees incurred for the services, developing new services, and providing information for service-related events and promotion; provided, however, that the Company shall not use the member’s personal information if the member has expressed his/her intention that he/she does not want to provide the information for service-related events and promotion. The Company shall not be held liable for any disadvantage that may arise to the member as a result thereof.

- To identify the member and confirm his/her intention to join the membership; to check the member’s identification and age; and to prevent unjust usage
- To develop new services and provide multiple services; to handle inquiries and complaints; and to deliver notification
- To send and deliver contents and invoices for paid services
- To calculate and collect fees for paid services
- To prevent and restrict any act that may disrupt smooth operation of the service (including account stealing and unjust usage)
- To suggest customized contents based on demographic characteristic, the user’s interest, preference and tendency and to utilize them in marketing activities
- To provide voice recognition and one-to-one services
- To compile statistics on service use history and access frequency; and to establish service environment in terms of privacy protection and use it to improve service qualities.
- To introduce the Company’s existing and new services (products) by utilizing email information for the members who have consented to the use of events and promotional information when signing up for membership; and to deliver related events and promotional information and provide opportunities to participate.

4. Provision of Personal Information

The Company shall not provide the user’s personal information to any third party unless separately approved by the user or otherwise stipulated in the laws and regulations; provided, however, that if the user has given approval within the extent required for the use of services including the ones of external affiliates, such personal information is provided to the third party.

The following tasks are being outsourced in order to provide the services.

The personal information is being assigned to an external company which carries out parts of the required tasks in providing the service. The Company is directing and supervising such company to comply with relevant laws and regulations.

Entrusted Company Details of Entrusted Tasks Duration of Using Personal Information
Hubspot Operation and management of the services Upon withdrawal of membership or termination of consignment agreement

5. Destruction of Personal Information

The personal information shall be destroyed upon achievement of the purposes of collecting and using it, and the procedures and methods for destruction is as follows.
The personal information stored in the form of an electronic file will be deleted so that such information shall not be restored and reproduced. Other records, print-outs, written documents will be shredded and incinerated; provided, however, that the data that will be stored for a certain period of time in accordance with internal policy are as follows:

Records to be Retained / Period of Retention Grounds of Retention
Records on agreement and withdrawal / 5 years Act on the Consumer Protection in Electronic Commerce, etc.
Records on payment and product supplies, etc. / 5 years
Records on consumer complaints or dispute handling / 3 years
Records on marks/advertisement / 6 months
Books and evidential documents on all transactions as specified in tax law / 5 years Framework Act on National Taxes
Records on electronic financial transactions / 5 years Electronic Financial Transactions Act
Records on log-in history in connection with the use of the service / 3 months Protection of Communications Secrets Act

6. User’s Rights

The user (legal representative in case of a child under the age of 14) may at any time access and modify his/her personal information, and make a request for the withdrawal of the consents to the collection/usage or the termination of the membership.
More specifically, modification of membership information or withdrawal of membership is available through service settings. If you request through customer center in writing or via phone call or email, we will take measures without delay. If requested for the correction of the personal information, such personal information will not be used nor be provided until such correction is made. Further, we are offering the page which is aimed at protecting the user’s right pursuant to the ‘Guidelines of Personal Information Protection for Online Customized Advertisement’.

We sometimes use cookies to provide web-based services.

Cookies are used to support faster and easier use of websites and to provide customized services.

What is a cookie?

A cookie is a small piece of text file which is sent out from a server used for the operation of websites to the user’s browser and is stored on the user’s computer.

Purpose of using cookies

To provide one-to-one and customized services, we use cookies that store and retrieve the user’s information from time to time. When the user visits the website, its server reads the cookies that are stored in the user’s device and maintains the user’s setting and provides customized services. Cookies help the user access the website with previously set up environment while using the website with ease. Further, the cookies are utilized to provide optimized advertisement and customized information by using the user’s website visits history and the forms of using it.

Refusal of collecting cookies

Cookies do not store personal identification information including the name and telephone number, and the user may have an option for setting cookies. Thus, the user may allow all cookies, or go through verification process whenever the cookies are stored, or otherwise reject the storage of all cookies by setting an option in the web browser. However, when the user rejects the installation of the cookies, the user may have difficulties in using the web services and in using some parts of the services that require login process.

Setting method

1) For Internet Explorer : Tool menu at the top of the web browser > Internet options > Personal data > Setting
2) For Chrome : Setting menu at the right side of the web browser > Advance setting mark at the bottom of the screen > personal data consents setting button > Cookie

The Company follows European Union General Data Protection Regulation (GDPR) and the laws of each member country.

In case of providing the service for users within the European Union, the following details may apply.

[Purpose and Grounds for Handling Personal Information]

The Company uses the collected personal information for purposes specified in “3. Use of Personal Information’ only, and the Company asks for consents from the user in advance. Also, the Company may handle the user’s personal information in any of the following cases in accordance with the applicable laws including GDPR.

- Consent from principals of information
- For entering into an agreement with the principal of information and executing the agreement.
- For fulfilling legal obligations
- When required for material benefits of the principal of information
- For pursuing legitimate profits of the Company (except when the benefit, right, or freedom of the principal of information is more significant than such profits)

[Guaranteeing Rights for Users in the EU]

The user may request a transfer of his/her personal information to the other operator in accordance with the applicable laws including GDPR, and may request to refuse the management of his/her personal data. The user shall have a right to raise complaints against authorities having rights to the personal data. Further, the Company may utilize the personal information for providing marketing activities including promotional events and advertisement, and the Company asks for consents from the user in advance. The user may withdraw the consents at any time whenever he/she does not want the personal information to be utilized.
If you request through customer center in writing or via phone call or email, we will take measures without delay. If requested for the correction of the personal information, such personal information will not be used nor be provided until such correction is made.

7. Miscellaneous

Any inquiries on the protection of personal information?

For any inquiry, complaint, advice or other matters in connection with the personal data protection arising while using the services, please contact to a staff member and department in charge of protecting personal information. The Company will exert our fullest effort to listen to your voice and provide rapid and sufficient answers.

Staff (CPO) and Department in Charge of Protecting Personal Information.
Chiwon Kim(Affiliation: Information Committee) Tel: 031-789-2089, Email: cwkim@midasit.com

When Modifying Privacy Policy

This Privacy Policy may be modified for purposes such as to reflect changes in laws or services. In case of modification to the Privacy Policy, the Company shall post such modification, and the modified Privacy Policy shall be effective seven (7) days following the date of its posting; provided, however, that for any material modification to the rights of the user such as changes in items of personal information to be collected and the purposes of using it, the Company will give at least thirty (30) days prior notice.

- Date of announcement: October 28, 2019
- Effective date: October 28, 2019

8. Anti-Email Collection

Any unauthorized collection of emails posted on this website through email collection programs or other technical devices are hereby refused, and any violation thereof shall be subject to criminal penalties under the Act on Promotion of Utilization of Information and Communications Network.