1. Purpose of collection, use, and retention of personal information
Woori Financial Holdings Co., Ltd. (hereinafter referred to as "Woori Financial Holdings") collects, uses and retains personal information based on the purpose of business affairs recognized by relevant laws and regulations, and consent by the data subject. In case of change in the purpose of collection, use, or retention, necessary measures shall be implemented in accordance with the Personal Information Protection Act by, for example, obtaining separate consent from the corresponding data subject, etc.
2. Collection, use, and retention period of personal information
3. Provision of personal information to third parties
Personal information retained by Woori Financial Holdings shall be provided to companies under Woori Financial Group only when allowed by relevant laws and regulations, such as the Financial Holding Companies Act.
4. Consignment of personal information processing
In regard to the consignment of personal information processing, Woori Financial Holdings clearly stipulates compliance with relevant laws and regulations on the protection of personal information, prohibition of provision of personal information to third parties, and scope of liability when providing it to the third parties. At the time of signing a consignment contract on personal information processing, the commissioned party, details of consignment, etc. are disclosed on our webpage.
5. Data subject's rights, obligations and their execution methods
In this case, it is required to submit a power of attorney using the template specified in Attachment No. 11 of the Enforcement Regulations of the Personal Information Protection Act. ⑤ Notwithstanding Paragraph (1), in any of the cases in the following subparagraphs, Woori Financial Holdings may notify the corresponding data subject of it, and may refuse the request for viewing and suspension of processing, etc.
6. Personal information items subject to processing
Woori Financial Holdings handles a customer's name, date of birth, address information, and contact information for business purposes such as personnel management of the executives and employees of Woori Financial Group.
7. Disposal of personal information
The personal information of the data subject retained and used by Woori Financial Holdings is deleted, destroyed or burned when the purpose of retention is achieved or the retention period expires according to relevant laws.
8. Measures to ensure the security of personal information
Woori Financial Holdings has taken the following measures to ensure the security of personal information. • Administrative measures: Establishment and implementation of internal management rules, regular staff training, inspection, etc. • Technical measures: Management of access rights such as personal information processing systems, installation of access control systems, installation of security programs, etc. • Physical measures: Access control for computer room, data archives, etc.
9. Amendment of the personal information processing policy, etc.
10. Damage remedies such as infringement of personal information, etc.
Woori Financial Holdings shall do its best to guarantee damage remedies and rights in case of leaks and rights infringement of personal information. In case of information leakage and infringement of rights, please contact the department below.
11. Details of person responsible for personal information protection
|Category||Person responsible for personal information protection||Person in charge of personal information protection|
|Name||Nor Jin Ho||Yang Kyung Cheol|
|Department||Information Security Department|
* Connects to the relevant department.