- Article 1. Purpose of processing personal information
- Article 2. Personal Information Items
- Article 3. Duration of personal information storage and use
- Article 4. Providing third parties with personal information
- Article 5. Entrusting the processing of personal information
- Article 6. Personal information destruction procedure and method
- Article 7. Customers’ and legal representatives’ rights and exercise thereof
- Article 8. Measures to ensure the security of personal information
- Article 9. Provisions on the installation, operation, and opt-out of the automatic personal information collector
- Article 10. Resolution of complaints regarding the Privacy Officer and privacy
- Article 11. Breach relief
Article 1. Purpose of processing personal information
The Company processes personal information for the purposes specified below. Personal information shall not be used for any purpose other than the following and, if the purposes specified change, the Company will take the necessary measures such as seeking separate consent as per the relevant regulations, e.g., Personal Information Protection Act.
1. Manage buyer servicesIdentify buyers signing up as buyer members and provide customized services
- - Purchased car info, customized manual download, car diagnosis report, and consumables exchange history Warranty repair, car check-up, service and maintenance, emergency assistance service, and workmanship defect correction service
- - Membership sign-up and points information. Customized benefits for buyers and benefits usage history
- - Event participation and gift/DM delivery, service satisfaction survey
- - Regular car check-up and service merchandise and event info
2. Provide services for leadsTest drive service and consulting for leads
- - Professional agents contact leads, identify them, and make arrangements for a test drive
- - Identify leads and potential buyers, professional agents contact leads and help them participate in events and benefit from consultation, send gifts/DM, and service satisfaction surveys
3. Provide services for Genesis Center visitorsProvide visitors to Genesis Centers an opportunity to experience the products and test-drive
- - Arrange visits to Genesis Centers and test drives and conduct service satisfaction survey
Article 2. Personal Information Items
1. Items collected
- The Company processes the following personal information items:
- ① Genesis website member (for managing buyer services)
- - Information for mandatory collection and usage: ID, password, mobile phone number, e-mail address, purchased car information, name, sex, date of birth, national/foreigner classification, service use history, access logs, cookies, access IP info, home address, name and relation of the legal guardian for members younger than 14 years, credit assessment institution's identification number (I-Pin/mobile phone verification number)
- - Optional items: Service description, service requests, service date
- ② Customers requesting test drives/consulting/other events (service for leads)
- - Information for mandatory collection/usage: Name, mobile phone number, e-mail
- ③ Information for mandatory collection/usage from Genesis Center visitors: Name, phone number, e-mail, car model of interest, number of visitors
- - Optional items: Special requests
- If any event and additional personal information should be collected/used, the items of information collected shall be marked mandatory/optional, and the purpose of collection and duration of storage of personal information shall be communicated to the customers on the relevant page or in writing for consent.
2. During Internet service use, the following personal information items may be automatically created and collected:IP address, cookies, service use history, visit history
3. Method of collecting personal information
- Membership sign-up on the homepage (www.genesis.com) and service use, writing, e-mail, phone, test drive/consulting and participation in other events, etc.
- ※ The aforementioned information includes the personal information collected as well as information updated later.
Article 3. Duration of personal information storage and use
1. The company stores and uses the personal information of the customers from the time it is collected to the time the purpose of collection and use is accomplished and destroys the same information as soon as the purpose of collection and use is accomplished.
2. Note, however, that the Company shall store the personal information of the customers if relevant regulations including the Commercial Act so require. In this case, the Company shall store the information for the purpose it is stored, and the duration of storage shall be as follows:
- - Records of agreement or cancellation thereof: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- - Records of payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- - Records of resolving consumer complaints or disputes: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- - Records of collection/processing and use of credit information: 3 years (Credit Information Use and Protection Act)
- - Records of service use, access logs, access IP information: 3 months (Protection of Communications Secrets Act)
- ※ Based on the "personal information validity system," the personal information of members with no history of use for 1 year is separately stored.
Article 4. Providing third parties with personal information
The Company does not provide third parties with personal information of the members signing up on our website. Note, however, that exceptions apply in any of the following situations:
1. The customer has given prior consent;
2. There are special legal regulations allowing it; or
3. The investigation authorities so require as per the procedures and methods specified in the laws for investigation purposes
Article 5. Entrusting the processing of personal information
The Company entrusts part of the business required to provide services to external service providers with which the Company signs a trust agreement to ensure that they comply with privacy-related laws, protect privacy, refrain from sharing the information with third parties, assume appropriate responsibility if an incident occurs, manage the information for a set term, and return or destroy the information after the term.
※ The list of service providers may be updated as the services and agreement terms concerned change, and such will be communicated by the Company whenever this happens.
Personal information of the website members
|Trustee||Description of tasks entrusted|
|Nice Evaluation Information Co.,Ltd||Mobile phone identity verification|
|Hyundai Autoever Co.,Ltd, Innocean Worldwide Co.,Ltd||System maintenance/repair/development/customer data management|
|Aserve Co.,Ltd||Customer interactions|
|Hyundai Motor dealership||Car purchase consulting|
|Salesforce.com,inc. , GMCom Co., Ltd||Genesis Gangnam test drive/appointment DB server management, event SMS messaging|
|Premium Pass International Co., Ltd||Winner selection and information service, e.g. guides, etc.|
|Hyundai Autoever||SMS messaging assignment|
|Q Plan||Event and gift sending|
|Markbe Corp||Printout delivery|
|Mog Communications, Innocean Worldwide Co.,Ltd, Q Plan, Markbe Corp., Premium Pass International, GMCom Co.,Ltd, Avex Co., Ltd, Mog Communications Co., Ltd||Customer event operations and information TM, mail and gift sending/delivery, event gifts (electronic), event operation|
|Hyundai Autoever, Dooribun Co., Ltd||Participating customer event identity verification system development and operation, and DB server management and SMS delivery|
Article 6. Personal information destruction procedure and method
In principle, the Company shall destroy any personal information whose purpose of collection and use is accomplished,
unless laws require that such information be stored.
The information destruction procedure and method are as follows:
1. Destruction procedure
- - The personal information provided by the customer is transferred to a separate DB once the purpose of its collection and use is accomplished (separate document compartment for paper documents) and stored for the specified period of storage as per the privacy protection grounds based on internal policies and other relevant regulations and destroyed thereafter.
- - The personal information transferred to a separate DB shall not be used for purposes other than those specified by laws.
2. Destruction method
- - The personal information stored in electronic files shall be deleted by means of a technical method that does not allow reversal.
- - Paper containing personal information shall be shredded or incinerated.
Article 7. Customers’ and legal representatives’ rights and exercise thereof
1. The customer or his/her legal representative (for members under 14 years of age) may withdraw consent to the Company's collection, use, and provision of personal information at any time.
2. The customer or his/her representative may require the Company to provide access to provide and correct any error found in the representative's or the minor's (under 14 years of age) personal information.
3. The Customer may exercise the aforementioned right by accessing the Company's website, verifying his/her identity and using the online personal information management menu, or offline via contacting the customer center or the Company's personal information manager in writing or by phone or e-mail.
4. If the Customer asks the Company to correct any error found in his/her personal information, the Company shall stop using and providing the personal information concerned until the error is corrected. If such information has already been provided for any third party, the Company shall notify the third party without delay to make the necessary correction.
Article 8. Measures to ensure the security of personal information
※ Technical/Managerial security measures for personal information
To prevent loss, theft, disclosure, alteration, or damage of the customer’s personal information, the Company shall take the following technical/managerial measures:
1. Technical measures
① Encryption of personal information
The valuable personal information of our customers is encrypted in the DB so that any information disclosed due to an outside attack may not be utilized.
② Communication section encryption
When a customer signs up for membership on the website, the section of communication through which the customer information passes is protected by SSL to ensure that the customer information is secured.
③ Installation of security solutions
To ensure that our services are provided and customer information is managed in a secure manner, the Company installs anti-virus programs for the personal information processing system and regularly updates and maintains it, and applies DB encryption solutions and screen capture prevention solutions. In addition, the Company installs an intrusion blocking/detection system to protect against intrusion, e.g., hacking, and uses the integrated security management center to monitor for hacking and other intrusions.
2. Managerial measures
① Establishing the personal information management system
The Company has in place an internal personal information management system to ensure that personal information is securely managed.
② Operation of the personal information protection committee
The Company operates the personal information protection committee, which holds at least 2 meetings yearly to discuss and resolve issues related to the operation of the personal information management system and privacy.
③ Responsibility of the personal information manager
The Company has a personal information manager for the processing of personal information, who signs the personal information protection agreement and trains staff on privacy to highlight the importance of customer privacy and ensure security. In addition, the Company manages the privileges of the personal information manager to minimize access to and disclosure of customers' personal information.
Article 9. Provisions on the installation, operation, and opt-out of the automatic personal information collector
1. Purpose of using cookies
2. How to opt out of cookies
- - To accept or opt out of cookies, the Customer may select the corresponding web browser option to accept all cookies, be asked about acceptance each time a cookie is stored, or opt out of all cookies.
- - If, however, the customer opts out of cookies, some services requiring log-in may become unavailable.
- ※ Setup example (for Internet Explorer): Upper part of the web browser Tools > Internet Options > Personal Information > Advanced > Select Option
Article 10. Resolution of complaints regarding the Privacy Officer and privacy
1. To protect the customer’s personal information and resolve complaints regarding privacy, the Company has designated the following department and Privacy Officer:
- - Name: Hongseok Um
- - Department: Genesis Brand Strategy Office Head
- - Position: Director Designate
- - Telephone: 080-700-6000
- - Name: Soyoun Lee
- - Department: Genesis Communication Team
- - Position: Assistant Manager
- - Telephone: 080-700-6000
Article 11. Breach relief
In case of any personal information breach, the information subject may contact the organizations below for relief and counseling. The organizations below are independent from the Company. If you are not satisfied with the Company’s solution to the personal information-related grievances or relief measures, you may contact the following organizations: