Privacy Policy

ISTMC('' hereinafter 'ISTMC website') protects users' personal information and rights and interests in accordance with the Personal Information Protection Act, and has the following policy so that users' complaints can be handled smoothly.

ISTMC('ISTMC Website') will notify users through the website notice (or individual notice) when the company revises the privacy policy.

○ This policy is effective from May 20, 2016.

Purpose of processing personal information

ISTMC('' hereinafter 'ISTMC website') processes personal information for the following purposes. The processed personal information will not be used for any purpose other than the following, and prior consent will be obtained when the purpose of use is changed.
A. Management of suggestions from suppliers and fraud reporting on the website
Personal information is processed to handle grievances and keep records for dispute resolution.
B. Civil complaint handling
Personal information is processed to verify the identity of the complainant, check the complaint, contact and notify for fact-finding, and notify the processing result.
C. Provision of goods or services
Personal information is processed to provide services and verify identity.

Status of personal information files

Personal information file name: Status of personal information collection files
Personal information items: Date of birth, gender, email, mobile phone number, name, access log, cookie
Collection method: Website, written form, phone/fax
Basis for retention: Privacy policy
Retention period: 3 years
Relevant laws: Records on handling consumer complaints or disputes: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)

Consignment of personal information processing

ISTMC('ISTMC Website') entrusts the following personal information processing for smooth personal information processing.
Website operation and maintenance
Consignee: Three Days
Consignment details: System development, operation and maintenance to provide website service
Identity verification
Consignee: Korea Mobile Certification Co., Ltd.
Consignment details: Identity verification service required for job application
When concluding a consignment contract, ('' hereafter 'ISTMC website') clearly states the responsibilities in documents such as contracts such as prohibition of processing of personal information other than the purpose of performing entrusted tasks, technical and administrative protection measures, restrictions on re-entrustment, management and supervision of consignees, compensation for damages in accordance with Article 25 of the Personal Information Protection Act, and oversees the secure handling of personal data by the consignee.
If the contents of the consignment work or the consignee is changed, we will disclose it through this privacy policy without delay.

Rights and obligations of information subjects and how to exercise them

As a subject of personal information, users may exercise the following rights:
The information subject may exercise the following personal information protection related rights at any time toward ISTMC (‘’ or ‘ISTMC website).
Request to read personal information
Request to correct errors, etc.
Request for deletion
Request to stop processing
You may exercise the rights under Paragraph 1 in writing or through e-mail, FAX, etc. in accordance with Form 8 of the Enforcement Rule of the Personal Information Protection Act for ISTMC ('' or 'ISTMC website)', and ('' hereinafter 'ISTMC website') will take action without delay.
If the information subject requests correction or deletion of personal information errors, ('' hereinafter 'ISTMC website') will not use or provide such personal information until correction or deletion is completed.
You may exercise the rights pursuant to Paragraph 1 through an agent such as a legal representative of the information subject or a person who has been delegated. In this case, you shall submit a power of attorney in accordance with Form 11 of the Enforcement Regulations of the Personal Information Protection Act.

Creation of items of personal information to be processed

ISTMC('' hereafter 'ISTMC website') processes the following personal information items:
Required items: Date of birth, gender, email, mobile phone number, name, access log, cookie
If you do not want to provide additional information, it will not be collected, and there will be no disadvantage in use due to non-consent.

Destruction of personal information

In principle, ISTMC('ISTMC Website') destroys the personal information without delay when the purpose of personal information processing is achieved. The procedures, deadlines and methods of destruction are as follows:
Destruction procedure
The information entered by the user is transferred to a separate DB (separate document in the case of paper) after the purpose is achieved and kept for a certain period in accordance with the internal policy and other related laws or destroyed immediately.
At this time, the personal information transferred to the DB will not be used for any other purpose except in cases pursuant to the law.
If the retention period of personal information has elapsed, personal information of users with the destruction period shall be destroyed within 5 days from the end of the retention period. When the personal information becomes unnecessary, such as achievement of the purpose of processing personal information, abolition of the service, or termination of the business, the personal information shall be destroyed within 5 days from the date on which the processing of the personal information is recognized as unnecessary.
Destruction method
Use a technical method that cannot reproduce records for information in the form of electronic files
Shred personal information printed on paper with a shredder or destroy it through incineration.

Measures to ensure the safety of personal information

In accordance with Article 29 of the Personal Information Protection Act, ('ISTMC Website') is taking the following technical/administrative and physical measures necessary to ensure safety.
Regular self-audit
We conduct our own audits on a regular basis (once a quarter) to ensure stability in handling personal information.
Minimization and training of personnel handling personal information
We are carrying out measures to manage personal information by designating employees who handle personal information and limiting them to the person in charge.
Establishment and implementation of internal management plan
We have established and implemented an internal management plan for safe processing of personal information.
Technical measures against hacking, etc.
ISTMC('ISTMC Website') installs a security program to prevent leakage and damage of personal information caused by hacking or computer viruses, etc., regularly updates and inspects it, installs systems in areas where access is controlled from outside, and conducts technical/physical monitoring and blocking.
Storage of access records and prevention of forgery and falsification
We keep and manage the records of access to the personal information processing system for at least 6 months, and use security functions to prevent forgery, alteration, theft, or loss of access records.
Restriction on access to personal information
We take necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and use an intrusion prevention system to control unauthorized access from outside.
Use of locks for document security
We keep documents and auxiliary storage media containing personal information in a safe place with locks.
Access control for unauthorized persons
With a separate physical storage location for personal information, we establish and operate access control procedures.

Privacy Officer

Being responsible for overall personal information processing, ISTMC ('' hereinafter 'ISTMC website) has designated the following privacy officer for complaint handling and damage relief of information subjects related to personal information processing.
▶Privacy officer
Name: Lee Dong-hyun
Position: Head of Personnel Management Team
Title: Director
Contact : 054-604-6145,
You will be connected to the department in charge of personal information protection.

▶ Department in charge of personal information protection
Department Name:
Person in charge:

The information subject may inquire about all inquiries, complaint handling, damage relief, etc. related to protection of personal information that occurred while using the service (or business) of ISTMC (‘’ or ‘ISTMC website)’ to the privacy officer and the department in charge.
ISTMC (‘’ hereinafter ‘ISTMC website) will answer and handle inquiries from the information subject without delay

Request to view personal information
The information subject may make a request for access to personal information pursuant to Article 35 of the Personal Information Protection Act to the following department. (‘’ hereafter referred to as ‘ISTMC website’) will strive to promptly process the information subject’s request to access personal information.

Reception and processing department of personal information access request
Department Name:
Person in charge:

In addition to the department for receiving and processing requests for access under Paragraph 1, the information subject may also request access to personal information through the ‘Personal Information Protection Support Portal’ website ( of the Ministry of Public Administration and Security.
Ministry of Public Administration and Security's Personal Information Protection Support Portal → Personal Information Complaints → Request for access to personal information, etc. (You shall have an I-PIN to verify your identity)

Remedies for Infringement of Rights

The following organizations are organizations separate from . If you are dissatisfied with the results of our own personal information complaint handling and damage relief of ('' hereafter referred to as 'ISTMC website'), or if you need more detailed help, please contact us.

Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
Responsibilities: Report personal information infringement, apply for counseling
Tel: (without area code) 118
Address: (138-950) Korea Internet & Security Agency, Personal Information Infringement Report Center, 135, Jung-daero, Songpa-gu, Seoul

Personal Information Dispute Mediation Committee (operated by Korea Internet & Security Agency)
Responsibilities: Application for personal information dispute mediation, collective dispute mediation (civil settlement)
Tel: (without area code) 118
-Address: (138-950) Korea Internet & Security Agency, Personal Information Infringement Report Center, 135, Jung-daero, Songpa-gu, Seoul

Supreme Prosecutors' Office Cyber Crime Investigation Team: 02-3480-3573 (
National Police Agency’s Cyber Crime Investigation Team: 1566-0112 (

Changes in Privacy Policy

This Privacy Policy is effective from the effective date, and if there are additions, deletions or corrections of changes in accordance with laws and policies, we will notify you through a notice 7 days prior to the enforcement of the changes.