LINE Financial Corp. (hereinafter referred to as the "Company,” which includes https://www.linefinancialcorp.com/ and https://careers.linecorp.com/), complies with the relevant legal regulations related to the protection of personal information, including the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Telecommunications Secrecy Protection Act, the Telecommunications Business Act, and other applicable laws. The Company has established a personal information processing policy in accordance with these laws to ensure the protection of the rights and interests of data subjects. The Company's personal information processing policy includes the following:
1. Purpose of Personal Information Processing, and Personal Information to Be Collected
2. Third-Party Provision of Personal Information
3. Outsourcing of Personal Information Processing
4. Personal Information Processing and Retention Period
5. Procedure and Method for Personal Information Destruction
6. Rights and Obligations of Data Subjects and Their Exercise Methods
7. Measures to Ensure the Security of Personal Information
8. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
9. Contact Information for the Personal Information Protection Officer
10. Miscellaneous
11. Changes to the Privacy Policy
2. Third-Party Provision of Personal Information
3. Outsourcing of Personal Information Processing
4. Personal Information Processing and Retention Period
5. Procedure and Method for Personal Information Destruction
6. Rights and Obligations of Data Subjects and Their Exercise Methods
7. Measures to Ensure the Security of Personal Information
8. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
9. Contact Information for the Personal Information Protection Officer
10. Miscellaneous
11. Changes to the Privacy Policy
1. PURPOSE OF PERSONAL INFORMATION PROCESSING, AND PERSONAL INFORMATION TO BE COLLECTED
Firstly, the Company collects the following personal information for purposes including job application, recruitment process, application modification, verification of qualifications, notification of application results, responding to inquiries related to job applications, ensuring smooth communication with job applicants, ongoing job offers, and confirmation of employment protection eligibility.
- Mandatory Information: Name, password for application modification, email address, phone number (both mobile and landline), date of birth, gender, nationality, educational background (school name, enrollment/graduation date, major, minor, GPA, graduation classification), employment history (company name, department, job duties, employment period, employment type), military service information, and veteran status (including veteran ID if applicable), disability information
- Optional Information: Employment history (for fresh graduates), qualifications, awards, language skills, portfolio
- Others: Information related to external referrals, reference check information (applicable to those concerned).
Furthermore, depending on the applicant's country, additional information may be collected in accordance with that country's specific requirements.
Secondly, during the process of using services or conducting business operations, the following information may be automatically generated and collected.
- Information such as the type of browser and operating system used by the data subject, browsing history (IP address, access time), and cookies
- Additionally, during the reception and response process for job applications and partnership proposals, contact information such as email addresses and phone numbers (both mobile and landline) may be collected as identification information based on the method of contact.
The Company collects personal information through user input on the website, and in some cases, information may also be collected in the form of printed documents or via email.
- Mandatory Information: Name, password for application modification, email address, phone number (both mobile and landline), date of birth, gender, nationality, educational background (school name, enrollment/graduation date, major, minor, GPA, graduation classification), employment history (company name, department, job duties, employment period, employment type), military service information, and veteran status (including veteran ID if applicable), disability information
- Optional Information: Employment history (for fresh graduates), qualifications, awards, language skills, portfolio
- Others: Information related to external referrals, reference check information (applicable to those concerned).
Furthermore, depending on the applicant's country, additional information may be collected in accordance with that country's specific requirements.
Secondly, during the process of using services or conducting business operations, the following information may be automatically generated and collected.
- Information such as the type of browser and operating system used by the data subject, browsing history (IP address, access time), and cookies
- Additionally, during the reception and response process for job applications and partnership proposals, contact information such as email addresses and phone numbers (both mobile and landline) may be collected as identification information based on the method of contact.
The Company collects personal information through user input on the website, and in some cases, information may also be collected in the form of printed documents or via email.
2. THIRD-PARTY PROVISION OF PERSONAL INFORMATION
The Company uses personal information within the scope notified in "1. Purpose of Personal Information Processing and Collection Items" and does not exceed this scope or generally disclose the personal information of data subjects to external parties without the data subject's prior consent. However, exceptions apply in the following cases:
- When the data subject has given separate consent.
- When there is a specific provision in the law or it is necessary to comply with legal obligations.
- When it is deemed necessary for the urgent interests of the life, body, or property of the data subject or a third party.
- When it is urgently necessary for public hygiene, public safety, etc.
The Company allows access to job application details to companies with a special relationship with the Company (subsidiaries, affiliated companies, overseas corporations, etc.) in order to provide ongoing job offers to job applicants. The details are as follows.
1. Recipients of Personal Information
- LINE PLUS Corporation, LINE BIZ PLUS Corporation, LINE NEXT Corporation, LINE STUDIO Corporation, IPX Corporation, LINE PLAY Corporation, LINE PAY PLUS Corporation, LY Corporation, LINE FRIENDS INC., LFG HOLDINGS LIMITED, LINE Bank Taiwan Limited, LINE Company (Thailand) Limited, LINE Man (THAILAND) Company Limited, RABBIT-LINE PAY COMPANY LIMITED, LINE FRIENDS Taiwan Limited, LINE Pay Taiwan Limited, LINE Taiwan Limited, PT. LINE PLUS INDONESIA, LINE Investment Technologies 株式会社 韓国支店, LINE NEXT Inc. LINE Man Corporation PTE. LTD, LINE VIETNAM COMPANY LIMITED
2. Purposes of Personal Information Use by Recipients
- Ongoing job offers, management of the recruitment process, ensuring smooth communication with applicants, personnel management
3. Personal Information Items Provided
- All application details
4. Retention and Use Period of Personal Information by Recipients
- 5 years
- When the data subject has given separate consent.
- When there is a specific provision in the law or it is necessary to comply with legal obligations.
- When it is deemed necessary for the urgent interests of the life, body, or property of the data subject or a third party.
- When it is urgently necessary for public hygiene, public safety, etc.
The Company allows access to job application details to companies with a special relationship with the Company (subsidiaries, affiliated companies, overseas corporations, etc.) in order to provide ongoing job offers to job applicants. The details are as follows.
1. Recipients of Personal Information
- LINE PLUS Corporation, LINE BIZ PLUS Corporation, LINE NEXT Corporation, LINE STUDIO Corporation, IPX Corporation, LINE PLAY Corporation, LINE PAY PLUS Corporation, LY Corporation, LINE FRIENDS INC., LFG HOLDINGS LIMITED, LINE Bank Taiwan Limited, LINE Company (Thailand) Limited, LINE Man (THAILAND) Company Limited, RABBIT-LINE PAY COMPANY LIMITED, LINE FRIENDS Taiwan Limited, LINE Pay Taiwan Limited, LINE Taiwan Limited, PT. LINE PLUS INDONESIA, LINE Investment Technologies 株式会社 韓国支店, LINE NEXT Inc. LINE Man Corporation PTE. LTD, LINE VIETNAM COMPANY LIMITED
2. Purposes of Personal Information Use by Recipients
- Ongoing job offers, management of the recruitment process, ensuring smooth communication with applicants, personnel management
3. Personal Information Items Provided
- All application details
4. Retention and Use Period of Personal Information by Recipients
- 5 years
3. OUTSOURCING OF PERSONAL INFORMATION PROCESSING
A. The Company outsources the processing of personal information as follows to enhance services and ensure smooth business operations. Necessary provisions are made in accordance with relevant laws and regulations to ensure the secure management of personal information in outsourcing contracts.
The Company entrusts the processing of personal information to subcontractors (including cases of re-subcontracting), and the details of the entrusted tasks are as follows.
[Third-Party Companies: NAVER CLOUD Inc., LINE PLUS Inc.]
1. Outsourced Tasks
- Website development and maintenance, system operation for service provision
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
[Third-Party Companies: Reference Check Korea Inc., Wecruit Corporation]
1. Outsourced Tasks
- Reference checks (limited to relevant individuals)
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
[Third-Party Company: Grepp Inc.]
1. Outsourced Tasks
- Coding tests
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
[Third-Party Company: Assesta HRC, Inc.]
1. Outsourced Tasks
- Personality assessments
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
B. The Company transfers personal information overseas to third-party companies for outsourcing and the details of the third-party companies and the outsourced tasks are as follows:
[Third-Party Company: Avature]
1. Information Management Officer and Contact
- privacyofficer@avature.net
2. Purpose of Transfer
- Processing and management of job applicants' recruitment procedures, personnel management, etc.
3. Personal Information Items Being Transferred
- Resume and other application details
4. Destination Country for Transfer
- Japan
※ However, access may be made from Australia, the United States, Europe, and Argentina (and countries under Article 45 of GDPR) during technical support processes for smooth service provision.
5. Date and Method of Transfer
- Transmitted via network at the time of job application
6. Duration of Personal Information Use
- 5 years
The Company entrusts the processing of personal information to subcontractors (including cases of re-subcontracting), and the details of the entrusted tasks are as follows.
[Third-Party Companies: NAVER CLOUD Inc., LINE PLUS Inc.]
1. Outsourced Tasks
- Website development and maintenance, system operation for service provision
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
[Third-Party Companies: Reference Check Korea Inc., Wecruit Corporation]
1. Outsourced Tasks
- Reference checks (limited to relevant individuals)
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
[Third-Party Company: Grepp Inc.]
1. Outsourced Tasks
- Coding tests
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
[Third-Party Company: Assesta HRC, Inc.]
1. Outsourced Tasks
- Personality assessments
2. Retention and Use Period of Personal Information
- Until the completion of the task's purpose or termination of the outsourcing contract
B. The Company transfers personal information overseas to third-party companies for outsourcing and the details of the third-party companies and the outsourced tasks are as follows:
[Third-Party Company: Avature]
1. Information Management Officer and Contact
- privacyofficer@avature.net
2. Purpose of Transfer
- Processing and management of job applicants' recruitment procedures, personnel management, etc.
3. Personal Information Items Being Transferred
- Resume and other application details
4. Destination Country for Transfer
- Japan
※ However, access may be made from Australia, the United States, Europe, and Argentina (and countries under Article 45 of GDPR) during technical support processes for smooth service provision.
5. Date and Method of Transfer
- Transmitted via network at the time of job application
6. Duration of Personal Information Use
- 5 years
4. PERSONAL INFORMATION PROCESSING AND RETENTION PERIOD
Personal information is processed and retained within the period for which consent was obtained from the data subject for the collection of personal information, and it is generally disposed of without delay once the purpose of processing personal information is achieved.
However, the personal information of job applicants is retained in the Company's talent pool for a period of 5 years, and if recruitment is needed, it is used for ongoing recruitment from that talent pool. If a request for the deletion of personal information is made by a job applicant, the information in question will be promptly deleted.
However, the personal information of job applicants is retained in the Company's talent pool for a period of 5 years, and if recruitment is needed, it is used for ongoing recruitment from that talent pool. If a request for the deletion of personal information is made by a job applicant, the information in question will be promptly deleted.
5. PROCEDURE AND METHOD FOR PERSONAL INFORMATION DESTRUCTION
The personal information of data subjects is generally destroyed without delay once the purpose of processing personal information is achieved. The Company's personal information destruction procedure and method are as follows.
A. Destruction Procedure
- Information provided by data subjects is transferred to a separate database (or separate document storage if using paper) after the purpose is achieved and is retained for a certain period as required by internal policies and other relevant laws and regulations (refer to "4. Personal Information Processing and Retention Period"). It is then destroyed.
- This personal information will not be used for any purpose other than retention unless required by law.
B. Destruction Method
- Personal information printed on paper is destroyed using a shredder or incinerated.
- Personal information stored in electronic file format is deleted using technical methods that make the data irrecoverable.
- In cases where the above methods are significantly difficult due to technical characteristics, the information is processed into anonymous data to ensure irrecoverable deletion.
A. Destruction Procedure
- Information provided by data subjects is transferred to a separate database (or separate document storage if using paper) after the purpose is achieved and is retained for a certain period as required by internal policies and other relevant laws and regulations (refer to "4. Personal Information Processing and Retention Period"). It is then destroyed.
- This personal information will not be used for any purpose other than retention unless required by law.
B. Destruction Method
- Personal information printed on paper is destroyed using a shredder or incinerated.
- Personal information stored in electronic file format is deleted using technical methods that make the data irrecoverable.
- In cases where the above methods are significantly difficult due to technical characteristics, the information is processed into anonymous data to ensure irrecoverable deletion.
6. RIGHTS AND OBLIGATIONS OF DATA SUBJECTS AND THEIR EXERCISE METHODS
Data subjects have the right to access, modify, delete, or request the suspension of their registered personal information at any time. If you wish to delete or suspend your personal information, please contact the Data Protection Officer in writing, by phone, or via email, and we will promptly take appropriate action.
7. MEASURES TO ENSURE THE SECURITY OF PERSONAL INFORMATION
The Company is implementing the following technical and administrative measures to ensure the security of personal information in the processing of personal information of data subjects, in order to prevent its loss, theft, leakage, alteration, or damage.
A. Password Encryption
The passwords set by job applicants are encrypted and stored securely, known only to the individuals themselves. Confirmation and modification of personal information can only be done by the individual who knows the password.
B. Measures to Counter Hacking and Similar Threats
The Company strives to prevent the leakage or damage of personal information of data subjects due to hacking or computer viruses, among other threats. Data is regularly backed up to prepare for data loss, and up-to-date antivirus programs are used to prevent the leakage or damage of personal information. Encryption communication is used to securely transmit personal information over networks. Intrusion prevention systems are employed to control unauthorized access from external sources. Additionally, all possible technical measures are taken to ensure system security.
C. Minimization and Training of Personal Information Processing Personnel
The Company restricts access to personnel responsible for handling personal information and provides them with separate passwords that are regularly updated. Furthermore, the Company conducts periodic training for these personnel and emphasizes the protection of the personal information of job applicants.
D. Operation of a Personal Information Protection Team
The Company operates a personal information protection team within the organization to monitor compliance with the Company's personal information processing policy and to promptly correct any issues found. However, the Company is not responsible for damages that do not result from the Company's negligence or occur in areas not managed by the Company, even if the Company has fulfilled its obligation to protect personal information.
A. Password Encryption
The passwords set by job applicants are encrypted and stored securely, known only to the individuals themselves. Confirmation and modification of personal information can only be done by the individual who knows the password.
B. Measures to Counter Hacking and Similar Threats
The Company strives to prevent the leakage or damage of personal information of data subjects due to hacking or computer viruses, among other threats. Data is regularly backed up to prepare for data loss, and up-to-date antivirus programs are used to prevent the leakage or damage of personal information. Encryption communication is used to securely transmit personal information over networks. Intrusion prevention systems are employed to control unauthorized access from external sources. Additionally, all possible technical measures are taken to ensure system security.
C. Minimization and Training of Personal Information Processing Personnel
The Company restricts access to personnel responsible for handling personal information and provides them with separate passwords that are regularly updated. Furthermore, the Company conducts periodic training for these personnel and emphasizes the protection of the personal information of job applicants.
D. Operation of a Personal Information Protection Team
The Company operates a personal information protection team within the organization to monitor compliance with the Company's personal information processing policy and to promptly correct any issues found. However, the Company is not responsible for damages that do not result from the Company's negligence or occur in areas not managed by the Company, even if the Company has fulfilled its obligation to protect personal information.
8. INSTALLATION, OPERATION, AND REFUSAL OF AUTOMATIC PERSONAL INFORMATION COLLECTION DEVICES
The Company uses “cookies” to provide web services. Cookies are used in operating websites and are small pieces of information sent by the server and stored on the user's computer browser's hard drive.
A. Purpose of Using Cookies
Cookies are used to track information such as the visit and usage patterns of users on visited web pages, as well as their security access status.
B. Installation, Operation, and Refusal of Cookies
The storage of cookies can be rejected through the option settings in the Tools > Internet Options > Privacy menu of the web browser.
If cookie storage is rejected, there is a possibility that the convenience and functionality of all or some features of the webpage may be restricted.
A. Purpose of Using Cookies
Cookies are used to track information such as the visit and usage patterns of users on visited web pages, as well as their security access status.
B. Installation, Operation, and Refusal of Cookies
The storage of cookies can be rejected through the option settings in the Tools > Internet Options > Privacy menu of the web browser.
If cookie storage is rejected, there is a possibility that the convenience and functionality of all or some features of the webpage may be restricted.
9. CONTACT INFORMATION FOR THE PERSONAL INFORMATION PROTECTION OFFICER
In the process of using the website and other services, data subjects can report all personal information protection-related complaints to the Personal Information Protection Officer. The Company will provide prompt and sufficient responses to the data subject's report.
Personal Information Protection Officer
Name: Jaemoon Kim
Affiliation: F Security
Position: CISO/CPO
Phone: 1544-9430
Email: f_privacy_kr@linecorp.com
Data subjects can apply for dispute resolution, counseling, and other services related to personal information infringements through the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency, and the Personal Information Infringement Report Center to seek remedies for personal information infringements. For other reports and consultations related to personal information infringements, please contact the following organizations.
Personal Information Dispute Mediation Committee: (www.kopico.go.kr / 1833-6972 without area code)
Personal Information Infringement Report Center: (privacy.kisa.or.kr / 118 without area code)
Cyber Investigation Department of the Supreme Prosecutors' Office: (www.spo.go.kr / 1301 without area code)
Cyber Safety Bureau of the Korean National Police Agency: (cyberbureau.police.go.kr / 182 without area code)
Personal Information Protection Officer
Name: Jaemoon Kim
Affiliation: F Security
Position: CISO/CPO
Phone: 1544-9430
Email: f_privacy_kr@linecorp.com
Data subjects can apply for dispute resolution, counseling, and other services related to personal information infringements through the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency, and the Personal Information Infringement Report Center to seek remedies for personal information infringements. For other reports and consultations related to personal information infringements, please contact the following organizations.
Personal Information Dispute Mediation Committee: (www.kopico.go.kr / 1833-6972 without area code)
Personal Information Infringement Report Center: (privacy.kisa.or.kr / 118 without area code)
Cyber Investigation Department of the Supreme Prosecutors' Office: (www.spo.go.kr / 1301 without area code)
Cyber Safety Bureau of the Korean National Police Agency: (cyberbureau.police.go.kr / 182 without area code)
10. MISCELLANEOUS
This "Privacy Policy" does not apply to the actions of websites linked to this website that collect personal information.
11. CHANGES TO THE PRIVACY POLICY
In the event of any additions, deletions, or modifications to the current privacy policy, notice will be provided through a "separate window" on our website at least 7 days prior to the revision. However, if there are significant changes that impact the rights of the data subject, such as the collection and utilization of personal information or third-party disclosures, notification will be made at least 30 days in advance.
Announcement Date: Sept. 2, 2023
Effective Date: Oct. 1, 2023
The previous privacy policy can be viewed by selecting "View Previous Privacy Policy" at the top.
Announcement Date: Sept. 2, 2023
Effective Date: Oct. 1, 2023
The previous privacy policy can be viewed by selecting "View Previous Privacy Policy" at the top.