Porite Co., Ltd. (hereinafter, “Porite”) shall handle personal data (personal information) from persons located within the EEA (hereinafter “information providers in the EEA”) in compliance with the EU’s General Data Protection Rules (GDPR) and relevant laws, etc., and shall use it in an appropriate manner in line with Porite’s business activities.
Definition of personal information
Personal information is information concerning an individual that can be used to directly identify the individual on the basis of the name, birthdate, telephone number, address, and place of work included in the information, or that can be used to readily identify an individual by cross-referencing it with other information.
Acquisition of personal information
Porite shall acquire personal information through legal and fair means.
Use of personal information
With regard to personal information acquired, Porite shall reveal the purpose of use to the relevant individual. Furthermore, the acquired personal information shall be used for business purposes within the scope of the intended use.
Secure management of personal information
Porite shall work to prevent loss of, damage to, tampering with, leakage of, and unauthorized access to personal information. To this end, it shall establish a position to take responsibility for the protection of personal information and put in place a suitable mechanism to ensure effectiveness.
Provision of personal information to third parties
Except in the cases described below, Porite shall not disclose or provide personal information to third parties without the consent of the relevant individual. If personal information is to be disclosed or provided to a third party, Porite shall work to ensure that the third party takes suitable measures to guard against leakage and other risks to protect the information. Cases where personal information is provided to subcontractors or partners to the extent that there is a business requirement to do so. Cases where personal information is inherited on the basis of business laws, etc., through a company merger, division, or transfer of business. In cases where provision is required or permitted by law, etc., personal information shall be provided in line with stipulations of the relevant law.
Handling of personal information
This provides an explanation of matters including the purpose of acquisition and handling of personal information acquired by Porite in accordance with the stipulations of the Act on the Protection of Personal Information.
Porite’s fundamental approach to personal information
Porite shall respect the spirit of the Act on the Protection of Personal Information, and define and follow Rules on the Handling of Specific Personal Information.
Personal information held by Porite
Transfer of data outside EEA
- In some cases, Porite may transfer personal data to countries outside of the EEA. The destination for transfer includes members of the Porite group, cloud service providers, service vendors, and other such third parties (parties who process data). Porite shall oversee such third party handlers of personal data to ensure that they follow the GDPR and appropriate and suitable measures for protection in accordance with the circumstances of the transfer.
- The Porite group deems that by using the group’s services, an individual understands and gives their approval regarding the following.
- Some countries outside the EEA have insufficient laws for the protection of personal data, and there is no guarantee that they are of the same level as the measures for protection defined in the GDPR.
- In order to fulfill the purpose of use, Porite may transfer personal data to members of the Porite group or third parties such as subcontractors including cloud service providers and service vendors (parties that process data) that are located in countries outside of the EEA.
Protection of personal information held
Porite shall perform regular training for its staff to ensure personal information is protected and shall implement strict management of customers’ personal information. The database systems possessed by Porite shall have the security controls required by the Rules on the Handling of Specific Personal Information.
Subcontracting of processing of personal information held
When subcontracting the processing of personal information held by Porite, Porite shall conclude the contracts required and implement suitable management and supervision.
Shared use of personal information held
In order to provide a comprehensive service, Porite shall share personal information for use to the extent necessary to achieve the purpose of use on the basis of the Rules on the Handling of Specific Personal Information.
Porite processes and stores personal data only within the scope of the purpose of use. Personal data that is no longer necessary shall be swiftly erased.
Customers can exercise the following rights whenever they wish to do so with regard to the customer’s personal information held by Porite.
- The right to obtain from the controller confirmation as to whether or not personal data concerning them is being processed, and if so, the right to access said data.(GDPR Article 15)
- The right to obtain the rectification of inaccurate personal data concerning them if the personal data contains an error. (GDPR Article 16)
- The right to have their personal information erased. (GDPR Article 17)
- The right to restrict the processing of their personal data in certain circumstances. (GDPR Article 18)
- The right to data portability. (GDPR Article 20)
- The right to object in certain circumstances. (GDPR Article 21)
- The right to withdraw consent. (GDPR Article 7)
About Cookie Usage
- Inquiry Form
Porite Co., Ltd. General Affairs Division General Affairs Dept.Inquiries
Porite shall change this policy at its own discretion. However, if procedures required for revision are defined in the Act on the Protection of Personal Information Act or other laws, revision shall be performed on the basis of such laws.
If Porite is to change this policy with regard to users, the timing of the enactment of the changed policy and the details of the changes shall be announced by using the following channels.
Publishing on the Porite website Notification to users Other suitable channels
Date of Creation / Revision
Created: July 27, 2012
Revised: July 21, 2020