Privacy Policy
QuantifiedESG, Inc. (hereinafter referred to as QESG) implements the following policy to protect the personal information and interests of users and to address grievances related to personal information in accordance with Article 30 of the Personal Information Protection Act.
1. Purpose of Processing Personal Information
QESG processes personal information soley for the following purposes:
- Confirmation of customer's intention to join, identification and authentication according to service provision to customers, maintenance and management of membership qualifications, payment of amounts according to the supply of goods or services, supply and delivery of goods or services, etc.
- Confirmation of customer's intention to join, identification and authentication according to service provision to customers, maintenance and management of membership qualifications, payment of amounts according to the supply of goods or services, supply and delivery of goods or services, etc.
2. Processing and Retention Period of Personal Information
QESG processes personal information within the retention and use period agreed upon at the time of collection. The specific processing and retention periods are as follows:
- Customer registration and management: Until termination of the service agreement or withdrawal of membership
- Customer registration and management: Until termination of the service agreement or withdrawal of membership
3. Provision of Personal Information to Third Parties
QESG provides personal information to third parties only in accordance with Articles 17 and 18 of the Personal Information Protection Act, including cases such as the user's consent or special statutory provisions.
QESG may provide personal information to third parties as outlined below:
These responsibilities include the prohibition of data processing for purposes other than the entrusted work, technical and administrative security measures, restrictions on re-entrustment, supervision of the trustee, and liability for damages.
QESG supervises the trustee to ensure safe processing.
If the content of the entrusted work or the trustee changes, QESG will disclose it through this Privacy Policy without delay.
QESG may provide personal information to third parties as outlined below:
1. Recipient: Professional partners specializing in data verification and due diligence
2. Purpose of provision: Data verification and due diligence, evaluation, analysis, and follow-up monitoring
3. Retention and use period: Retained for 3 years from project completion, then destroyed within 30 days
When providing personal information to third parties or entering into entrustment contracts for data processing, QESG stipulates responsibilities in written agreements in accordance with Article 25 of the Personal Information Protection Act. 2. Purpose of provision: Data verification and due diligence, evaluation, analysis, and follow-up monitoring
3. Retention and use period: Retained for 3 years from project completion, then destroyed within 30 days
These responsibilities include the prohibition of data processing for purposes other than the entrusted work, technical and administrative security measures, restrictions on re-entrustment, supervision of the trustee, and liability for damages.
QESG supervises the trustee to ensure safe processing.
If the content of the entrusted work or the trustee changes, QESG will disclose it through this Privacy Policy without delay.
Details regarding the provision of personal information to third parties are as follows:
| File Name | Recipient | Information provided | Purpose of Provision | Retention Period of Recipient |
|---|---|---|---|---|
| Employee and Company information | Auditors, consultants | Name, email, contact details | Coordination of on-site assessment schedules | Until the purpose is achieved |
4. Rights of Users
Users may exercise the following rights regarding personal information protection at any time:
1. Request for access to personal information
2. Request for correction in case of errors
3. Request for deletion
4. Request for suspension of processing
2. Request for correction in case of errors
3. Request for deletion
4. Request for suspension of processing
5. Items of Personal Information Processed
QESG processes the following items of personal information to provide products and services, receive and manage inquiries, and for marketing and advertising purposes.
- Required Items: Name, email address, phone number
- Optional Items: Company phone number, company address, etc.
- Required Items: Name, email address, phone number
- Optional Items: Company phone number, company address, etc.
6. Destruction of Personal Information
In principle, QESG destroys personal information without delay once the purpose of processing has been achieved. The procedures, deadlines, and methods for destruction are as follows.
1. Destruction Procedure
Once the purpose of holding user information is achieved, it is transferred to a separate database (DB) and stored for a certain period in accordance with internal policies. Information transferred to the DB is not used for any other purpose except as required by law.
Once the purpose of holding user information is achieved, it is transferred to a separate database (DB) and stored for a certain period in accordance with internal policies. Information transferred to the DB is not used for any other purpose except as required by law.
2. Destruction Deadline
If the retention period has elapsed, the user's personal information will be destroyed within 30 days from the end date of that period. If the information becomes unnecessary due to the fulfillment of its purpose, discontinuation of the service, or business termination, it will be destroyed within 30 days from the date it is deemed unnecessary.
If the retention period has elapsed, the user's personal information will be destroyed within 30 days from the end date of that period. If the information becomes unnecessary due to the fulfillment of its purpose, discontinuation of the service, or business termination, it will be destroyed within 30 days from the date it is deemed unnecessary.
7. Installation, Operation, and Refusal of Automatic Data Collection Tools
QESG may use ‘cookies’ to provide stable and convenient services to users. Cookies are small data sent by the server operating the website to the user's browser and may be stored on the user's device.
1. Purpose of use
- Essential cookies: Providing functions strictly necessary for service use, such as storing access tokens to maintain login and authentication status
- Functional/analytical cookies: Storing user preferences, improving service quality, and analyzing usage statistics
2. Installation, operation, and refusal of cookies: Users can refuse or delete the storage of optional cookies through web browser settings.
- However, as essential cookies are strictly necessary for service provision, refusing them may restrict login capabilities and basic service usage.
- Essential cookies: Providing functions strictly necessary for service use, such as storing access tokens to maintain login and authentication status
- Functional/analytical cookies: Storing user preferences, improving service quality, and analyzing usage statistics
2. Installation, operation, and refusal of cookies: Users can refuse or delete the storage of optional cookies through web browser settings.
- However, as essential cookies are strictly necessary for service provision, refusing them may restrict login capabilities and basic service usage.
8. Designation of Personal Information Protection Officer
QESG designates a Personal Information Protection Officer as follows to take overall responsibility for personal information processing duties, handle complaints and damage relief for users, etc.
▶ Personal Information Protection Officer
Name: Hye-ju Kim
Contact: 02-6956-2410, info@qesg.co.kr
※ You will be connected to the department in charge of personal information protection.
Users may contact the Personal Information Protection Officer and the competent department regarding any inquiries, complaints, or damage relief requests related to personal information protection arising from the use of QESG's services (or business). QESG will respond to and resolve such inquiries without delay. Name: Hye-ju Kim
Contact: 02-6956-2410, info@qesg.co.kr
※ You will be connected to the department in charge of personal information protection.
9. Changes to the Privacy Policy
This Privacy Policy applies from its effective date. In the event of any additions, deletions, or corrections to this Policy due to changes in applicable laws or internal policies, QESG will notify users via website announcements or through each service platform at least 7 days prior to the effective date of the changes.
10. Measures to Ensure the Security of Personal Information
In accordance with Article 29 of the Personal Information Protection Act, QESG takes the following technical, administrative, and physical measures to ensure security:
1. Regular self-audits
QESG conducts regular self-audits (quarterly) to ensure the security of personal information handling.
2. Minimization and training of responsible personnel
QESG designates specific employees to handle personal information and limits handling authority strictly to those designated personnel.
3. Establishment and implementation of internal management plans
QESG has established and is implementing an internal management plan for the safe processing of personal information.
4. Encryption of personal information
Users' personal information and passwords are encrypted for storage and management, ensuring that only the user can access them. For critical data, QESG employs additional security functions such as encrypting files and transmission data or using file locks.
5. Access control for unauthorized individuals
QESG maintains a separate physical storage area for personal information. Strict access control procedures are established and operated to prevent access by unauthorized individuals.
QESG conducts regular self-audits (quarterly) to ensure the security of personal information handling.
2. Minimization and training of responsible personnel
QESG designates specific employees to handle personal information and limits handling authority strictly to those designated personnel.
3. Establishment and implementation of internal management plans
QESG has established and is implementing an internal management plan for the safe processing of personal information.
4. Encryption of personal information
Users' personal information and passwords are encrypted for storage and management, ensuring that only the user can access them. For critical data, QESG employs additional security functions such as encrypting files and transmission data or using file locks.
5. Access control for unauthorized individuals
QESG maintains a separate physical storage area for personal information. Strict access control procedures are established and operated to prevent access by unauthorized individuals.
This policy is effective from January 1, 2025.
