Privacy Policy 닫기
CREVERSE Co., Ltd. (hereinafter referred to as the “Company”) complies with the Personal Information Protection Act and related laws and regulations to protect the freedom and rights of data subjects, lawfully processes personal information, and manages it safely.

In compliance with Article 30 of the Personal Information Protection Act, the Company establishes and discloses the following Privacy Policy to inform data subjects about the procedures and standards for processing personal information and to ensure the prompt and efficient resolution of any related grievances
1. Purpose of Processing Personal Information
The Company processes only the minimum amount of personal information necessary for the following purposes.
  1. Membership Registration
    - User management (identity verification, individual identification, intent to join, notification delivery), job application services, and job application processing.
  2. Job Application
    - Determining suitability for employment, conducting screening processes, utilizing the talent database, and managing recruitment-related information after hiring.
2. Methods of Collecting Personal Information and Items Collected
  1. Methods of Collecting Personal Information
    - Personal information is collected through membership registration or job applications on the Company’s website.
  2. Items of Personal Information Collected and Processed
    Category Items Collected
    During membership registration Required Email, Password
    When applying for a job Required English name, gender, nationality, email, contact information, address, educational details (country, university, major), photo, job application form (resume)
    Optional Korean name, Skype ID, Graduate school education (country, degree, school, graduation date), second nationality

    ※ The Company informs applicants at each input stage whether the information is a "required field" that must be provided for the job application or an "optional field" that can be provided at the applicant's discretion. Applicants are free to decide whether to enter optional information.
  3. During service usage, service usage records, access logs, cookies, IP address information, and device details (including service version, OS, OS version, and device model) may be automatically generated and collected.
3. Retention and Processing Period of Personal Information
  1. Processing and Retention Period
    The Company processes and retains personal information within the period agreed upon by the data subject at the time of collection or within the period specified by relevant laws and regulations.
  2. Destruction of Personal Information
    In principle, the Company destroys personal information without delay once the purpose of its collection and use has been achieved. However, information may be retained for a specific period as required by applicable laws.
4. Procedures and Methods for Destroying Personal Information
  1. Destruction of Personal Information
    The Company will promptly destroy personal information when it is no longer necessary, such as when the retention period has expired or the purpose of processing has been achieved.
  2. Retention of Personal Information Beyond the Retention Period
    If the retention period agreed upon with the data subject has expired or the purpose of processing has been achieved, but the Company is required to retain the personal information under other applicable laws, the information will be stored in a separate database (DB) or moved to a different storage location.
  3. Procedures and Methods for Destroying Personal Information
    1. a) Destruction Procedures - The Company identifies the personal information scheduled for destruction and secures approval from the Personal Information Protection Officer prior to proceeding.
    2. b) Destruction Methods
      - Personal information recorded and stored in paper documents: Shredded using a shredder or incinerated. - Personal information recorded and stored in electronic file formats: Irreversibly destroyed to prevent the possibility of recovery.
5. Rights and Obligations of Data Subjects and Legal Representatives
  1. Members may request access, transfer, correction, deletion, suspension of processing, withdrawal of consent, objection, or explanation (hereinafter referred to as "request for access, etc.") of their personal information from the Company in accordance with Articles 35, 36, 37, and 37-2 of the Personal Information Protection Act and Articles 41, 43, and 44 of its Enforcement Decree.
  2. Members may request access, transfer, correction, deletion, suspension of processing, withdrawal of consent, or explanation of their personal information (hereinafter referred to as "request for access, etc.") from the Company via written request, email, or fax. The Company will respond to such requests without delay.

    Members who are minors aged 14 or older may request access, etc., to their personal information either directly or through their legal representatives.

  3. Members may authorize a representative, such as a legal guardian or an appointed proxy, to submit requests regarding the access, transfer, correction, deletion, suspension of processing, withdrawal of consent, or explanation of their personal information.
  4. The Company verifies whether the individual making the request for access, transfer, correction, deletion, suspension of processing, withdrawal of consent, or explanation of personal information ("request for access, etc.") is the data subject themselves or a duly authorized representative.
  5. Requests for access, suspension of processing, or other actions related to personal information may be restricted or denied in accordance with Article 35(4) and Article 37(2) of the Personal Information Protection Act. Additionally, under the proviso of Article 36(1) of the same Act, if the collection of certain personal information is explicitly required by other laws, requests for correction or deletion of that information may not be accepted.
  6. If a member disagrees with the Company's decision to restrict or deny a request for access, transfer, correction, deletion, suspension of processing, withdrawal of consent, or explanation of personal information ("request for access, etc."), the member may file an objection with the Company's personal information protection department via written request, email, or fax.
  7. To view or modify personal information, members can click "Change Personal Information" (or "Edit Member Information," etc.) and complete the identity verification process. For withdrawal of membership (withdrawal of consent), members can click "Withdraw Membership" and follow the identity verification procedure to directly view, modify, cancel membership, or withdraw.
6. Matters Concerning the Personal Information Protection Officer
  1. The Company is fully responsible for overseeing the processing of personal information and has designated a Personal Information Protection Officer as follows to handle complaints and provide remedies related to the processing of personal information.
  2. Personal Information Protection Officer and Manager in Charge
    Info. Personal Information
    Protection Officer    		 Personal Information
    Protection Manager
    Name Wangjin Oh Taehyuk Kim
    Assign/Position IT Div. / Executive Director Information Security Part / General Manager
    Phone Number 02-3429-9407 02-3429-9407
    E-MAIL pinfo@creverse.com pinfo@creverse.com
  3. Data subjects may contact the Personal Information Protection Officer and the department in charge regarding any inquiries, complaints, or requests for remedies related to personal information protection that arise while using the Company's services (or business). The Company will respond to and process such inquiries without delay.
  4. Data subjects may request dispute resolution or consultation from the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency (KISA) Personal Information Infringement Report Center, or other related institutions to seek remedies for personal information infringement. For reports or consultations regarding personal information infringement, data subjects may contact the following institutions:
    • Personal Information Dispute Mediation Committee
      www.kopico.go.kr / 1833-6972 (no area code required)
    • Personal Information Infringement Report Center
      privacy.kisa.or.kr / 118 (no area code required)
    • Supreme Prosecutors' Office Cyber Investigation Division
      www.spo.go.kr / 1301 (no area code required)
    • National Police Agency Cyber Investigation Bureau
      police.go.kr / 182 (no area code required)
7. Matters Concerning the Installation, Operation, and Rejection of Devices that Automatically Collect Personal Information
The Company takes the following measures to ensure the security of personal information.

  1. The Company uses 'cookies' to store and retrieve usage information in order to provide personalized services to data subjects. A cookie is a small amount of information sent by the server (http) used to operate the Company's website, which is stored on the user's computer hard drive via their web browser.

    1. Purpose of Cookie Usage
    - Cookies are utilized to analyze user activity across services and websites, identify popular search terms, and verify secure access, thereby delivering optimized information and services to users

    2. Installation, Operation, and Rejection of Cookies
    - You can refuse the storage of cookies by adjusting the settings in your web browser.
    - Example of Cookie Settings by Browser. (Edge Browser: Settings > Update & Security / Chrome Browser: Settings > Privacy & Security / Safari Browser: Settings > Security)
    - However, if you refuse the installation or storage of cookies, you may experience some difficulties in using certain services.

8. Measures to Ensure the Security of Personal Information
The company is taking the following measures to ensure the safety of personal information:
  1. Minimization and education of personal information handling staff
    The company is designating personal information handling staff, minimizing the number of staff in charge of personal information processing, and conducting continuous personal information protection education.
  2. Establishment and implementation of internal management plan
    Users' personal information is encrypted, stored, and managed according to the standards prescribed by the law. Additionally, files and transmitted data are secured through encryption and other protective measures.
  3. Encryption of personal information
    Users' personal information is encrypted and stored and managed in accordance with the standards set forth in the law, and we also apply encryption, etc. to files and transmission data.
  4. Technical measures against hacking, etc.
    The company has installed security programs and is regularly updating and inspecting them to prevent the leakage of or damage to personal information caused by hacking or computer viruses. Additionally, systems are installed in areas with restricted external access and are monitored and secured through both technical and physical measures.
  5. Restricting access to personal information
    The company is taking necessary measures to control access to personal information by granting, changing, and deleting access rights to the database system that processes personal information, and controlling unauthorized access from the outside by using an intrusion prevention system.
  6. Storage of access records and prevention of forgery and alteration
    The company stores and manages access records to the personal information processing system and manages them to prevent forgery, alteration, theft, and loss.
  7. Use of locking devices for document security
    Documents and auxiliary storage media containing personal information are stored in a safe location with a locking device.
  8. Access control for unauthorized persons
    The company has established and is operating access control procedures for separate physical storage locations where personal information is stored.
9. Operation and management of video surveillance systems
The Company outsources the installation and management of video surveillance systems as described below and ensures that all necessary provisions for secure personal information management are included in the outsourcing contracts, in compliance with applicable laws.
  1. Basis and purpose of installing video surveillance systems: Crime prevention, facility safety, fire prevention, student protection.
  2. Installation locations and number of units: Main facilities such as classrooms, hallways, desks, etc., of each academy (varies by academy, please refer to the separate notice at each academy).
  3. Shooting Scope: Capture all areas of the main facilities.
  4. Person in Charge of Management, Responsible Department, and Authorized Personnel for Access to Video Information: The director of each academy and reading room.
  5. Video Information Recording Time, Retention Period, Storage Location, and Processing Method.

    - Recording Time: 24-hour recording.
    - Retention Period: 30 days from the time of recording.
    ※ Based on a storage capacity of 4TB, some variations may occur depending on the size of individual video files.
    - Storage Location and Processing Method: Stored and processed in the control room of video information processing devices at each academy and reading room.

  6. Method and Location for Viewing Video Information: Request from the person in charge of management.
  7. Measures for Requests to View Video Information by Data Subjects: A request must be made through a personal video information viewing or existence confirmation form. Viewing is only allowed if the data subject is the one captured in the video, or in cases where it is necessary for the urgent protection of the life, body, or property of the data subject or a third party.
  8. Technical, Managerial, and Physical Measures for Video Information Protection: Establishment of an internal management plan, access control and restriction of access rights, application of secure storage and transmission technologies for video information, retention of processing records and prevention of tampering, provision of storage facilities, and installation of locking mechanisms.
  9. Matters Regarding the Outsourcing of Installation and Management of Video Information Processing Devices.

    The company outsources the installation and management of video information processing devices as follows, and stipulates the necessary matters in the outsourcing contract to ensure the safe management of personal information in accordance with relevant laws and regulations.

    Organization Name Contracted Company

    Organization Name Contracted Company
    CDI / April / I-GARTEN ㈜글로시스템
    CMS MT / MG / C3 하나정보통신
10. Changes to the Privacy Policy
  1. This privacy policy will be effective starting from 2025.04.23.
  2. If the company revises or changes the privacy policy, it will notify through the company's website notice section (or individual notifications).