Privacy Policy
(Recruitment and Others)
SM Entertainment Co., Ltd. (hereinafter, referred to as “Company”) complies with the regulations on personal information protection as set forth in the Protection of Communications Secrets Act, the Telecommunications Business Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection Etc. (hereinafter, referred to as “Information and Communication Network Law”), the Act on the Consumer Protection in Electronic Commerce, Etc. (hereinafter, referred to as the "Electronic Commerce Law"), and so forth, and has implemented the privacy policy established in accordance with the relevant laws and regulations as the basis of commitment to protecting individual rights and interests.
The Company will treat personal information it collects, retains, and processes in compliance with the provisions of the said laws in a legitimate and proper manner in order to protect the rights and interests of the members and perform the operations of the Company properly.
1. Items of Personal Information Collected, Method of Collection, and User Consent
A. Items of Personal Information Collected
The Company collects the following personal information to facilitate various services including customer consultation, recruitment, and others.
B. Method of Collecting Personal Information
The Company collects personal information as follows
C. Obtaining User Consent
The Company informs the user of the following information to obtain consent when collecting and using the personal information of the user
In following cases, however, the Company does not obtain separate consent when collecting the user's personal information
D. Obtaining Consent of Legal Representative of Children under 14
In the event that the Company collects personal information from children under the age of 14, it must obtain consent of the child and the legal representative of the child, and the Company may ask for the name, resident registration number, and mobile number of the legal representative.
2. Purposes of Collecting and Using Personal Information
A. To respond to personal identification and service inquiries, fulfill contract duties related to the dispatch of technical data and provision of services and settle charges for the services provided, dispatch of invoices and so forth, personal verification, purchase, and payment of charges, collection of charges, etc.
B. Developing and Marketing New Services: To develop new services and provide customized services, provide services according to statistical characteristics and display advertisements, confirm validity of services, provide events and advertisement information, identify access frequency, and provide statistics on member’s use of services.
3. Sharing and Providing Personal Information
The Company shall use personal information of users within the scope notified under "2. Purpose of Collecting and Using Personal Information" and shall not exceed this scope without obtaining prior consent of the user or disclose the user's personal information or provide it to a third party, however, except in the following cases.
4. Entrustment of the Processing of Personal Information
If the Company entrusts a third party with the handling of the personal information of the user, the user shall be notified of the entrusted party and the details of the entrusted tasks and shall obtain prior consent if necessary.
5. Period for Retaining and Using Personal Information
In the event that the purpose of collecting and using personal information is accomplished, the Company shall immediately destroy the personal information. However, the following information is kept for the following reasons for a specified period.
A. Reason for Retaining Information due to Company’s Policy
Record of Unauthorized Use, Reason for Retention : Prevention of unauthorized use
Retaining Period : 1 year
B. Reason for Retaining Information due to Relevant Laws and Regulations
It the event that it is necessary to retain personal information in accordance with the provisions under related laws such as the Commercial Act and the Act on the Consumer Protection in Electronic Commerce, Etc., the Company shall retain the member’s information for a certain period of time as set forth in the relevant laws. In this case, the Company shall use the information it retains only for the purpose of retaining the information for the following retaining period.
6. Personal Information Destruction Procedure and Method
In principle, the Company shall destroy the user’s personal information without delay after the purpose of collecting and using the personal information is fulfilled. Destruction procedures and methods are as follows.
A. Destruction Procedure
Destruction Method
7. Rights of Users and Legal Representatives and How to Exercise Their Rights
8. Installation, Operation, and Rejection of Automatic Personal Information Collecting Device
9. Technical/Administrative Protection Measures for Personal Information
A. Encryption of Member ID and Password
ID and password of the member are stored and managed in an encrypted form.
B. Encryption of Personal Information and Verification Information during Transmission and Reception
The Company encrypts the user’s personal information and verification information through a safe security server and so forth for the transmission and reception of such information.
C. Measures Against Hacking, Etc.
The Company operates a variety of programs to control network traffic and prevent attempts to change information illegally in order to ensure the security of the homepage and its continuous service. While the Company is constantly making administrative and technical efforts for homepage security, please avoid entering any sensitive information that may cause a problem when infringed upon. The Company is doing its best to prevent leakage or damage of personal information of members through hacking attempts or computer virus. The Company is frequently backing up the data in order to cope with the damage of personal information and uses the latest vaccine software to prevent leakage or damage of personal information or data. The Company ensures secure transmission of personal information on the network through encrypted communication and so forth. Also, the Company controls unauthorized access from the outside by using a firewall system and makes efforts to secure all possible technological systems to ensure security.
D. Minimization and Training of Staff Members Handling Personal Information
The Company limits the duty of handling personal information to the persons in charge and has given a separate password for this purpose, which is periodically changed while the persons in charge are continuously reminded of the compliance with this privacy policy through training.
E. Operation of Organization Exclusively in Charge of Personal Information Protection
The Company checks whether the privacy policy has been implemented and the person in charge has complied with the policy through the personal information protection organization within the Company and makes efforts to immediately correct and rectify any problem found in the process. However, the Company will not be held responsible for any problems caused by the leakage of personal information due to user negligence or internet problems.
F. Miscellaneous
For other matters, refer to the notice of "Standard for Technical/Administrative Protection Measures of Personal Information" of the Korea Communications Commission.
10. Contact Information of Officer and Person in Charge of Personal Information Management
The Company has appointed a related department and officer in charge of personal information management as follows in order to protect customers’ personal information and to handle complaints related to personal information.
Officer in Charge of Personal Information Management
If you need to report other privacy infringements or need counseling, please contact the following organizations.
11. Miscellaneous
In the event that you click on a link or banner included in the web page operated by the Company and move to another site or web page, the privacy policy of the organization operating the corresponding site will be applied; check the privacy policy of the site you visit.
12. Notification Duty
The Company shall notify you of any revisions including addition, deletion, and modification to this Privacy Policy at least seven days prior to the revision. However, if the contents of the terms and conditions are to be changed unfavorably to the user, the Company shall notify the user of the contents before the revision and the contents after the revision in an easy-to-understand manner by giving a preliminary grace period of at least 30 days.
Addendum
(Enforcement Date) These provisions will come into effect from April 26, 2019.
(Recruitment)
SM Entertainment Group (hereinafter, referred to as the “Company”) protects the applicant's personal information and rights and benefits by complying with the personal information protection regulations of related laws such as the Personal Information Protection Act and has the following privacy policies to relieve applicants of the difficulties regarding personal information.
※ SM Entertainment Group is a collective title for the following companies.
SM Entertainment Co., Ltd. SM Culture and Contents Co., Ltd., SM Mobile Communications Co., Ltd., SM Brand Marketing Co., Ltd., SM F&B Development Co., Ltd., DREAMMAKER Entertainment Ltd., and MOA L&B International Co., Ltd.
1. Items of Personal Information Collected
A. Items of Personal Information Collected
The Company collects and processes only the minimum amount of personal information in the course of recruitment.
2. Purpose of Collecting and Using Personal Information
Notifications such as guide to the recruitment screening process and each step of screening and pool of talented people
3. Period for Retaining and Using Personal Information
In the event that the purpose of collecting and using personal information is accomplished or that the applicant withdraws consent to provide personal information, the Company shall immediately destroy the applicant's personal information.
However, the information is stored and destroyed separately in the following cases.
4. Personal Information Destruction Procedure and Method
In principle, the Company shall destroy personal information without delay after the purpose of collecting and using the personal information is fulfilled. For information provided by the applicant to apply for employment and so forth, however, the Company transfers the information to a separate storage space from the existing storage space after the purpose is fulfilled to store the information for a fixed period of time before destruction in accordance with internal policies (refer to 3. Period for Processing and Retaining Personal Information) and related laws and regulations. In this case, the separately stored personal information will never be used for other purposes unless required by law. The procedures and methods of destruction are as follows.
5. Entrustment of the Processing of Personal Information
In relation to the processing of personal information, the Company is entrusted with the following tasks with the consent of the applicant and stipulates the matters necessary for the personal information to be managed safely when signing the entrustment contract in accordance with relevant laws and regulations.
6. Rights of Applicants and How to Exercise Rights
Applicants may request for the deletion of personal information at any time. In this case, contact the person in charge of personal information protection in writing or by telephone or email, then the request will be handled immediately after confirmation.
7. Installation, Operation, and Rejection of Automatic Personal Information Collecting Device
The Company uses 'cookies' to store and find applicant’s information frequently. A cookie is a small text file sent to the applicant's browser by the server that is used to run the website and it is stored in the applicant's computer hard disk. The company uses cookies for the following purposes.
8. Protective Measures to Secure Safety of Personal Information
The Company makes the following efforts to secure the applicant's personal information.
9. Civil Service Related to Personal Information
The Company has appointed a related department and an officer in charge of personal information management as follows in order to protect the personal information of applicants and to handle complaints related to personal information.
Officer in Charge of Personal Information Management
Person in Charge of Personal Information Management
Applicants may report any complaint related to privacy protection that arises while using the Company's services to the officer in charge of personal information management or the department in charge. The Company shall make efforts to respond to applicants' reports fully and as soon as possible.
If you need to report other privacy infringements or need counseling, please contact the following organizations.