Privacy Policy

This website introduces the business and brand activities of SANC Co., Ltd. (hereinafter referred to as the “Company”).

SANC Co., Ltd. is committed to protecting users’ personal information and rights in accordance with the Personal Information Protection Act and complies with applicable laws related to personal information. The privacy policy is subject to change from time to time due to amendments to applicable laws or government guidelines, or changes to the Company’s internal policies. Procedures are in place to ensure continuous improvement.

The Company will notify users of any amendments to this personal information handling policy via the website notice board or through individual notifications.
This policy is effective as of April 1, 2025.

1. Consent to the Collection of Personal Information

The Company has established a procedure that allows users to click “Agree” or “Cancel” regarding consent to the collection of personal information or acceptance of the terms of use. Clicking “Agree” will be deemed as consent to the collection of personal information.

2. Items of Personal Information Collected and Methods of Collection

  1. Items Collected
    The Company collects the following personal information through this site.
    • <SANC Site Visiting Program>
      • Required items : Type of visit, organization name, landline number, residential area, meal provision status, visit date, number of visitors, vehicle request, applicant’s name/title, mobile phone number, escort’s name, escort’s mobile phone number, preferred method for receiving the application form and schedule notice
      • Optional item : Message to be conveyed
    • <When making a customer inquiry>
      • Required items : Inquiry type, subject, inquiry details, name, contact phone number, email
      • Optional item : Attachment
  2. Methods of Collection
    The Company collects personal information using the following methods.
    • Website, mobile devices, written forms, fax, phone, email
  3. Other
    The collected personal information will be used solely for the purposes related to the submitted request. If the purpose of use changes, the Company will obtain prior consent from users.

3. Purpose of Processing Personal Information

The Company does not collect users’ personal information without prior consent. The collected information is used as follows.

  1. Management of the SANC Tour Program
    Personal information is processed to provide guidance for organizations and users who have applied for the SANC tour program through the website and phone consultations.
  2. Customer Feedback
    Personal information is processed for the purpose of responding to inquiries made through the website.

4. Retention and Use Period of Collected Personal Information

The Company processes and retains personal information within the legally permitted retention period or within the period agreed upon by users at the time of collection. In addition, personal information will be destroyed without delay once the purpose of its collection and use has been fulfilled.

5. Destruction Procedure and Method of Personal Information

The Company securely processes users’ personal information and destroys it using the following methods to prevent leakage.

  1. Destruction Procedure
    • The information entered by users for services is transferred to a separate database (or, in the case of paper records, to a separate filing cabinet) after the purpose has been fulfilled, and is stored for a specified period in accordance with internal policies and other applicable laws (refer to the retention and use period) before being destroyed. Personal information transferred to a separate database is not used for any purpose other than retention, except as required by law.
  2. Destruction Method
    • Personal information printed on paper : Shredded or incinerated
    • Personal information stored in electronic file format : Deleted using technical methods that render the data irrecoverable

6. Sharing and Providing Collected Personal Information

The Company uses users’ personal information only within the scope of consent obtained and does not, in principle, use it beyond that scope or share/provide it to third parties without prior consent. However, exceptions apply in the following cases:

  • When prior consent has been obtained from the user
  • When necessary for billing related to the provision of services
  • When required by law, or when requested by law enforcement agencies through lawful procedures for investigative purposes

7. Operation and Refusal of Cookies

  1. Purpose of Using Cookies
    1. The Company uses cookies to store and retrieve user information in order to provide customized services. Cookies are small data files sent by the website server to the user’s browser and stored on the user’s computer hard drive.
    2. The use of cookies allows the Company to provide certain customized services that are only possible through cookie-based tracking.
    3. Cookies may be used to identify users and maintain their login status.
  2. Installation/Operation and Refusal of Cookies
    1. Users have the right to choose whether to allow the installation of cookies. Therefore, users can set their web browser options to allow all cookies, block all cookies, or receive a notification when a cookie is stored.
      • Instructions to manage cookie settings for Internet Explorer is as follows:
        • Internet Explorer :
          [Tools] > [Internet Options] > [Privacy] tab > Adjust [Settings]
      • Chrome
        Upper-Right Menu [Settings] > [Advanced] > [Content Settings] > [Cookies]
    2. If you choose to refuse to save cookies, certain customized services provided by the Company may not be available.

8. Measures to Ensure the Security of Personal Information

The Company implements the following technical, managerial, and physical measures in accordance with Article 29 of the Personal Information Protection Act to ensure the security of personal information.

  • Regular Internal Audits
    To ensure secure handling of personal information, internal audits are conducted on a quarterly basis.
  • Minimization and Training of Staff Handling Personal Information
    The Company limits the number of staff authorized to handle personal information and provides training to enhance their data protection awareness.
  • Establishment and Implementation of Internal Management Plan
    The Company has established and enforces an internal management plan to ensure the safe processing of personal information.
  • Technical Measures Against Hacking
    Security programs are installed and regularly updated to prevent leakage or damage of personal information due to hacking or viruses. These systems are installed in areas with restricted external access and are monitored and protected both technically and physically.
  • Encryption of Personal Information
    Users’ personal information, including passwords, is encrypted for secure storage and management. Only the individual user can access this information. For critical data, additional security measures such as file encryption, encrypted data transmission, and file locking functions are applied.
  • Retention of Access Records and Prevention of Tampering
    Records of access to personal information systems are retained and managed for a minimum of six months. Security features are employed to prevent the alteration, theft, or loss of access records.
  • Restriction of Access to Personal Information
    Access rights to databases handling personal information are granted, modified, and revoked in a controlled manner. Intrusion prevention systems are used to block unauthorized external access.
  • Use of Locking Devices for Document Security
    Documents and auxiliary storage media containing personal information are stored in secure facilities equipped with locking mechanisms.
  • Access Control for Unauthorized Persons
    The Company designates a separate physical storage area for personal information and operates access control procedures to prevent unauthorized access.

9. Outsourcing of Personal Information Processing

The Company entrusts the processing of personal information as follows to facilitate efficient handling of personal information-related tasks.

  • Outsourced Company : Studio-JT
  • Entrusted Tasks and Purpose : Website operation and management
  • Entrustment Period : Until the termination of the outsourcing contract

When entering into the outsourcing contract, the Company stipulates contractual clauses and documents in accordance with Article 26 of the Personal Information Protection Act to prohibit the handling of personal information beyond the scope of the entrusted tasks. These provisions include technical and managerial safeguards, restrictions on subcontracting, supervision of the trustee, and liability for damages, and the Company monitors the trustee’s compliance with personal information protection obligations.

If there are any changes to the outsourced tasks or the outsourcing company, the Company will promptly disclose such changes through this Privacy Policy.

10. Department Responsible for Personal Information Protection

The Company designates a personal information protection officer as follows, who is responsible for overseeing the processing of personal information and handling complaints and remedy requests related to personal data.

  • Officer Name : Lim Chan
  • Affiliation/Position : Assistant Manager, Online Business Division, Sinyangchon F&D Co., Ltd.
  • Email : privacy@sancmall.co.kr
  • Phone Number: +82-51-720-7380

11. Feedback and Complaint Handling Related to Personal Information

The Company welcomes feedback from users regarding personal information protection and has established necessary procedures and systems to process and respond to complaints. Users may report any complaints related to personal information to the personal information protection officer listed above via phone or email. The Company will respond promptly and appropriately to such reports.

12. Methods for Remedying Infringement of Rights

Users may contact the agencies listed below for consultation or to seek remedies in cases of personal information rights violations. (The following agencies operate independently from the Company. If you are not satisfied with the Company’s handling of personal information concerns or require further assistance, you may contact these agencies directly.)

  • Personal Information Infringement Report Center (Operated by the Korea Internet & Security Agency)
    • Responsibilities : Receiving reports of personal data breaches and providing consultation
    • Website : privacy.kisa.or.kr
    • Phone : 118 (toll-free)
    • Address : 3F, 9 Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea (58324)
  • Personal Information Dispute Mediation Committee
    • Responsibilities : Mediation of personal data disputes, group dispute resolution (civil matters)
    • Website : www.kopico.go.kr
    • Phone : 1833-6972 (toll-free)
    • Address : 4F, 209 Sejong-daero, Jongno-gu, Seoul, Republic of Korea (03171)
  • Supreme Prosecutors’ Office, Cyber Crime Division : http://www.spo.go.kr
  • National Police Agency, Cyber Security Bureau : http://cyberbureau.police.go.kr

13. Obligation to Inform

This Privacy Policy is effective from the date specified below. If there are any additions, deletions, or modifications due to changes in laws or Company policies, the revised policy will be announced at least seven days prior to the effective date.

  • Effective Date of the Privacy Policy: April 1, 2025
  • Date of Last Revision: April 1, 2025

SANC SNS

Youtube
Instagram
Blog
Tiktok
Pinterest

SANC FAMILY

Sites