JobKorea LLC (hereinafter referred to as “the Company”) complies with the Personal Information Protection Act and related laws in order to protect the freedom and rights of data subjects. The Company lawfully processes and securely manages personal information. Accordingly, in accordance with the Personal Information Protection Act, the Company establishes and discloses this Privacy Policy to guide data subjects regarding the procedures and standards for processing and protecting personal information and to ensure that any related grievances are promptly and smoothly handled.
Privacy Policy
1. Collection and Use of Personal Information
1) The online recruiting site KLIK (hereinafter “the Site”), which facilitates job-seeking and talent recruitment activities for its members, collects personal information to provide services that support effective employment assistance, talent recruitment, and career development. All information provided by users is used only for the purposes described below. Should there be any change in the purpose of use, prior consent will be obtained. In addition, if a member uploads personal information to the Site that the Company did not request, the Company will not use that information and will not be held responsible for managing it.
| Category | Purpose | Items Collected | Retention Period |
|---|---|---|---|
| Individual Membership Registration | Identity verification, provision of various customized services, use of statistics for service improvement and new service development, communication for contract fulfillment and notification of policy changes, confirmation of intent and handling of complaints | [Required] Email, Password | Stored for 30 days from membership withdrawal, then deleted |
| Corporate Membership Registration | [Required] Username, Registrant’s Name or Company Name, Member Identification Key | ||
| Profile/Resume Registration | Provision of job application and employment services | Name, Date of Birth, Nationality, Residential Area, Mobile Phone Number, Visa Information, Work Experience, Education/Training, Certificates, Korean language proficiency, Languages, Portfolio | Stored for 30 days from membership withdrawal, then deleted |
| Job Posting Registration | Handling job applicant inquiries. verifying and managing job posting registrants. notifying outcomes and handling customer complaints. provision of various customized services | [Required] Name, Phone Number, Email | Stored for 30 days from membership withdrawal, then deleted |
| Customer Inquiries and Support | Responding to service proposals, inquiries, and reports | [Required] Email [Optional] Phone Number | Stored for 3 years from the inquiry date, then deleted |
2) During the service use or business processing, the following information may be automatically generated and collected:
- IP address, cookies, visit date and time, service usage records, records of misuse, advertising identifiers (ADID, IDFA, IDFV), device information (OS version, model name, UUID).
3) The Company may collect personal information through the following methods:
- Website, service use, event participation, fax, mail, telephone, and customer center inquiries.
4) In collecting personal information, the Company designates only the minimum necessary personal information for service provision as “mandatory consent items” and classifies any other personal information as “optional consent items,” allowing users to consent separately to each. The Company will not refuse to provide services simply because a user chooses not to supply optional personal information.
2. Provision and Outsourcing of Personal Information
The Company uses personal information within the scope disclosed in “1. Collection and Use of Personal Information” and does not use it beyond that scope without the user’s prior consent.
1) Outsourcing of Personal Information Processing For the purpose of enhancing its services, the Company outsources the processing of personal information as set forth below. In accordance with related laws, necessary provisions are stipulated in the outsourcing contract to ensure that personal information is securely managed. Any changes will be notified through announcements or via updates to this Privacy Policy.
・ Domestic Outsourcing
| Service Provider | Outsourced Task | Retention Period |
|---|---|---|
| Amazon Web Service | Cloud IT infrastructure management | Until the termination of the contract |
| LG Uplus | SMS (text message) delivery | Until the termination of the contract |
| Bespin Global Co., Ltd. | Cloud service management (MSP) | Until the termination of the contract |
・ Overseas Outsourcing
| Legal Basis | Service Provider (Contact Information) | Destination Country | Purpose | Time and Method of Transfer | Items Transferred | Retention and Use Period |
|---|---|---|---|---|---|---|
| Article 28-8(1), Item 3 of the Personal Information Protection Act (Outsourcing for contract fulfillment/storage) | Amplitude | USA | Collection of customer activity information; product improvement and statistics through service and usage analysis | Transmitted via network at the time of service use | Encrypted Member ID, Gender, Birth Year, Nationality, Profile Completion Status, Service Usage Records (Pages Viewed, Time Spent, Click Events) | Stored for 60 days after contract termination |
| Article 28-8(1), Item 3 of the Personal Information Protection Act (Outsourcing for contract fulfillment/storage) | Google LLC (googlekrsupport@google.com) | USA | Statistical measurement of user behavior | Transmitted via network at the time of service use | Device Information (OS version, model name, UUID), IDFA, ADID, IDFV, Customer ID | Stored for up to 26 months after transfer |
| Article 28-8(1), Item 3 of the Personal Information Protection Act (Outsourcing for contract fulfillment/storage) | Typeform | Spain | Collection of customer inquiries and reports | Transmitted via network at the time of service use | Email, Mobile Phone Number | Stored for 60 days after contract termination |
| Article 28-8(1), Item 3 of the Personal Information Protection Act (Outsourcing for contract fulfillment/storage) | braze inc. (privacy@braze.com) | USA | Analysis of customer behavior and provision of push notification services | Transmitted via network at the time of service use | Device Information (OS version, model name, UUID), Additional Device Information, Encrypted Member ID, Gender, Birth Year, Nationality, Profile Completion Status, Service Usage Records (Pages Viewed, Time Spent, Click Events) | Stored for 60 days after contract termination |
※ Users may refuse the overseas transfer of personal information by contacting customer service. However, if a user refuses, there may be restrictions on the use of key services.
2) The Company may provide or use personal information in the following cases upon obtaining the user’s consent through proper procedures:
- (i) Partnerships: As of the effective date of this Privacy Policy, there is no partnership that involves providing personal information of individual members. In the event of any changes through a partnership, advance notice will be given. In such cases, an individual consent procedure will be followed and, if consent is not given, personal information will not be provided. Any partnership that does not provide personal information shall follow the terms for each member.
- (ii) Sale, Merger, or Acquisition: In cases where the rights and obligations of the service provider are succeeded or transferred, notice will be given in advance and users will be provided the option to withdraw their consent regarding their personal information.
- (iii) Exception: In cases where, pursuant to relevant laws or for investigative purposes, law enforcement agencies make a request according to legally prescribed procedures and methods.
3. Provision of Personal Information to Third Parties
1) In principle, the Company provides users’ personal information to external parties only with the prior consent of the user. However, the following exceptions apply:
- (i) When required by law or when law enforcement or supervisory authorities make a request pursuant to prescribed legal procedures for investigation or inquiry.
- (ii) When necessary for fee settlement.
- (iii) When necessary for the urgent protection of the life, body, or property of the user or a third party, even if obtaining consent is not feasible.
- (IV) In accordance with Article 17, Paragraph 4 of the Personal Information Protection Act and Article 14-2, Paragraph 1 of its Enforcement Decree, if the provision of personal information is related to the scope of collection and use purposes agreed upon by the member (refer to Section 1 of this policy), the member can reasonably anticipate the provision to a third party, the provision does not unfairly infringe on the member's interests, and sufficient technical security measures are ensured when providing the information to a third party.
2) The Company, in principle, uses personal information or provides it to third parties only within the scope disclosed in “1. Collection and Use of Personal Information” and does not use or provide it beyond that scope. However, the following exceptions apply:
- (i) When users have consented in advance to the disclosure or provision to a third party.
- (ii) When required by law or when law enforcement or supervisory authorities make a request pursuant to prescribed legal procedures for investigation or inquiry.
3) In any other cases where it is necessary to provide personal information to a third party, the Company may do so through proper procedures, such as obtaining the user’s consent. For the purpose of executing transactions, the Company may provide personal information to a third party as follows:
| Recipient | Purpose | Items Provided | Retention and Use Period |
|---|---|---|---|
| Corporate Members[View All] | Conducting job applications and recruitment processes; talent search for recruitment purposes | Name, Date of Birth, Nationality, Residential Area, Mobile Phone Number, Visa Information, Work Experience, Education/Training, Certificates, Korean language proficiency, Languages, Portfolio | Stored up to 90 days after the relevant job posting is closed, then deleted |
4. Retention and Use Period of Personal Information
The Site retains and uses a user’s personal information only for the period during which the service is provided from the date of membership registration. When a membership withdrawal is requested or the consent for the collection and use of personal information is withdrawn, the Company promptly destroys the personal information once the purpose of collection and use is achieved or the service period is terminated. However, in the following cases, the personal information will be preserved for the specified reasons and periods:
1) When retention is required by related laws (such as the Commercial Act), the Company will retain transaction details and the minimum basic information for the period stipulated by law. In this case, the Company will use the stored information solely for the purpose of retention.
| Relevant Law | Purpose | Items Collected | Retention Period |
|---|---|---|---|
| Communications Privacy Protection Act | To provide logs and IP information to law enforcement upon receipt of a court order | Log records, IP address, etc. | 3 months |
| Act on the Consumer Protection in Electronic Commerce, etc. | For records related to consumer complaints or dispute resolution | Consumer identification information, records of dispute resolution, etc. | 3 years |
| For records related to payment and supply of goods | Consumer identification information, contract/withdrawal records, etc. | 5 years | |
| For records related to contracts or subscription withdrawals | |||
| Framework Act on National Taxes | Calculation of the statute of limitations for national tax assessments | National tax documentation, etc. | 10 years |
| Calculation of the statute of limitations for tax collection rights, etc. | Reported data on taxable income and tax amounts | 5 years | |
| Value-Added Tax Act | For books, tax invoices, import tax invoices, receipts, etc. | Reported data on the taxable base and tax amounts | 5 years |
| Electronic Financial Transactions Act | Verification of electronic financial transaction records | Electronic financial transaction records, information about the counterparty | 5 years |
| Act on Reporting and Using Specified Financial Transaction Information | Customer verification obligations | Customer verification information, etc. | 5 years |
2) According to the Company’s internal policy, records related to fraudulent use, etc. are kept for 5 years.
3) Records of text message (SMS/MMS/AlimTalk, etc.) transmissions are retained for 1 year after transmission for the purpose of using them as evidence of telecommunication.
4) In cases where the retention period has been announced in advance and has not expired, or when separate consent has been obtained, the personal information will be retained for the agreed period.
5. Procedures and Methods for Destruction of Personal Information
Users’ personal information is, in principle, destroyed without delay when the purpose of collection and use has been achieved. The Company’s procedures and methods for the destruction of personal information are as follows:
1) Destruction Procedures
- (i) Information entered by users during membership registration is transferred to a separate database (or, in the case of paper, to a separate file) once its purpose is achieved, and then stored for a certain period in accordance with internal policies and other relevant laws for information protection before being destroyed.
- (ii) Personal information transferred to the separate database is not used for any other purpose unless required by law.
- (iii) For system maintenance, backed-up data is deleted in batches every 15 days after the backup.
2) Destruction Methods
- (i) Paper-based personal information is shredded using a shredder or incinerated.
- (ii) Electronic files containing personal information are deleted using technical methods that render the data irrecoverable.
6. Matters Concerning Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
1) The Company uses cookies to store and retrieve user information in order to provide individualized services and convenience.
2) Cookies are small amounts of data sent by a website’s server (HTTP) to the user’s browser and are stored on the user’s PC or mobile device.
3) Data subjects can adjust their browser settings to allow or block cookies. However, if cookies are blocked, it may become difficult to use some personalized services.
▶ Web Browser: Allow/Block Cookies
- - Microsoft Edge: Settings → Cookies and site permissions → Cookie settings
- - Safari: Preferences → “Prevent Cross-Site Tracking” and “Block all cookies”
- - Chrome: Click the three dots at the top right → Settings → Privacy and security → Cookies and other site data → Settings
▶ Mobile Browser: Allow/Block Cookies
- - Chrome: Mobile browser settings → Privacy and security → Clear browsing data
- - Safari: Mobile device settings → Safari → Advanced → Block all cookies
- - Samsung Internet: Mobile browser settings → Clear internet usage history
4) The Company collects and uses behavioral information from automatic personal information collection devices installed on third-party websites or apps to provide online customized advertisements.
5) The Company collects only the minimum amount of behavioral information necessary for optimized personalized services, benefits, and online customized advertisements. It does not collect sensitive behavioral information that could infringe on individual rights, interests, or privacy (such as political views, religious beliefs, education, or medical history).
6) The Company does not collect personal information from children under 14 and, accordingly, does not collect behavioral information from children or provide them with customized advertisements.
7) Data subjects may block or allow personalized advertisements collectively by changing the cookie settings in their web browser. However, changing these settings may restrict the use of certain services, such as automatic website login.
▶ Blocking/Allowing Personalized Ads via Web Browser:
- (1) Chrome:
- - In Chrome, click the three vertical dots at the top right, then click “Settings.”
- - On the left side of the Settings page, click “Privacy and security,” then click “Clear browsing data” to select whether to clear data.
- - Similarly, click “Privacy and security” on the left side, then click “Third-party cookies” and choose whether to block third-party cookies.
- (2) Edge:
- - In Edge, click the three horizontal dots at the top right, then click “Settings.”
- - On the left side, click “Privacy, search, and services,” then under the “Tracking Prevention” section, select whether and how strictly to apply tracking prevention.
- - Also, select whether to always use “Strict tracking prevention” when browsing InPrivate.
8) The Company collects and uses advertising identifiers for personalized advertisements in its app. Data subjects can block or allow personalized advertisements via the settings on their mobile devices.
▶ Blocking/Allowing Advertising Identifiers on Mobile Devices:
- (1) (Android) : Settings → Security and Privacy → Privacy → Other privacy settings → Ads → Reset or delete Advertising ID
- (2) (iPhone) : Settings → Privacy → Tracking → Disable “App Tracking”
※ Menu names and methods may vary slightly depending on the mobile OS version.
9) Data subjects may inquire about any matters regarding behavioral information, exercise their right to refuse, or report damages as specified in Article 13.
7. Matters Regarding the Provision, Collection, and Refusal of Behavioral Information by Third Parties through Automatic Collection Devices
1) When a user visits or uses the website/app, the Company employs cookies and tags—including third-party SDKs—for effective service use, advertising, and marketing.
2) The behavioral information collected by third parties from the Company’s website/app is as follows:
| Collection Tool Name | Service Provider | Type of Collection Tool | Behavioral Information Items Collected | Purpose |
|---|---|---|---|---|
| Web Script | Google Analytics | Analytical Cookies | Device Information (OS version, model name, UUID), IDFA, ADID, IDFV, Customer ID, Gender, Age, Education, Major, Behavioral Information (Visited Pages, Events) | Statistics |
| Script | Amplitude | Analytical Cookies | User Identifier, Visit Date/Time, IP Address, OS Information, Model Name, Carrier, Device Unique ID, IDFA, ADID, Encrypted Member ID, Gender, Birth Year, Nationality, Profile Completion Status, Service Usage Records (Pages Viewed, Time Spent, Click Events) | Statistics |
| SDK | Braze | Targeting SDK | Device Information (OS version, model name, UUID), Gender, Age, Education, Major, Behavioral Information (Visited Pages, Events) | Mobile notifications and pop-up services |
3) Data subjects can adjust their browser settings to allow or block third-party collection of behavioral information.
▶ Web Browser
- - Microsoft Edge : Settings → Privacy, search, and services → Tracking prevention → When browsing InPrivate, always use “Strict” tracking prevention → Privacy → Send a “Do Not Track” request
- - Chrome : Settings → Advanced → Privacy and security → Content settings → Cookies → Block third-party cookies
▶ Smartphone
- - Android : Google Settings → Account → Select Google Account → Ads → Disable personalized ads (menu options may vary by OS version)
- - iOS : iPhone Settings → Privacy → Advertising → Disable “Limit Ad Tracking” (menu options may vary by OS version) Additionally, users may refuse the use of Google Analytics by installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout).
4) For inquiries regarding behavioral information and remedies for any damages, please refer to Article 13.
8. Matters Concerning Measures to Ensure the Security of Personal Information
1) Encryption of Personal Information
- Users’ personal information is protected by passwords, and files and data are encrypted or secured using file-lock features and other security measures.
2) Measures Against Hacking and Similar Threats
- To prevent damages caused by hacking or computer viruses, the Company regularly updates its antivirus software and applies new antivirus measures as soon as they become available.
In addition, the Company installs its systems in areas with controlled access to prevent external intrusion and operates intrusion detection systems and vulnerability analysis systems to monitor 24 hours a day.
3) Education for Personnel Handling Personal Information
- The number of employees handling personal information is kept to a minimum. These employees receive regular training on new security technologies and personal information protection obligations, and internal audits are conducted to ensure that security is maintained.
4) Management of Personal IDs and Passwords
- The Company endeavors to protect user personal information to the best of its ability. However, the Company is not responsible for any issues arising from the leakage of personal information (such as IDs or passwords) due to the user’s carelessness or inherent risks associated with the internet.
9. Links
The “Site” contains various banners and links. In many cases, these links connect to third-party pages and may be included either due to contractual relationships with advertisers or to indicate the source of provided content.
If you click on any of the links on the “Site” and are redirected to a third-party page, please note that the privacy policy of that site is independent of JobKorea; you should review the privacy policy of the newly visited site.
10. Protection of Children's Personal Information
Given the nature of online recruiting, where it is determined that minors cannot register a resume and engage in job-seeking activities, the Company does not allow membership registration for children under 15 years of age.
11. Protection of Non-Members’ Personal Information
On the “Site,” most content is accessible even without membership, except for personal information and key resume details that a user wishes to keep private.
12. Rights of Users and Methods of Exercising Them
1) Members may view, make public or private, and modify their registered information at any time through “Member Information Management.”
2) Members may delete their personal information at any time via the “Edit Member Information → Membership Withdrawal” menu.
3) Members may request the matters outlined in 1) and 2) by writing, telephone, or email.
4) If the Company is unable to respond immediately or must refuse a request, it will notify the user of the delay or the legitimate reasons for refusal within 10 days from the date of the request.
5) Rights may also be exercised through a legal representative or an authorized agent. In such cases, a power of attorney must be submitted using the form provided in Attachment No. 11 of the “Notification on the Methods of Personal Information Processing.”
6) The right of the data subject to request access to or suspension of the processing of personal information may be restricted in accordance with Article 35(4) and Article 37(2) of the Personal Information Protection Act.
7) If other laws specify that such personal information must be collected, the deletion of that personal information cannot be requested.
8) The Company accepts requests to exercise rights through the Personal Information Protection Officer or the department in charge of personal information complaints as provided in Article 13.
13. Personal Information Protection Officer and Complaint Service
The Company designates the following as the Personal Information Protection Officer to safeguard user personal information and to handle any related grievances:
| Personal Information Protection Officer | Personal Information Complaint Department |
|---|---|
| Name: Kim Yosup Contact: 1588-9350 Email : privacy@jobkorea.co.kr | KLiK Customer Center Email : klik_cs@jobkorea.co.kr |
For further inquiries regarding personal information, please contact the following institutions:
| Personal Information Infringement Report Center | https://privacy.kisa.or.kr / Call 118 without area code |
|---|---|
| Supreme Prosecutors' Office Cyber Investigation Division | https://www.spo.go.kr / Call 1301 without area code |
| National Police Agency Cyber Investigation Bureau | https://www.police.go.kr / Call 182 without area code |
Supplementary Provisions
This Privacy Policy may be amended by adding, deleting, or modifying its contents due to changes in related laws, guidelines, or the needs of the Company. In such cases, notice will be provided at least 7 days in advance via the website or email. If advance notice is not feasible, notice will be provided without delay; if no separate notice is given, the amendments will take effect 7 days after notification. However, for amendments that significantly affect the rights or obligations of members, notice will be given at least 30 days in advance, and if no separate notice is provided, the amendments will take effect 30 days after notification. In addition, the Company may obtain separate consent from users as required by related laws.
Privacy Policy Version Number: 03
Date of Change Announcement: October 08, 2024
Effective Date: October 15, 2024