Privacy Policy
Privacy Policy (Declaration of Protection of Personal Information)
As a personal information handling business operator under the Act on the Protection of Personal Information (hereinafter referred to as the "Act"), Cloudtestify recognizes the critical importance of protecting personal information. To ensure the rigorous protection of personal data, Cloudtestify adheres to the following basic policy regarding the protection of personal information and ensures that all personnel are familiar with and comply with this policy.
1. Basic Policy
1. Cloudtestify complies with the Act on the Protection of Personal Information, guidelines issued by relevant authorities, and other applicable laws and regulations concerning the proper handling of personal information.
2. Cloudtestify acquires personal information in a lawful manner and, unless otherwise required by law, uses such information for the purposes disclosed, informed, or explicitly stated at the time of collection.
3. To prevent the loss, alteration, or unauthorized disclosure of personal information, Cloudtestify implements appropriate security controls, including information security measures.
4. Cloudtestify regularly reviews its management system and efforts to protect personal information in order to continuously improve its data protection practices.
2. Handling of Personal Information
By posting this policy on our website, Cloudtestify discloses in advance the purposes for which personal information is used, and potential joint use of personal information.
(1) Purposes of Utilization of Personal Information
- To introduce and provide audit, assurance, consulting, financial advisory, risk advisory, tax, legal, and various other services offered by Cloudtestify (including procedures to check independence and conflicts of interest, etc.);
- To provide information through publications (including newsletters and other content provided via our website, email, and other channels) issued by Cloudtestify, and to provide information on sales and/or subscriptions of such publications;
- To organize and operate various seminars, conferences, and study sessions;
- To select and hire personnel (including partners, directors, and other staff members) and to conduct human resource management after hiring;
- To make proposals, conduct research, perform statistical analysis, and respond to requests from public organizations concerning the services provided by Cloudtestify, and to contribute to societal efforts;
- To respond to various inquiries from users;
- To implement comprehensive risk management based on legal and regulatory compliance requirements, as well as quality control.
(2) Joint Utilization of Personal Information
A. Joint Utilization by Entities of Cloudtestify
Cloudtestify may jointly use acquired personal data with other entities within the organization as outlined in the section “Scope of Joint Users” in this policy.
(i) Items that may be jointly utilized
- Name (including workplace, department, title, and position that can identify a specific person), address, phone number, fax number, email address, and requests made by the individual;
- Inquiry details;
- Matters related to services provided;
(ii) Internal Information (Personnel Information)
- Name and other employment-related information, including performance evaluations.
(3) Provision to Third Parties
Cloudtestify does not, as a general rule, provide personal data to third parties except as permitted by applicable laws or where consent is given in accordance with the purpose or policy specified under the law.
However, in accordance with Article 27, Paragraph 2 of the Act, personal data may be provided to third parties via an opt-out mechanism, with the individual having the right to request suspension of such data provision.
(4) Provision to Third Parties in a Foreign Country
When personal data is provided to a third party in a foreign country, Cloudtestify will ensure that the third party has a system in place that meets the standards prescribed by the Personal Information Protection Commission or will obtain prior consent from the individual for such provision.
3. Management of Personal Information
Cloudtestify strives to ensure that personal data is accurate and up to date, to the extent necessary for the purpose of utilization.
In order to prevent loss, destruction, alteration, or leakage of personal information, Cloudtestify takes appropriate security measures:
- Establishment of Basic Policy: Cloudtestify has established an "Information Security Policy" to ensure appropriate handling of personal data.
- Development of Rules: Cloudtestify has established detailed regulations regarding the handling of personal data in business operations.
- Systematic Security Measures: Cloudtestify has appointed a Chief Personal Information Manager and conducts internal audits and external certifications, including ISO27001 (acquired in 2017).
- Human Security Measures: All personnel sign a confidentiality agreement and receive ongoing education on information security.
- Physical Security Measures: Cloudtestify controls access to areas where personal data is stored and ensures appropriate physical security measures are in place.
- Technical Security Measures: Cloudtestify implements measures to secure access to servers and prevent data leakage due to unauthorized software.
- External Environment Understanding: Cloudtestify complies with all applicable laws regarding information handling and ensures security in foreign countries when necessary.
4. Handling of Pseudonymized Personal Information
Cloudtestify complies with the standards prescribed by applicable laws and takes appropriate security measures when handling pseudonymized personal information.
5. Procedures for Disclosure, Correction, and Cessation of Use of Retained Personal Data
Upon receiving a request regarding retained personal data, such as a request for disclosure, correction, or cessation of use, Cloudtestify will handle such requests in accordance with applicable laws and regulations.
6. Handling of Personally Identifiable Information
Cloudtestify handles personally identifiable information in compliance with the Act on the Protection of Personal Information and related guidelines published by relevant authorities.
7. Complaints/Inquiries
If you have any complaints, comments, or questions regarding the handling of personal information by Cloudtestify, please contact us at: tekuula@foxmail.com.
Note: Except for joint utilization, the management of personal information is handled by each entity of Cloudtestify independently. Other entities within Cloudtestify or affiliated firms of DTTL are not jointly responsible unless specified under individual circumstances.
8. Revision of the Privacy Policy
Cloudtestify may revise all or part of this Privacy Policy as necessary. The updated Privacy Policy will be posted on our website or communicated to you through other appropriate means.
9. Privacy Statement
In order to appropriately handle personal information and personally identifiable information acquired through its website, Cloudtestify has established a Privacy Statement, which applies to handling such information with respect to the website's specific characteristics.