Privacy Policy

Privacy Policy

'HireVisa' operated by 'Hire Diversity Co., Ltd.' (hereinafter referred to as the 'Company') has established and operates the following privacy policy in order to protect the personal information and rights of users and to promptly handle related grievances in accordance with Article 30 of the Personal Information Protection Act. Our company is committed to complying with the responsibilities and obligations stipulated by the relevant laws and regulations.

In case of discrepancy between the translated version and the Korean original of this policy, the Korean version shall prevail.

Effective Date: 2026-01-08

Table of Contents

Article 1. Information on the Collection and Use of Personal Information

Article 2. Handling of Sensitive Information

Article 3. Handling of Personal Information of Children Under 14

Article 4. Installation/Operation of Automatic Personal Information Collection Devices and Processing and Rejection of Behavioral Information

Article 5. Retention, Use Period, and Destruction of Personal Information

Article 6. Consignment of Personal Information Processing

Article 7. Provision of Personal Information to Third Parties

Article 8. Overseas Transfer of Personal Information

Article 9. Measures to Ensure the Safety of Personal Information

Article 10. Rights of Users and Legal Representatives and How to Exercise Them

Article 11. Personal Information Protection Officer and Remedies for Infringement of User Rights

Article 12. Changes to the Privacy Policy

Article 1. Information on the Collection and Use of Personal Information

  1. 1.
    The Company collects the minimum amount of personal information necessary to use the Service.
  2. 2.
    The Company handles users' personal information as follows.

Collection and Use of Personal Information

  • The Company may collect additional personal information with the consent of the user to provide various services.

Unique Identification Information

Purpose of CollectionRequired ItemsRetention and Use Period
Receiving applications for alien registration cards, reviewing document appropriateness, issuing alien registration cards, and providing HireVisa servicesPassport number, Alien registration numberUntil withdrawal of membership or termination of additional service provision
Receiving health insurance exemption applications, reviewing document appropriateness, and processing insurance applicationsPassport number, Alien registration numberUntil withdrawal of membership or termination of additional service provision
Mobile activation, plan subscription and managementPassport numberUntil withdrawal of membership or termination of additional service provision

Membership Registration and Service Use

Purpose of CollectionRequired ItemsRetention and Use Period
Member identification and management for HireVisa service provisionName, email, passwordUntil withdrawal of membership
Proxy issuance of visa confirmation certificatePhoto, name, date of birth, gender, nationality, visa-related mattersUntil withdrawal of membership or as required by the Certified Public Administrative Attorney Act Article 26 and its Enforcement Decree

Non-members

Purpose of CollectionRequired ItemsRetention and Use Period
HireVisa service free consultation applicationEmailUp to 3 months from the date of collection
Receiving recruitment applications and managing the screening processName, phone number, email, resume, portfolio3 years from the date of collection or until withdrawal of consent
Providing HireVisa service introduction materialsEmailUp to 3 months from the date of collection

Marketing

Purpose of CollectionRequired ItemsRetention and Use Period
Service promotion and marketing information deliveryEmail, mobile phone numberUntil withdrawal of membership or withdrawal of consent

Service Operation and Management

Purpose of CollectionRequired ItemsRetention and Use Period
Receiving health insurance exemption applications, reviewing document appropriateness, and processing insurance applicationsName, mobile phone numberUntil withdrawal of membership
Mobile activation, plan subscription and managementName, address, nationality, payment information, IMEI, EIDPayment information is destroyed immediately upon activation completion; other information is retained until withdrawal of membership

Processing of Personal Information and Unique Identification Information Without Consent

  • The Company shall notify the data subject of personal information that can be processed without their consent, including the items and legal basis for processing, through email or other methods prescribed by Presidential Decree.
Purpose of CollectionCollected ItemsRetention and Use PeriodLegal Basis
Receiving and responding to member inquiries related to HireVisa serviceName, email, inquiry detailsUntil withdrawal of membershipContract fulfillment
Receiving applications for alien registration cards, reviewing document appropriateness, issuing alien registration cards, and providing HireVisa servicesName, email, date of birth, gender, mobile phone number, nationality, address and place of stay in Korea, proof of residence documentsUntil withdrawal of membershipContract fulfillment
Payment and refund for HireVisa serviceEmail, payment informationAs required by the Act on Consumer Protection in Electronic Commerce, etc. Article 6 and its Enforcement DecreeContract fulfillment
Extension of stay, change of residence status, and other visa administrative inquiriesName, email, mobile phone number, inquiry detailsUntil withdrawal of membership or as required by the Certified Public Administrative Attorney Act Article 26 and its Enforcement DecreeContract fulfillment
Providing administrator services for partner school staffName, school email, affiliation (university, department)Until withdrawal of membershipContract fulfillment

Article 2. Handling of Sensitive Information

The Company does not collect sensitive personal information of users.

Article 3. Handling of Personal Information of Children Under 14

The Company does not provide its services to children under the age of 14 and does not collect personal information about them.

Article 4. Installation/Operation of Automatic Personal Information Collection Devices and Processing and Rejection of Behavioral Information

  1. 1.
    The Company uses 'cookies' that store and retrieve usage information to provide users with individually customized services.
  2. 2.
    Cookies are small amounts of information sent to the user's computer browser by the server operating the website and are stored on the hard disk of the user's PC.
  3. 3.
    The Company collects and uses behavioral information during the service usage process to provide customized services and benefits optimized for the data subject, online personalized advertisements, etc.

Purpose of Use of Automatically Collected Personal Information

  • Compliance with Relevant Laws
    • The Company is obligated to retain the user's access records (login) to comply with relevant laws and regulations.
  • Service Usage Log Collection and Improvement
    • Visit date/time, service usage records, access IP information, and cookies are collected and retained for up to 45 days from the date of collection, then immediately deleted.

Information on Automatic Personal Information Collection and How to Refuse

  • The following analytics tools are used to collect and analyze user key behaviors (behavioral information). The collected information has a low possibility of identifying specific individuals.
    • Datadog
  • Installation, operation, and refusal of automatic personal information collection devices: You can refuse the storage of cookies or collection of behavioral information in the following ways.
    • Web Browser
      • However, changing cookie settings may affect the use of some services, such as automatic login to the website.
      • Blocking/Allowing Personalized Ads via Web Browser
        1. 1.
          Internet Explorer (Internet Explorer 11 for Windows 10)
          • In Internet Explorer, select the Tools button and then select Internet Options
          • Select the Privacy tab, select Advanced under Settings, and then select to block or allow cookies
        2. 2.
          Microsoft Edge
          • In Edge, click the '...' icon in the top right corner, then click Settings.
          • Click 'Privacy, search, and services' on the left side of the Settings page, then select whether and at what level to enable 'Tracking prevention' in the Tracking prevention section.
          • Select whether to 'Always use Strict tracking prevention when browsing InPrivate'.
          • In the Privacy section below, select whether to 'Send Do Not Track requests'.
        3. 3.
          Chrome Browser
          • In Chrome, click the '⋮' icon in the top right corner (Customize and control Chrome), then click Settings.
          • At the bottom of the Settings page, click 'Advanced settings' and in the Privacy section, click Content settings.
          • In the Cookies section, check the box for 'Block third-party cookies and site data'.
  • Other
    • The Company collects only the minimum behavioral information necessary for online personalized advertising and does not collect sensitive behavioral information that may clearly infringe on the rights, interests, or privacy of individuals, such as thoughts, beliefs, family relationships, educational background, medical history, and other social activities.
    • The Company does not collect behavioral information for personalized advertising purposes from children known to be under 14 years of age or from online services primarily used by children under 14, and does not provide personalized advertising to children known to be under 14 years of age.
    • Data subjects may contact us at the following address for inquiries about behavioral information, to exercise their right to refuse, or to report damages.
    • Contact: support@hirediversity.club

Article 5. Retention, Use Period, and Destruction of Personal Information

The Company shall destroy the personal information without delay when it becomes unnecessary, such as when the retention period expires or the purpose of processing is achieved.

User Information

(1) The Company shall delete all personal information of users when the purpose of collecting personal information is achieved.

Procedures and Methods of Destruction of Personal Information

  • (1) Destruction Procedure
    • The Company selects the personal information for which destruction reasons have occurred and destroys the personal information with the approval of the personal information protection officer.
  • (2) Destruction Method
    • The Company destroys personal information recorded and stored in electronic file format so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents by shredding or incineration.

Mandatory Retention Periods Under Applicable Laws

The grounds for retention and the items of personal information to be retained in accordance with relevant laws are as follows.

  • Items to be retained: card company name, card number, account number, IP, browser, device information
Purpose of RetentionLegal BasisRetention Period
Records of contracts or subscription withdrawalAct on Consumer Protection in Electronic Commerce, etc.5 years
Records of payment and supply of goods, etc.Act on Consumer Protection in Electronic Commerce, etc.5 years
Records of consumer complaints or dispute handlingAct on Consumer Protection in Electronic Commerce, etc.3 years
Records of display/advertisingAct on Consumer Protection in Electronic Commerce, etc.6 months
Books and supporting documents for all transactions prescribed by tax lawsFramework Act on National Taxes5 years
Access record retentionProtection of Communications Secrets Act3 months

Article 6. Consignment of Personal Information Processing

The Company consigns some personal information processing tasks for smooth handling of personal information, and when entering into a consignment contract, supervises whether the consignee safely processes personal information in accordance with relevant laws. If the consignment details or consignee are added or changed, we will disclose it without delay through prior consent notice in accordance with relevant laws or through this Privacy Policy.

Personal Information Processing Consignment and Trustees

TrusteeConsigned Tasks
Amazon Web ServiceData storage and computer system operation/management
DatadogService usage log collection and improvement
DaouTech Co.Fax document submission to government offices (Enfax)
One people (CatchSecure)Management of personal information collected through CatchSecure's CatchForm, identity verification and electronic signature services provided by CatchForm
Doodlin CorporationRecruitment application platform (Greeting)
Channel CorporationInquiry platform provision
Toss PaymentsPayment and refund for HireVisa service

Article 7. Provision of Personal Information to Third Parties

The Company processes the personal information of data subjects only within the scope specified in 'Article 1. Information on the Collection and Use of Personal Information' and provides personal information to third parties only with the prior consent of the user or when special requirements under relevant laws arise.

Information Provided to Third Parties with Prior Consent

RecipientPurpose of ProvisionItems ProvidedRetention and Use Period
LG UplusMobile activation and plan subscriptionPassport number, name, address, nationality, payment informationUntil withdrawal of membership

Information Provided to Third Parties Without Prior Consent in Accordance with Relevant Laws

  1. 1.
    When necessary for statistical compilation, academic research, or market research and provided in a form that does not identify a specific individual
  2. 2.
    When requested by government agencies in accordance with relevant laws
  3. 3.
    For the purpose of criminal investigation or at the request of the Information and Communication Ethics Committee
  4. 4.
    When requested in accordance with procedures set forth in other relevant laws
RecipientPurpose of ProvisionItems ProvidedRetention and Use PeriodLegal Basis
National Health Insurance ServiceManagement of health insurance premium charges under the National Health Insurance Act, receiving health insurance exemption applications, reviewing document appropriateness, processing insurance applicationsPassport, alien registration card, name, mobile phone number, (Japan) overseas health insurance cardAs required by relevant lawsStatutory obligation (Legal basis: National Health Insurance Act Articles 14 and 69)

Provision of Personal Information in Emergency Situations

  • In case of emergency situations such as disasters, infectious diseases, incidents or accidents posing imminent danger to life or body, or imminent property loss, personal information may be provided to relevant agencies without the consent of the data subject.
  • Emergency situations are based on the 'Guidelines for Personal Information Processing and Protection in Emergency Situations' jointly announced by relevant government departments.

Article 8. Overseas Transfer of Personal Information

The Company does not provide personal information to other businesses outside of Korea. However, personal information processing tasks are transferred overseas as follows to fulfill contracts related to the provision of information and communication services and to improve user convenience.

Overseas Transfer of Behavioral Information

Company and CountryRetention PeriodDate and MethodPurposeItemsContact
Datadog/USAUntil contract termination or 45 days from collection, whichever comes firstTransmitted over an encrypted network when providing servicesService usage log collection and improvementVisit date/time, service usage records, access IP information, cookieshelp@datadoghq.com

Article 9. Measures to Ensure the Safety of Personal Information

The Company is committed to safely managing users' personal information to prevent loss, theft, leakage, alteration, or damage, and takes necessary technical, administrative, and physical measures.

Minimization and Training of Employees Handling Personal Information

We minimize the number of employees handling personal information and conduct periodic personal information protection training to implement measures for managing personal information.

Establishment and Implementation of Internal Management Plan

We have established and implemented an internal management plan for the safe processing of personal information.

Retention of Access Records and Prevention of Falsification

We retain and manage records (web logs, summary information, etc.) of access to the personal information processing system for at least one year to facilitate response in case of personal information infringement incidents, and use security features to prevent access records from being falsified, stolen, or lost.

Encryption of Personal Information

Users' personal information is stored and managed in encrypted form.

Technical Measures Against Hacking

The Company installs security programs and conducts periodic updates and inspections to prevent personal information leakage and damage due to hacking or computer viruses. Systems are installed in areas with restricted external access and are technically and physically monitored and blocked.

Restriction of Access Control to Personal Information

We take measures to control access to personal information by granting, changing, or revoking access rights to the personal information processing system that handles personal information.

Article 10. Rights of Users and Legal Representatives and How to Exercise Them

The Company has established the following methods of exercise to protect the personal information rights of users (or their legal representatives).

User's Rights and Methods of Exercise

  1. 1.
    View/Edit: HireVisa App > My Page > Settings
  2. 2.
    Withdrawal of Membership: HireVisa App > My Page > Settings > Delete Account
  3. 3.
    In addition, you may request the suspension of processing and deletion of personal information through written correspondence, email, etc.
  4. 4.
    If you request correction or deletion of errors in personal information, the Company will not use or provide the personal information until the correction or deletion is completed.
  5. 5.
    Requests for correction or deletion of personal information cannot require deletion of such personal information if it is specified as subject to collection in other laws.
  6. 6.
    The Company verifies the identity of the person making requests for access, correction, deletion, or suspension of processing in accordance with user rights.

Rights of Legal Representatives and Methods of Exercise

  1. 1.
    When a user's legal representative or authorized person exercises the user's rights (access, correction, suspension of processing, deletion), a power of attorney in the form of Annex No. 11 of the 'Notification on Methods of Personal Information Processing' must be submitted.
  2. 2.
    The Company verifies whether the person making the request is a legitimate representative when processing requests for access, correction, deletion, or suspension of processing in accordance with user rights.

Article 11. Personal Information Protection Officer and Remedies for Infringement of User Rights

  1. 1.
    The Company is responsible for overall personal information processing and has designated a personal information protection officer as follows to handle user complaints and damage relief related to personal information processing.
  2. 2.
    Users may request access to their personal information. The Company will endeavor to promptly process users' requests for access to personal information.

Role of the Personal Information Protection Officer

Users may contact the Personal Information Protection Officer for all inquiries, complaints, and damage relief related to personal information protection arising from using the Service. The Company will respond to and process user inquiries without delay.

Organizations That Can Help with Rights Infringement

If you need further assistance regarding infringement of your rights, please contact the following organizations.

  1. 1.
    Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
    • Responsibilities: Personal information infringement report and consultation requests
    • Website: privacy.kisa.or.kr
    • Phone: (no area code) 118
    • Address: Personal Information Infringement Report Center, 3F, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong) 58324
  2. 2.
    Personal Information Dispute Mediation Committee
    • Responsibilities: Personal information dispute mediation application, collective dispute mediation (civil resolution)
    • Website: www.kopico.go.kr
    • Phone: (no area code) 1833-6972
    • Address: 4F, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul 03171
  3. 3.
    Supreme Prosecutors' Office Cybercrime Investigation Unit
    • Phone: (no area code) 1301
    • Website: www.spo.go.kr
  4. 4.
    National Police Agency Cyber Security Bureau
    • Phone: 182
    • Website: ecrm.police.go.kr

In addition, a person whose rights or interests have been infringed due to a disposition or omission by the head of a public institution in response to requests for access, correction, deletion, or suspension of processing of personal information may file an administrative appeal in accordance with the Administrative Appeals Act.

  • Central Administrative Appeals Commission: Refer to (www.simpan.go.kr) for phone number information

Article 12. Changes to the Privacy Policy

This Privacy Policy is effective from the effective date, and if there are any additions, deletions, or corrections due to changes in relevant laws or policies, we will notify you through our website without delay.

Change History