Noah Investment

KO | EN

Noah Investment

Noah Investment Management Privacy Policy

Noah Investment Management Co., Ltd. ("the Company") considers the protection of users' personal information to be of utmost importance and is committed to protecting the personal information provided by users to utilize the Company's services. Accordingly, the Company complies with all laws and regulations related to personal information protection, including the "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc." and the "Personal Information Protection Act."
The Company makes this Privacy Policy available on the first page of its website so that users can easily access it at any time.

Article 1 (Purpose of Processing Personal Information)

A client's personal information is used to provide financial services and is only used for purposes to which the client has consented.

  • Solicitation of contracts
  • Determining the conclusion and maintenance of contracts, such as financial transactions applied for by the data subject
  • Accident investigation, dispute resolution, and handling of civil complaints
  • Other cases as stipulated by this Act and other relevant laws
Article 2 (Items of Personal Information Processed)

The Company processes the following items of personal information.

  • Required Information
    • 1.Personal Identification Information: Name, unique identification numbers (e.g., resident registration number), nationality, occupation, address, email address, phone number, and other contact information.
    • 2.Financial Transaction Information: Product type, transaction conditions (e.g., fee rates, maturity), transaction date and time, amount, and other transaction settings and history.
    • 3.Investor Information: Investment purpose, investment experience, income, and other details as stated in the Investor Information Confirmation Form.
    • Customers have the right to refuse the collection and use of the above personal information. However, refusal to provide required information may result in restrictions on service use, including the inability to conclude a contract.
  • Optional Information
    • 1.Information on residence and family, period of residence, household composition, marital status, and other information provided by the client beyond the required information.
Article 3 (Processing and Retention Period)

The Company processes the following items of personal information.

  • As a general rule, the personal information of a data subject is destroyed without delay once the purpose of its processing has been achieved. However, if personal information must be retained in accordance with other laws, such as the 'Financial Investment Services and Capital Markets Act', it may be retained and used for the period specified in the relevant law.
  • In the following cases, the information will be retained until the respective reason ceases to exist:
    • 1.If an investigation or inquiry is ongoing due to a violation of relevant laws, until the investigation or inquiry is concluded.
    • 2.If a credit/debt relationship arising from the use of financial services remains, until the said credit/debt relationship is settled.
    Key Laws Related to Record Keeping
    Content Relevant Legal Provision Retention Period
    Data related to financial investment business
    (e.g., data on investment solicitation)    		 Enforcement Decree of the Financial Investment Services and Capital Markets Act 10 years (varies by data type)
    Record management of provided transaction information Act on Real Name Financial Transactions and Confidentiality 5 years
    Records of electronic financial transactions Electronic Financial Transactions Act 5 years
    Records of website visits Protection of Communications Secrets Act 3 months
Article 4 (Provision of Personal Information to Third Parties)

The Company will not use a client's personal information beyond the scope specified in Article 1 (Purpose of Processing Personal Information) or provide it to third parties, except with the client's consent, as required by relevant laws, or when necessary for the services provided by the Company to the client. However, in the following cases, personal information may be provided without the client's consent in accordance with the provisions of relevant laws:

  • When there is a special provision in the law or it is unavoidable to comply with a legal obligation.
  • When it is unavoidably necessary for the conclusion and performance of a contract with the data subject.
  • When it is deemed necessary for the imminent life, physical safety, or property interests of the data subject or a third party, where the data subject or their legal representative is unable to express their intent or prior consent cannot be obtained due to an unknown address, etc.
  • When necessary for statistical purposes, academic research, etc., and the personal information is provided in a form that does not allow for the identification of a specific individual.
Article 5 (Destruction of Personal Information)
  • When the retention period for personal information has expired, or the information becomes unnecessary due to the achievement of its processing purpose, the closure of the relevant service, or the termination of the business, the personal information will be destroyed without a justifiable reason.
  • If personal information must be retained in accordance with other laws despite the expiration of the retention period agreed upon by the data subject or the achievement of the processing purpose, the said information will be transferred to a separate database (DB) or stored in a different location.
  • The procedure and method for destroying personal information are as follows:
    • 1.Destruction Procedure: After selecting the personal information for which the reason for destruction has occurred, it is destroyed with the approval of the Data Protection Officer.
    • 2.Destruction Method: Personal information recorded and stored in electronic file formats is destroyed using technical methods that make the records irreproducible. Personal information recorded and stored on paper documents is destroyed by shredding with a shredder or by incineration.
Article 6 (Rights and Obligations of Data Subjects and Methods of Exercising Them)
  • Clients may exercise their rights related to personal information protection at any time, including the right to request access, correction, deletion, and suspension of processing of their personal information.
  • The rights mentioned in Paragraph 1 can be exercised by using the provided forms, through visits, email, or FAX.
  • If exercising rights through a representative (such as a legal representative or an authorized person), you must submit a power of attorney according to Form No. 11 of the Enforcement Rule of the Personal Information Protection Act.
Article 7 (Measures to Ensure the Security of Personal Information)

The Company takes the following measures to ensure the security of personal information:

  • Administrative Measures: The Company conducts regular education to ensure that personal information handlers can handle personal information properly. If necessary, supplementary training is provided at the discretion of the Data Protection Officer.
  • Technical Measures: The Company installs and operates security programs, such as antivirus software, on its personal information processing systems or business computers to prevent and treat malicious programs. It uses the automatic update feature of these security programs to perform daily updates and implements immediate updates when a malware alert is issued or a security update is announced by the application or operating system software provider.
Article 8 (Data Protection Officer)

The Company has designated a Data Protection Officer and manager as follows to handle opinion gathering, complaint processing, and damage relief related to personal information processing.

  • Data Protection Officer Name: Jonghyun Son, CEO
    Contact: 070-7777-3225
    Email: jhshon@noaham.com
Article 9 (Changes to the Privacy Policy)

This Privacy Policy is effective from its enforcement date. Any additions, deletions, or corrections to its content due to changes in laws or policies will be announced through the Company's website.

Article 10 (Remedies for Infringement of Rights)

The Company will do its best to protect clients' personal information. In the event of an information leak, we will notify you without delay via phone, mail, or email. Data subjects may apply for dispute resolution or counseling for personal information infringements to the Personal Information Dispute Mediation Committee, the KISA (Korea Internet & Security Agency) Personal Information Infringement Report Center, etc. For other reports and consultations on personal information infringements, please contact the institutions below.

  • Personal Information Dispute Mediation Committee: (dial without an area code) 118
  • Information Protection Mark Certification Committee: 02-580-0533~4
  • Supreme Prosecutors' Office Cybercrime Investigation Division: 02-3480-3573
  • National Police Agency Cyber Terror Response Center: 02-1566-0112
Addendum

This policy is effective from the date of the company's registration for discretionary investment business with the Financial Services Commission.