3. Outsourcing of Personal Information Processing (Matters regarding the transfer of personal information overseas)

1) In order to facilitate the handling of personal information, AB180 outsources personal information processing tasks as follows. The entrusted work processed by an overseas corporation among entrustment is as follows.

2) When signing an outsourcing contract, AB180 specifies matters such as prohibition of personal information processing for other purposes than conducting the outsourced duties, technical and administrative protection measures, restriction on subcontract, management and supervision of the outsourcee, indemnification for damages and other liabilities, etc. in accordance with Article 26 of the Personal Information Protection Act and supervises the outsourcee for safe handling of personal information.

3) In case of any change in the contents of the outsourced tasks or the outsourcee, the Company shall without delay disclose such change through this Privacy Policy

4) AB180 does not provide personal information to third parties without the prior consent of the data subject. However, personal information may be provided in the following cases: when the data subject directly consents to the provision of personal information in order to use the services of external affiliated companies, and when the company is obligated to submit personal information to the competent authority in accordance with relevant laws, and when there is an urgent need to protect the life or safety of the data subject and it is necessary to provide personal information to resolve such risks.

5) Data subjects may refuse the transfer of personal information overseas by contacting the personal information protection department. However, please note that refusal of the transfer of personal information overseas may result in difficulty in using the services smoothly.

4. Rights and Duties of Information Subject and Legal Representative and Methods of Exercising Them

As a personal information subject, the user can exercise the following rights.

1) The information subject may at any time exercise the right to access, correct, or delete his/her personal information or request discontinuance of personal information processing to AB180.

2) The user can exercise the rights under Paragraph 1 by documents, email, fax, etc. according to Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and AB180 shall take actions accordingly without delay.

3) The information subject may exercise the rights under Paragraph 1 through his/her legal representative, trustee, or other authorized agents. In this case, the user shall submit a power of attorney produced on the form in Annex 11 of the Enforcement Rules of the Personal Information Protection Act.

4) The information subject's right to request suspension of personal information access or processing may be limited pursuant to Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.

5) Correction or deletion of personal information may not be requested if such personal information is specified to be subject to collection in other laws or regulations.

6) AB180 performs verification of whether the requester of viewing, correcting or deleting personal information or suspending processing of such information is the information subject or his/her rightful agent.

5. Destruction of Personal Information

In principle, AB180 shall destroy personal information without delay when the purpose of processing the personal information is achieved. The procedure, time, and method of destruction are as follows.

1) Procedure of destruction

The information entered by the user is transferred to a separate DB (separate documents in the case of data on paper) after achieving the purpose and is stored for a certain period of time or immediately destroyed according to the internal policy and other related statutes. Here, the personal information transferred to the DB shall not be used for any other purpose than what is required by the laws.

2) Time of destruction

Personal information of the user shall be destroyed within five days after the end date of the retention period or within five days after the date on which it is acknowledged that processing of such personal information is no longer necessary due to reasons such as fulfillment of the purpose of personal information processing, discontinuation of the service, closing of the business, etc.

3) Method of destruction

Personal information recorded and stored in electronic file format is destroyed in a way that makes it unrecoverable, and personal information recorded and stored in paper documents is shredded or incinerated for disposal.

6. Matters Concerning Installation, Operation, and Rejection of Automatic Personal Information Collection Devices

1) AB180 uses "cookies" to save and retrieve the usage information to provide the individually customized service.

2) Cookies are a small amount of information that the server(http) used to run a website sends to the user's computer browser and are sometimes stored in the hard disk of the user's computer.

3) Users can configure their web browser options to allow or block cookies. However, refusing to store cookies may result in difficulties using customized services.

※ How to Install, Operate, and Reject Cookies

• Web Browser

  a) Chrome : Web Browser Settings > Privacy and Security > Clear Browsing Data

  b) Edge : Web Browser Settings > Cookies and Site Permissions > Manage and Delete Cookies and Site Data

• Mobile Browser

  a) Chrome : Mobile Browser Settings > Privacy and Security > Clear Browsing Data

  b) Safari : Mobile Device Settings > Safari > Advanced > Block All Cookies

  c) Samsung Internet : Mobile Browser Settings > Browsing History > Delete Browsing History

7. Behavioral Information Collection, Use, Provision, and Rejection

The company collects and uses online behavioral information to analyze the usage of this site for purposes such as product and service development and customer analysis. Behavioral information refers to online user activity data that can be used to understand and analyze users' interests, preferences, and tendencies, such as website visit history, app usage history, purchase and search history.

1) The company collects behavioral information on the Airbridge website as follows.

2) Users have the right to collectively block or allow the collection of behavioral information by adjusting cookie and device settings on the web/app. However, changing cookie settings may restrict the use of certain services such as automatic login on websites.

3) Customers can refuse the use of cookies by adjusting their browser settings.

• Web Browser

  a) Chrome : Settings > Privacy and Security > Clear Browsing Data > Choose whether to delete browsing data and block third-party cookies

  b) Edge : Settings > Privacy, Search, and Services > Choose options and levels for tracking prevention

• Mobile Browser

  a) Android : Settings > Security and Privacy > Privacy > Other Privacy Settings > Ads > Reset Advertising ID or Delete Advertising ID

  b) IOS : Settings > Privacy and Security > Tracking > Disable App Tracking

  ※ Menu and methods may vary slightly depending on the mobile OS version.

8. Privacy Protection Department

1) AB180 operates a Privacy Protection Department to handle personal data processing and address any complaints or remedy issues related to personal data processing as follows.

2) User can contact the Privacy Protection Department regarding any inquiries, access requests, complaints, or remedy issues related to personal data protection arising from their use of AB180 Inc.'s services (or business). AB180 Inc. will respond to and address these inquiries without delay.

9. Measures to Ensure Safety of Personal Information

AB180 ensures security measures necessary for safety in accordance with Article 29 of the Personal Information Protection Act through technical, managerial, and physical measures.

1) Periodic self-audit

In order to ensure safety in handling personal information, the Company conducts self-audit on a regular basis (once a year).

2) Minimization and training of personnel handling personal information

The Company designates persons who handle personal information and minimizes such personnel size by limiting assignment of such tasks to managers only.

3) Establishment and implementation of internal management plan

The Company establishes and implements internal management plans for safe handling of personal information.

4) Technical measures against hacking, etc.

To prevent personal information leak or damage caused by hacking, computer viruses, etc. the Company installs security programs, performs periodic updates and inspections, installs systems in areas where access from outside is restricted, and performs technical and physical monitoring and blocking.

5) Encryption of personal information

The User's password encrypted and stored and managed so that only the user can know, and uses separate security functions for handling important data such as encrypting files and transmitted data and using file locking.

6) Storage of access records and prevention of forgery and falsification

The Company keeps and manages the access records in the personal information processing system for at least 2 years and uses security functions to prevent forgery, falsification, theft, and loss of the access records.

7) Restriction on access to personal information

The Company controls access to personal information by granting, modifying, and canceling access rights to the database system that processes personal information and blocks unauthorized access from outside using an intrusion prevention system.

8) Blocking of unauthorized access

The Company has a separate physical storage area for personal information and has an established access control procedure in operation for the area.

10. Remedies for Infringement on Rights of Information Subjects

The following are separate organizations from AB180, and if you are not satisfied with AB180's handling of privacy complaints, damage relief results, etc. or need further assistance, you can contact these organizations.

1) Personal Information Infringement Report Center (operated by the Korea Internet and Security Agency)

2) Personal InformationDispute Mediation Committee

3) Prosecutor's Office Cyber Investigation Division : (without area code) 1301 (spo.go.kr)

4) National Police Agency Cyber Investigation Unit : (without area code) 182 (ecrm.police.go.kr)

11. Change in Privacy Policy

1) This policy will be effective from May 19, 2025.

2) Previous privacy policies can be reviewed by selecting the date at the top of the page.

3) AB180 will announce any revisions to the company's privacy policy

• Click here to view the previous privacy policy

  • Privacy Policy (2024.11.22.)

  • Privacy Policy (2024.08.19.)

  • Privacy Policy (2024.06.20.)

  • Privacy Policy (2022.03.03.)

Representative (GDPR)

The GDPR requires a written designation of a representative in the EU by the controller or processor not based in the EU. Contact information and address of AB180 Inc., a service provider of Airbridge, in the EU are as follows:

GDPR-Rep.eu
Maetzler Rechtsanwalts GmbH & Co KG
Attorneys at Law
c/o AB180 Inc.
Schellinggasse 3/10, 1010 Vienna, Austria

Please add the following subject to all correspondence:
GDPR-REP ID: 12799064