|

Privacy Policy

This privacy policy is applicable to any and all products, solutions, and services provided by Penta Security Inc.
(“Penta Security”).

Privacy Policy

Penta Security Inc. (“Company”) values the personal information of the Company’s customers and abides the “Personal Information Protection Act,” “The Act on Promotion of Information and Communications Network Utilization and Data Protection, etc.” and any law equivalent to the acts. The Company discloses the information regarding the purpose and method of using the personal information provided by the customers by agreeing to the Privacy Policy and the measures taken to protect the personal information.


If the Privacy Policy is to be revised, the Company will notify the revision through announcements from the website or through individual notifications to the customers.


This Policy is effective as of: September 30th, 2011.


Date of revision: October 20th, 2023.

Category of collected Personal Information

The company may collect the following category of personal information for reasons such as, but not limited to, user registration, inquiries, and service applications.

– Category : Name, E-mail address, ID for log in, password, service usage history, access log, access IP address, country of residence, device information (including name and OS information). With an exception to the service named Cloudbric VPN, which does not collect or record any user data, including but not limited to Personal Identifiable Information (PII), traffic data, and search history.

– Method of collecting personal information : Homepage (Personal information collected from through channels such as, but not limited to, inquiries and product document downloads, user registration, support page, boards, raffle entry, delivery request), user registration through Cloudbric Website, written documents, user registration through telephone or Fax, raffle entry, delivery request, provision from an affiliate company, exhibits hosted or participated by the company, seminars participated by the company, and surveys.

Purpose of Personal Information Collection and Usage

The company may use the collected personal information for the following purposes.

– Category : Name, E-mail address, ID for log in, password, service usage history, access logs, access IP address, country of residence, device information (including name and OS information).
– Customer relations : Identity verification, personal identification, confirmation of registration, inquiry processing including complaint processing, announcements, and notifications. (Category : Name, E-mail address, ID for log in, password, access logs, access IP address, device information (including name and OS information).)
– Marketing and advertising purposes : New service (or product) development and specialization, informal advertisement for events, service provision and advertisement by demographics. (Method of collection : E-mail address)
– Collection of monitoring data for the purpose of providing a better service. (Category : Name, E-mail address, ID for log in, password, access logs, access IP address, country of residence, device information (including name and OS information)

Personal Information Processing and Retention Period

In principle, the Company immediately disposes of the information after the purpose of personal information collection and usage has been fulfilled.

However, the Company may retain the following information for a specified period for the reasons followed.
– Category : Name, telephone number, E-mail address, name of the customer’s company, department of the company, the job title of the customer, telephone number of the company, product of interest, date of birth of the customer, gender of the customer, home telephone number, service usage history, access log, and access IP address.
– The Basis for Retention : Privacy Policy
– Retention Period : 5 years.

Personal Information Disposal and Method

In principle, the Company immediately disposes of the information after the purpose of personal information collection and usage has been fulfilled. The process and method are as follows.

– Process of Disposal : The personal information provided by the customer for purposes including, but not limited to, product inquiries, participation in events, and user registrations is transferred to a separate DB (in case of paper document, to a separate file cabinet) to be stored for a specified period before disposal. The information transferred to the separate DB will not be used for any other purposes other than the retention of personal information unless the information is to be used under the laws regarding the personal information.
– Method of Disposal : The personal information stored as a digital file will be disposed of using a technological method that prevents the record from being restored. The personal information stored as a paper document will be disposed of by shredding or incineration.

Provision of Personal Information

In principle, the Company does not provide the user’s personal information to any outside party. However, the Company may provide the user’s personal information as an exception in the following circumstances.

– When the user has agreed to the provision of personal information to the outside party.
– When the provision of personal information is required by the law or requested by the investigative authorities under the process and method specified by the law.

The Rights and the Exercise of the Rights of the User and Legal Representative

– The user or the legal representative of the user has the right to view or edit the personal information of the said user or the child of the said user under the age of 14 and may also request to cancel the membership.
– The user or the legal representative for the user under the age of 14 may view or change the personal information by clicking “Edit Personal Information (or “Edit User Information”),” and cancel the membership (withdrawal of agreement) by clicking “Cancel Membership,” given that the user or the legal representative for the user under the age of 14 has completed the process of identity verification. Any changes to the personal information or the membership can also be made by contacting the person in charge of the management of personal information in writing or via telephone and E-mail. If the amendment of personal information is requested by the user, the personal information will not be used or provided before the amendment is completed by the user. If the personal information is provided to a third party before the amendment was requested, the results of the amendment will be immediately notified to the third party for correction.
– The personal information of a user that canceled the membership or the deleted personal information upon the request of the user or the legal representative of the user is processed in accordance with the “Personal Information Processing and Retention Period” and cannot be viewed or used for any other purposes.

Installation and Operation of Personal Information Collection Tools and Refusal to the use of tools

The Company utilizes tools such as, but not limited to “Cookies” to frequently store and find the user’s information. A Cookie is a small text file sent by the server used to operate the Cloudbric website to the user’s browser to be saved in the user’s computer hard disk. Cookies may be used for the following purposes.


– Purpose of the use of Cookies : Analysis of the frequency and time of access of members and non-members, user verification, multiple logins, assessment and tracking of user’s preference and interest, participation rate and frequency rate analysis of events for target marketing and personalized service provision.
– The user has the option to decide whether to install the Cookies. Therefore, the user may configure the options from the web browser to allow all cookies, check with the users each time a Cookie is saved in the user’s computer, or refuse all Cookies.
– However, the user is responsible for any and all difficulties in service provision caused by the refusal of Cookies if the user chooses to refuse all Cookies.

Complaint Processing Service Regarding Personal Information

The Company assigns the following individual and associated department to protect the customer’s personal information and process any complaints related to personal information.

[The Department in Charge of the Management of Personal Information]Responsible Dept. : Marketing
Contact Info. : +82 2-2125-6636 (Available Mon ~ Fri : 09:00~18:00 (KST), with exceptions of S. Korean holidays)
E-mail : mkt@pentasecurity.com

[The Person in Charge of the Management of Personal Information]Responsible Person : Duk Soo Kim
Contact Info. : +82 2-2125-6616 (Available Mon ~ Fri : 09:00~18:00 (KST), with exceptions of S. Korean holidays)
E-mail : dskim@pentasecurity.com

You may report any complaints related to the personal information policy to the Person in Charge of the Management of Personal Information or the associated department in the process of using the Company’s services. The Company will promptly and sufficiently respond to the users’ complaints and reports.

If you need to make any reports or consultations regarding personal information infringement, please contact the proper authorities, organizations, or agencies that can aid you with any issues related to personal information infringement.

Other Policies Regarding the Processing of Personal Information

“Penta Security Inc.” (referred to as “Company”) values the personal information of the Company’s customers and follows the “Personal Information Protection Act,” “The Act on Promotion of Information and Communications Network Utilization and Data Protection, etc.” and any law equivalent to the acts. The Company discloses the information regarding the purpose and method of using the personal information, provided by the customers by agreeing to the Privacy Policy and the measures taken to protect the personal information. If the Privacy Policy is to be revised, the Company will notify the revision through announcements from the website or through individual notification.


The Company takes multiple measures such as, but not limited to interval encryption, web firewall, and DB encryption to prevent any loss, theft, leak, infringement, or external threats and hacking of personal information. Also, a limited number of employees are authorized to process and handle personal information, and the assigned employees are required to participate in security training to manage the execution and compliance of this policy. Immediate corrective measures are conducted whenever an issue is found.

Shopping Basket