Skip to main content

Privacy Policy

BHSN LEGAL (the “Firm”) establishes and discloses this Privacy Policy pursuant to the Personal Information Protection Act in order to protect data subjects’ personal information and rights and to handle complaints related to personal information promptly and smoothly.

Article 1 (Purpose of Processing Personal Information and Items Processed)

The purposes for which the Firm processes personal information and the items of personal information processed are as follows.

1. Personal Information of Inquirers

  • Items of Personal Information Processed
    • Name, contact information (telephone number, email)
  • Purpose of Processing Personal Information
    • Receipt of legal-consultation inquiries and responses
    • Provision of legal advice and related communications
    • Handling grievances and fulfillment of other statutory obligations
  • Retention and Use Period
    • Until the purpose of processing is achieved or the data subject withdraws consent

Article 2 (Provision of Personal Information to Third Parties)

As a rule, the Firm processes personal information within the scope specified in Article 1 and does not process it beyond the original scope or provide it to third parties without the data subject’s prior consent. However, the following cases are exceptions.

  1. Where the data subject has given prior consent to provision to a third party
  2. Where another law provides otherwise
  3. Where necessary to protect urgent interests in the life, body, or property of the data subject or a third party
  4. Where information is provided in a form in which a specific individual cannot be identified for statistical compilation or academic research

Article 3 (Rights and Obligations of Data Subjects and Methods of Exercise)

(1) Under the Personal Information Protection Act, a data subject may exercise rights such as requests for access, rectification, deletion, and suspension of processing with respect to the Firm.

(2) The foregoing rights may also be exercised through a legal representative or an authorized agent of the data subject, in which case a power of attorney must be submitted.

(3) The Firm will take measures without delay in accordance with applicable laws and regulations regarding the exercise of the data subject’s rights.

Article 4 (Destruction of Personal Information)

(1) Where the purpose of processing personal information has been achieved or the retention period has expired, the Firm destroys the relevant personal information without delay.

(2) Where retention of personal information is required under applicable laws and regulations, such personal information is stored and managed separately from other personal information.

(3) Personal information in electronic file form is permanently deleted by an irreversible method, and records, printouts, and paper documents are shredded or incinerated.

Article 5 (Measures to Ensure Security of Personal Information)

The Firm takes the following measures to ensure the security of personal information.

  • Administrative measures: Establishment and implementation of internal management plans; periodic personal information protection training for members
  • Technical measures: Management of access rights to personal information processing systems; installation of access control systems; encryption of unique identification information; installation of security programs
  • Physical measures: Access control for locations where personal information is stored, such as computer rooms and records storage rooms

Article 6 (Personal Information Protection Officer)

Personal Information Protection Officer and Contact Person

Article 7 (Amendments to this Privacy Policy)

This Privacy Policy may be amended in accordance with applicable laws, guidelines, and the Firm’s internal rules, and any amendments will be disclosed in the manner prescribed by applicable laws and regulations.

This Privacy Policy is effective from July 31, 2025.