apr

Social

Information Protection

APR's top priorities are providing stable services for customers and protecting customers' personal information.
We comply with the laws related to information and personal information protection to establish information protection regulations and organizational systems that fit the environment and culture of APR. We also protect valuable information assets and personal information through our company-wide information protection management system.

Information Protection Policy

With the highest priority on providing reliable internal and external services, APR Co., Ltd. aims to protect important information assets from various information security threats and continuously build trust through the active participation and sense of responsibility of all employees.

  • ① We establish an information protection management system and continuously inspect it to strengthen our security environment.
  • ② We take necessary security measures to protect important information assets and prevent information leakage and illegal access.
  • ③ We comply with relevant laws and regulations and information protection rules, and improve procedures to meet legal requirements.
  • ④ We reinforce the security awareness of our employees through regular security training.
  • ⑤ We continuously improve the information protection environment through security inspection and improvement activities.
  • ⑥ We comply with legal requirements related to information protection and build trust by fulfilling our social responsibilities.
Information Protection Policy

Information Protection Department: Information Protection Committee

APR has an Information Protection Committee, which deliberates and makes decisions on major information security matters.

정보보호위원회

Information Protection Program

APR implements administrative, technical, and physical information protection programs based on our information protection management system. We are bolstering our information protection management system by checking the information protection management system, identifying vulnerabilities, and promoting improvement activities.

info_secure_program image
info_secure_program image

Information Protection Policy

APR establishes and operates information protection regulations and implementation documents (policies, manuals/guidelines) related to all information protection activities performed by the Company, and after annual revisions that reflect the latest laws, related systems, and external and internal environments, they are deliberated by the Information Protection Committee and announced to employees.

RegulationsPoliciesManuals/Guidelines
Security Management
Regulations
Personal Information Protection PolicyInfringement Incident Response Manual
Human Resources and User Security Policy-
Information Asset Management PolicyRisk Assessment Management Manual
Physical Security Policy-
Development Security Policy-
System Security Management PolicyInfringement Incident Response Manual, IT Disaster Recovery Manual
Cloud Security Policy-

Information Security Certification

APR has obtained Information Security Management System (ISMS) certification in accordance with the Information and Communications Network Act. The company has verified its security level through inspections of its information security management system, service vulnerability assessments, and improvement measures. In addition, APR plans to maintain the certification continuously through annual post-management activities, assessments, and improvements for certification renewal.

isms인증 이미지

Scope of Certification: Online Service Operations
(Websites, Medicube, NDY, Glam.D, Aprilskin, Forment, Photogray)

Validity Period: 2025.06.18 ~ 2028.06.17