Information Protection

LG U+ manages service infrastructure in accordance with international security standards to prevent the infringement of customers' personal information.
It has acquired the ISMS-P certification, which is the integrated information protection and personal information protection certification system,
for the first time among communication service providers.
LG U+ has also acquired ISO 27001, which is the international information protection certification for the 5G base station operation and management system
and key equipment for providing 5G service.

Information Security System

The LG Uplus information protection departments have established a decision making system to ensure the participation of management in all information protection matters. To enable the effective management of data security according to a variety of business needs, we maintain a committee comprising the Chief Information Security Officer (CISO) with IT operation experiences and information technology-related competence, the security officers of key departments, and working-level managers. We have also made a management system and maintained a company-wide security consultative body tasked with preventing security risks.

Management of Information Security

Every year, we receive privacy and information security management system certification (ISMS-P) for all information and privacy services. When obtaining a certification, external auditors inspect the privacy protection status and identify issues to strengthen the protection level. Also, with the expanding range of ISO27001 to the management of 5G core network operation, we completed the operational management security system for the entire 5G areas. Especially, we obtained the IoT security certification from the Korea Internet & Security Agency to achieve customer information protection technologies as well as institutional safeguard.

  • Privacy & Information Security Management System Certification

  • ISO 27001

Information Security Response

To respond to security incidents, we conduct real-time security monitoring 24 hours a day, 365 days a year by linking our security solutions to the privacy flow analysis system. If abnormal behavior is detected in privacy retention and processing, or if a security incident is reported, the ‘Security Incident Emergency Response Team’ is activated to respond rapidly with dedicated personnel to prevent information leakage.

Privacy Policy Activity

Privacy Policy

LG Uplus guarantees the rights of information subjects according to the privacy protection laws. We comply with the Privacy Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection and establish and disclose the ‘Privacy Policy’ following the Standards for Technical and Administrative Measures for Protection of Privacy and the Privacy Policy.

Privacy standard

To protect customers’ privacy, we prepared ten guidelines including privacy protection guidelines and privacy processing system security guidelines. These policies are applied to not only our customers but all employees including suppliers.

  • Collection Collection

    Privacy collection

    LG Uplus collects the minimum amount of privacy.

    • Information for verifying users and their claimed identities

      Name, social security number, passport number, driving license number, foreign registration number, etc.

    • Subscription information for providing services

      Name, contact information, email address, personal identifiable information (CI/DI), Credit card, bank account information, etc.

    • Information for providing location based services

      Individual location information Base station, GPS, WiFi, RFID tag, information collected by a location information system, etc.

    • Information generated while using the service

      Service usage record, device information, quality information, membership information, Statistical data, signal strength, cookies and access log, IP, USIM information, etc.

    • Information for increasing service quality

      Consultation content

    • Information for providing lifestyle and customized services

      Health information such as sleep reports and heart rate

  • Use Use

    Use of privacy

    The collected personal is used to provide LG Uplus services and products and improve customer convenience and quality.

    • Service Provision

      Service subscription, change, cancellation, fee settlement, warranty service, product delivery, etc.

    • Customer-oriented communication

      Service inquiries and complaint improvement notices, etc.

    • Confirmation and protection of customer information

      Identity verification, prevention of illegal use of Name, etc.

    • Providing customer convenience & better services

      Analysis for quality improvement, service provision, product development, personalized services provision, etc.

  • Provision Provision

    Provision of privacy

    Privacy may be provided or entrusted to a third party for better services and customer convenience.

    • Outsourcing the processing of privacy

      Part of the work for service provision and customer service is entrusted to a specialized company

    • Compliance with relevant laws and regulations

      Privacy is provided in compliance with the procedures and methods stipulated in the law if there are special provisions in the laws.

    • Provision of privacy to third parties

      Privacy is used by and provided to a third party within the scope notified only with a separate consent

  • Destruction Destruction

    Safe management and destruction of privacy

    LG Uplus customers’ privacy is safely managed and destroyed immediately after achieving the purpose of use.

    • Safe management

      Technical protection measures such as encryption/management and use of vaccine programs

      Administrative protection measures such as limiting access to privacy and information protection training

    • Destruction of privacy

      Privacy is immediately destructed when its retention and use period is expired

      Written information is shredded or incinerated while electronic information is deleted using a method ensuring that the records cannot be reproduced

    • Period of use and storage

      The period is not expired until the purpose of collection and use of privacy is achieved

      ※ According to the period defined in the relevant laws and regulations

  • Certification Certification

    Information protection certification

    LG Uplus received information protection management system certification from Korean and foreign organizations with public confidence to protect customers’ privacy.

    • ISMS-P (information protection and privacy protection management system certification)

      Certification scope: Operation of wired and wireless communication services and IDC and major information communication services

    • ISMS (information protection management system)

      Certification scope: Operation of wired and wireless communication services and IDC and major information communication services

    • ISO/IEDC 27001: 2013
      (International standard information security management system)

For more details, please refer to LG U+'s Sustainability Report.