SK Rent-a-Car has established internal protection plans to safely protect crucial information of the company and customers, and it continues to implement administrative protection measures by stages and technical protection measures, and inspect its subcontractors and business partners.
SK Rent-a-Car has established regulations for personal information protection and security,
and 25 specific rules under the regulations to protect information and conform to regulations.
These are standards for safe protectiThese are standards for safe protection and management of company and customer’s valuable information, and we update
our regulations and guidelines through establishment/revision according to amendments in major laws and regulations.
In particular, for safe protection and monitoring of personal information, we are applying the internal protection plans,
including taking administrative protection measures by stages from collection, use and storage to disposal of personal information, taking technical protection
measures such as encryption, intrusion detection/firewall systems, etc. and regular inspection of subcontractors and business partners.
SK Rent-a-Car obtained and is maintaining the Personal Information & Information Security Management System(ISMS-P)
and Cloud Security Assurance Program(CSAP) to protect valuable information of the company and customers against internal/external threats.
With our efforts, we are working towards continuously creating a safe environment for management and improving the security level.
Furthermore, we disclose the current status of our protection activities for customers to suggest a standard for choosing a safe enterprise.
2023
Strengthened capabilities to operate the Cloud Service, a security management system and company-wide(personal) information protection and management system
2024
Detection of security threats and work systematization to manage(personal) information protection and management system
2025
Enhancement of the security threat detection system, and(personal) information protection and management system
SK Rent-a-Car established a dedicated Information Protection Center for the systematic management of data assets.
In addition, we have established a council for the Chief Information Security Officer(CISO)
and Chief Privacy Officer(CPO) to build a company-wide protection system.
Major issues related to privacy protection and cybersecurity are being reviewed by the council and executives,
and the council meetings are held quarterly on a regular basis to discuss legal
and regulatory changes, share security incident cases and trends, and develop strategies.
In May 2023, SK Rent-a-Car established “Simple Guidelines for Privacy Policy” and uploaded it on the website for customers to raise their understanding of the major aspects. These guidelines enhance customers’ accessibility, focusing on the collection, use, and protection of personal information.
SK Rent-a-Car actively manages potential risks at all locations nationwide, including branches and sales offices. We conduct biannual assessments to inspect the subcontractors handling SK Rent-a-Car’s customer information.
Administrative protection measures
Management of work PCs
Technical protection measures
Personal information life cycle
Physical protection measures
Application of PC security
Analyze firsthalf check results
Select items(vulnerable item groups)
Select targets for inspection
Announce overall inspection schedule
Announce schedule a week before
Remind schedule a day before
Perform on-site inspection
Compile results and statistics
In December 2020, we became the first in the industry to obtain the
Personal Information & Information Security Management System(ISMS-P)
certification, and we acquired the SaaS Cloud Security Assurance
Program(CSAP) to upgrade the information protection standard of G-Smartlink in 2021.
In 2022, we made efforts to maintain the ISMS-P system and expanded the
scope of certification from the existing on-premises services to cloud services.