Data Protection Certification

NAVER has acquired, and continues to maintain, various certifications that ensure its privacy protection
measures up to standards of security and legality, including standards specific to particular industries.

Data Protection Certification image
  • Data Protection
    Certification

    NAVER has acquired, and continues to maintain, various certifications that ensure its privacy protection measures up to standards of security and legality, including standards specific to certain industries.

    Go
    • SOC 2, 3
      NAVER was SOC 2 and SOC 3-certified according to the Trust Services Criteria established by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute Of Chartered Accountants (CICA), proving itself able to securely manage user data and privacy.
    • Information Security Management System (ISMS)
      NAVER was accredited by the South Korean Ministry of Science, ICT and Future Planning as consistently adhering to adequate standards of data protection according to the Information and Communication Network Act.
      • Scope of certification: 
        All NAVER services (including the Customer Center), as well as its
        data center, Gak
      • Valid from September 13, 2016 to September 12, 2019
    • Personal Information Management System (PIMS)
      In 2011, NAVER became South Korea's first corporation to receive the Korea Communications Commission’s certification for its PIMS.
      • Type of certification: 
        Type 3 (for large corporations and IT service providers)
      • Scope of certification: 
        NAVER's portal service, mobile services, business services, inclusive growth/aid services, and Customer Center
      • Valid from September 13, 2016 to September 12, 2019
    • ISO/IEC 27001, 27017, 27018
      In 2007 NAVER became the first corporation in the world to receive ISO/IEC 27001 certification from the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) specifically for the specialized category of user data protection. In addition, NAVER has also acquired and continues to maintain ISO 27017 and 27018 certification for the data security and user data security of its cloud services.
    • PCI DSS
      NAVER Pay is PCI DSS (Payment Card Industry Data Security Standard) compliant, meaning that in adherence with the above information security standard, it is able to protect the payment and transaction data of its users.