Data Protection Certification

NAVER has acquired, and continues to maintain, various certifications that ensure its privacy protection
measures up to standards of security and legality, including standards specific to particular industries.

Data Protection Certification image
  • Data Protection
    Certification

    NAVER has acquired, and continues to maintain, various certifications that ensure its privacy protection measures up to standards of security and legality, including standards specific to certain industries.

    Go
    • SOC 2, 3
      NAVER was SOC 2 and SOC 3 certified in accordance with the International Standard on Assurance Engagements of the International Auditing and Assurance Standards Board (IAASB) and the Trust Services Principles section 100 established by the American Institute of Certified Public Accountants (AICPA) for its services related to the handling of users’ personal information and privacy.
    • Information Security Management System (ISMS)
      NAVER acquired the ISMS certification in recognition that various information protection activities, which are being continuously carried out in accordance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, meet the certification standards.
      • Scope of certification: 
        Naver Data Center ('GAK') Operation
      • Valid from December 11, 2019 to December 10, 2022
    • Personal Information & Information Security Management System (ISMS-P)
      NAVER obtained the certification by complying with the certification criteria in order to ensure the safety of information and communication network and to protect personal information.
      • Scope of certification: 
        NAVER Portal, Mobile, Business, Coexistence/Support Service, Customer Center Operation, NAVER Member and Business Partner’s Personal Information Management
      • Valid from December 11, 2019 to December 10, 2022
    • ISO/IEC 27001, 27017, 27018
      In 2007 NAVER became the first corporation in the world to receive ISO/IEC 27001 certification from the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) specifically for the specialized category of user data protection. In addition, NAVER has also acquired and continues to maintain ISO 27017 and 27018 certification for the data security and user data security of its cloud services.
    • PCI DSS
      NAVER Pay is PCI DSS (Payment Card Industry Data Security Standard) compliant, meaning that in adherence with the above information security standard, it is able to protect the payment and transaction data of its users.