Data Protection Certification

NAVER has acquired, and continues to maintain, various certifications that ensure its privacy protection
measures up to standards of security and legality, including standards specific to particular industries.

Data Protection Certification image
  • Data Protection
    Certification

    NAVER has acquired, and continues to maintain, various certifications that ensure its privacy protection measures up to standards of security and legality, including standards specific to certain industries.

    Go
    • SOC 2, 3
      NAVER was SOC 2 and SOC 3-certified according to the Trust Services Criteria established by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute Of Chartered Accountants (CICA), proving itself able to securely manage user data and privacy.
    • Information Security Management System (ISMS)
      NAVER was accredited by the South Korean Ministry of Science, ICT and Future Planning as consistently adhering to adequate standards of data protection according to the Information and Communication Network Act.
      • Scope of certification: 
        Naver Data Center ('GAK') Operation
      • Valid from December 11, 2019 to December 10, 2022
    • Personal Information & Information Security Management System (ISMS-P)
      NAVER obtained the certification by complying with the certification criteria in order to ensure the safety of information and communication network and to protect personal information.
      • Scope of certification: 
        NAVER Portal, Mobile, Business, Coexistence/Support Service, Customer Center Operation, NAVER Member and Business Partner’s Personal Information Management
      • Valid from December 11, 2019 to December 10, 2022
    • ISO/IEC 27001, 27017, 27018
      In 2007 NAVER became the first corporation in the world to receive ISO/IEC 27001 certification from the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) specifically for the specialized category of user data protection. In addition, NAVER has also acquired and continues to maintain ISO 27017 and 27018 certification for the data security and user data security of its cloud services.
    • PCI DSS
      NAVER Pay is PCI DSS (Payment Card Industry Data Security Standard) compliant, meaning that in adherence with the above information security standard, it is able to protect the payment and transaction data of its users.