01 The company processes and retains personal information within the period of retention and use of personal information according to laws and regulations or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.

02 Personal information processing and retention period of each situation is as follows.
1) Homepage membership registration and management: Until withdrawal from the website (However, if it falls under any of the following reasons, until the termination of such reasons)
ㆍIf an investigation or survey is underway due to violation of relevant laws and regulations, until the termination of the investigation or survey
ㆍIf the bond/debt relationship remains due to the use of the website, until the settlement of the bond/debt relationship is completed.

2) Provision of goods or services: Until the completion of supply of goods and services and completion of payment and settlement (However, in the case of the following reasons, until the end of the event)
ㆍ Records of transactions such as indications and advertisement in accordance with the [ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.], contract details and performance
- Records on display and advertisement: 6 months
- Record of contract or subscription withdrawal, payment, supply of goods, etc.: 5 years
- Records on consumer complaints or dispute resolution: 3 years
ㆍStorage of communication fact confirmation data in accordance with Article 41 of the [COMMUNICATIONS SECRETS ACT]
- Date and time of subscriber's telecommunication, start/end time, counterpart's subscriber number, frequency of use, location tracking data of the source station: 1 year
- Computer communication, Internet log data, destination tracking data: 3 months

01 The Company shall use your personal information within the scope notified in the [Purpose of Collection and Use of Personal Information] and shall not use it in excess of the same scope or provide it to others or other companies or institutions.

02 The notice and consent shall be notified at least 30 days prior to the event on the initial screen of the online homepage and shall be notified individually at least once using e-mail. Regarding the sale and M&A, the procedure shall only be carried out by an active consent method (directly expressing the intention to provide and share personal information to a third party).

03 Exceptions are as follows.
ㆍIn case there is a request from the relevant organization for investigative purposes under the relevant laws and regulations
ㆍIn the case of providing information to advertisers, partners, research organizations, for statistical preparation, academic research, or market research, in a form that cannot specify or identify a particular individual.
ㆍHowever, even with exceptions, if information is provided according to relevant laws or at the request of the investigative agency, it is operated in principle to notify the parties concerned. Due to legal grounds, we may not be able to notify you inevitably. We will do our best not to provide information indiscriminately contrary to the original purpose of collection and use.

01 Company entrusts personal information processing as follows for smooth personal information processing.
ㆍPerson who is consigned (consignee): None
ㆍContents of the work consigned: None
ㆍPeriod of consignment: Undecided

02 When signing a consignment contract, the company stipulates matters related to personal information processing, technical and administrative protection measures, re-consignment restrictions, management and supervision of the trustee, and whether the trustee handles personal information safely.

03 If the contents of the entrusted business or the trustee changes, we will disclose it without delay through this personal information processing policy.

01 The information subject may exercise the following personal information protection rights against the company at any time:
ㆍRequest to view personal information
ㆍRequest for correction in case of errors
ㆍRequest for deletion
ㆍRequest for suspension of processing

02 The exercise of the rights pursuant to Paragraph 1 may be made to the company in writing, by phone, e-mail, fax, and the company shall act without delay.

03 If the information subject requests correction or deletion of personal information errors, the company will not use or provide the personal information until the correction or deletion is completed.

04 The exercise of rights pursuant to Paragraph 1 can be done through an agent such as the legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with Form 11 of the Enforcement Regulations of the Privacy Protection Act.

05 The information subject must not infringe on the personal information and privacy of the information subject himself or others processed by the company in violation of related laws such as the Privacy Protection Act.

01 Website membership registration and management
ㆍRequired items: name, ID, password, contact information, e-mail address, address
ㆍOptional items: date of birth, occupation, workplace/department, access route, mailing service availability

02 Provision of goods or services
ㆍRequired items: name, ID, contact information, e-mail address, address.

03 In the process of using the Internet service, the following personal information items may be automatically created and collected.
ㆍIP address, cookie, MAC address, service use record, visit record, bad use record, etc.

01 When personal information becomes unnecessary, such as the expiration of the period of personal information retention or the achievement of the purpose of processing, the company shall destroy the personal information without delay.

02 If the period of personal information retention agreed by the data subject has elapsed or the purpose of processing is achieved, the personal information shall be transferred to a separate database (DB) or stored in a different storage location.

03 Procedures and methods for destroying personal information are as follows.
ㆍDestruction procedure: The information entered by the user is transferred to a separate DB after the purpose is achieved (in the case of paper, separate documents) and stored for a certain period or immediately destroyed according to the internal policy and other relevant laws. At this time, personal information transferred to DB will not be used for any other purpose except by law.
ㆍDestruction deadline: Users' personal information shall be destroyed within 5 days from the end of the retention period, and within 5 days from the date the personal information is deemed unnecessary, such as achieving the purpose of processing personal information, abolishing the service, or closing the business.
ㆍDestruction method: Destruction of information in the form of electronic files uses a technical method that cannot reproduce records, and personal information recorded and stored in paper documents is destroyed by shredding or incineration.

01 Administrative measures
Establishment and implementation of internal management plan, regular employee training, etc.

02 Technical measures
Management of access rights of personal information processing systems, installation of access control systems, encryption of unique identification information

03 Physical measures
Access control of computer room, data storage room

01 The company uses 'cookies' to store and retrieve usage information from time to time to provide users with individually customized services.

02 Cookies are a small amount of information sent by the server (http) used to operate the website to the user's computer browser and are also stored on the hard disk of the user's PC computer.
ㆍPurpose of use of cookies: These are used to provide optimized information to users by identifying the types of visits and usage of each service and website visited by the user.
ㆍInstallation, operation, and rejection of cookies: You can refuse to save cookies by setting options in the Tools > Internet Options > Privacy menu at the top of the web browser.
ㆍIf you refuse to store cookies, you may experience difficulties in using customized services.

01 The data subject may request the following departments to view personal information under Article 35 of the [Privacy Protection Act]. The company will try to expedite the request for access to personal information from the data subject.

ㆍPerson in charge: Park Changjae
ㆍPhone number: +82-55-322-9986
ㆍFax number: +82-55-322-9989
ㆍAddress: 28-19, Bunseong-ro 541beon-gil, Gimhae-si, Gyeongsangnam-do (50820)

02 The data subject may request the following departments to view personal information under Article 35 of the [Privacy Protection Act]. The company will try to expedite the request for access to personal information from the data subject.

01 Reception and processing department of personal information access request

ㆍPerson in charge: Park Changjae
ㆍPhone number: +82-55-322-9986
ㆍFax number: +82-55-322-9989
ㆍAddress: 28-19, Bunseong-ro 541beon-gil, Gimhae-si, Gyeongsangnam-do (50820)

01 Personal Information Infringement Reporting Center (run by the Korea Internet & Security Agency)
Assigned Tasks: Reporting Personal Information Infringement, Application for Consultation
Homepage: privacy.kisa.or.kr
Phone number: (Without National Number) 118
Address: (58324) Personal Information Infringement Reporting Center, 3rd floor, Jinheung-gil-9, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)

02 Personal Information Dispute Mediation Committee
Assigned Tasks: Application for personal information dispute mediation, collective dispute mediation (civil settlement)
Homepage: www.kopico.go.kr
Phone number: (Without National Number) 1833-6972
Address: (03171) 4th floor, Seoul Government Complex, 209, Sejong-daero, Jongno-gu, Seoul

03 Cybercrime Investigation Team of Supreme Prosecutors' Office
Homepage: www.spo.go.kr
Phone: +82-2-3480-3573

04 Cyber Security Bureau of the National Police Agency
Homepage: cyberbureau.police.go.kr
Phone number: (Without National Number) 182