The company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those specified below. If the purpose of use changes, the company will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1. Website Membership Registration and Management
   Personal information is processed for purposes such as confirming the intent to sign up for membership, identifying and authenticating individuals for the provision of membership services, maintaining and managing membership status, preventing unauthorized use of services, verifying the consent of legal guardians when processing personal information of children under 14 years of age, sending various notices and notifications, and handling complaints.

1. The company processes and retains personal information within the period of retention and use of personal information as required by law or within the period agreed upon by the data subject at the time of collection.
2. The processing and retention periods for each type of personal information are as follows:
   1. Website Membership Registration and Management: Until the user withdraws from the website
      However, in the following cases, personal information will be retained until the relevant reason no longer applies:
      • If an investigation or inquiry related to a violation of relevant laws is ongoing, personal information will be retained until the investigation or inquiry is concluded
      • If there are any outstanding claims or debts related to the use of the website, personal information will be retained until such claims or debts are settled

1. The company processes the following personal information items:
   1. Website Membership
      • Registration and Management Mandatory Items: Country, Name, Email Address, Contact Number
      • Optional Items: Purchase Date, Company Name
2. During the use of internet services, the following personal information items may be automatically generated and collected:
   IP address, cookies, MAC address, service usage records, visit records

1. Data subjects may exercise their rights to request access, correction, deletion, or suspension of processing of their personal information from the company at any time.
2. The exercise of the rights described in Paragraph 1 can be carried out through written documents, email, fax, or other methods in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act. The company will promptly take action on such requests.
3. The rights under Paragraph 1 may also be exercised through a legal representative or a delegated person. In such cases, a power of attorney must be submitted in accordance with Form No. 11 of the “Notice on Methods of Processing Personal Information (No. 2020-7).
4. Requests for access to personal information or suspension of processing may be restricted under Article 35, Paragraph 4, and Article 37, Paragraph 2 of the Personal Information Protection Act.
5. Requests for correction or deletion of personal information cannot be made if the personal information is specified as a subject of collection under other laws.
6. The company verifies whether the person making the request for access, correction, deletion, or suspension of processing is the data subject themselves or a legitimate representative.

1. The company shall promptly destroy personal information when the retention period has expired or the purpose of processing has been achieved, making the information no longer necessary.
2. The procedures and methods for destroying personal information are as follows:
   1. Destruction Procedure
      The company selects the personal information that needs to be destroyed and, after obtaining approval from the company’s personal information protection officer, proceeds with the destruction.
   2. Destruction Method
      Personal information recorded and stored in electronic file format will be destroyed in a way that makes the records irrecoverable, and personal information recorded and stored on paper will be shredded or incinerated.

The company takes the following measures to ensure the security of personal information:

1. Administrative Measures: Establishment and implementation of an internal management plan, regular employee training, etc.

2. Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs

3. Physical Measures: Access control for computer rooms, data storage rooms, and other facilities

1. The company uses ‘cookies’ to store and retrieve usage information from time to time in order to provide users with personalized services.
2. A cookie is a small amount of information that a website’s server (HTTP) sends to the user’s computer browser and is sometimes stored on the user’s PC hard disk.
   1. Purpose of Using Cookies: Cookies are used to understand the user’s visit and usage patterns on various services and websites, popular search terms, security access, and other information, to provide optimized information to the user.
   2. Installation, Operation, and Refusal of Cookies: Users can refuse the storage of cookies by setting options in the Tools > Internet Options > Privacy menu at the top of their web browser.
   3. cookies are refused, difficulties may arise in using personalized services.

1. The company is responsible for overseeing the processing of personal information and has designated the following Personal Information Protection Officer to handle complaints and remedy damages related to personal information processing.
   • Personal Information Protection Department
     Department Name: People & Culture Team
     Contact Information: +82-2-866-9005
     ※ This connects to the Personal Information Protection Department.
2. The data subject may contact the Personal Information Protection Officer and the department in charge for all inquiries, complaints, and damage remedies related to personal information protection that arise while using the company’s services (or business). The company will respond to and handle such inquiries without delay.

Data subjects may request access to their personal information under Article 35 of the Personal Information Protection Act by contacting the department below. The company will make every effort to ensure that requests for access to personal information are processed promptly.

• Department for Receiving and Processing Requests for Access to Personal Information
  Department Name: CEO, Sales & Marketing Dept, Business Management Dept
  Contact Information: +82-2-866-9005

To seek remedies for personal information infringement, data subjects may request dispute resolution or consultation from the Personal Information Dispute Mediation Committee, the Personal Information Infringement Report Center at the Korea Internet & Security Agency (KISA), and other relevant organizations. For reports or consultations on other personal information infringements, please contact the following organizations:

1. Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)

2. Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)

3. Supreme Prosecutors’ Office: 1301 (www.spo.go.kr)

4. National Police Agency: 182 (ecrm.cyber.go.kr)

Individuals whose rights or interests have been infringed upon due to actions or omissions by the head of a public institution in response to requests under Articles 35 (Access to Personal Information), 36 (Correction and Deletion of Personal Information), or 37 (Suspension of Personal Information Processing) of the Personal Information Protection Act may file an administrative appeal in accordance with the Administrative Appeals Act.

※ For more details on administrative appeals, please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr).

The company installs and operates video surveillance systems as follows:

1. Legal Basis and Purpose of Installation: Facility safety and fire prevention at the company’s premises

2. Number of Installations, Location, and Range of Surveillance: 00 cameras installed in key areas such as the lobby and exhibition halls of the building, covering the entire area of major facilities

3. Management Responsibility, Department in Charge, and Personnel with Access to Video Information: [CEO, Sales & Marketing Dept, Business Management Dept]

4. Retention Period, Storage Location, and Processing Method

   • Retention Period: Permanent

   • Storage Location and Processing Method:

5. How and Where to Check Video Information: By request to the person in charge (Sales & Marketing Dept)

6. Measures for Data Subject’s Request to View Video Information: Requests must be made through a Personal Video Information Access and Verification Request Form, and access is granted only if the subject is the person recorded or if it is clearly necessary for the protection of the subject’s life, body, property, or interests

7. Technical, Administrative, and Physical Measures for Protecting Video Information: Implementation of internal management plans, access control and access rights restrictions, application of secure storage and transmission technologies for video information, maintenance of processing records, prevention of tampering or alteration, establishment of storage facilities, and installation of locking devices

This Privacy Policy is effective from August 24th 2024.