3. Period of retention and use of personal information

In principle, personal information shall be destroyed without delay upon achieving the purpose of collection or provision of personal information or expiration of the retention period. However, if necessary, it will be retained for a certain period of time, in which case the Company will only use the retained information for the specific purpose.

• - Records for providing customer consultations and services, such as inquiries (idea, survey, reporting violations)
  • ㆍ Reasons for retention: answering inquiries, managing feedback for products and other comments
  • ㆍ Retention period: 1 year
• - Records of consumer complaints or dispute processing
  • ㆍ Reasons for retention: reference for prevent of similar claim, yearly training program of new employee and refresher training of old employee and improvement action for last claim
  • ㆍ Retention period: 3 years

4. Disposal of Personal information

Customers' personal information is destroyed without delay upon achieving the purpose of processing or expiration of the retention period. Personal information printed on paper is destroyed by shredding or incineration, and personal information stored in an electronic file format is permanently deleted in a way that cannot be restored. Here, "a way cannot be restored" refers to a method that costs an adequate amount at the current level of technology. If the processing of such personal information is entrusted to a third party, the consignee will no longer process respective personal information.

Here, "a way cannot be restored" refers to a method that costs an adequate amount at the current level of technology.

If the processing of such personal information is entrusted to a third party, the consignee will no longer process respective personal information.

5. Provision of personal information to third parties

The Company uses customers' personal information within the scope notified in the "Purpose of collection and use of personal information" and does not use it beyond the said scope without the customers' prior consent or provide their personal information to any third party. However, the following cases are exceptions.

• 1. If the customer has agreed to disclosure or provision to a third party
• 2. If there is a request from the investigative and supervisory authorities in accordance with the relevant laws and regulations for the purpose of investigation

6. Consignment of processing personal information

The Company entrusts the processing of personal information to a third party for customer convenience. We consign the following tasks regarding the processing (handling) of personal information and take the necessary measures to ensure that personal information is managed safely during the consignment agreement in accordance with the relevant laws and regulations. The cosigned information is limited to the minimum necessary to provide seamless services. The consignee and the purpose of consignment for customers' personal information are as follows:

• Company’s software systems
• Operation of the software system and reporting

7. Measures to ensure the safety of personal information

In processing customers' personal information, the Company takes the following technical, administrative, and physical safeguards to ensure that customers' personal information is not lost, stolen, leaked, tampered with, or damaged.

A. To prevent the breach of customers' personal information through hacking and other means of attack, the Company operates a 24-hour security system protecting the Company's information and communication network. Sensitive data is safely transmitted on the network through encrypted communication.

B. Physical surveillance and restriction The Company's computing offices and data storage rooms that store personal information are restricted from outside access. Access to these spaces is physically monitored and restricted.

8. Contact Information for Privacy Policy

Customers may report any complaints about our company products and their personal information. Company will respond quickly and in good faith to the customer’s report.

9. Duty of Disclosure

In case of an addition, deletion, or modification of the contents of the current Privacy Policy, the Company shall notify customers through the "Notice (News)" page on the website at least 7 days before the revision.

• - Date of implementation of the Privacy Policy : January 01, 2024
• - Last revision date of Privacy Policy : January 01, 2024 (v.1.0)