1. Purpose of Processing Personal Information, Retention Period of Personal Information, Items of Personal Information Being Processed

1) The Website processes the minimum personal information necessary for purposes such as online inquiries, recruitment inquiries, and online job applications.

2) The personal information processed by the Website is handled and retained only within the scope specified for collection and use purposes.

- The Website retains personal information to provide smooth online inquiry, recruitment inquiry, and job application services. If a user requests the deletion of personal information or deletes a post, the personal information will be immediately destroyed and processed so that it cannot be recovered or used in any way.

3) The personal information collected and retained by the Website includes the following items

- Name, Email, Phone Number

2. Provision of Personal Information to Third Parties

The Website processes the personal information of the data subject within the scope specified for collection and use purposes, and will not exceed the original intended purpose or provide it to third parties without prior consent from the data subject, except in the following cases

1) When separate consent is obtained from the data subject

2) When there are special provisions in the law

3) When the data subject or their legal representative is in a condition that prevents them from expressing their intent or cannot receive prior consent due to an unknown address, and it is deemed necessary for the urgent benefit of the life, body, or property of the data subject or a third party.

4) When it is necessary for purposes such as statistical production or academic research, provided that personal information is provided in a form that does not identify specific individuals.

5) When personal information cannot be used for purposes other than those intended, or cannot be provided to third parties for carrying out relevant duties defined by other laws, and the relevant matter has been reviewed and decided by the Personal Information Protection Commission.

6) When it is necessary to provide information to foreign governments or international organizations to comply with treaties or other international agreements.

7) When it is necessary for the investigation of crimes and the initiation and maintenance of prosecution.

8) When it is necessary for the court's execution of judicial activities.

9) When it is necessary for the execution of penalties, protection, or disciplinary measures.

3. Outsourcing of Personal Information Processing

The Website processes personal information outsourcing in accordance with a document that includes the following details:

1) Provisions regarding the prohibition of processing personal information outside the scope of the outsourced business purpose

2) Provisions regarding the administrative and technical protective measures for personal information

3) Provisions regarding the safe management of personal information

- This includes details on the purpose and scope of the outsourced business, restrictions on re-outsourcing, measures to ensure the safety of personal information, supervision concerning the management status of personal information held in relation to the outsourced work, and liability for damages if the contractor violates duties they must comply with. The content of the outsourced work and information regarding the individual or entity (“Contractor”) processing the outsourced personal information is made publicly available on the relevant website.

4. Rights and Obligations of the Data Subject and Methods of Exercise

Data subjects can exercise the following rights (The individual requesting access, correction, deletion, or cessation of processing is verified to be the data subject or a legitimate representative. The legal representative of a child under the age of 14 may request access, correction, deletion, or cessation of processing of that child's personal information).

Request for Access to Personal Information

The personal information files held by the Website can be accessed by the data subject in accordance with Article 35 of the Personal Information Protection Act (Right to Access Personal Information). However, requests for access to personal information may be restricted as follows under Article 35, Section 5

1) When access is prohibited or restricted by law

2) When there is a risk of harm to another person's life or body or a risk of unjustly infringing upon another person's property or other interests

3) Public Institutions

Request for Correction or Deletion of Personal Information

The personal information held by the Website can be corrected or deleted in accordance with Article 36 of the Personal Information Protection Act (Right to Correction and Deletion of Personal Information). However, deletion cannot be requested if the personal information is specified as a target for collection under other laws.

Request for Cessation of Processing Personal Information

The personal information held by the Website can be subject to cessation of processing according to Article 37 of the Personal Information Protection Act (Cessation of Processing Personal Information, etc.). However, requests for cessation of processing may be rejected according to Article 37, Section 2, in the following cases

1) When there are special provisions in the law or when it is unavoidable to comply with legal obligations

2) When there is a risk of harm to another person's life or body or a risk of unjustly infringing upon another person's property or other interests

3) When a public organization cannot perform duties prescribed by other laws if personal information is not processed

4) When it is difficult to fulfill a contract, such as not being able to provide agreed services to the data subject if personal information is not processed, and the data subject has not clearly expressed the intention to terminate the contract

5. Destruction of Personal Information

The Website will, in principle, destroy personal information without delay once the purpose of processing the personal information has been achieved.
The processes, deadlines, and methods for destruction are as follows

1) Destruction Procedure : The Website retains personal information according to relevant laws and internal regulations and destroys it immediately once the retention period has expired.

2) Destruction Deadline : If the retention period for personal information has expired, it will be destroyed within 5 days from the end of the retention period, or if the personal information is deemed unnecessary due to the achievement of processing purposes, discontinuation of the service, or termination of the business, it will be destroyed within 5 days from the date recognized as unnecessary for processing.

3) Destruction Method : For information in electronic file format, technical methods are used that make the records unrecoverable. For printed personal information, it is either shredded using a document shredder or incinerated.

6. Measures to Ensure the Security of Personal Information

In accordance with Article 29 of the Personal Information Protection Act, the Website implements the following technical, administrative, and physical measures necessary to ensure security.

1) Designate employees handling personal information and limit access to a minimum to implement measures for personal information management.

2) Conduct regular internal audits (annually) to ensure stability related to personal information handling.

3) Establish and implement an internal management plan for the safe handling of personal information.

4) Users' personal information is encrypted for storage and management, accessible only to them, and important data is transferred in an encrypted format or protected using file-locking features.

5) To prevent the leakage and damage of personal information due to hacking or computer viruses, security programs are installed, periodically updated, and checked. The systems are installed in areas with restricted access and monitored and blocked technically and physically.

6) Necessary measures are taken to control access to the database system that processes personal information by granting, changing, and revoking access rights, and intrusion prevention systems are utilized to restrict unauthorized access from outside.

7) Access records to the personal information processing system are maintained and managed for at least six months, using security features to prevent tampering, theft, or loss of these records.

8) Documents and auxiliary storage media containing personal information are stored in secure locations with locking devices.

9) A separate physical storage location for retaining personal information is established, and access control procedures are implemented and operated.

7. Installation, Operation, and Refusal of Automatic Collection Devices for Personal Information

The Website operates cookies and other devices that periodically store and retrieve user information. A cookie is a small text file sent by the server operating the website to the user's browser, which is saved on your computer's hard drive. The website uses cookies for the following purposes.

1) Purpose of Using Cookies

- Used to determine the user's access frequency, visit duration, and number of visits. Users have the option to accept or refuse cookies. Therefore, users can configure their web browser settings to allow all cookies, prompt each time a cookie is stored, or reject the storage of all cookies.

2) Methods to Refuse Cookie Settings

- For example, users can choose options in their web browser to allow all cookies, review before saving each cookie, or refuse to store all cookies.

- Example of setting method (for Internet Explorer): Tools at the top of the web browser > Internet Options > Privacy

3) If a user refuses the installation of cookies, it may be difficult to provide services.

8. Designation of Personal Information Protection Officer

1) The website designates a Personal Information Protection Officer as follows to be responsible for overall operations related to personal information processing, handling complaints from data subjects, and providing remedies for damages.

Category	Department Name	Name	Contact Number
Personal Information General Manager	Management Support Team	Hwang Soon Ju	02-3775-1945
Personal Information Protection Officer	Management Support Team	Shin Dong ju	02-3775-1945

2) Data subjects can contact the Personal Information General Manager and the responsible department for all inquiries regarding personal information protection, complaints handling, and remedies for damages related to the website. The website will respond to and process inquiries from data subjects without delay.

9. Methods for Remedying Rights Infringement

If you are not satisfied with the results of the website's internal personal information complaint handling and damage relief processes, or if you need more detailed assistance, please contact the organizations listed below.

Category	Organization Name	URL	Phone Number
Personal Information Infringement Reporting Center	Korea Internet & Security Agency	privacy.kisa.or.kr	Dial 118 (Toll-Free)
Personal Information Dispute Mediation Committee	Personal Information Dispute Mediation Committee	kopico.go.kr	1833-6972
Cyber Investigation Division, Scientific Investigation Department	Supreme Prosecutors' Office	spo.go.kr	Dial 1301 (Toll-Free)
Cyber Investigation Bureau	National Police Agency	ecrm.police.go.kr	Dial 182 (Toll-Free)

10. Enforcement of Privacy Policy

This policy will be effective from July 1, 2024.