1. Collection Items, Processing Purposes, and Retention Period of Personal Information

The Company collects and processes Personal information for the following purposes. The processed Personal information shall not be used for purposes other than the following, and if the purpose of use changes, necessary measures, such as obtaining separate consent, shall be taken.

2. Third-Party Disclosure of Personal Information

The Company shall not disclosure the Personal information collected and held to third parties without the user's consent, except in the following cases

1. When separate consent is obtained from the Information subject.
2. When there is a special provision in the law or when it is unavoidable to comply with legal obligations.
3. In cases where the Information subject or his/her legal representative is in a state where he/she cannot express their intention, or in situations where prior consent cannot be obtained due to an unknown address, and it is deemed necessary for the urgent benefit of the life, body, property of the Information subject, or a third party.
4. When necessary for statistical compilation, academic research, etc., subject that Personal information is provided in a form where a specific individual cannot be identified.
5. In cases where, without using or providing Personal information for purposes other than the original intent, it would be impossible to perform the duties prescribed by other laws; provided that this situation has been deliberated and resolved by the Protection Commission.
6. When necessary to provide Personal information to a foreign government or international organization for the fulfillment of treaties and other international agreements.
7. When necessary for the investigation, indictment, and maintenance of a criminal case.
8. When necessary for the performance of judicial duties by the court.
9. When necessary for the execution of criminal punishment, custody, and protective measures.

3. Personal Information Protection Officer

1. The Company takes overall responsibility for the management of Personal information processing, and has designated a Personal Information Protection Officer as follows to handle complaints and provide relief for damage from Information subjects related to Personal information processing.

   개인정보처리방침 보호책임자 성명, 부서, 전화번호, 이메일에 관련된 표

   Name	Dept	Tel.	Email
   Dir. Lee Won-chan	Administration Dept.	+82-42-671-1122	wclee@kles.co.kr

2. Information subjects may contact the Personal Information Protection Officer for all inquiries, complaints, and remedies related to Personal information protection arising from the use of the Company's services or business.

4. Rights & Duties of Information Subject, and Exercise Method

Information subjects can exercise their rights at any time, such as requesting to access, correct, delete, or suspend the processing of Personal information submitted to the Company.

1. To access or correct Personal information, Information subjects can contact the Personal Information Protection Manager or the designated personnel in writing, via email, facsimile (FAX), etc. After going through the identity verification process, the request shall be taken care of without delay.
2. In the case of a request for correction of personal information errors, the Company shall not use or provide the relevant Personal information until the correction is completed.
3. The information subject may request withdrawal of consent to the collection, use, and provision of personal information, deletion, and suspension of processing. Withdrawal of consent, deletion, and suspension of processing of Personal information shall be promptly processed by contacting the Personal Information Protection officer or the designated personnel after going through the identity verification process.

5. Destruction of Personal Information

The Company, as a principle, promptly destroys Personal information when it becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose. If Personal information must be retained according to other laws despite the expiration of the agreed-upon retention period or the fulfillment of the processing purpose, the Company shall transfer the relevant Personal information to a separate database (DB) or store it in a different location. The process, deadline, and method for the destruction of personal information are as follows

1. Destruction of Personal information:  Personal information whose retention period has expired must be destroyed without delay from the expiration date.
2. Destruction of the Personal information file:  When the Personal information file becomes unnecessary, such as the achievement of the purpose of processing the Personal information file, abolition of the relevant service, or termination of business, the Personal information file shall be destroyed without delay from the date on which processing of the Personal information is deemed unnecessary.

1. For electronically recorded and stored Personal information, the Company shall use methods such as low-level formatting to ensure that the records cannot be regenerated. For Personal information recorded and stored in paper documents, the Company shall shred or incinerate them to destroy the information.

6. Ensuring the Security of Personal Information

In processing Personal information, the Company takes the necessary measures to ensure security as follows

1. Administrative Measures: Establishment and implementation of internal management plan, regular Personal information protection training for members, etc.
2. Technical Measures: Management of access rights to Personal information processing systems, installation of encryption and security programs, etc.
3. Physical Measures: Access control to locations where Personal information is stored, such as computer rooms and data storage rooms.

7. Installation, Operation, and Rejection of Automatic Collection Devices for Personal Information

The Company uses ‘cookies’ on the website to store and frequently retrieve the Information subject’s usage information. Cookies are small pieces of information sent by the server (HTTP) operating the website to the user's computer browser, where they are stored on the user's PC's hard drive.

1. Used to analyze the frequency of visits to the website, the time of visits, etc., to understand the interests of Information subjects and for tracking user activities.

1. Information subjects have the option to control the installation of cookies. Therefore, users can either allow all cookies, be prompted for confirmation whenever a cookie is stored, or refuse the storage of all cookies by adjusting the settings in their web browser.
2. Example of setting method
   • (For Edge): Browser settings at the top > Cookies and site data > Allow sites to save and read cookie data (recommended)
   • (For Chrome): More options at the top right of the web browser > Settings > Advanced > Privacy and security > Site settings > Cookies > Allow sites to save and read cookie data (recommended)

8. Remedy for Infringement of Rights and Interests

Personal information subjects may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Reporting Center, etc. in order to receive relief from damage caused by Personal information infringement.

1. Personal Information Dispute Mediation Committee : 1833-6972, (www.kopico.go.kr)
2. Personal Information Infringement Reporting Center : (without area code) 118, (privacy.kisa.or.kr)
3. Supreme Prosecutors' Office Cyber Investigation Div. : (without area code) 1301, (www.spo.go.kr)
4. National Police Agency Cyber Investigation Bureau : (without area code) 182, (cyberbureau.police.go.kr)

9. Changes to the Personal Information Processing Policy