The meanings of terms used in this personal information processing policy are as follows:

"Personal information" refers to information about a living individual, including names, identification numbers, images, etc., through which an individual can be identified (this includes information that, even if not sufficient on its own to identify a specific individual, can be easily combined with other information to do so).

"Processing" encompasses a wide range of actions related to personal information, including its collection, creation, linking, interlocking, recording, storage, retention, processing, editing, searching, outputting, correction, recovery, use, provision, disclosure, destruction, and other similar activities.

The term "subject of information" refers to an individual who can be identified based on the processed information and who is the subject of that information.

A "cookie" refers to a small text file that is sent to your browser by the server used to operate a website and is stored on your computer's hard disk.

The company's principles of personal information protection are as follows:
The company clearly defines the purposes for processing personal information and legally and justly collects the minimum necessary personal information within the scope required for those purposes. The company processes personal information appropriately within the scope necessary for the purposes of processing and does not utilize it for any purposes other than those specified.
The company maintains the accuracy and currency of personal information within the scope necessary for the purposes of processing personal information, and ensures that personal information is not unjustly altered or damaged through intent or negligence during its processing. Depending on the method and type of personal information processing, the company considers the possibility and extent of infringement on the rights of the subjects of information. Consequently, it implements corresponding appropriate administrative, technical, and physical protective measures to securely manage personal information.
The company publicly discloses matters related to the processing of personal information, including its privacy policy, and establishes reasonable procedures and methods to ensure that the rights of the subjects of information, such as the right to request access, are protected. Even in cases where personal information is processed legally within the necessary scope for the purposes of processing, the company adopts methods that minimize the infringement of the privacy of the subjects of information. If the company's objectives can be achieved through anonymity after legally collecting personal information, it ensures that the information is processed anonymously. The company endeavors to gain the trust of the subjects of information by complying with and practicing the responsibilities and obligations defined in relevant laws.

The company automatically collects and stores personal information items and processes them for the following purposes:

1. Personal Information Items: User IP address, access path, browser type, operating system, date and time of visit.

2. Processing Purpose: The automatically collected and stored information will be used for statistical analysis aimed at improving and supplementing the website, facilitating smooth communication between users and the website, and providing better services to you. However, there may be instances where such information is disclosed in accordance with legal regulations.

The company, as a principle, retains automatically collected and stored personal information items for a period of one year. Upon achieving the purpose of personal information collection and use, the company promptly destroys such information.

Personal information that is printed on paper shall be crushed and destroyed using a paper shredder or via incineration.
Personal information stored in the form of an electronic file shall be deleted using technical methods that fundamentally eliminate the possibility of the personal information/data being restored.

1. The company processes the personal information of the subject within the scope specified in Article 3 (Purposes of Processing Personal Information), and personal information is provided to third parties only with the consent of the subject, under special provisions of the law, or in cases that fall under Articles 17 and 18 of the Personal Information Protection Act.

2. The status of 'Providing Personal Information to Third Parties' pursuant to the aforementioned clause is as follows:
- Third Party: SANGSANGEUM, INC
- Details of Personal Information Provided: Refer to the content specified in Article 3, Section 1
- Purpose of Use: Refer to the content specified in Article 3, Section 2
- Retention/Usage Period: 1 year

1. The company employs 'cookies' to frequently store and retrieve your information, using cookies for the following purposes.

2. Purpose of Using Cookies
- Providing personalized services through the analysis of visit frequency, visit duration, and the number of visits.
- You have the option to control the installation of cookies. Therefore, through your web browser settings, you can choose to allow all cookies, be prompted for confirmation whenever a cookie is saved, or reject the storage of all cookies.

3. How to Refuse Cookie Settings
- To refuse cookie settings, you can select the option in your web browser to either allow all cookies, require confirmation each time a cookie is saved, or reject the storage of all cookies.
- For example, in Internet Explorer: Tools - Internet Options - Privacy. However, please note that if you choose to reject the installation of cookies, you may experience difficulties in using personalized services.

To ensure the security of the website and the continuity of its services, the company employs various programs to monitor network traffic and detect attempts to illegally alter information.

Users have the right to access, modify, or request the deletion of their personal information. Should you wish to initiate any of these actions, please contact the personal information management officer via written notice, telephone, or email, and we will promptly address your request.

In order to protect the customer’s personal information and handle complaints/claims related to personal information, the company has designated a personal information manager and a department that can handle personal information-related issues as follows:

Department : Management Support Team
Name : Jeong Myeonggeun
E-mail : jmg133@kimm.co.kr
Contact : 055-251-0261

The officer responsible for receiving and processing requests for access to personal information by the subject of the information is as follows:

Department : Management Support Team
Name : Hwang Taesik
E-mail : hts345@kimm.co.kr
Contact : 055-251-0261

The subject of information has the right to request remedies for personal information infringement, consultations, and other assistance from the institutions listed below.

1. Personal Information Dispute Mediation Committee : 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Reporting Center : 118 (privacy.kisa.or.kr)
3. Cyber Investigation Division of the Supreme Prosecutors' Office : 1301 (www.spo.go.kr)
4. Cyber Investigation Bureau of the National Police Agency : 182 (ecrm.cyber.go.kr)

The company consistently publishes its privacy policy through its internet homepage and other means, ensuring continuous accessibility. Should there be any changes to the privacy policy, the company commits to disclosing the timing of such changes and their implementation, as well as the details of the modifications. This approach ensures that the subjects of the information can easily verify the updated contents.

Initial Implementation Date : 2024-04-01

Date of Revision Posting : 2024-04-01