HancomGenieK Inc. (hereinafter referred to as "the Company" or "HancomGenieK Inc. services") complies with the personal information protection regulations under the relevant laws that information and communication service providers must adhere to, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter referred to as the "Information and Communications Network Act"), and has established a privacy policy in accordance with such laws to protect the user's rights to the fullest extent possible.

   

Chapter 1. Items of Personal Information Collected and Collection Methods

   

The Company collects personal information for membership registration, service provision, personal real name and account information according to the scholarship system, and other consultations. In addition, the Company may request personal information for group statistical analysis or for the purpose of sending prizes during surveys or events. However, the Company does not collect sensitive personal information (such as race and ethnicity, ideology and religion, place of birth and hometown, political tendencies and criminal records) that may infringe on the user's basic human rights, and if such information must be collected, the Company will obtain the user's prior consent. Even in this case, please be assured that the information you provide will not be used for any purpose other than the purpose disclosed to you in advance for the provision of the relevant service or for any other purpose.

   

       

The collection of personal information is as follows.

       

A. The following is the information collected for personal information when a user signs up for the first time to identify the member and provide optimized services. Users have the right to refuse to agree to the collection and use of personal information, but if they refuse, membership registration and service provision will not be possible. However, for optional items, there is no problem with membership registration and service use even if the user refuses.

       

           
• - Required items: ID, password, name, gender, date of birth, mobile phone number, email
           
• - Optional items: Hancom Zincke survey (What do you like the most?), phone consultation, recommended ID, marketing consent
       

       

B. The following information may be automatically generated and collected during the process of purchasing and using the service.

       

           
• Information collected during payment and usage process:
       

       

           
• *Payment: name of credit card company, credit card number, expiration date, mobile phone number, email, communication carrier, payment approval number, name of bank, account number
           
• *Shipping: shipping address, postal code, recipient, purchased product information
           
• *Scholarship refund: ID, mobile phone number, scholarship challenge stage, name of bank, account number, account holder
           
• *Counseling: name, phone number, available counseling time, counseling content
       

       

           
• Automatically collected information:
       

       

           
• *IP Address, cookies, date of visit, service usage history
       

       

C. Methods of collecting personal information.

       

           
• Personal information is collected through various channels such as website, application, phone, counseling bulletin board, event participation, and delivery request using a generated information tool.
       

   

   

Chapter 2. Collection and Purpose of Personal Information

   

       

The company collects personal information for the following purposes:

       

Performance of contracts related to service provision and billing for services provided

       

Management of members for the provision of content, delivery of goods, issuance of invoices, personal identification, purchase and payment of fees, and financial services

       

Verification of identity, personal identification, prevention of unauthorized use and fraudulent use by members using membership services, confirmation of intention to join, age verification, confirmation of consent of legal representative when collecting personal information of children under 14 years of age, handling complaints and processing civil complaints, providing notices, marketing and advertising new services development and customization, provision of services and advertising based on demographic characteristics, analysis of access frequency, statistics on members' service usage, provision of information on events and advertisements

   

   

Chapter 3. Consent to Collection of Personal Information

   

The company obtains consent from members for the collection of personal information, and has established a procedure for obtaining consent for the collection of personal information in the membership registration process through the terms and conditions and privacy policy. If you check the box that says ["I agree to the terms and policies"], we consider that you have agreed to the collection of personal information.

   

Chapter 4. Retention and Use Period of Personal Information

   

As long as the service user continues to use the service as a member, the company will continue to retain and use the user's personal information for the purpose of providing the service.

   

The personal information of the service user will be irreversibly destroyed when the collection and use purposes (including temporary purposes such as surveys and events) are achieved, or when the user deletes or withdraws from membership directly.

   

If there are requests for prevention of abuse of user rights, prevention of misuse, protection of rights and defamation disputes, or cooperation in investigations, the company may retain the member's personal information for up to one year from the termination of the user agreement in anticipation of recurrence.

   

If it is necessary to retain member information in accordance with the provisions of related laws and regulations, such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, the company will retain the member information for a certain period of time as stipulated by the relevant laws and regulations.

       

In this case, the company will use the retained information only for the purpose of retention, and the retention period is as follows:

       

A. Reasons for Retention of Information Based on Company Policy

           

               
• The retention period for personal information upon withdrawal from membership is as follows:
               
• Reasons for retention: Prevention of re-registration by malicious users, protection of rights and defamation disputes, cooperation in investigations
               
• Retention period: 1 year after withdrawal from membership
           

       

B. Reasons for Retention of Information Based on Related Laws and Regulations

           

               
• If it is necessary to retain member information in accordance with the provisions of related laws and regulations, such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, the company will retain the member information for a certain period of time as stipulated by the relevant laws and regulations. In this case, the company will use the retained information only for the purpose of retention, and the retention period is as follows.
               
• Record of contract or withdrawal of subscription
               
• Reason for retention: Consumer Protection Act in e-commerce, etc.
               
• Retention period: 5 years
               
• Record of payment of fees and supply of goods, etc.
               
• Reason for retention: Consumer Protection Act in e-commerce, etc.
               
• Retention period: 5 years
               
• Record of consumer complaints or dispute resolution
               
• Reason for retention: Consumer Protection Act in e-commerce, etc.
               
• Retention period: 3 years
               
• Record of identity verification
               
• Reason for retention: Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
               
• Retention period: 6 months
               
• Record of visits
               
• Reason for retention: Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
               
• Retention period: 3 months
           

   

Chapter 5. Procedures and Methods for Destruction of Personal Information

   

You can access or modify your personal information registered on the website at any time, and you can also request to withdraw your membership. You can access and modify your personal information by logging in to the website and using the member information change function, and you can modify all items except for your ID, resident registration number, and name.

   

If you wish to withdraw your membership, you can do so on the website, but please consider carefully as all registered information will be destroyed, and there may be restrictions on rejoining after withdrawal. The procedures and methods for the destruction of personal information by the company are as follows:

       

Destruction Procedures

       

The information entered by the user for membership registration and other purposes is transferred to a separate database (or a separate document file in the case of paper documents) after the purpose is achieved and stored for a certain period of time according to internal policies and other relevant laws and regulations for information protection (refer to retention and use period) before being destroyed.

       

Personal information is not used for any other purpose beyond retention, except as required by law.

       

Destruction Methods

       

Personal information printed on paper is destroyed by shredding or incineration.

       

Personal information stored in electronic file format is deleted using technical methods that cannot reproduce records.

   

Chapter 6. The rights of users and legal representatives and how to exercise them

   

Users and legal guardians have the right to access and modify their own or their under-14 children's personal information and may also request cancellation of their registration at any time.

   

To access or modify personal information of the user or under-14 child, they may click on "modify member information" (or "change member information") and to cancel registration, they may click on "cancel membership" after going through the verification process.

   

Users may also contact the personal information manager by mail, phone or email, and we will promptly take necessary action.

   

If a user requests correction of any errors in their personal information, we will not use or provide such information until the correction is completed. Furthermore, if we have already provided incorrect personal information to a third party, we will notify the correction results to the third party without delay.

   

The company processes the personal information that has been terminated or deleted by the request of the user or legal guardian according to the retention and use period of personal information and does not allow access or use for any other purposes.

   

Chapter 7. Matters concerning the installation and operation of an automatic personal information collection device and its refusal

   

A cookie is a small data file sent from an HTTP server to a user's browser, and is stored on the user's computer. The company uses these cookies to obtain information about the user's browser format or service usage pattern, and uses this information to provide customized and more convenient services to the user.

   

Users have the option to choose whether to accept cookies. They can allow all cookies, require confirmation for each cookie storage, or refuse to store all cookies by selecting an option in their web browser. However, if a user chooses to refuse cookie storage, they will not be able to use any of the company's services that require login.

   

Chapter 8. Technical and Administrative Measures for Personal Information Protection

   

Your personal information is protected by a password. Only you know your account password, and only you can access and change your personal information using that password. Therefore, you should not disclose your password to anyone. After you finish using the service, it is recommended that you log out and close the web browser. Especially when using a computer in a public place or sharing it with others, these procedures are necessary to prevent your personal information from being disclosed to others. The company is not responsible for any personal information leakage due to user negligence or internet-related problems.

   

The company minimizes the number of employees handling personal information and emphasizes compliance with the personal information protection policy through ongoing education for responsible employees.

       

The company implements technical and administrative measures for personal information protection as follows:

       

We have a full range of firewall and security systems in place to prevent hacking.

       

We install SSL security server certificates for transmitting and receiving personal information to protect the information.

       

Access to personal information is restricted to those who are responsible for their respective tasks and those who are required to handle personal information for their work. Other employees are prevented from accessing personal information.

   

Chapter 9. Personal Information of Children

   

As a rule, the company does not collect personal information of children under 14 years of age. However, in special cases, the company may collect personal information of children with the consent of their legal guardian.

   

The company is doing its best to protect your personal information. However, in addition to these efforts, you should also be careful not to expose your password to third parties. Especially, please be careful not to expose your password in public places through a PC.

   

In addition, the company will never ask for your password by phone or email. Therefore, please use your ID and password only by yourself and change your password frequently. The company does its best to protect personal information, but it is not responsible for personal information leakage that is not caused by the user's personal mistake or the company's fault.

   

Chapter 10. Personal Information Protection Manager

   

If you have any opinions or suggestions related to the Company's personal information processing policy, please email us, and we will promptly take action and inform you of the results of the processing.

       

The Personal Information Protection Manager and staff are as follows:

       

Personal Information Protection Manager

           

               
• Name: Lee Kwang-heon
               
• Affiliation: Hancom Inc.
               
• Position: CEO
               
• Phone: 031-627-7719
           

       

Personal Information Protection Administrator

           

               
• Name: Lee Kwang-heon
               
• Affiliation: Hancom Inc.
               
• Position: CEO
               
• Phone: 031-627-7719
           

       

Personal Information Protection Officer

           

               
• Name: Lee Kwang-heon
               
• Affiliation: Hancom Inc.
               
• Position: CEO
               
• Phone: 031-627-7719
           

   

[Supplementary Provisions]

   

The previous Privacy Policy has been amended to the Privacy Policy for Personal Information Processing.

   

In the event of any revisions or alterations to the current Privacy Policy for Personal Information Processing, we will provide a notice on the website at least 7 days prior to its enforcement.

   

The Effective Date of the Privacy Policy for Personal Information Processing is April 01, 2023.