1. General Overview

Through this policy, the Company informs users the purposes and methods for using personal data provided by them, as well as the safeguards implemented for personal information protection. This policy is prominently disclosed on the front page of the Company website to ensure easy accessibility for users at all times. It may be subject to periodic changes in accordance with procedures specified for continuous improvement, such as changes in relevant laws, guidelines, or internal operational policies of the Company. In the event of amendments to this policy, the Company will promptly publish the applicable changes on its website to ensure accessibility for users. Users are encouraged to review this personal information processing policy periodically when visiting the website.

2. Types of Personal Information to be Collected & Collection Methods

Most services on the Company’s website are freely accessible and do not require advance registration of personal information. However, the following services may require minimal personal data to ensure better service quality.

To collect personal information from users, the Company has established a separate consent process. The Company provides a mechanism, including “Agree” and “Disagree” buttons, through which users can consent to the collection and use of their names, email addresses, and contact information. Users who click the “Agree” button are considered to have consented to the collection and use of their personal information.

Under the Personal Information Protection Act, the Company collects and utilizes the following categories of personal information:

※ When a user utilizes a service, the following personal information may be automatically generated and collected:
- Connecting IP data.

3. Purpose of Collecting and Using Personal Information

The Company utilizes the collected personal information solely for verifying user identity and ensuring timely response regarding customer inquiries and business proposals. If there is a change in the purpose of use, appropriate actions are taken, including obtaining additional consent in accordance with relevant laws and regulations.

4. Protection of Personal Information for Children Under 14

To protect the personal information of children under 14, the Company chooses not to collect personal information from children by permitting membership applications only from individuals aged 14 years or older.

5. Personal Information Processors & Processing Details

The Company utilizes specialized processing contractors to handle certain aspects of user service maintenance operations. Those contracted entities are prohibited from using personal information for purposes other than those specified in the contract. In addition, the Company regularly monitors and supervises those processing contractors to prevent any unauthorized use of personal information. Prior to engaging in any processing operations, the Company provides advance notice to users.

6. Processing, Retention Period and Disposal of Personal Information

The Company processes and retains users’ personal information for the duration of their use of services provided by the Company, such as customer counseling or business proposals. Personal information is promptly deleted when there is no longer necessary for the intended purpose, when the user’s personal information is no longer needed.

However, personal information may be retained for a specified period as outlined below, for the purpose of confirming rights and obligations related to transactions, etc. under relevant laws and regulations, including the Act on the Protection of Consumers in E-Commerce, etc.

- Records of consumer complaints or dispute resolution: Act on the Protection of Consumers in E-Commerce, etc., for a period of 3 years

Personal information stored in electronic files is deleted using technical methods that render record reproduction impossible. Other records, printed materials, hard copy documents, etc., containing personal information, are destroyed using an automatic shredder or through incineration.

7. Implementation, Operation and Rejection of Automatic Personal Information Collection Mechanism

This website does not utilize cookies. A cookie is a small data file sent from a HTTP server to a user’s browser and stored in the user’s computer hard disk drive.

Users can configure their browser settings to accept all cookies, receive notifications before cookie installation, or reject all cookies. Cookies expire upon closing the browser.

• - Installation, operation and rejection of cookies : Users can refuse cookies as follows:
  • Ex. 1) Chrome browser: [Settings] → [Privacy and Security] → [Site Setting] → [Cookie and Site Data] → Configure cookie blocking
  • Ex. 2) Edge browser: [Settings] → [Cookie and Site Authorities] → Cookie and Stored Data → Configure cookie blocking
  • Ex. 3) Internet Explorer: [Tools] → [Internet Options] → [Advanced] in Privacy menu → Configure cookie blocking
• - Users who refuse to allow cookies to be stored may encounter difficulties in accessing personalized services.

8. Confidentiality

The Company will not disclose confidential information obtained through business operation or personal information provided by users, and will take appropriate measures to ensure such information remains confidential, except in the following circumstances:

• Information already publicly disclosed before it is provided to this website
• Information disclosed through actions not attributable to this website
• Information lawfully obtained by this website from a third party
• Information independently developed by this website regardless of user involvement
• Information authorized in writing by a user to be disclosed
• Other information permitted to be disclosed under relevant laws and regulations

Even in the aforementioned cases, the Company will endeavor to ensure that information is not indiscreetly disclosed against its original purpose of collection and use.

9. Links to Other Sites

This website may provide users with links to other companies’ websites or materials. In such cases, as we have no control over third-party sites and materials, we do not guarantee and assume no liability for the usefulness of services or materials provided in this manner.

When clicking a link on this website to a page on another site, users are requested to review the policies of the linked website, as its personal information processing policy is independent of ours.

10. Users’ Rights and How to Exercise Them

Users can request access to, correction of, or deletion of their personal information registered on this website at any time. Requests for deletion can be directed to a contact identified in “14. Personal Information Protection Officer and Manager” over the phone or by email.

If a request for access to personal information or suspension of its processing is submitted, the Company reserves the right to refuse the suspension of processing if there is a specific supporting provision in a law, etc.

When a user requests correction of an error in their personal information, the relevant personal information will not be processed or provided until the correction has been completed.

If personal information containing an error has already been provided to a third party, we will promptly notify the third party of the correction results.

11. Postings

The Company highly values user postings and takes every measure to ensure they remain unaltered, undamaged, or deleted, except in the following cases:

• - Spam-type postings (e.g., chain letters, spam emails, advertisements for specific sites, etc.)
• - Postings that disseminate false information to defame someone’s reputation
• - Postings that reveal the identity of an individual without their content or infringe on third party rights such as the copyright of this website or other third-party works
• - Other posting that are not relevant to the topic of the applicable thread

To maintain decency on social media, this website reserves the right to delete or replace with symbols, etc., any part of a third party’s identity disclosed without their consent. If a post can be moved to a thread on a different topic, the process of moving it will be disclosed to avoid unnecessary misunderstanding. In other cases, posts may be deleted after providing explicit or individual notice.

12. Safeguards for Personal Information

Pursuant to Article 29 of the Personal Information Protection Act, the Company takes the following technological/managerial and physical measures to ensure security:

A. Minimizing people involved in handling personal information

Authorities of those involved in handling personal information are minimized to safeguard personal information.

B. Providing training regularly to people involved in handling personal information

To promo the awareness of personal information protection, regular training is provided at least once a year.

C. Conducting internal check regularly

In-house check is conducted regularly to ensure the security of personal information processing.

D. Developing and implementing internal control plan

Internal control plan is developed and implemented to keep personal information processing and management secure.

E. Encrypting personal information

Users’ personal information and passwords are stored/managed as encrypted and protected by separate security features when transmitted.

F. Technological measures against hacking, etc.

To protect personal information from being compromised and damaged by hacking or computer virus, etc. the Company installs, updates and checks regularly security programs, deploying systems in access-controlled areas and monitoring/blocking them technologically and physically.

G. Restricting access to personal information

Access to personal information is controlled by assigning, changing and terminating authorities for accessing database system that processes personal information and unauthorized access from outside is controlled by intrusion blocking system.

H. Storing connection records and keeping them tamperproof

Records of access to personal information processing system are retained for at least one year and security features are used to keep the connection records from being altered, falsified, stolen or lost.

I. Using locking mechanisms to keep documents secure

Documents, storage media, etc. containing personal information are stored in secure locations protected by locking mechanisms.

J. Controlling unauthorized access

Physical storage locations are separately specified for personal information and access control procedures are developed and operated for such locations.

K. Safety measures against disasters

Response procedures such as crisis response manual, etc. are developed and operated to prepare for disasters including acts of God.

13. Receiving user feedback and handling grievances

Users are always entitled to sincere responses, and this website values their feedback. To facilitate communication with users, the website of the Company provides a link to customer help desk. Inquires and counseling requests will be sincerely responded to within 24 hours from acceptance thereof. Yet, inquiries and requests received after the close of business hours or on weekends or public holidays are to be processed on the immediately following working day. Other inquiries or counseling requests concerning personal information may be filed to the following channels:

Personal Information Dispute Mediation Committee : 1833-6972 (https://www.kopico.go.kr)

Personal Information Breach Reporting Center : 118 (https://privacy.kisa.or.kr)

Cyber Crime Investigation Dept. of the Supreme Prosecutors’ Office : 1301 (https://www.spo.go.kr)

Cyber Crime Investigation Bureau of the National Police Agency : 182 (https://ecrm.cyber.go.kr)

14. Chief Privacy Officer and Personal Information Protection Contact

This website does its utmost to ensure the security of necessary information for users. The chief privacy office takes full responsibility for breaches against the commitments notified to users in connection with personal information protection. However, we do not take liabilities for damage to information caused by unexpected incidents from the risks of basic network architecture such as hacking, etc. in spite of technological measures specified in relevant laws and regulations including the Personal Information Protection Act or various disputes arising in relation to user postings. Chief privacy officer and contact for processing personal information of members are as follows and we will respond promptly and sincerely to personal information-related inquiries.

Chief Privacy Officer

Name : Noh, Hyeon-kyu

Title : Office Director

Affiliation : Information Protection Office

Personal Information Protection Contact

Name : Shin Ga-eun

Title : Manager

Tel. : 070-7800-0958

Email : shingaeun@sk.com

15. Notice of Amendment to the Personal Information Processing Policy

This Personal Information Processing Policy was established on June 14, 2006 and amended on May 7, 2024. Addition, deletion or revision hereto in line with changes in government policies or security technologies will be notified on this website no later than seven days prior to applicable amendment.

• Privacy Policy Version: v2.2
• Effective Date: May. 7, 2024