Privacy policy

1. Introduction
Hanon Systems (hereinafter referred to as the ‘Company’) will regard protection of users’ personal information as important, and comply with the provisions on protection of personal information pursuant to the “Personal Information Protection Act,” and handle the personal information, collected, retained and processed according to the provisions in related laws, lawfully and appropriately to conduct business properly and protect the rights of the data subject.
The Company has the following privacy policy to protect the personal information and rights of data subjects according to related laws, and to efficiently solve the problems facing data subjects in relation to personal information, and if the privacy policy is revised, the Company will announce it through its website.
2. Collected personal information items
The Company collects the following personal information of users to update IR emails, request data and support recruiting. The Company will not disclose personal information without the prior consent of the user, and use the collected information as follows:
Financial Calendar List
Services Personal Information Purpose Collecting Method Possession Basis
Compulsory Optional
Customer Service Name, email, address Phone number Fluent response for the customer’s requirement Online User’s agreement
Cyber Sinmungo (no compulsory information) Name, telephone, mobile phone, email, classification information (employee, cooperative, other) Gathering reports and opinions from stakeholders Online User’s agreement
IR Information Requirement Name, investor type, nation, email address Title, division, zip code, detailed address, phone number, fax. Quick update of IR information for investors and regular customers, etc. Online User’s agreement
Recruit Name, phone number, email, photo, address, military service, academic background, career, and other information needed for recruit - Identification, offering basic information for recruit, announcing rejection/acceptance, emergency contact, etc. Online User’s agreement
Managing Visitors Company name, name License plate number Identifying and managing reservation of visito Online or offline User’s agreement
3. Personal information retention and use period
In principle, the Company will immediately destroy personal information if the purpose of personal information collection and use is accomplished. Users may request the Company at any time to view and delete the personal information the Company has, and correct errors. The deleted customer data will not be kept any longer. Users can request data deletion by e-mail, fax and phone.
4. Matters concerning provision and consignment of personal information to a third party
The Company will use users’ personal information within the scope described in “purposes of personal information collection and use,” and does not provide or consign personal information to a third party without the prior consent of users. However, exceptions will be made in the following cases:
  • According to the provisions of laws, or at the request of an investigative agency according to the procedure and method stipulated in laws for the purpose of investigation
5. User’s Rights and Duty
User can exercise following rights as owner of the personal information.
1. User can exercise following personal information protection rights whenever user wants.
   - request for reading the personal information
   - request for corrections of error
   - request for deletion
   - request for suspension of the information
2. User can exercise the rights stated in the clause no.1 by written form, email, and fax after the form in attach no. 8 of ‘Personal Information Protection Law     Enforcement Regulations’. Company will take action instantly.
3. When user requests for correction of error or deletion, company will not use or offer the personal information until correction or deletion is completed.
4. Exercising the right stated in the clause no.11 can be done by a legal representative or a delegating person. In this case powers of attorney should be     submitted in the form of attach 11 in ‘Personal Information Protection Law Enforcement Regulations’
6. The procedure for and method of destroying personal information
The procedure for and method of destroying inputted personal information are as follows:
  • Destruction procedure
    The information provided to request IR data will be moved to a separate DB after the purpose is accomplished, and destroyed after a certain amount of time for the purpose of personal information protection according to internal policies and other related laws.
    The personal information, moved to a separate DB, will not be used for purposes other than stipulated by laws and the purpose of retention.
  • Destruction method
    Personal information saved as electronic files must be deleted using a technical method that makes it impossible to reproduce the records.
    Other recording media than records in the form of electronic files, printed matters, and documents will be shredded
7. Matters concerning the stability of personal information
Company take technical, administrated, physical actions to secure the stability according to the ‘Personal Information Protection Act’ article no. 29.
1. Minimizing and education employees handling personal information
    Company appoints and limit the employee who handles the personal information to manage personal information.
2. Periodical internal audit
    Company runs internal audit periodically to secure stability of handling personal information
3. Establishing and enforcing internal management plan
    Company establishes and enforces internal management plan for safe use of personal information
4. Encryption of personal information
    User’s password is stored and managed encrypted so that only user can know the password, and security functions such as encrypting files and transfer
    data of important information or file locking functions are used.
5. Technical measures to prepare hacking
    Company has installed security programs and refresh and examine it periodically to prevent leakage and damage of personal information from hacking or
    computer virus. And system is installed in access controlled area and it is observed and blocked technically and physically.
6. Limit access to personal information
    Access to personal information is controlled by giving, changing, and erasing the authority to
    access personal information database. And unauthorized access is controlled by a firewall.
7. Storage of access record and prevention of forging and tampering
    Access record to personal information system is stored and managed for at least 6 months, and security function is used to prevent the information to be
    forged, tampered, stole, and lost.
8. Use of lock to secure documents
    Documents and storage devices containing personal information are stored in a safe place with a lock.
9. Admission control for unauthorized person
    Personal information is stored in a physically separated place and admission control procedure is established and operated.
8. Persons in charge of managing personal information, their affiliation, names and contact info
To protect personal information and handle complaints related to personal information, the Company assigns the following departments and persons in charge of managing personal information.

Privacy protection officer
Person in charge: Seo Eun Kang, Communications Team
Phone number: 02-3498-5465
Email: skang19@hanonsystems.com
9. Remedies and Procedures to infringement on rights and interests
If you have any other questions or report about violation of personal information, please call or inquiry to the below organizations for better help.
  • KISA Privacy Center (privacy.kisa.or.kr / +82-118)
  • Korea Internet & Security Angency (www.spo.go.kr / +8202-3480-3573)
  • The Cyber Terror Response Center (www.ctrc.go.kr / +821566-0112)
  • Central administrative judgment commission (www.simpan.go.kr/ +82-100)
10. Changing the personal information processing policy
This personal information processing policy will go into effect in December 2014.
You can view previous personal information processing policies below.
  • Privacy policy version number : v1.0
  • Privacy policy enforcement date : November 1, 2013
  • View details contents of the text below