Trust Lab Co., Ltd. (hereinafter referred to as the “Company”) complies with the provisions of the Personal Information Protection Act and related laws to protect the freedom and rights of information subjects, lawfully processes and safely manages personal information. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, we have established and disclosed the personal information processing policy as follows in order to guide information subjects to the procedures and standards for personal information processing and to promptly and smoothly handle complaints related thereto. do. Through its personal information handling policy, the company informs you of the purpose and method for which the personal information you provide is being used and what measures are being taken to protect personal information. If the company revises its personal information handling policy, it will notify you through website notices (or individual notices).

Personal Information Items Collected

• Personal information collected at the time of membership registration is as follows.
  
  - Collection items when signing up for email: (required) name, email, password
  - Collection items selected when signing up as a member (after): Department name, position, profile photo
• Personal information collected at the time of customer inquiry is as follows.
  
  - Items collected when contacting the sales team: (Required) Organization name, name, email, cell phone number (Optional) Position
• The following personal information items may be automatically created and collected during the use of Internet services.
  
  - IP address, cookies, service usage records, visit records, etc

Provision of personal information when signing up for each organization (institution, group)

When signing up to use a group such as an institution, organization, or company, the personal information provided to the group administrator is as follows.

- Required collection items: name, email
- Optional collection items: department name, position, profile photo

When additional personal information is collected, the user is informed of the ‘items of personal information being collected, the purpose of collection and use of personal information, and the storage period of personal information’ at the time of collection of the personal information, and the user’s consent is obtained.

Purpose of collection and use of personal information

The company uses the collected personal information for the following purposes.

- Identity verification, personal identification, and member management according to the use of membership services
- Determination of access frequency or statistics on member service use

Retention and use period of personal information

After the purpose of collecting and using personal information has been achieved, the company destroy the information without delay without exception.

Personal information destruction procedures and methods

In principle, the company destroys personal information without delay after the purpose of collecting and using personal information has been achieved. Destruction procedures and methods are as follows.

Destruction procedure

In principle, the company destroys the information without delay after the purpose of collecting and using personal information has been achieved. Destruction procedures and methods are as follows.

• Destruction procedure
  
  - Once the purpose of use of the collected personal information has been achieved or the retention period has expired, the information is destroyed without delay. However, information that must be kept in accordance with this handling policy and related laws will be kept for the period specified by law and then destroyed. In this case, the collected personal information will not be used for any other purpose unless required by law.
• Destruction method
  
  - Personal information stored in electronic file format is deleted using technical methods that render the records unrecoverable.

In cases where personal information must continue to be preserved pursuant to other laws and regulations despite the expiration of the personal information retention period agreed upon by the information subject or the purpose of processing has been achieved, the personal information may be transferred to a separate database (DB) or stored in a different storage location. and preserve it. Personal information transferred to a separate DB will not be used for any purpose other than that for which it is retained, unless required by law.

In accordance with the Act on Consumer Protection in Electronic Commerce
- Payment or withdrawal records: kept for 5 years
- Record of customer complaints or dispute resolution: kept for 3 years

Provision of personal information

In principle, the company does not provide users' personal information to outside parties. However, exceptions are made in the following cases.

- When users consent in advance
- When there is a request from an investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods set forth in the law for the purpose of investigation.

User's rights and how to exercise them

Users can view or modify their registered personal information at any time and may also request cancellation of membership. To view and edit the user's personal information, click 'Change personal information' (or 'Edit member information', etc.). To cancel membership (withdraw consent), click 'Withdraw membership' and go through the identity verification process to directly view and correct. Alternatively, you can withdraw. Alternatively, if you contact the personal information manager in writing, by phone or email, we will take action without delay. If you request correction of an error in personal information, the personal information will not be used or provided until the correction is completed. Additionally, if incorrect personal information has already been provided to a third party, we will notify the third party of the result of the correction without delay so that the correction can be made. Personal information canceled or deleted by the user is processed as specified in the retention and use period of the collected personal information and is processed so that it cannot be viewed or used for any other purpose.

Matters related to the installation, operation, and refusal of automatic personal information collection devices

The company operates 'cookie' that stores and finds your information from time to time. A cookie is a tiny text file that the server used to run ‘Labcord’ website sends to your browser and is stored on your computer's hard disk. The company uses cookies for the following purposes.

• Purpose of use of cookies, etc.
  
  - Analyze service access frequency, visit time, number of visits, etc. and use it to provide and improve services
• How to refuse cookie settings
  
  - The information subject has the option to install cookies. Therefore, you can allow all cookies by setting options in your web browser, or You can confirm each time a cookie is saved, or you can refuse to save all cookies.
  - Example of setting method (rejection setting method)
  - Internet Explorer : Tools at the top of your web browser > Internet Options > Privacy > Advanced > Cookie Blocking
  - Microsoft Edge: Settings and other at the top of the web browser > Settings > Cookies and site permissions > Manage and delete cookies and site data > Allow sites to save and read cookie data (recommended) Turn off
  - Chrome: Custom Settings and controls at the top of your web browser > Privacy and Security > Cookies and other site data > Block all cookies Tools at the top of the web browser > Internet options > Personal information > Advanced > Select setting method
  However, if you refuse to store cookies, you may have difficulty using some services that require login.

Matters pertaining to the person in charge of personal information protection

In order to protect customers' personal information and handle complaints related to personal information, the company designates a personal information protection manager and person in charge as follows.

You can report any personal information protection-related complaints that occur while using the company's services to the person in charge of personal information management or the department in charge.
The company will quickly and sufficiently respond to users' reports. If you need to report or consult other personal information infringement, please contact the following agency.

- Personal Information Infringement Reporting Center(privacy.kisa.or.kr / Phone no. 118)
- Cyber Investigation Division of Supreme Prosecutors' Office(www.spo.go.kr / Phone no. 1301)
- Cyber Safety Bureau of the National Police Agency(cyberbureau.police.go.kr / Phone no. 182)

This privacy policy applies to ‘Labcord’, one of the company’s brands, and all related services (including mobile web/apps), and separate privacy policies may apply to services provided under other brands. If there are any additions, deletions or modifications to the contents of this personal information processing policy, prior notice will be provided through the website at least 7 days prior to the revision. However, if there is a significant change in user rights, such as a change in the items of personal information collected or the purpose of use, a notice will be provided at least 30 days in advance, and user consent may be obtained again if necessary.

Notification date : July 20, 2024
Effective date : August 1, 2024