ribiTec (hereinafter referred to as the "Company") establishes and publicly discloses this Privacy Policy as follows in accordance with the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter referred to as the "Information and Communications Network Act") and the Personal Information Protection Act to protect the personal information of data subjects and to handle any related grievances promptly and efficiently. Article 1. Purpose of Processing (Collection and Use) of Personal Information The Company processes personal information for the following purposes. Personal information being processed will not be used for purposes other than those listed below. If the purpose of use changes, the Company will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act. 1. Provision of Customer Service - Handling general inquiries through the 1:1 inquiry feature on the website, as well as through online and offline channels. ※ In cases where personal information is collected for additional purposes or when the purpose of use is changed, the Company will separately notify you of the purpose of collection, the items of personal information collected, and the retention period. Additional consent will be obtained at that time. Please note that you have the right to refuse consent, but refusal may result in limited access to the services. Article 2. Items of Personal Information Processed and Collection Methods The Company collects the following personal information from users. Purpose Target Collected Items Customer Inquiry Response Inquiry on the Website Name, Company Name, Contact Information, Email In addition, during the use of online services, system usage records, visit logs, cookie information, and statistical data may be automatically collected. As a general rule, the Company does not collect personal information from users under the age of 14. However, if such collection is necessary, the Company will obtain prior consent from the legal guardian before collecting and using the information. In this case, the Company may collect the minimum necessary information (name, contact information) directly from the user under the age of 14 without the legal guardian's consent, solely for the purpose of obtaining such consent. 1. Methods of Collecting Personal Information o Online Collection : Information provided directly by the user through the Company’s website and other web platforms. o Offline Collection : Information collected through written documents, fax, email, or phone during sales, customer consultations, or other processes, as well as information collected through business or operational partnerships with affiliated companies. Article 3. Period of Processing, Use, and Retention of Personal Information Purpose of Collecting and Retaining Personal Information Retention Period Responding to 1:1 Customer Inquiries on the Website, General/Product Inquiries 1 year However, if the retention of personal information is required by relevant laws and regulations, the Company will retain the information for a specified period. The processing, use, and retention periods for such personal information are as follows: Purpose of collecting and retaining personal information relevant court Retention Period Retention of records related to website visits (e.g., homepage) Protection of Communications Secrets Act 3 months Retention of records related to consumer complaints or dispute resolution Act on the Consumer Protection in Electronic Commerce, etc. 3 years Article 4. Provision of Personal Information to Third Parties The Company processes users' personal information only within the scope of the purposes notified at the time of collection and does not provide it to third parties, including individuals, companies, or institutions. However, personal information may be provided to third parties with the user’s prior consent or in cases where specific provisions under the Personal Information Protection Act or other relevant laws apply. Additionally, if personal information is provided in a form that does not identify specific individuals for purposes such as statistical analysis or academic research, separate consent procedures may not be required. Article 5. Rights and Obligations of Data Subjects (Users) and Methods of Exercise Users have the right to request access to, correction, deletion, or suspension of processing of their personal information related to its protection, and the Company will promptly process such requests without delay. These rights can be exercised in writing, by telephone, or via email, and may also be exercised through an authorized representative such as a legal guardian or an appointed proxy. If a user requests the correction or deletion of personal information due to errors, the Company will not use or provide the personal information to third parties until the correction or deletion is completed. Users and legal guardians have both the right to protect their personal information and the obligation not to infringe on the personal information of others. Therefore, please ensure that personal information is not disclosed or damaged, including the personal information contained in posts. Failure to fulfill these obligations, resulting in the infringement or damage of another person's personal information, may result in penalties under applicable laws. Article 6. Procedures and Methods for Destroying Personal Information The Company will promptly destroy personal information when it is no longer necessary due to the expiration of the retention period or the achievement of the processing purpose. The procedures and methods are as follows: - Destruction Procedure : Personal information that needs to be destroyed will be selected, and unless required by other laws to retain the information, it will be destroyed without delay. - Destruction Method : Personal information recorded and stored in electronic file format will be destroyed using technical methods that make the records irrecoverable. Personal information recorded and stored on paper will be shredded or incinerated. ※ If the retention period for personal information, as agreed by the user, has expired, or if the processing purpose has been achieved, but the information must continue to be retained in accordance with other laws, it will be stored separately in a different location. Article 7. Measures to Ensure the Security of Personal Information The Company takes the following measures to ensure the security of personal information: 1. Administrative Measures - Develops and implements internal management plans for the secure handling of personal information. - Limits access to critical personal information, such as unique identifiers and sensitive information, to a minimum number of individuals. 2. Technical Measures - Encrypts key personal information and restricts access to authorized personnel only. - Encrypts the transmission paths of personal information to ensure secure transmission. Article 8. Purpose and Refusal of Automatic Collection of Personal Information The Company uses cookies to store and retrieve user information in order to provide personalized services. 1. Purpose of Using Cookies - Cookies are used to understand user access frequency or time spent on the site, which helps in improving services. 2. How to Refuse Cookies - Users have the option to accept all cookies, confirm each cookie storage, or refuse the storage of all cookies by adjusting their web browser settings. - Refusal Method (for Internet Explorer): Tools > Internet Options > Privacy > Advanced > Cookie Permission Settings Article 9. Personal Information Protection Officer and Customer Service Department The Company designates a Personal Information Protection Officer to oversee the handling of personal information and address any grievances or issues related to personal information processing. For all inquiries, complaints, and remedies related to personal information protection while using the Company's services (or business), you can contact the Personal Information Protection Officer and the relevant department. The Company will respond to and address users' inquiries without delay. 1. Personal Information Protection Officer and Department - Department: IT Development Team - Contact Number: +82-70-4066-6519 - Email: info@ribitec.com 2. Customer Inquiry Service Department - Department: IT Development Team - Contact Number: +82-70-4066-6519 - Email: info@ribitec.com Article 10. Remedies for Rights Infringement Users may contact the following organizations for remedies, consultations, or assistance regarding personal information infringement. These organizations are independent of the Company. If you are not satisfied with the Company’s handling of personal information complaints or remedies, or if you need more detailed assistance, please reach out to these organizations: Category Affiliation Website Contact Number Personal Information Infringement Reporting Center KISA privacy.kisa.or.kr (no area code) 118 Personal Information Dispute Mediation Committee Cyber Crime Investigation Division www.kopico.go.kr 1833-6972 Cyber Crime Investigation Division Prosecutor's Office www.spo.go.kr 1301 (no area code) Cyber Safety Bureau Prosecutor's Office cyberbureau.police.go.kr 182 (no area code) Article 11. Changes to the Privacy Policy This Privacy Policy is effective as of August 12, 2024.