'Genesystem Co., Ltd.' (hereinafter referred to as 'Company') establishes and discloses this privacy policy in order to protect the personal information of information subjects in accordance with Article 30 of the Personal Information Protection Act and to promptly and smoothly handle related complaints.
The Company's privacy policy may be revised in accordance with changes in government laws and guidelines, as well as the Company's terms and internal policies. In the event of any revisions, the Company will immediately post the changes on the website.

Key Personal Information Processing Table

Personal
Information

Processing
Purpose

Retention
Period

Outsourcing
of Processing

Personal Information
Protection Manager

1. Purpose of Processing Personal Information The Company processes personal information for the following purposes. Personal information being processed will not be used for purposes other than those specified, and in the event of a change in the purpose of use, the Company will take necessary measures, such as obtaining separate consent, in accordance with Article 18 of the Personal Information Protection Act.

2. Processing and Retention Period of Personal Information The Company processes and retains personal information within the scope of the personal information retention and use period agreed upon when collecting personal information from information subjects or as required by laws and regulations.

However, personal information may be processed and retained until the end of the following reasons:
• 1 ) In the event of ongoing investigations or inspections in accordance with relevant laws due to violations of related laws, personal information may be processed and retained until the end of such investigations or inspections.
• 2 ) In cases where there is a legal obligation to retain the information in accordance with relevant laws, the information may be processed and retained until the end of the legally mandated retention period
• · Telecommunications Business Act: Communication fact confirmation data (3 months)
• · Electronic Commerce Act: Records related to consumer complaints or dispute resolution (3 years)

3. Items of Personal Information Being Processed The Company processes the following personal information.

4. Outsourcing of Personal Information Processing The company does not outsource personal information processing tasks.

5. Procedures and Methods for the Destruction of Personal Information

• 1 ) The Company promptly destroys personal information when it becomes unnecessary, such as when the retention period has expired or the purpose of processing has been achieved.
• 2 ) In cases where personal information must be retained in accordance with other laws despite the expiration of the agreed-upon retention period or the achievement of the processing purpose, the Company moves the information to a separate database (DB) or stores it separately.
• 3 ) The procedures and methods for the destruction of personal information are as follows:.
• · Destruction Procedure: Select personal information that has become unnecessary and obtain approval from the Personal Information Protection Manager to destroy it
• · Destruction Method: Personal information recorded and stored in electronic file format is destroyed to the point where it cannot be regenerated, while personal information recorded and stored in paper documents is shredded or incinerated.

6. Rights, Duties, and Methods of Exercising the Rights of Data Subjects and Legal Guardians

• 1 ) Data subjects and legal guardians can exercise the rights to access, correct, delete, and request the suspension of personal information processing at any time.
• 2 ) Data subjects can exercise their rights regarding personal information by submitting a request to the personal information manager in writing, by phone, or by email, and the Company will promptly take action after verifying their identity.
• 3 ) Rights may also be exercised through an agent, such as the legal guardian or a delegate. In such cases, a power of attorney in accordance with the format provided in the Personal Information Processing Method Notice (Annex No. 11) of the Enforcement Rules of the Personal Information Protection Act must be submitted.
• 4 ) The right to access personal information and request processing suspension may be limited in accordance with Article 35, Paragraph 4, and Article 37, Paragraph 2 of the Personal Information Protection Act.
• 5 ) The right to correct or delete personal information cannot be requested if the personal information is specified as a collection target in another law.
• 6 ) The Company confirms whether the individual making a request is the data subject or a legitimate representative before processing requests for access, correction, deletion, and processing suspension in accordance with the rights of data subjects

7. Matters Related to Ensuring the Security of Personal Information

The Company takes the following measures to ensure the security of personal information:
• 1 ) Administrative Measures: Establishment and implementation of internal management plans, operation of a dedicated organization, regular employee training
• 2 ) Technical Measures: Access control for personal information processing systems, installation of access control systems, encryption of personal information
• 3 ) Physical Measures: Access control for facilities such as computer rooms and document storage rooms
• 4 ) Providing Link Site Policy:
  The Company may provide links to websites or data of other companies to users. In this case, the Company has no control over third-party websites, data, products, and services and cannot be held responsible or guarantee the usefulness of products, services, or information obtained from them. When clicking on links provided by the Company to visit the pages of other sites, please review the policies of the newly visited sites as they are not related to the Company.

8. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices

The Company uses "cookies" for the following purposes. Cookies are small amounts of information sent by the server (http) operating the website to the user's computer browser or mobile application, where they are stored on the user's computer's hard disk or mobile device.
• 1 ) Purpose of Using Cookies: Maintaining user environment settings, analyzing service usage to improve services
• 2 ) Disadvantages of Refusing to Store Cookies: There may be difficulties in providing users with optimized services and information.
• 3 ) Installation, Operation, and Refusal of Cookies: Depending on the type of browser or app, you can refuse to store cookies through the following methods:
• · How to set cookies in Chrome: view
• · How to set cookies in Microsoft Edge: view
• · How to set cookies in Safari: view

9. Matters Related to the Collection, Use, and Refusal of Behavioral Information The Company does not collect, use, or provide behavioral information for online personalized advertising and other purposes.

10. Matters Related to the Personal Information Protection Manager 1 ) The Company is responsible for overseeing the processing of personal information and designates a personal information protection manager to handle personal information processing and related complaints and remedies.

2 ) Data subjects can contact the personal information protection manager and the relevant department at any time for inquiries, complaint handling, and remedies related to personal information protection issues that may arise while using the Company's services (or business).

11. Department Responsible for Receiving and Handling Requests to Access Personal Information Data subjects may request access to their personal information in accordance with Article 35 of the Personal Information Protection Act from the following department. The Company will make efforts to promptly process requests for the inspection of personal information.

12. Methods for Remedying Infringement of Data Subject Rights

Data subjects may apply for dispute resolution, counseling, and other matters related to infringement of their rights by contacting the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency Personal Information Infringement Reporting Center, and other institutions. For inquiries and counseling regarding other personal information infringements, please contact the following organizations:
• 1 )Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
• 2 )Korea Internet & Security Agency Personal Information Infringement Reporting Center: 118 (privacy.kisa.or.kr)
• 3 )Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
• 4 )Korean National Police Agency: 182 (ecrm.cyber.go.kr)

Data subjects or their legal representatives can file an administrative lawsuit in accordance with the Act on Administrative Appeals against dispositions made by heads of public agencies or their subordinates in violation of Article 35 (right to access personal information), Article 36 (right to correct or delete personal information), and Article 37 (right to request processing suspension, etc.) of the Personal Information Protection Act. ※ For more information about administrative lawsuits, please refer to the website of the Central Administrative Appeals Commission (http://www.simpan.go.kr)

13. Matters Related to Changes in the Privacy Policy

This privacy policy is effective from 2023-11-03.
The previous privacy policy can be reviewed at the following location.