Personal information shall not be used apart from the following purposes. If the purpose of use is amended, the company shall request prior consent from customers in accordance with the requirements of the Personal Information Protection Act.

• Product inquiries and customer responsePersonal identity verification, customer inquiry acknowledgment and response to inquiries, customer relationship management, after-sales service management, service usage management, dispute resolution and response to customers and related record-keeping, handling complaints related to products and services and the delivery of notifications in response to complaints and processing results, support for the resolution in case of dispute, and delivery of the notice, among others.
• Provision of products and servicesSupplying products and services; determining whether to conclude a contract; implementing the contract, considering the payment of expenses in return for the provision of services; communicating with customers within the scope necessary for the conclusion and implementation of the contract; sending estimates, contracts, and invoices; seeking evidence of the legitimate conclusion and performance of the contract; managing the overall contract status, including contract counterparties, contract details, and payment details; cooperation with customers (purchasing and sales outlets) and related companies (headquarters, affiliates, etc.).

The company shall, under the Personal Information Protection Act, use or provide personal information within the scope reasonably related to the original purpose of its collection, considering whether disadvantages may arise to the customer who has supplied personal information (hereinafter “the subject of information”) and whether the measures necessary to secure safety, such as encryption, have been undertaken. Specific considerations will be given to the Personal Information Protection Act and relevant laws, purpose of use and provision of personal information, method of use and provision of personal information, and items of personal information to be used and provided; in the case that the subject of information has consented, or there is a notice or disclosure to the subject of information, the company shall make a careful judgment as to whether to use or provide such information by taking into account all the circumstances and considering the contents, impact on the subject of information according to the use and provision, and the measures undertaken to protect the particular information.

• Whether it is related to the original purpose of the collection
• Whether the personal information is likely to be used or provided in the foreseeable future in light of the circumstances in which the personal information was collected or in the practice of processing the personal information
• Whether the interests of the subject of information are unreasonably infringed upon
• Whether measures necessary to secure safety, such as pseudonymizing or encryption, have been undertaken

The company collects the following personal information for the abovementioned purposes

• Items for collection customer name, company name, email address, mobile phone number, specifications and quantity of the inquired product, application field and characteristics of required devices, company introduction, service use record, access log, access IP information, and personal information voluntarily entered by the user to the website in the inquiry.
• Personal information collection methodwebsite (product inquiry)

In principle, the personal information collected is destroyed without delay once the purpose of its use is met. However, when it is necessary to retain them in accordance with the relevant regulations, the company shall retain customer information for a specific period as specified by the following relevant regulations.

The company shall retain and use personal information related to product inquiry, customer response, and providing products and services purposes for three years since the date inquiry was registered.

In principle, the company destroys the personal information collected without delay once the purpose is met. The procedure and method of destruction of personal information are as follows.

• Destruction procedure Information entered for product inquiry is destroyed immediately once the purpose of its use is met or the agreed retention period expires. When it is necessary to retain information for a certain period for information protection and retention purposes according to internal policies and other relevant laws and regulations, the information is transferred and stored in a separate database. Thereafter, once the purpose of use is met, the information is destroyed immediately. Personal information transferred to a separate database is not used for purposes specified in the Personal Information Protection Act.
• Destruction methodPersonal information stored in electronic file formats is deleted using a technological method that cannot be restored. Personal information printed on paper is shredded or incinerated.

In principle, the company does not provide customers’ personal information to external parties. However, exceptions are made in the following cases.

• in the cases where the customer provides their consent in advance
• in the cases where it is in accordance with the provisions of the laws and regulations

Customers may exercise their right to personal information protection, such as requesting to view, provide, correct, and delete their personal information, as stipulated by the relevant laws such as the Personal Information Protection Act. The aforementioned rights may also be exercised through the customer’s legal representative or a person delegated by the customer.

The company shall take action without delay in relation to the exercise of the customer’s rights in accordance with the relevant laws such as the Personal Information Protection Act. However, the exercise of the customer’s rights may be restricted in accordance with the provisions of relevant laws and regulations.

The company operates using “cookies” to store and find customer information from time to time. A cookie is a very small temporary file automatically created when a customer accesses a website and is stored on the customer’s desktop computer or other devices. The company uses cookies for the following purposes:

(a) analyzing customer access frequency, visiting time, and so on
(b) identifying customer tastes and interests and tracking traces and
(c) providing targeted marketing and personalized services by identifying the degree of participation in various events and the number of visits

Customers have the option to allow the installation of cookies. Therefore, customers may allow the installation of all cookies by making the relevant settings in their web browser, checking each time a cookie is stored, or refusing to store all cookies. However, if they refuse to store cookies, there may be difficulties in enjoying the services.

※ How to set and delete cookie options

1. ① For Microsoft Edge
   • Select the “Settings” menu > “Site Permissions” > “Block Third-Party Cookies.”
2. ② For Chrome
   • Select “Customization & Control” at the top of your web browser > “Settings” > “Privacy & Security” > “Clear Browsing History”

The company shall take technical, administrative, and physical measures necessary to secure the safety of personal information, including the following measures, in accordance with Article 29 of the Personal Information Protection Act.

• Employing the minimum number of employees handling personal information and their training The company is implementing measures to manage personal information by designating an employee who handles personal information and limiting it to the person in charge.
• Regular self-auditThe company conducts regular self-audits to secure stability related to personal information handling.
• Encryption of personal information Customers’ personal information is encrypted, stored, and managed.
• Technical measures against hackingTo prevent personal information leakage and damage caused by hacking, viruses, or others, the company installs security programs and establishes systems in areas where the access from the outside is restricted to monitor and block threats technically or physically.
• Restricting access to personal information The company is taking the necessary measures to the restrict access to personal information by granting, changing, or canceling access control to the database system that processes personal information.
• Storage of access records and protection against forgeryThe company keeps and manages records of access to the personal information processing system for at least one year and uses security tools to prevent forgery, theft, or the loss of access records.

The company has designated the following department to be in charge of the protection and management of personal information.

• Personal Information Management DepartmentPublic Relations Team
• Phone number042-384-2200
• Emailyoon.s.cho@ivwkr.com

All matters related to personal information protection, which are related to the use of the company’s services, may be reported to the department in charge; the company will promptly and adequately take action as per the report.

If you need to report on or consult other matters related to personal information infringement, please contact the following organizations.

1. ① Personal Information Infringement Report Center (http://privacy.kisa.or.kr / 118)
2. ② Personal Information Dispute Mediation Committee (www.kopico.go.kr / 1833-6972)
3. ③ Cybercrime Investigation Division, Supreme Prosecutors Office (www.spo.go.kr / 1301)
4. ④ Cyber Investigation Bureau, Korean National Police Agency (www.ecrm.cyber.go.kr / 182)

This Privacy Policy is effective from November 30th, 2021. This Privacy Policy may be changed according to the relevant laws, policies, or operating policies. If the Privacy Policy is changed, it will be disclosed in accordance with the method stipulated by relevant laws and regulations.

※ Establishment and Revision History of the Privacy Policy