Ulsan UGPS (hereinafter referred to as a company) legally processes and safely manages personal information in compliance with the Personal Information Protection Act and related laws to protect the freedom and rights of information subjects. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, the following personal information processing policies are established and disclosed to inform information subjects of procedures and standards for personal information processing and to handle related grievances quickly and smoothly.

1. 01. The purpose of handling items, collection items, collection items, and usage period

   The company processes the personal information of the information subject as follows.

   Collection items, purpose of collection and use, retention and use period

   Service	Collection purpose	Collection Items	Retention and usage period
   1:1 Customer Inquiry	Handling customer inquiries	(Required) Email Address	Destroy as soon as you achieve your goal

2. 02. Matters concerning the processing of personal information of children under the age of 14

   1. 1. In principle, the company does not process the personal information of children under the age of 14.
   2. 2. Exceptionally, if there is a case where personal information of children under the age of 14 needs to be collected, the consent of the legal representative is obtained if personal information of children under the age of 14 is collected.

3. 03. Matters concerning the provision of personal information to third parties

   1. 1. The company does not provide any personal information it holds to third parties.

4. 04. Matters concerning the entrustment of personal information processing

   1. 1. The company entrusts the personal information processing work as follows for smooth personal information processing.

      수집항목,수집 및 이용목적,보유 및 이용기간

      Trustee (trustee)	Entrustment work	Retention and usage period
      Elliworks	Site Operations	Until the end of the consignment contract

   2. 2. In accordance with Article 26 of the Personal Information Protection Act, the company stipulates in documents such as contracts that prohibit personal information processing, technical and administrative protection measures, re-entrust restrictions, management and supervision of trustees, and supervises whether the trustee handles personal information safely.
   3. 3. If the details of the entrusted work or the trustee changes, we will disclose it without delay through this personal information processing policy.

5. 05. Matters concerning procedures and methods for destroying personal information

   1. 1. The company destroys the personal information without delay when personal information becomes unnecessary, such as the lapse of the personal information retention period or the achievement of the purpose of processing.
   2. 2. If the personal information retention period agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information should be transferred to a separate database (DB) or stored at a different location.
   3. 3. The procedures and methods for destroying personal information are as follows.
      1. 1) Revocation procedure
         • The company deletes or destroys the collected personal information without delay after the purpose of using it is achieved, or after the processing and retention period of personal information.
      2. 2) Destruction method
         • The company destroys personal information recorded and stored in the form of electronic files so that records cannot be reproduced, and destroys personal information recorded and stored in paper documents by grinding or incinerating them with a grinder.

6. 06. Matters concerning the rights, obligations, and methods of exercise of the information subject and legal representative

   1. 1. The information subject may exercise the right to view, correct, delete, and suspend processing of personal information to the company at any time.
      ※ The legal representative must directly request access to personal information for children under the age of 14, and the information subject who is a minor over the age of 14 may exercise his or her rights to the personal information of the data subject.
   2. 2. The exercise of rights can be done by writing, e-mail, or faxing the company in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the company will take action without delay.
   3. 3. The exercise of rights can also be done through an agent, such as a legal representative of the information subject or a person delegated. In this case, "Notice on how to process personal information (No. 2020-7)" You must submit a power of attorney in accordance with attached Form 11.
   4. 4. Requests for suspension of personal information access and processing may be restricted by Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.
   5. 5. A request for correction or deletion of personal information cannot be requested to be deleted if the personal information is specified as a target for collection under other laws and regulations.
   6. 6. The company checks whether the person who made the request is himself or a legitimate agent, such as a request for reading, a request for correction or deletion, or a request for suspension of processing.

7. 07. Matters concerning measures to secure the safety of personal information

   1. 1. The company is taking the following measures to ensure the safety of personal information.
      1. 1) Management measures: Establishment and implementation of internal management plans, operation of dedicated organizations, and regular employee training
      2. 2) Technical measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of personal information, installation and update of security programs.
      3. 3) Physical Measures: Control of Access to Computer Room, Data Storage Room, etc.
   2. 2. In the event of a personal information infringement accident, such as leakage or damage of personal information, the company immediately notifies members and takes necessary measures to minimize the damage.

8. 08. Matters concerning the installation and operation of devices that automatically collect personal information and the refusal thereof

   1. 1. The company does not use 'cookie' that stores the information subject's usage information and loads it from time to time.

9. 09. Matters concerning the collection, use, provision, refusal, etc. of behavioral information

   1. 1. The company does not collect, use, or provide behavioral information for online customized advertisements.