GCCL respects the privacy of individuals. GCCL (hereinafter referred to as the 'Company') complies with the personal information protection regulations that the company must comply with, such as the 「Information and Communication Network Utilization Promotion and Information Protection Act」 and 「Personal Information Protection Act」. We are doing our best to protect the rights and interests of users by establishing a privacy policy.

Article 1 (Personal Information Items)

① Subjects of collecting and using personal information
The personal information collected through this website is directly received and managed by the company, and the company is responsible for future management.
② Collection items
<1:1 Inquiry> : Name, job, email, mobile phone, address, password
③ Collection method: Homepage
④ Right to refuse consent and disadvantages due to refusal to consent
Users have the right to disagree with the provision of personal information below. However, since the information provided is an essential item for use in customer inquiries and reporting, the Company cannot proceed with confirmation of the facts of the contents of customer inquiries and reporting, and notification of the processing result if the information is not provided. Therefore, if you do not agree to the provision of personal information, the use of customer inquiries and reports may be restricted.

Article 2 (Purpose of processing personal information)

The company processes personal information for the following purposes. The personal information being processed is not used for purposes other than the following purposes, and if the purpose of use changes, we will take necessary measures, such as obtaining separate consent in accordance with relevant laws.

① Confirmation of complaint details, contact for fact-finding, and notification of processing results

Article 3 (Processing and retention period of personal information)

In principle, personal information of users is destroyed without delay when the purpose of collecting and using personal information is achieved. However, the following information is retained for the specified period for the following reasons.

- Customer inquiries and reports: 1 year from the point of handling complaints and reports
- In the event of an investigation or Enquiry in violation of relevant laws and regulations, until the end of the investigation or Enquiry.

Article 4 (providing personal information to a third party)

The Company handles the personal information of the information subject only within the range specified in Article 1 (Purpose of Personal Information Processing), and the consent of the information subject, such as provision of information to the affiliated company for the handling of civil complaints of the affiliated company, and special provisions of the law Personal information is provided to third parties only when applicable.

① Personal information items: date of birth, mobile phone number, name, email, occupation
② Person who receives personal information: GCCL
③ Purpose of using personal information of the recipient: Operation of customer voice questions and answers
④ Retention and use period of the recipient: Information provided to a third party is destroyed immediately when the purpose of use of the information provision to the third party is achieved

Article 5 (consignment of handling personal information)

The company does not entrust the handling of the user's personal information to a third party without the user's consent or notice to the user.

Article 6 (rights and duties of information subject and method of exercise)

① The information subject may exercise the following rights related to personal information protection at any time with respect to the Company.

1. Request to view personal information
2. Request for correction if there is an error
3. Request for deletion

② The exercise of the rights pursuant to Paragraph ① can be done in writing, e-mail, fax, etc. in accordance with the form of Attachment No. 8 of the Enforcement Rule of the Personal Information Protection Act, and the company will take action without delay.
③ If the information subject requests correction or deletion of errors in personal information, the Company will not use or provide the personal information until the correction or deletion is completed.
④ The exercise of rights pursuant to Paragraph ① can be done through an agent such as the legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with the form No. 11 of the Enforcement Rule of the Personal Information Protection Act.

Article 7 (destruction of personal information)

① The company destroys the personal information without delay when the personal information becomes unnecessary, such as the elapse of the personal information retention period or the achievement of the processing purpose.

② Destruction procedure and method are as follows.

1. Destruction procedure
In principle, when the purpose of processing is achieved, it is destroyed without delay. In exceptional cases, it is stored for a certain period of time according to the internal policy and then destroyed. The personal information will not be used for any purpose other than retention unless required by law.
2. Destruction method
Personal information stored in the form of electronic files is deleted using a technical method that cannot reproduce the record. In addition, personal information printed on paper is destroyed by shredding or incineration.

Article 9 (Technical and administrative protection measures for personal information)

In handling users' personal information, the Company takes the following technical/administrative measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged.

① Countermeasures against hacking, etc.
The company is doing its best to prevent personal information from being leaked or damaged by hacking or computer viruses. The latest vaccine programs are used to prevent users' personal information or data from being leaked or damaged, and through encrypted communication, personal information can be safely transmitted over the network. In addition, we use an intrusion prevention system to control unauthorized access from outside, and strive to equip all possible technical devices to secure systemic security.
② Personal information handler training
The company always emphasizes compliance with the personal information handling policy through frequent training for the person in charge of handling personal information of the company.

Article 10 (Installation/Operation and Refusal of Automatic Personal Information Collection Device)

1. Cookies
The company uses 'cookies' that store and retrieve user information from time to time in order to provide personalized and customized services.
Cookies are very small text files that the server used to operate the website sends to the user's browser and are stored on the user's computer's hard disk. Later, when the user visits the website, the website server reads the contents of the cookie stored on the user's hard disk, and is used to maintain the user's preferences and provide customized services.
Cookies do not automatically/actively collect personally identifiable information, and users can refuse to store or delete these cookies at any time.

2. Purpose of the company's use of cookies
It is used to provide convenience for users to use customer inquiries.

3. Installation/operation and rejection of cookies
Users have the option of installing cookies. Therefore, users can allow all cookies by setting options in the web browser, check each time a cookie is saved, or refuse to save all cookies. However, if you refuse to store cookies, there may be difficulties in using some services. How to specify whether to allow the installation of cookies (for Internet Explorer) is as follows. end.
① Select [Internet Options] from the [Tools] menu.
② Click [Personal Information Tab].
③ You can set the [Personal Information Handling Level].

Article 11 (Notice of withdrawal of consent for personal information)

- Users can view and modify their personal information registered at any time through the company's homepage, and request deletion from the administrator through e-mail.
- You can withdraw the contents of your consent to the collection, use, and provision of personal information at any time. Withdrawal of consent is possible at any time by requesting the administrator through e-mail.
- The company designates a person in charge of personal information protection as follows to protect users' personal information and handle complaints related to personal information.

Article 12 (person in charge of personal information protection)

The company is responsible for the handling of personal information and appoints a person in charge of personal information protection for complaint handling and damage relief of information subjects related to personal information.

Personal Information Protection Officer
Affiliation: Business Development Division
Name: ByungIn Yoon
Phone number: +82 31 260 19499
Email: biyoon@gccorp.com

Personal Information Protection Manager
Affiliation: Management Support Team
Name: Dong-jun Lee
Phone number: +82 31 260 0669
Email: qanik@gccorp.com

Article 13 (Remedy for infringement of rights and interests)

The information subject may contact the following organizations for damage relief, consultation, etc. for personal information infringement.
1. Personal Information Infringement Report Center (operated by Korea Internet & Security Agency): privacy.kisa.or.kr / (without area code)118
2. Personal Information Dispute Mediation Committee (operated by Korea Internet & Security Agency): privacy.kisa.or.kr / (without area code)118
3. Supreme Prosecutors' Office Cyber Crime Investigation Team: www.spo.go.kr / +82 2 3480 3573
4. National Police Agency Cyber Terror Response Center: www.netan.go.kr / 1566-0112

Article 14 (Notice of Personal Information Handling Policy)

This personal information handling policy was revised on August 1, 2019. At least 7 days before the enforcement of the personal information handling policy, we will notify the reason and contents of the change through our website.

Announcement and Effective Date: August 1, 2019