General Provisions

1.According to Article 2, Section 1 of the Personal Information Protection Act, “Personal information” refers to information that pertains to a living person, his/her full name, resident registration number, and image. Personal information can be a means by which an individual in question can be identified but it can also pertain to information that cannot be used on its own but can be corroborated with other information to identify the individual in question.

2.Chungbuk Regulation Free Special Zone(hereinafter the "Company") sees a great deal of importance in its users’ personal information and abides by all laws and ordinances relating to the protection of personal information.

3.The Company only requires the minimum amount of personal information that is needed to best serve its clients.

4.The Company informs its clients of the purposes and methods of using personal information and its protective measures when handling personal information.

5.The Company's Privacy Policy is available for public access through its homepage.

6.The Company may revise its Privacy Policy to follow, applicable laws or internal management regulations. Upon the revision of its privacy policy, the Company will announce such changes through a notice on its homepage www.cbrfz.or.kr or by notifying each user.

Purpose of Processing (Collecting and Using) Personal Information

Purpose of Processing (Collecting and Using) Personal Information The Company processes personal information for the following purposes only, and it: will seek for prior consent if the purpose of use thereof is changed:
- to provide services, such as replying to inquiries about the Company and its products

Processing, Use, and Retention Periods of Personal Information

1.The Company shall handle personal information only during the use/retention period, as stated by the law or based on the prior agreement with the owner of the personal information. Moreover, the Company, shall promptly destroy the information after the purpose of collection and use has been achieved.

2.Personal information shall be retained for two months to be used as a basis for consultation details. However, if it is necessary to preserve personal information in accordance with other laws and regulations, such may be kept without being destroyed.

Rights and Obligations of the Information Subject

1.The user (respective legal representative if the user is under 14 years old) has the right to request the suspension of access as well as the, correction, deletion, and processing of personal information. Moreover, the Company shall process the request without delay. Such rights can be exercised through writing, telephone, email, fax, and also a person authorized by the user.

2.If the user requests for the correction or deletion of personal information errors pursuant to Paragraph 1, the Company shall not use the personal information until the correction or deletion is executed.

3.The Company shall not collect the personal information of subjects under the age of 14. When collecting personal information of those under the age of 14 because of unavoidable instances, the Company shall first seek the consent of the owner's legal representative. However, basic information (i.e. name, contact information) that is required to obtain the consent of the legal representative may be collected directly from the person under the age of 14 without the consent of his/her legal representative.

4.When a representative visits the Company and exercises the rights under Paragraph 1, the Company shall request the submission of a power of attorney and the representative's ID card that can confirm whether he/she has received a legitimate delegation.

Personal Information to Be Processed

1.Personal information collected:
- [Required] Nationality / Name / Email address
- [Optional] Company name / Phone number

2.Apart from the preceding paragraph, the following information may be automatically generated and collected in the course of using the services. - Records regarding the use of services (i.e. access date and time), access IP address, and cookies

Installation, Operation, and Rejection of an Automatic Personal Information Collection Device

1.Purposes of using cookies
· The Company uses cookies that store and periodically retrieve information on the user to provide customized services. A cookie transmits a small amount of information from the website's server to the Internet browser of the user. Such information is stored in the hard disk of the user’s personal computer. When a user visits the website afterward, the website server reads the contents of the cookie stored on the user's hard disk, maintains the user's preferences, and uses the cookie to provide customized services
· The user can refuse the storage of or delete the cookies at any time.

2.Installation/operation of cookies and refusal thereof
Users reserve the right to reject the installation of cookies by setting up an option in his/her web browser. Therefore, the user may allow all cookies to be stored, cause such cookies to undergo further confirmation before they are stored, or disable the storage of all cookies. However, some of the website's services that require login may be difficult to use if the user refuses to save cookies.
- How to specify whether or not to install cookies (for Internet Explorer)
① Select [Internet Options] from the [Tools] menu.
② Click the [Privacy] tab.
③ Set the [Privacy Level].

Personal Information Destruction

1.The Company shall promptly destroy personal information when the purpose of collecting and using such information or when the retention period thereof has expired. However, personal information may be retained with the consent of the user concerned or in pursuance of the relevant provisions of the Terms of Use or applicable laws.

2.The Company shall destroy personal information that is recorded on paper by shredding any printed copy with a shredder or through incineration. Personal information that is electronically stored shall be destroyed through, methods that render such information impossible to be regenerated.

Measures for Securing Personal Information

With regard to processing users’ personal information, the Company takes the following measures to ensure the safety of personal information against loss, theft, leakage, alteration or damage.

Administrative measures
① An internal management plan has been established and implemented for the safe management of personal information.
② The Company conducts annual education and awareness activities for staff who handle personal information.
③ The number of people who can access personal information is limited to a minimum.

Technical measures
① The Company is in charge of preventing the unauthorized access of personal information from any external party by using an intrusion prevention system which promptly responds to external intrusions such as hacking.
② The Company transmits personal information safely by encrypting the transmission section of personal information.

Physical measures
① Access is controlled protected areas that house personal information, such as computer rooms and data storage rooms.

Chief Privacy Officer

The Company has appointed, as follows, the responsible persons to direct the overall activities regarding the processing of personal information, resolve complaints raised by users concerning personal information and remedy the damage incurred by any user whose personal information is compromised.

Chief Privacy Officer

Name : Kim Byeonggwon
Department : special zone promotion team
Position : Senior Researcher
Phone : +82-43-270-2152
E-Mail : bkkim@cbtp.or.kr

Privacy Protection Manager

Department : Personal Information Protection Team
Name : Kim Byeonggwon
Phone : +82-43-270-2152
E-Mail : bkkim@cbtp.or.kr

Change of Privacy Policy

This privacy policy shall come into effect on the enforcement date (October 1, 2021). Moreover, the Company shall announce any amendments to the policy through a notice on its website prior to such additions, deletions, and corrections, which are made in pursuance to applicable laws and relevant guidelines.

- Date of Notice of Privacy Policy : September 15, 2021
- Date of enforcement of privacy policy : October 1, 2021