PRIVACY POLICY
PRIVACY POLICY
HK inno.N Corporation (hereinafter referred to as “inno.N”, “the Company”, “we”, “our” or “us”), HK inno.N Square Pangyo, 28, Geumto-ro 79beon-gil, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea, complies with the Personal Information Protection Act (PIPA) and other applicable laws and regulations to protect the freedom and rights of users. We lawfully process personal information and manage it securely.
In accordance with Article 30 of the Personal Information Protection Act, we establish and disclose this Privacy Policy to inform users of the procedures and standards for personal information processing and to ensure the prompt and efficient handling of any related inquiries or concerns.
This Privacy Policy will explain how inno.N uses the personal datapersonal informationpersonal information we collect from you when you use our website [www.inno-n.com] and in the course of any other activities relating thereto (collectively, the “Services”).
By accessing our website, you agree to the terms of this Privacy Policy. If you do not agree to these terms, you are not authorized to use our website.
Privacy Policy Table of Contents
- Article 1 (Purpose of Personal Information Processing)
- Article 2 (Categories of Personal Information Processed, Processing, and Retention Period)
- Article 3 (Entrustment of Personal Information Processing)
- Article 4 (Procedures and Methods for Personal Information Destruction)
- Article 5 (Rights and Obligations of Users and Their Legal Representatives, and Methods of Exercising Such Rights)
- Article 6 (Measures to Ensure the Security of Personal Information)
- Article 7 (Installation, Operation, and Refusal of Automated Data Collection Mechanisms)
- Article 8 (Chief Information Security Officer)
- Article 9 (Request for Access to Personal Information)
- Article 10 (Remedies for Infringement of Rights)
- Article 11 (Changes to the Privacy Policy)
Article 1 (Purpose of Personal Information Processing)
The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those specified below. If the purpose of use is changed, the Company will take necessary measures, such as obtaining separate consent, in accordance with Article 18 of the Personal Information Protection Act (PIPA).
In each case, we will rely on a legal basis of processing pursuant to EU Regulation 2016/679 on General Data Regulation Protection (the “GDPR”).
In each case, we will rely on a legal basis of processing pursuant to EU Regulation 2016/679 on General Data Regulation Protection (the “GDPR”).
| Purpose and Legal Basis | Categories of data | Provisions of GDPR |
|---|---|---|
| Anonymous Whistle-blower Hotline We may use the information that you provide to us to take the steps necessary to respond to the submitted reports. We collect and process your Personal information. Personal information based on our legitimate interest to respond to the submitted reports, to prevent crime (such as fraud, embezzlement, financial crime, and theft of intellectual and industry property), and to ensure the integrity of our manufacturing and other operations. If reporting is required, we may process your data to comply with our legal obligations. Personal Information (name, password, Report History, (Optional) E-mail, Mobile Phone, Attachment), Articles 6(1)(a), 6(1)(c), and 6(1)(f) of GDPR |
Personal Information (name, password, Report History, (Optional) E-mail, Mobile Phone, Attachment) | Articles 6(1)(a), 6(1)(c), and 6(1)(f) of GDPR |
Article 2 (Categories of Personal Information Processed, Processing, and Retention Period)
① The Company processes and retains personal information within the period prescribed by applicable laws or within the period agreed upon by the user at the time of data collection.
② The specific processing and retention periods for each category of personal information are as follows:
② The specific processing and retention periods for each category of personal information are as follows:
| Category | Processed Items | Retention Period |
|---|---|---|
| Anonymous Whistle-blower Hotline | (Required)name, password, Report History (Optional) E-mail, Mobile Phone), Attachment |
Up to three years from the date the purpose of personal information processing is achieved |
Article 3 (Entrustment of Personal Information Processing)
① The Company entrusts personal information processing tasks to ensure efficient management of personal information, as outlined below:
| The Delegatee | Delegated Task | Retention and Usage Period |
|---|---|---|
| DittoNine Co., Ltd. | Website system operation for service provision | Until the termination of the outsourcing contract |
② When entering into an outsourcing contract, the Company complies with Article 26 of the Personal Information Protection Act by specifying in written agreements that the service provider must:
• Not process personal information beyond the scope of the outsourced task
• Implement technical and administrative security measures
• Restrict subcontracting
• Be subject to supervision and management by the Company
• Assume liability for any damages arising from data processing
• Implement technical and administrative security measures
• Restrict subcontracting
• Be subject to supervision and management by the Company
• Assume liability for any damages arising from data processing
③ If there are any changes to the outsourced tasks or service providers, the Company will promptly disclose such changes through this Privacy Policy.
Article 4 (Procedures and Methods for Personal Information Destruction)
① The Company shall promptly destroy personal information when the retention period expires, the processing purpose is achieved, or when personal information is no longer needed.
② If the retention period agreed upon by the user has expired or the processing purpose has been achieved, but the Company is required to retain the personal information under other applicable laws, the data shall be transferred to a separate database (DB) or stored in a different location for continued preservation.
③ The procedures and methods for personal information destruction are as follows:
② If the retention period agreed upon by the user has expired or the processing purpose has been achieved, but the Company is required to retain the personal information under other applicable laws, the data shall be transferred to a separate database (DB) or stored in a different location for continued preservation.
③ The procedures and methods for personal information destruction are as follows:
1. Destruction Procedure
The Company identifies personal information subject to destruction and, upon approval from the Personal information Protection Officer, proceeds with the destruction process.
2. Destruction Methods
Personal information stored in electronic files shall be permanently deleted using Low-Level Format or other methods that prevent data recovery.
Personal information recorded or stored in paper documents shall be shredded or incinerated to ensure complete destruction.
Personal information recorded or stored in paper documents shall be shredded or incinerated to ensure complete destruction.
Article 5 (Rights and Obligations of Users and Their Legal Representatives, and Methods of Exercising Such Rights)
① Users may exercise their rights at any time with respect to the Company, including requests for access, correction, deletion, or suspension of processing of their personal information.
※ For children under the age of 14, such requests must be made directly by their legal representative. Minors aged 14 or older may exercise their rights regarding their personal information either personally or through their legal representative.
② Users may exercise their rights by submitting a request to the Company via written documents, email, or fax, in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act. The Company will respond without undue delay.
③ Users may also exercise their rights through a legal representative or an authorized agent. In such cases, a power of attorney must be submitted using Form No. 11 of the “Public Notice on Personal Information Processing Methods (No. 2020-7)”.
④ Requests for access or suspension of processing may be restricted in accordance with Article 35(4) and Article 37(2) of the Personal Information Protection Act.
⑤ Requests for correction or deletion cannot be made if the processing of such personal information is explicitly required by other laws and regulations.
⑥ When a request is made for access, correction, deletion, or suspension of processing, the Company shall verify whether the requesting party is the user themselves or a legitimate representative before proceeding.
③ Users may also exercise their rights through a legal representative or an authorized agent. In such cases, a power of attorney must be submitted using Form No. 11 of the “Public Notice on Personal Information Processing Methods (No. 2020-7)”.
④ Requests for access or suspension of processing may be restricted in accordance with Article 35(4) and Article 37(2) of the Personal Information Protection Act.
⑤ Requests for correction or deletion cannot be made if the processing of such personal information is explicitly required by other laws and regulations.
⑥ When a request is made for access, correction, deletion, or suspension of processing, the Company shall verify whether the requesting party is the user themselves or a legitimate representative before proceeding.
Article 6 (Measures to Ensure the Security of Personal information)
In accordance with Article 29 of the Personal Information Protection Act, the Company implements the following technical, administrative, and physical measures to ensure the security of personal information:
1. Administrative Measures
Establishment and implementation of an internal management plan
Regular training for employees on data protection policies 2. Technical Measures Access control management for personal information processing systems
Installation of access control systems
Encryption of unique identifiers and other sensitive data
Deployment of security programs to protect against data breaches 3. Physical Measures Access control for data centers, server rooms, and archives containing personal information
Regular training for employees on data protection policies 2. Technical Measures Access control management for personal information processing systems
Installation of access control systems
Encryption of unique identifiers and other sensitive data
Deployment of security programs to protect against data breaches 3. Physical Measures Access control for data centers, server rooms, and archives containing personal information
Article 7 (Installation, Operation, and Refusal of Automated Data Collection Mechanisms)
① The Company does not collect cookies without the user’s consent when storing and retrieving user information to provide personalized services.
② A cookie is a small amount of data sent by a web server (HTTP) to a user's web browser and may be stored on the user's computer hard drive.
② A cookie is a small amount of data sent by a web server (HTTP) to a user's web browser and may be stored on the user's computer hard drive.
1. Purpose of Using Cookies :
Cookies are used to analyze users' visits and usage patterns of various services and websites, popular search keywords, security access status, and other relevant information to provide optimized content and services.
2. How to Manage or Disable Cookies
Users can configure their browser settings to block cookies as follows:
a. For Internet Explorer: Go to Tools Menu > Internet Options > Privacy > Settings > Advanced
b. For Chrome: Click the Chrome Menu (⋮) at the top right > Settings > Privacy and Security > Cookies and Other Site Data 3. Consequences of Disabling Cookies If a user rejects cookies, certain personalized services may not function properly or may be restricted.
a. For Internet Explorer: Go to Tools Menu > Internet Options > Privacy > Settings > Advanced
b. For Chrome: Click the Chrome Menu (⋮) at the top right > Settings > Privacy and Security > Cookies and Other Site Data 3. Consequences of Disabling Cookies If a user rejects cookies, certain personalized services may not function properly or may be restricted.
Article 8 (Chief Information Security Officer)
① The Company designates a Chief Information Security Officer(CISO) who is responsible for overseeing the processing of personal information, handling user complaints, and providing remedies for data-related issues, as follows:
▶ Personal information Protection Officer
Department / Name: Business Support Division, Jeong-Kyu Lee
Phone Number: +82-31-5176-4000
Phone Number: +82-31-5176-4000
▶ Personal information Protection Department
Department: Information Strategy Team
Phone Number: +82-31-5176-4170
Email: privacy@inno-n.com
② Users may contact the Chief Information Security Officer(CISO) or the designated department for inquiries, complaints, or requests related to personal information protection while using the Company's services. The Company will respond promptly and address user concerns without undue delay.
Phone Number: +82-31-5176-4170
Email: privacy@inno-n.com
② Users may contact the Chief Information Security Officer(CISO) or the designated department for inquiries, complaints, or requests related to personal information protection while using the Company's services. The Company will respond promptly and address user concerns without undue delay.
Article 9 (Request for Access to Personal Information)
Users may request access to their personal information in accordance with Article 35 of the Personal Information Protection Act (PIPA) by contacting the department listed below. The Company will make every effort to process access requests promptly.
▶ Department for Receiving and Processing Personal information Access Requests
Department: Information Strategy Team
Contact Number: +82-31-5176-4170
(Weekdays: 8:30 AM – 11:30 AM, 12:30 PM – 5:30 PM)
Contact Number: +82-31-5176-4170
(Weekdays: 8:30 AM – 11:30 AM, 12:30 PM – 5:30 PM)
Article 10 (Remedies for Infringement of Rights)
① Users may seek dispute resolution or consultation for personal data infringements by contacting the Personal Information Dispute Mediation Committee, the Personal Information Infringement Report Center of the Korea Internet & Security Agency (KISA), or other relevant authorities. For reporting or inquiries regarding personal data infringement, users may contact the following institutions:
1. Personal Information Dispute Mediation Committee: +82-1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Report Center (KISA): +82-118 (privacy.kisa.or.kr)
3. Supreme Prosecutors’ Office: +82-1301 (www.spo.go.kr)
4. National Police Agency (Cyber Bureau): +82-182 (ecrm.cyber.go.kr)
2. Personal Information Infringement Report Center (KISA): +82-118 (privacy.kisa.or.kr)
3. Supreme Prosecutors’ Office: +82-1301 (www.spo.go.kr)
4. National Police Agency (Cyber Bureau): +82-182 (ecrm.cyber.go.kr)
② The Company is committed to protecting users’ rights to data self-determination and making efforts to address consultation and remedial measures for personal data infringements. For any reports or inquiries, please contact the following department:
▶ Customer Consultation & Reporting for Personal Data Protection
Department: Information Strategy Team
Contact Number: +82-31-5176-4170
(Weekdays: 8:30 AM – 11:30 AM, 12:30 PM – 5:30 PM)
If a user’s rights or interests are infringed due to a decision or inaction by a public institution regarding a request made under Article 35 (Access to Personal Data), Article 36 (Correction or Deletion of Personal Data), or Article 37 (Suspension of Personal Data Processing) of the Personal Information Protection Act, the user may file an administrative appeal in accordance with the Administrative Appeals Act.
Contact Number: +82-31-5176-4170
(Weekdays: 8:30 AM – 11:30 AM, 12:30 PM – 5:30 PM)
If a user’s rights or interests are infringed due to a decision or inaction by a public institution regarding a request made under Article 35 (Access to Personal Data), Article 36 (Correction or Deletion of Personal Data), or Article 37 (Suspension of Personal Data Processing) of the Personal Information Protection Act, the user may file an administrative appeal in accordance with the Administrative Appeals Act.
▶ Central Administrative Appeals Commission: +82-110 (www.simpan.go.kr)
Article 11 (Changes to the Privacy Policy)
The Company keeps its privacy policy under regular review and places any updates on this web page. Your use of our website means that you accept the revised Privacy Policy. This privacy policy was last updated in March 27th, 2025.