LOTTE ENERGY MATERIALS (hereinafter referred to as the “Company”) collects, uses, and processes personal information in compliance with relevant laws and regulations, including the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
This personal information processing policy has been prepared based on the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., and applies to all cases where the Company processes personal information.

The Company highly values the personal information provided by information subjects to use our services and is doing its best to protect personal information of them.
The Company's personal information processing policy may change due to enactment or revision of laws, changes in government policies, changes in the Company's internal policies, etc., so we post changed matters on the website so that information subjects can easily check them.

The personal information processing policy contains the following contents.

1. Purpose of processing personal information
2. Items and collection methods of personal information processed
3. Personal information processing and retention period
4. Provision of personal information to third parties
5. Consignment of personal information processing
6. Rights of information subject (user) and his/her legal representatives and methods of exercising them
7. Matters regarding the installation, operation, and refusal of automatic personal information collection devices
8. Destruction of personal information
9. Technical, physical, and managerial measures to ensure the safety of personal information
10. Matters in relation to collecting opinions and handling complaints regarding personal information
11. Personal information protection officer
12. Changes in personal information processing policy

1. Purpose of processing personal information

The company processes personal information for the following purposes.
Personal information will not be used for purposes other than the following, and if the purpose changes, prior consent will be requested.
A. Receiving report
We receive reports of ethical management violations, unfair and unjust actions, rude words and actions, and sexual harassment by the Company and its employees, and other suggestions for management improvement.

2. Items and collection methods of personal information processed

A. The Company collects and retains personal information only in accordance with legal provisions and the consent of the information subject.
The main personal information collected and held by the Company related to this site is as follows.
- Real name reporting: Name, phone number, email address of the informant
- Anonymous report: Reporter's email address
B. The Company collects personal information in the following ways.
- Report submission: Submission by directly entering personal information on the website
- Access records, etc.: Generated information collection tool

3. Personal information processing and retention period

The Company destroys personal information without any delay when the purpose of processing the collected personal information is achieved, when the retention period agreed upon at the time of collection expires, when the period required by relevant laws expires, or when the information subject requests it. The period required by the Act on Consumer Protection in Electronic Commerce, etc. is as follows.
- Personal information retention period related to reporting: 3 years
- Personal information retention period required by law
A. Records of consumer complaints or dispute resolution: 3 years
B. Records of labeling/advertising: 6 months
C. Records on contract or cancellation of subscription, etc.: 5 years
D. Records of payment and supply of goods, etc.: 5 years
E. User’s Internet login history: 3 months

4. Provision of personal information to third parties

The Company does not provide collected personal information to third parties without the consent of the information subject, except in the cases listed below.
A. If there are special provisions in the law or if it is unavoidable to comply with statutory obligations
B. In the event that the information subject or his/her legal representative is unable to express his/her intention or cannot give prior consent due to unknown address, etc., if it is clearly deemed necessary for the urgent benefit of the life, body, or property of the information subject or a third party

5. Consignment of personal information processing

A. To provide services, the Company processes personal information of information subjects through consignment as follows.
Homepage maintenance and data management work
- Consigned party (consignee): Motion Eye and Nuri Cloud
- Contents of consigned work: Personal information processing required for homepage maintenance and data management
- Personal information items consigned for processing: Name, phone number, email address of the informant B. In the event of consigning the personal information processing, compliance with the service provider's personal information protection instructions, confidentiality of personal information, prohibition of provision to third parties, and liability in case of accidents are clearly specified through a consignment contract, etc., and the contents of the contract are stored in writing or electronically. C. If there is a change in the consignment company or the details of the consigned work, we will notify you in one or more of the following ways: in writing, email, phone, SMS, website announcement, or similar methods.

6. Rights of information subject (user) and his/her legal representatives and methods of exercising them

A. The information subject may request to view, correct, delete, suspend processing, or withdraw consent to the registered personal information at any time. If you wish to view, correct, delete, suspend processing, or withdraw consent to your personal information, please contact the personal information protection manager in writing, by phone, or by email. We will take action without any delay through an identity verification process. B. If the information subject requests correction of an error in personal information, the personal information will not be used or provided until the correction is completed. Additionally, if incorrect personal information has already been provided to a third party, we will notify the third party of the result of the correction without any delay and take action to ensure that the correction is made. C. The Company processes personal information requested to be deleted by the information subject in accordance with the retention and use period of personal information collected by the Company and as specified in other laws and regulations, and processes it so that it cannot be viewed or used for any other purposes. D. Information subjects must enter accurate and up-to-date personal information to prevent unexpected accidents. An information subject is responsible for any accidents that occur due to inaccurate information entered by the information subject, and legal violations may occur if false information is entered, such as theft of another person's information. E. Information subjects have the right to have their personal information protected, as well as the obligation to protect themselves and not to infringe on the information of others. You must be careful not to leak the information your personal information and be careful not to damage other people's personal information, including posts. If you fail to fulfill this responsibility and damage the personal information and dignity of others, you may be punished according to relevant laws and regulations. F. Protection of personal information of minors - In principle, the Company does not collect personal information if the information subject is a minor. When collecting personal information of minors due to unavoidable business needs, we will obtain the consent of the legal representative of a minor in advance and destroy the information without any delay when the purpose of collection and use is achieved or the retention period agreed upon at the time of collection expires.

7. Matters regarding the installation, operation, and refusal of automatic personal information collection devices

A. The Company uses ‘cookies’ to temporarily store and retrieve information about information subjects. Cookies identify the data subject's computer, but do not personally identify the computer user. B. Purpose of using cookies: Cookies are information that the Company server transmits to the web browser of the information subject, and do not have any effect on other parts of the PC of the information subject. When the information subject connects to the Company, the Company's servers read the cookie contents from the information subject's browser, so that our service can be provided without additional input. In addition, it can be used to provide customized services, such as analyzing access frequency, visit time, etc., to identify the tastes and interests of the information subject. C. How to refuse the setting of cookies: You can allow all cookies by selecting the options of the web browser you use, confirm each time you save a cookie, or refuse to save all cookies. - Example of setting method (for Internet Explorer): Tools at the top of the web browser > Internet Options > Personal Information

8. Destruction of personal information

In principle, the Company destroys personal information without any delay when the retention period of personal information has expired or the purpose of processing personal information has been achieved.
However, this does not apply if retention is required by law. Specific destruction methods are as follows: A. Personal information printed on paper: Shredded or incinerated; B. Personal information stored in electronic form: Permanently deleted in an irrecoverable manner.

9. Technical, physical, and managerial measures to ensure the safety of personal information

The Company is taking the following technical, managerial, and physical measures necessary to ensure safety of personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
A. We establish and implement an internal management plan to safely process personal information. B. Restriction of access to personal information: We take necessary measures to control access to personal information by granting, changing, or deleting access rights to the database system that processes personal information. C. Minimization and training of employees handling personal information: We implement measures to manage personal information by designating employees who handle personal information and limiting it to the person in charge. D. Encryption of personal information: Personal information is encrypted, stored, and managed. E. Storage of access records and prevention of forgery/falsification: We store and manage access records for at least 6 months, and access records are managed to prevent forgery/falsification, theft, or loss. F. Installation and update of security programs: We install and periodically update/inspect security programs to prevent personal information from being leaked or damaged by hacking or computer viruses. G. Use of locking devices for document security: We have a separate physical storage location for the personal information system that stores personal information and establish and operate access control procedures for it.

10. Matters in relation to collecting opinions and handling complaints regarding personal information

The Company collects opinions from information subjects regarding personal information protection and has prepared all procedures and methods to handle complaints.
Any information subject may report a complaint by phone or email, referring to the name and contact information of the person in charge of customer service or personal information protection officer and the person in charge of personal information protection specified in Paragraph 11, and the Company will promptly respond to the information subject's report, and give a sufficient answer. Alternatively, you can apply for complaint handling to the following organizations established and operated by the government.

- Personal Information Infringement Reporting Center (www.privacy.kisa.or.kr / 118 without area code)
- Personal Information Dispute Mediation Committee (www.privacy.kisa.or.kr / 118 without area code)
- Supreme Prosecutors' Office Cyber Crime Investigation Department (www.spo.go.kr / 1301 without area code)
- National Police Agency Cyber Security Bureau (cyberbureau.police.go.kr / 182 without area code)

11. Personal information protection officer

The Company has the person in charge of customer service, personal information protection officer, and the person in charge of personal information protection to handle matters related to personal information, and receive and respond to complaints from customers who provided personal information.

Personal information protection officer
Name: Kim Jeong-tae
Phone: (+82) 2-707-9156
Email: jungtae.kim@lotte.net

Person in charge of personal information protection
Name: Kang Hyun-woo
Phone: (+82) 2-707-9637
Email: kanghw@lotte.net

12. Changes in personal information processing policy

This personal information processing policy will be applied from March 14, 2023, and if there are additions, deletions, or corrections of changes in the personal information processing policy in accordance with laws, regulations, and policies, we will notify you through a notice 7 days prior to the implementation of the possible changes.