Hantech (“the Company”) establishes and discloses this Privacy Policy pursuant to Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to ensure prompt and smooth handling of related complaints.

Article 1 (Purpose of Processing Personal Information)
The Company processes personal information for the following purposes. Personal information will not be used for any purpose other than those stated below. If the purpose of use is changed, the Company will take necessary measures, such as obtaining separate consent, in accordance with Article 18 of the Personal Information Protection Act.
1. Inquiry Handling The Company collects personal information to verify identity, confirm inquiries, communicate for fact-checking and notifications, and provide results. (Personal information will not be provided to third parties.)

Article 2 (Retention and Use Period of Personal Information)
1. The Company processes and retains personal information within the period agreed upon by the data subject at the time of collection or as prescribed by relevant laws.
2. The retention and processing period for each category of personal information is as follows:
○ Website Membership Registration and Management: Until withdrawal of membership. However, in the following cases, retention continues until the reason ceases to exist:
1. If an investigation related to a violation of law is ongoing — until the completion of that investigation.
2. If obligations related to website usage (e.g., claims, debts) remain — until such relationships are settled.

Article 5 (Rights of Data Subjects and How to Exercise Them)
1. Data subjects may exercise the following rights related to personal information protection at any time:
1. Request access to personal information
2. Request correction of errors
3. Request deletion
4. Request suspension of processing
2. These rights may be exercised through written request, phone, email, or fax, and the Company will take prompt action without delay.
3. If correction or deletion is requested, the Company will not use or provide the relevant personal information until the process is complete.
4. Rights may also be exercised through a legal representative or authorized agent. In such cases, a power of attorney must be submitted in accordance with Form No. 11 of the Enforcement Rule of the Personal Information Protection Act.
5. Data subjects must not infringe on the personal information or privacy of others processed by the Company in violation of applicable laws.

Article 6 (Items of Personal Information Processed)
The Company processes the following personal information items:
● Required items: Name, Email, Company Name, Contact Information, Inquiry Details

Article 7 (Destruction of Personal Information)
1. When the retention period expires or the purpose of processing is achieved, the Company will destroy the relevant personal information without delay.
2. If the personal information must be retained under other laws, it will be stored in a separate database (DB) or kept in a different location.
3. The procedures and methods for destruction are as follows:
○ Procedure: The Company selects personal information to be destroyed, obtains approval from the Chief Privacy Officer, and proceeds with destruction.
○ Method: Electronically stored personal information will be permanently deleted so it cannot be restored; paper documents will be shredded or incinerated.
○ Timing: Personal information will be destroyed within five (5) days from the expiration date or from the date it is deemed unnecessary.

Article 8 (Measures to Ensure Security of Personal Information)
The Company takes the following measures to ensure the security of personal information:
● Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.

Article 9 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)
1. The Company uses “cookies” to provide personalized services to users.
2. Cookies are small data files sent by the web server to the user’s browser and stored on their PC or mobile device.
3. Data subjects may configure browser settings to allow or block cookies. Refusing cookies may cause difficulties in using customized services.
○ Web Browsers:
■ Chrome: Settings > Privacy and Security > Clear Browsing Data
■ Edge: Settings > Cookies and Site Permissions > Manage and Delete Cookies and Site Data
○ Mobile Browsers:
■ Chrome: Settings > Privacy and Security > Clear Browsing Data
■ Safari: Settings > Safari > Advanced > Block All Cookies
■ Samsung Internet: Settings > Browsing History > Delete Browsing Data
4. The Company collects and uses information such as user visit patterns, popular search terms, and connection security status to provide optimized services.

Article 10 (Chief Privacy Officer)
1. The Company designates the following person as Chief Privacy Officer (CPO), responsible for overseeing the management of personal information and handling related complaints and remedies.
Chief Privacy Officer
○ Name: Byungjun Kim
○ Position: CEO
○ Email: hantech1014@naver.com ※ Connected to the Personal Information Department.
2. Data subjects may contact the CPO or relevant department for any inquiries, complaints, or remedies related to personal information. The Company will respond promptly.

Article 11 (Request for Access to Personal Information)
Data subjects may request access to their personal information in accordance with Article 35 of the Personal Information Protection Act through the following department:
● Department: Customer Center
● Phone: +82-2-6951-1665

Article 12 (Remedies for Infringement of Rights)
Data subjects may contact the following agencies for inquiries, consultation, or dispute resolution related to personal information violations:
1. Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
3. Supreme Prosecutors’ Office: 1301 (www.spo.go.kr)
4. National Police Agency: 182 (ecrm.police.go.kr/minwon/main)

Article 13 (Enforcement and Changes)
This Privacy Policy shall take effect from November 1, 2025.