WCP Co., Ltd. (hereinafter referred to as “Company”) complies with the personal information protection regulations of the Personal Information Protection Act and is doing its best to protect user rights and interests by establishing a personal information processing policy in accordance with relevant laws and regulations. In accordance with Article 30 of the Personal Information Protection Act, information subjects using the Company's website (https://www.wcp.kr) are informed of the procedures and standards for personal information processing, and grievances related thereto are promptly and smoothly resolved. In order to process personal information, we establish and disclose the following personal information processing policy.

1. Personal information items processed and purpose of processing
The company processes your personal information within the scope of the purposes below. Personal information being processed will not be used for purposes other than those listed below, and if the purpose of use changes, necessary measures will be taken in accordance with the law, such as obtaining separate consent.

1) Information collected through email and web forms, etc.
- Purpose: Confirmation of inquiry contents, response and processing of inquiries, etc., and storage of inquiry processing records
- Items: Password, other personal information included in inquiries
2) Personal information automatically collected and stored
- Purpose: Statistical analysis of access information to improve and supplement website operation and management, smooth communication between users and website
- Items: Internet domain name, website address used when visiting this website, browser type and OS, date and time of visit

2. Processing and retention period of personal information
The company will retain and use your personal information for up to 3 years from the time it is collected, and if the above retention period has expired, the personal information will be destroyed without delay.
However, if preservation is necessary under relevant laws, the company stores personal information for a certain period of time specified in relevant laws and uses it only for the purpose of storage.
-「Communication Secret Protection Act」
Website visit records (access records, etc.): 3 months

3. Provision of personal information to third parties
The company does not provide users' personal information to third parties, except in cases permitted by the Personal Information Protection Act, such as when consent is obtained from the information subject or when there are special provisions in the law.
Currently, the company does not provide personal information to third parties.

4. Entrustment of processing of personal information
In order to smoothly process personal information, the company entrusts personal information processing as follows. If the details of the entrusted work or the trustee changes, it will be disclosed through this policy.

Entrusted person (trustee) work details
Core IT Co., Ltd.: Website web hosting, operation management
When concluding a consignment contract, in accordance with Article 26 of the Personal Information Protection Act, the company prohibits processing of personal information other than for the purpose of performing consignment work, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of the consignee, and matters related to responsibility such as compensation for damages. We specify this in documents such as contracts, and supervise whether the trustee handles personal information safely. Additionally, if the details of the entrusted work or the trustee changes, it will be disclosed without delay through this personal information processing policy.

5. Personal information destruction procedure and method
Unless personal information must be preserved in accordance with other laws, the Company, in principle, destroys such information without delay when personal information becomes unnecessary, such as when the personal information retention period has elapsed or the purpose of processing has been achieved. Destruction procedures and methods are as follows.

1) Destruction procedure
After the purpose is achieved, the user's personal information is stored for a certain period of time (see paragraph 2 above) and then destroyed (limited to applicable cases) in accordance with the internal policy and other relevant laws and regulations for information protection reasons.
2) Destruction method
Personal information stored in electronic file format is deleted using technical methods that render the record unrecoverable, and personal information printed on paper is destroyed by shredding or incineration.

6. Rights and obligations of information subjects and legal representatives and methods of exercising them
Users may request the company to ① view their personal information, ② correct or delete personal information, and ③ suspend processing of personal information, in accordance with relevant laws and regulations such as the Personal Information Protection Act.
Users may exercise their rights directly or through an agent such as a legal representative or person in charge. In this case, the agent must submit a power of attorney in the form of 「Notice on Personal Information Processing Methods」 (Personal Information Protection Commission Notice No. 2020-7) [Appendix 11].
The company receives the user's exercise of rights and takes action without delay in accordance with the provisions of relevant laws such as the Personal Information Protection Act after verifying the user's identity or whether the user is a legitimate agent. However, the exercise of users' rights may be restricted in accordance with relevant laws and regulations.

7. Measures to ensure the safety of personal information
In accordance with Article 29 of the Personal Information Protection Act, the company is taking the following technical, managerial and physical measures to ensure safety.
- Management measures: Establishment and implementation of internal management plan, operation of dedicated organization, regular employee training
- Technical measures: Control of network traffic, management of access rights to personal information processing system, etc., installation of access control system, encryption of personal information, installation and update of web firewall and security program.
- Physical measures: Access control to computer rooms, data storage rooms, etc.

8. Complaints or inquiries regarding personal information protection
In order to protect the rights and interests of users by ensuring the legality of personal information and the appropriateness of procedures, the company designates and operates a personal information protection manager and department in charge as follows.
You may report any personal information protection-related complaints that arise while using the company's services to the personal information protection manager or department in charge. The company will provide prompt and sufficient responses to user reports.

- Personal information protection department
Department Name: Human Resources Team
Phone number: 043-870-3300 (ext. 7)

9. Remedy for infringement of user’s rights and interests
In order to receive relief from personal information infringement, users may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency's Personal Information Infringement Reporting Center. For other personal information infringement reports and consultations, please contact the organizations below.
- Personal Information Dispute Mediation Committee (https://www.kopico.go.kr / 1833-6972)
- Personal Information Infringement Reporting Center (https://privacy.kisa.or.kr / 118 without area code)
- Supreme Prosecutors' Office (https://www.spo.go.kr / 1301 without area code)
- National Police Agency (https://ecrm.cyber.go.kr / 182 without area code)
The company guarantees the user's right to self-determination of personal information and strives to provide consultation and relief for damage caused by personal information infringement. If reporting or consultation is necessary, contact the personal information protection manager or personal information protection department (see Section 8). Please contact us.
Requests made by the head of a public institution in response to requests pursuant to the provisions of Article 35 (view of personal information), Article 36 (correction/deletion of personal information), and Article 37 (suspension of processing of personal information, etc.) of the Personal Information Protection Act A person whose rights or interests have been infringed due to a disposition or omission may request an administrative trial in accordance with the provisions of the Administrative Appeals Act.
- Central Administrative Appeals Commission (https://www.simpan.go.kr / 110 without area code)

10. Additional criteria for use and provision
Pursuant to Article 15, Paragraph 3 and Article 17, Paragraph 4 of the Personal Information Protection Act, the Company shall consider the following matters and provide additional use of personal information without the consent of the information subject within the scope reasonably related to the original collection purpose. You can do it. The company complies with relevant laws and regulations such as the Personal Information Protection Act, the purpose of use and provision of personal information, the manner in which personal information is used and provided, the personal information items to be used and provided, and matters that have been consented to by the information subject or have been notified and disclosed to the information subject. In this case, we carefully determine whether to use and provide the information in question by taking into account all circumstances, including the content, the impact on the information subject based on use and provision, and the measures taken to protect the target information.
- Whether the purpose of additionally using and providing personal information is related to the original purpose of collection
- Whether there is a possibility of providing additional uses in light of the circumstances in which personal information was collected or processing practices.
- Whether the provision of additional use of personal information unfairly infringes on the interests of the information subject
- Whether necessary measures were taken to ensure safety, such as pseudonymization or encryption
The personal information protection manager checks whether the company is making additional use and provision of personal information in compliance with the above standards.

11. Links/Websites
Please note that this privacy policy applies only to information collected by the company on this website, and that the company is not responsible for the privacy policies of other websites. If you visit another website by clicking on a link or banner included in this website, the privacy policy posted by the website operator will apply, so please check the privacy policy of the newly visited website.

12. Date of establishment
January 1, 2024