TECHCROSS

Techcross Privacy Policy .

※Please note that this is a privacy policy for the website developed in South Korea, and may not apply equally to other countries.

Techcross (the “Company”) establishes and discloses the following Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect personal information of the users and effectively process related complaints.

○ This Policy will be effective beginning on July 30, 2021.

1. Purpose of Personal Information Processing
2. Processing and Possession Period of Personal Information
3. Provision of Personal Information to Third Parties
4. Consignment of Personal Information Processing
5. Rights and Obligations of Personal Information Holders and Their Legal Representatives; Exercise of the Rights
6. Types of Personal Information Processed
7. Process and Method of Personal Information Destruction
8. Securing the Personal Information
9. Installation and Operation of Automatic Personal Information Collection Device; Rejection of the Use of Such Device
10. Personal Information Protection Manager
11. Office in Charge of Receiving and Processing Personal Information Disclosure Requests
12. Remedy for Infringement of Personal Information Rights
13. Amendments to the Privacy Policy

1. Purpose of Personal Information Processing

The Company processes personal information for the following purposes: The processed personal information is not used for any reasons other than the following purposes. If the purpose of using the personal information changes, the Company may take additional measures, including obtaining separate agreements in accordance with Article 18 of the Personal Information Protection Act.

① Newsletter service
② General inquiry
③ Product purchase inquiry
④ Spare part purchase inquiry
⑤ Customer service inquiry
⑥ Training

-Required :

Name, company name, country, phone number, e-mail address, ship name, IMO no., hull no., ship type, ship class, flag country, information regarding ship operation in fresh water, ballast pump capacity, case 1~3, product request number, quantity, product name, product image, product label image, image of the device with the product installed, trainee type, number of trainees, requested training location, requested training dates, trainee information

-Optional :

Job title, date built, pump capacity if separate APT is required, expected drydock location, drydock schedule, part no., specification

2. Processing and Possession Period of Personal Information

① The Company possesses and processes the personal information during the period prescribed by law or the period that the personal information owner agreed to at the time the information was collected.

② Personal information processing and possession period for different circumstances are as follows:
A. Newsletter and other services: Until service is completed
However, if required by the Commercial Act, the Act on the Consumer Protection in Electronic Commerce, Etc., and other related laws, the Company will retain the member information for the period prescribed by the relevant provision of the law. In such cases, the Company will use the retained information only for the prescribed purposes. The possession period of personal information is as follows:

Circumstance	Period
Records related to contracts or withdrawal of subscription (Act on the Consumer Protection in Electronic Commerce, Etc.)	5years
Records related to payment and supply of goods (Act on the Consumer Protection in Electronic Commerce, Etc.)	5years
Records related to consumer complaints or conflict resolution (Act on the Consumer Protection in Electronic Commerce, Etc.)	3years

3. Provision of Personal Information to Third Parties

① The Company will provide personal information to a third party only when authorized by the consent of the personal information owner or by Articles 17 and 18 of the Personal Information Protection Act.
② The Company provides personal information to third parties as follows:
A. Recipient of personal information: Investigation agencies, related agencies, and companies subject to investigation
B. Recipient’s purpose of personal information: Processing complaints regarding privacy infringement
C. Provided personal information types: Name, contact information, e-mail address
D. Retention and usage period of personal information: Personal information is destroyed after the retention period prescribed by law of when the purpose of the personal information provision has been met

4. Consignment of Personal Information Processing

① For efficient personal information processing services, the Company consigns the service to third parties as follows:

Consigned work	Consignee
Website management and operation	Design Pixel
Employment information processing (recruitment website)	Midas IT

② When entering into consignment agreements, the Company specifies that the consignee shall not use the personal information for non-specified purposes or re-consign the services, and that the consignee shall take necessary technological and managerial protection measures and take liabilities regarding management and supervision of the services. Furthermore, the Company supervises consignees as to whether they safely handle personal information.
③ The Company will promptly disclose any changes to the consignment or the identity of the consignee.

5. Rights and Obligations of Personal Information Holders and Their Legal Representatives; Exercise of the Rights

① Users may exercise the following rights as the owners of their personal information.
② Personal information owners may exercise the following personal information protection rights against the Company as follows:
A. Request to view personal information
B. Request correction of personal information if there is error
C. Request to delete personal information
D. Request to cease the processing of personal information
③ Users may exercise the rights of subsection 1 by completing and sending the Company Appendix 8 of the Enforcement Rules of the Personal Information Protection Act via letter, e-mail, or fax. Upon receipt of the request, the will promptly take appropriate measures.
④ If the personal information owner requests correction of error or deletion of personal information, the Company will not use or provide the personal information until it is corrected or deleted.
⑤ Users may exercise the rights of subsection 1 through a legal representative or an agent. In such cases, users must submit a power of attorney document as prescribed in Appendix 11 of the Enforcement Rules of the Personal Information Protection Act.

6. Types of Personal Information Processed

① To provide services, the Company collects the minimum personal information as follows:
A. Required Personal Information
Name, company name, country, phone number, ship name, IMO no., hull no., ship type, ship class, flag country, ballast pump capacity
B. Collection Method
Information entered by the website user when requesting service

7. Process and Method of Personal Information Destruction

① In principle, the Company will promptly destroy the personal information when the purpose of personal information has been met. The procedures, period, and method of the destruction is as follows:
A. Procedures
Upon the completion of the purpose, the information entered by the user is relocated to a separate database (if paper document, a separate file) and retained for a certain period as prescribed by internal regulations and relevant laws before being promptly destroyed. The personal information relocated to a separate database is not used for other purposes unless prescribed by law.
B. Period
Users’ personal information is destroyed within 5 days of the retention period expiring, and within 5 days of the personal information and its processing be coming deemed unnecessary due to the completion of the purpose, service termination, or project termination.
C. Method
Electronic files are destroyed using a method that makes it impossible to restore the records.
Personal information on paper files are shredded or incinerated.

8. Securing the Personal Information

① In accordance with Article 29 of the Personal Information Protection Act, the Company takes the following technological/administrative/physical measures to secure personal information:
A. Administrative: Establish and implement internal management policies; conduct regular employee training sessions
B. Technological: Manage access rights to the personal information processing system; install access control systems; encrypt unique identification systems; install security programs
C. Physical: Control access to computer rooms and record rooms

9. Installation and Operation of Automatic Personal Information Collection Device; Rejection of the Use of Such Device

① The Company operates devices that automatically collects personal information, such as cookies that records and finds member information from time to time. Cookies are small text files that the Company's website servers send to members’ web browsers. They are saved on the members’ computer hard drives. The Company uses cookies for the following purposes:
A. Purpose of Cookies, Etc. (If Required)
Analyze access frequency and visit times of members and non-members; identify and track user preferences and interests; provide targeted marketing and personalized services by identifying event participation and visit frequencies. Members may opt out of cookie usage. By setting web browser preferences, users may allow all cookies, require the website to confirm every time cookies are saved, or refuse to save all cookies.
B. How to Refuse Cookies (If Required)
Members may set web browser preferences to allow all cookies, require the website to confirm every time cookies are saved, or refuse to save all cookies. However, if members refuse to save all cookies, they may not use some services that require log-in.
Example of setting preferences (Internet Explorer): Tools > Internet Option > Privacy

10. Personal Information Protection Manager

① The Company designates a personal information protection manager who oversees personal information processing, handles user complaints regarding personal information processing, and provide remedies.
A.Personal Information Protection Manager
Office : Security Office
Title : Security Director
B.Personal Information Protection Office
Office : Security Office
Phone : 051-601-4500
E-mail : itpart@techcross
② Owners of personal information may contact the personal information manager of the office to inquire about all personal information protection measures, complaints, and remedies arising out of the Company's service (or projects). The Company will promptly answer or process inquiries by the personal information owners.

11. Office in Charge of Receiving and Processing Personal Information Disclosure Requests

① Personal information owners may request the following office to view their personal information in accordance with Article 35 of the Personal Information Protection Act. The Company will make efforts to promptly handle the personal information owners’ request to view their personal information.
A. Office in Charge of Receiving and Processing Personal Information Disclosure Requests
Office : Marketing Team
Phone : 051-601-4500
E-mail : inquiry@techcross.com

12. Remedy for Infringement of Personal Information Rights

① The following agencies are not associated with the Company. Please direct your inquiries to these organizations if you are not satisfied with the Company's handling of the complaints or remedies provided, or if you need more specific services regarding the issue.
A. Privacy Infringement Center: 118 (http://privacy.kisa.or.kr)
B. Privacy Infringement Mediation Committee: 118 (privacy.kisa.or.kr)
C. Supreme Prosecutors’ Office Cyber Crime Unit: 02-3480-3573 (http://www.spo.go.kr)
D. National Police Agency Cyber Crime Unit: 1566-0112 (http://www.netan.go.kr)

13. Amendments to the Privacy Policy

① This Policy will be effective beginning on July 30, 2021.

TECHCROSS LOGO