Environmental Energy Mass Spectrometry Lab.

Environment Energy Mass Spec. Lab (hereinafter referred to as “EEMS LAB”) establishes and discloses the Personal Information Handling Policy in order to protect personal information of users and handle related complaints promptly and smoothly as follows
Article 1 (Purpose of Handling Personal Information)
The EEMS LAB handles personal information for each of the following purposes.
The personal information being handled shall not be used for purposes other than the following purposes. In the event that there is a change in the purposes of use, the EEMS LAB will take necessary measures by obtaining independent consent, etc.

1. Online inquiry
Upon online inquiry, the EEMS LAB handles personal information for verification purposes.

Article 2 (Items of Information Subjects to be Handled)
The EEMS LAB handles the following personal information items.

1. Online inquiry
Required items: names, contact information, e-mail addresses

Article 3 (Method to Collect Personal Information)
1. If a user consents to the EEMS LAB’s collection of personal information and directly enters information when he or she makes inquires online, the EEMS LAB collects relevant personal information.
Article 4 (Period for Handling and Retaining Personal Information)
- The EEMS LAB handles and retains personal information during the personal information retention and use period under the laws, or within the personal information retention and use period consented by information subjects when personal information is collected.
- Relevant handling and retention periods for each of personal information are as follows:

1. Homepage membership subscription and management: until a user withdraws from membership of a business operator or entity’s homepage
- However, in each of the following cases, until a relevant reason ends
1) Where relevant investigation or examination, etc. is being conducted as a result of a violation(s) of relevant laws, until the investigation or examination is completed
2) Where there are the remaining rights or obligations as a result of use of the homepage, until the right or obligation is settled

2. When goods or services are provided, until the provision of goods or services is completed or payment or settlement of fees is completed
- However, in each of the following cases, until a relevant period ends
1) Records on labeling and advertising, provisions and performance of agreements, etc. under Article 6 of the Consumer Protection Act in Electronic Commercial Transactions, etc.,
- Records on labeling and advertising: 6 months
- Records on agreements or withdrawals of offers, payments and supplies of goods, etc. : 5 years
- Records on complaints of consumers or dispute resolutions: 3 years

2) Retention of communication confirmation materials under Article 15-2 of the Protection of Communications Secrets Act
- Subscribers’ electrical communications dates and times, starting and ending hours, recipients’ subscriber number: 1 year
- Computer communications, Internet log records related materials, access place tracking materials: 3 months

Article 5 (Destruction of Personal Information)
- The EEMS LAB destroys relevant personal information when it became unnecessary because the personal information retention period had elapsed, the handling purpose had been accomplished, etc.
- In the event that although the personal information retention period consented to by a user has elapsed or the handling purpose has been accomplished, it is required to continue to retain personal information under other relevant laws, the EEMS LAB relocates relevant personal information to a separate database or retains relevant personal information in a different location for custody.
- The procedures and methods for destruction of personal information are as follows:

1. Destruction procedures
The EEMS LAB destroys relevant personal information by selecting personal information for which a ground for destruction has occurred and obtaining approval from the personal information protection manager.

2. Destruction methods
The personal information recorded or saved in an electronic file format is to be deleted by using a low level format, etc. in which the records cannot be regenerated. The personal information recorded or saved in paper documents is to be shredded by paper shredders or destroyed by way of incineration.

Article 6 (Rights and Obligations of Users and Legal Representatives, and Exercise Methods)
- Users may at any time exercise each of the following personal information protection related rights in relation to the EEMS LAB:

1. To request the EEMS LAB to allow them to get access to personal information;
2. To request the EEMS LAB to make corrections for errors, etc.;
3. To request the EEMS LAB to delete relevant personal information; and
4. To request the EEMS LAB to discontinue handling of personal information.

- The rights in Section 1 may be exercised in writing, by telephone, e-mail, fax, etc. in relation to the EEMS LAB, and the EEMS LAB shall take measures for the requests without delay.
- In the event that a user has requested the EEMS LAB to make corrections for errors, etc. of personal information or delete relevant personal information, the EEMS LAB does not use or provide the personal information until it completes making corrections or deleting relevant personal information.
- For a child under fourteen (14) years old, the rights in Section 1 may be exercised by an agent, such as an information subject’s legal representative or a delegated person, etc. In this case, his or her legal representative has all rights of users.
- Users should not infringe upon their own or a third party’s personal information or privacy being handled by the EEMS LAB by violating relevant laws, including the Information Communication Network Act, the Personal Information Protection Act.

Article 7 (Installation, Operation, and Rejection of Automatic Collection Instruments of Personal Information)
The EEMS LAB uses cookies that save and frequently find out users’ information, in order to provide individualized and customized services to individual users.

1. Purpose of using cookies
- Providing targeted marketing and individually customized services by analyzing the access frequencies or visit hours of members and nonmembers, figuring out users’ tastes and interested fields and finding the traces, and figuring out the participations in various events and the visit frequencies, etc.

2. Method to reject installation of cookies
Users may reject installation of cookies. However, if a user rejects installation of cookies, it would be difficult to use some services to which a log-in is required to get access.
(Installation method, IE standard) Tool on the top of the web browser > Internet Option > Personal Information -> Site blocking

Article 8 (Measures to Secure Safety of Personal Information)
The EEMS LAB takes the following measures to secure safety of personal information:

1. Managerial measures: establishing and implementing internal management plans, providing regular education and training for employees, etc.
2. Technical measures: managing the right to get access to personal information handling systems, etc., establishing access control systems, establishing security programs
3. Physical measures: controlling access to computer rooms, materials retention rooms, etc.

Article 9 (Personal Information Protection Manager)
1. The EEMS LAB has designated a personal information protection manager to generally manage duties on handling of personal information and handling complaints and recover damages for information subjects with respect to handling of personal information as follows:

▶ Personal Information Protection Manager
Contact Information:

▶ Responsible Department for Protection of Personal Information
Name of Department:
Contact Information:

2. Users may ask inquiries to the personal information protection manager and the relevant department with respect to all personal information related questions, handling of complaints, recovery of damages, etc. that arise while users use the EEMS LAB’s services (or businesses). The EEMS LAB will give answers and handle complaints, etc. without delay as to users’ inquiries.
Article 10 (Request for Access to Personal Information)
Users may request the following department to allow them to have access to their personal information. The EEMS LAB will make efforts to promptly handle users’ request for access to personal information.

▶ Department for Receiving and Handling Request for Access to Personal Information
Name of Department:
Contact Information:

Article 11 (Remedial Methods for Infringement of Rights and Interests)
Users may ask the following agencies of remedial methods for damages, consultations, etc. with respect to infringement of their personal information.
The following agencies are independent from the EEMS LAB. If you are not satisfied with the results of handling of complaints of personal information or remedies for damages by the EEMS LAB, or you need more help in detail, please ask questions).

▶ Personal Information Infringement Reporting Center (operated by the Korea Internet and Security Agency)
- Authorized duties: Reporting infringements of personal information, applying for consulting
- Homepage: privacy.kisa.or.kr
- Telephone: 118 (without a telephone exchange number)
- Address: (58324) Personal Information Infringement Reporting Center, 3rd floor, 9, Jinheung-gil, Naju-si, Jeonnam (301-2, Bitgaram-dong).

▶ Personal Information Dispute Mediation Committee
- Authorized duties: Applying for personal information dispute mediation, mediating group disputes (for resolution by personnel management)
- Homepage: www.kopico.go.kr
- Telephone: 1833-6972 (without a telephone exchange number)
- Address: (03171) 4th floor, Government Seoul Office, 209, Sejongdaero, Jongro-gu, Seoul

▶ Cyber Crime Investigation Department of Supreme Prosecutors’ Office: 02-3480-3573
▶ Cyber Security Bureau of National Police Agency: 1566-0112
Article 12 (Change of Personal Information Handling Policy)
The Personal Information Handling Policy is applicable from December 1, 2019.