1. Collection, Purpose, and Use of Personal Information

The Company collects only the minimum amount of personal information required to provide our services, and the collected personal information will only be used for the purposes stated in this policy. Your personal information is not used for any other purposes or disclosed to an outside source without prior authorization.

• Purpose of collection : To review customer inquiries, contact customers to verify inquiry, reply, notify results.
• Collected information : Required : email, name
• Collected information : Optional : phone number, interests, nationality, company name, profession.
• Method of collection : Collection through inquiries made through the website’s contact us section

2. Disclosure of Personal Information to Third Party

The Company uses the provided personal information only for the purposes stated in Article 1, and does not use your personal information or disclose such information to a third party without prior authorization. However, exceptions are provided if Company receives disclosure requests in accordance with procedures designated by the law. The following are examples of such exceptions.

• Request that follows the procedure and method designated by provisions of the law
• Request from investigative agencies that follow the procedure and method designated by the law for the purpose of investigation

3. Retention and Storage Period of Personal Information

The Company immediately destroys personal information a year after achieving the purpose of collection. However, if storage is necessary in accordance with applicable laws, the Company may store personal information for a period of time required by such law.

4. Destruction Procedure and Method of Personal Information

1. Destruction Procedure

• In the event the Company no longer needs to maintain the personal information such as when the retention period has expired or the Company has achieved the information’s purpose, the Company shall immediately destroy such personal information.
• In the event the Company is required by other laws to continually store the personal information despite the authorized retention period having expired or the purpose being achieved, the Company shall move such personal information to a separate database (DB) or change its storage location to store until the purpose of its continued retention has been achieved, upon which the Company shall immediately destroy the personal information.

2. Destruction Method

• Personal information that is printed on paper shall be destroyed by being shredded or incinerated.
• Personal information that is stored in electronic formats will be destroyed through technical methods in which records cannot be reproduced.

5. Rights and Duties of Information Provider and Exercising Methods

1. You may at any time make the following requests to exercise your privacy rights.

• Request to access personal information
• Request to revise information in case of error
• Request to withdraw agreement/delete information
• Request to cease operation

2. To exercise the rights stated in Article 5-1, you may state the request through a written statement, email, or fax, and the Company shall promptly execute the request upon receipt.

3. If the Company receives a request from the information provider to revise or delete personal information for any reason including error, the Company shall not use or provide personal information until the revision or deletion is completed.

4. You may exercise the rights stated in Article 5-1 through a delegated figure (“Agent”). However, in order for Agent to exercise the rights of information provider, Agent must submit a letter of attorney completed by the information provider.

5. The Company does not collect personal information from minors in principle. However, in the event that the collection of personal information from a minor is inevitable through 1:1 inquiry, the Company shall seek agreement from a legal representative and immediately destroy the information once the information’s purpose has been achieved or the authorized retention period has expired.

6. Measures to Secure Safety of Personal Information

The Company has established and is operating the following technical and managerial security measures to ensure that the collected personal information is not lost, stolen, leaked, falsified, or damaged.

1. Managerial Security Measures

• The Company has established and is operating internal security plans in regards to privacy.

2. Technical Security Measures

• Control of access to personal information and limited rights to access: The Company has installed security programs to prevent hackers or computer viruses from leaking and damaging personal information and is conducting regular updates and maintenance.
• The Company has appointed the minimum number of representatives that have access to personal information and conducts regular internal training sessions. The training of such representatives is held on a strictly confidential basis and the Company prescribes clear responsibilities in accidents regarding personal information to all current and former employees.

7. Contacts of Personal Information Manager and Representative

To protect the personal information provided to us and handle complaints and inquiries from information providers regarding their personal information, the Company has designated the following department and representative in charge of protecting personal information.

• Personal Information Representative and Department : Wan-ho Nam, SK Biopharmaceuticals Business Strategy Team, Business Management Manager
• Phone : +82-31-8093-0114
• Email : skbp@sk.com

8. Amendment and Notice of Privacy Policy

1. This Privacy Policy takes effect starting July 1, 2018.

2. In the event of any future addition, deletion, revision, and such amendments to the privacy policy following changes in applicable laws or security technology, the Company will notify the purpose and contents of the amendment on the Company’s website at least a week prior to enacting the amended privacy policy.

Date of notice and enactment: July 1, 2018