Supreme Energy (hereinafter referred to as "the Company") establishes and discloses the following personal information processing guidelines to protect the personal information of data subjects and to handle related complaints quickly and smoothly in accordance with Article 30 of the Personal Information Protection Act.
Article 1 (Purpose of Processing Personal Information)
The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be taken in accordance with Article 18 of the Personal Information Protection Act.
1. Website Membership Registration and Management
Personal information is processed for the purposes of confirming membership registration intent, identification and authentication according to membership service provision, membership qualification maintenance and management, identity verification according to limited identity verification system implementation, prevention of fraudulent use of services, confirmation of legal representative's consent when processing personal information of children under 14 years of age, various notices and notifications, and complaint handling.
2. Provision of Goods or Services
Personal information is processed for the purposes of product delivery, service provision, contract and invoice delivery, content provision, customized service provision, identity verification, age verification, payment and settlement, and debt collection.
3. Complaint Processing
Personal information is processed for the purposes of identifying complainants, confirming complaint matters, contacting and notifying for fact-finding, and notifying processing results.
Article 2 (Processing and Retention Period of Personal Information)
① The Company processes and retains personal information within the personal information retention and use period according to laws or the retention and use period agreed upon when collecting personal information from data subjects.
② The processing and retention periods for each type of personal information are as follows:
1. Website membership registration and management: Until withdrawal from the business/organization website
However, in the following cases, until the end of the relevant reason:
1) Until the end of investigation or inquiry in cases where investigation or inquiry is ongoing due to violation of relevant laws
2) Until settlement of debt and credit relationships remaining from website use
Article 3 (Rights of Data Subjects and Legal Representatives and How to Exercise Them)
① Data subjects may exercise the following personal information protection-related rights with the Company at any time:
1. Request to view personal information
2. Request for correction in case of errors
3. Request for deletion
4. Request to stop processing
② The exercise of rights under Paragraph 1 can be done through written documents, telephone, email, fax, etc., and the Company will take action without delay.
③ When a data subject requests correction or deletion of personal information errors, the Company will not use or provide the personal information until the correction or deletion is completed.
④ The exercise of rights under Paragraph 1 can be done through a legal representative or an authorized agent. In this case, a power of attorney according to Form No. 11 of the Personal Information Protection Act Enforcement Rules must be submitted.
⑤ Data subjects must not infringe on their own or others' personal information and privacy that the Company is processing in violation of the Personal Information Protection Act and other related laws.
Article 4 (Personal Information Items Processed)
The Company processes the following personal information items:
1. Website Membership Registration and Management
Required items: Name, date of birth, ID, password, address, phone number, email address, etc.
2. Provision of Goods or Services
Required items: Name, date of birth, ID, password, address, phone number, email address, etc.
Article 5 (Destruction of Personal Information)
① The Company destroys personal information without delay when it becomes unnecessary due to the expiration of the retention period or achievement of processing purposes.
② When personal information must be preserved according to other laws despite the expiration of the agreed retention period or achievement of processing purposes, the personal information is moved to a separate database (DB) or stored in a different location.
③ The procedures and methods for destroying personal information are as follows:
1. Destruction procedure
The Company selects personal information subject to destruction and destroys it with approval from the Company's personal information protection officer.
2. Destruction method
The Company destroys electronically recorded personal information in a way that prevents reproduction, and shreds or incinerates personal information recorded on paper documents.
Article 6 (Measures to Ensure Security of Personal Information)
The Company takes the following measures to ensure the security of personal information:
1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures: Access control management for personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs
3. Physical measures: Access control for computer rooms, data storage rooms, etc.
Article 7 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
① The Company uses 'cookies' that store and retrieve usage information from time to time to provide individualized customized services to users.
② Cookies are small pieces of information sent by servers (http) used to operate websites to users' computer browsers and are stored on users' PCs or mobile devices.
③ Data subjects can set cookie acceptance, blocking, etc. through web browser option settings. However, refusing to store cookies may cause difficulties in using customized services.
▶ Cookie Allow/Block in Web Browser
- Chrome: Web browser settings > Privacy and security > Clear browsing data
- Edge: Web browser settings > Cookies and site permissions > Manage and delete cookies and site data
▶ Cookie Allow/Block in Mobile Browser
- Chrome: Mobile browser settings > Privacy and security > Clear browsing data
- Safari: Mobile device settings > Safari > Advanced > Block all cookies
- Samsung Internet: Mobile browser settings > Browsing data > Delete browsing data
④ The Company collects and uses information about visits and usage patterns of services and websites visited by users during service use, popular search terms, secure connection status, etc., to provide optimized information to users.
Article 8 (Personal Information Protection Officer)
① The Company designates a personal information protection officer as follows to oversee personal information processing, handle complaints, and remedy damages related to personal information processing:
▶ Personal Information Protection Officer
Name: Jang Yun-ho
Position: CEO
Contact: 02-3454-0123
※ You will be connected to the personal information protection department.
② Data subjects may contact the personal information protection officer and responsible department for all personal information protection-related inquiries, complaint handling, damage relief, etc. that arise while using the Company's services (or business). The Company will respond and process inquiries from data subjects without delay.
Article 9 (Methods for Remedying Rights Violations)
Data subjects may inquire about damage relief and consultation regarding personal information violations with the following organizations:
1. Personal Information Dispute Mediation Committee: 1833-6972 (no area code) (www.kopico.go.kr)
2. Personal Information Violation Report Center: 118 (no area code) (privacy.kisa.or.kr)
3. Supreme Prosecutors' Office: 1301 (no area code) (www.spo.go.kr)
4. National Police Agency: 182 (no area code) (ecrm.police.go.kr/minwon/main)
Article 10 (Implementation and Changes to Personal Information Processing Policy)
This personal information processing policy is effective from September 1, 2025.
