Privacy Policy

INSILICO Co. Ltd. (hereinafter referred to as the “Company”) complies with the Personal Information Protection Act and related laws and regulations to protect the freedom and rights of information subjects, legally process personal information, and securely manage it. In accordance with Article 30 of the Personal Information Protection Act, the Company establishes and discloses this Privacy Policy to guide information subjects on the procedures and standards for the processing of personal information and to promptly and smoothly address related complaints.

Article 1: General Provisions
“Personal information” refers to information about an individual who is alive and can be identified by information such as their name, resident registration number, etc. (including information that, even if it cannot identify a specific individual with the information alone, can easily identify a specific individual when combined with other information). An “information subject” refers to a person who can be identified by the information being processed, and it refers to the person who is the subject of the information. The Company makes its Privacy Policy easily accessible at all times by disclosing it on the first page of its website. Additionally, when the Privacy Policy is revised, it will be announced through the website (or individual notice). Each business department may operate its own separate Privacy Policy according to the nature of its operations. In such cases, the Privacy Policy of each business department will take precedence, and you should check the Privacy Policy posted on the respective website.

Article 2: Personal Information Processing Items and Purposes
The Company processes personal information within the minimum scope necessary for providing services, and the processed personal information will not be used for purposes other than the following:

① Processing Items
a) Information collected when registering inquiries: Name, company name, email, phone number, department
b) Information collected when registering internal/external audit reports: Email
c) Automatically generated and collected items during website usage: Connection IP information, service usage records, access logs, cookies, MAC address

② Processing Purposes
a) User identification, response to user inquiries, proposals, complaints, (A/S) after-sales service processing, etc.
b) Understanding the frequency of access, collecting statistics on service usage for stable service operation and quality improvement during user service usage analysis

Article 3: Processing and Retention Period of Personal Information
The company promptly disposes of personal information after achieving the purpose of collection and use. However, for the following information, it will be retained for the specified period for the reasons stated below, and the consent of the information subject will be obtained if necessary:

① Collection Items When Registering Inquiries
– Retention Period: 5 years
– Reason for Retention: User identification, response to User inquiries, handling of complaints, notification of announcements

② Collection Items When Registering Internal/External Audit Reports
– Retention Period: 3 years
– Reason for Retention: User identification, reporting of irregularities, handling of complaints

③ Automatically Generated and Collected Items During Website Usage
– Retention Period: 3 years
– Reason for Retention: Understanding access frequency and collecting statistics on service usage

Article 4: Destruction of Personal Information
The company promptly destroys personal information when it becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose. If personal information needs to be retained despite the expiration of the consent period obtained from the data subject or the achievement of the processing purpose due to other laws, it will be separately stored in a different database (DB) or at a different location. The method of destroying personal information is as follows:

① Personal information recorded and stored in electronic file format will be deleted using technical methods that cannot reproduce the records.
② Personal information recorded and stored on paper documents will be shredded or incinerated for destruction.

Article 5: Provision of Personal Information to Third Parties
The company uses personal information within the scope of the purpose of collection and does not use or provide/share personal information for purposes beyond that scope. However, there are exceptions as follows:

① When obtaining separate consent from the information subject
② When there are special provisions in other laws
③ When it is necessary to protect the urgent interests of the life, body, property of the information subject or a third party, who is unable to express their intention due to incapacity or unknown address.
④ When it is necessary for statistical compilation and academic research purposes and personal information is provided in a form that cannot identify specific individuals
⑤ When it is necessary to provide personal information to perform tasks prescribed by other laws, even if it is not used for purposes beyond the intended purpose, and it has been approved by the protection committee
⑥ When it is necessary to provide personal information to foreign governments or international organizations to fulfill treaties and other international agreements
⑦ When it is necessary for the investigation of crimes and the indictment and maintenance of public prosecution, or for judicial activities
⑧ When it is necessary to perform judicial work by the court
⑨ When it is necessary for the execution of punishment, protective disposition, or protective supervision

Article 6: Outsourcing of Personal Information Processing
The company does not outsource customer’s personal information to external companies. If outsourcing tasks arise in the future, we will promptly disclose it through this Privacy Policy.

Article 7: Rights and Obligations of Information Subjects and Methods of Exercising Rights
Information subjects may exercise the following rights related to personal information protection at any time with the company:

① Request for access to personal information
② Request for correction if there are errors
③ Request for deletion
④ Request for processing suspension

The exercise of rights related to personal information protection can be made in writing, by electronic mail, FAX, etc. to the company, and the company will promptly take action on it.
If the information subject requests correction or deletion of personal information, the company will not use or provide the personal information until correction or deletion is completed.

Rights may be exercised through a legal representative or an authorized agent of the information subject. In this case, an authorization letter must be submitted.

Article 8: Security Measures for Personal Information
The company takes the following measures to ensure the security of personal information:

① Administrative measures: Establishment and implementation of internal management plans, regular employee education, etc.
② Technical measures: Installation of external access control systems, prevention of computer virus damage using antivirus programs, network personal information transmission security measures using encryption algorithms (SSL), etc.
③ Physical measures: Access control of computer rooms, data storage rooms, etc.

Article 9: Installation, Operation, and Refusal of Automatic Collection Devices for Personal Information
The company operates ‘cookies’ and other similar technologies to store and retrieve information about you regularly. Cookies are very small text files sent by the company’s web server to your browser and stored on your computer’s hard drive.

The company uses cookies for the following purposes:
① Analyzing the frequency of access, visit time, and tracking user preferences and interests.
② Targeted marketing and personalized service provision based on event participation and visit frequency, among other things.

Users have the option to set your cookie preferences. Therefore, Users can choose to allow all cookies, confirm each time cookies are stored, or refuse to store all cookies by setting options in Users’ web browser.

Users can refuse cookie settings by selecting the options in their web browser. They have the choice to either allow all cookies, confirm each cookie storage, or reject the storage of all cookies.

– Example of how to set it up (for Internet Explorer): Tools at the top of your web browser > Internet Options > Privacy

However, if you refuse to set cookies, there may be difficulties in providing services.

Article 10: Personal Information Protection Officer
The company is committed to protecting personal information and handling complaints related to personal information processing. To this end, the company designates a Personal Information Protection Officer as follows:

– Personal Information Protection Officer: Minkyoung Kim, Manager of the Corporate Planning Division
– Contact Information: +82-31-495-6932 (Ext. 120), MKKIM@INSILICO.CO.KR

Data subjects may contact the Personal Information Protection Officer for any inquiries, complaints, damage claims, or other matters related to the protection of personal information that arise while using the company’s services. The company will promptly respond to and address inquiries from data subjects.

If you require reporting or consultation regarding other privacy infringements, please contact the following organizations:
– Personal Information Infringement Report Center (PRIVACY.KISA.OR.KR/118)
– Personal Information Dispute Resolution Committee (WWW.KOPICO.GO.KR/1833-6972)
– Cyber Investigation Division of the Supreme Prosecutors’ Office (WWW.SPO.GO.KR/1301)
– Cyber Safety Bureau of the National Police Agency (CYBERBUREAU.POLICE.GO.KR/182)

Article 11: Changes to the Privacy Policy
This Privacy Policy is effective from June 1, 2023. (Initial Notification)