Forest Lab (hereinafter referred to as the "Company") is committed to protecting applicants' personal information by complying with relevant laws and regulations, such as the Act on Promotion of Information and Communication Network Utilization and Information Protection.

The company will inform you of the purpose and method of personal information provided by the applicant through the personal information handling policy and what measures are being taken to protect personal information. When the company revises its personal information handling policy, it will announce it through a website notice. This policy will take effect on October 1, 2022.

1. Purpose of collecting and using personal information

Collection of personal information for answers when receiving inquiries

2. Items and methods of collecting personal information to be collected

(1) Collection items

• -

  Contatc: Company name, name, contact number, email address, inquiry details

(2) Collection method: Collection upon receipt of inquiries

3. Processing and holding period of personal information

(1) The company processes and holds personal information within the personal information retention period agreed upon when collecting personal information from the data subject according to the law.

(2) Each personal information processing and holding period is as follows.

• -

  From the receipt of the inquiry to the time when the purpose is achieved

However, in the case of the following reasons, until the relevant reasons are terminated

• 1)

  Where an investigation, investigation, etc. due to a violation of the relevant statutes is in progress, until the relevant investigation and investigation are completed

4. Procedures and methods of destroying personal information

(1) In principle, the company destroys the information without delay after the purpose of collecting and using personal information is achieved. The destruction procedure and method are as follows.

• Revocation procedure

• 1)

  After the purpose is achieved, the user's personal information is transferred to a separate DB (in the case of paper, a separate document) and stored for a certain period of time according to the internal policy and other related laws and regulations. Personal information transferred to a separate DB is not used for any purpose other than being held unless it is by law.

• Destruction method

• 2)

  Personal information stored in the form of an electronic file is deleted using technical methods that cannot be played back. The personal information printed on the paper is crushed or destroyed by a shredder or incineration.

5. Rights such as perusal and correction of personal information, withdrawal of consent to provide personal information, and the method of exercising them

The information subject may exercise the following rights related to personal information protection against the company at any time:

• 1)

  Request for access to personal information

• 2)

  Request correction if there is an error, etc

• 3)

  Delete request

• 4)

  Processing stop request

• -

  The exercise of rights under paragraph (1) can be made in writing, by phone, e-mail, fax, etc. to the company, and the company will take action without delay.

• -

  If the information subject requests correction or deletion of personal information errors, etc., the company will not use or provide the personal information until the correction or deletion is completed.

• -

  The exercise of rights under paragraph (1) may be conducted through an agent, such as a legal representative of the information subject or a person entrusted. In this case, you must submit a power of attorney under attached Form 11 of the Enforcement Rules of the Personal Information Protection Act.

• -

  The information subject shall not infringe on the personal information and privacy of the information subject himself or others processed by the company in violation of relevant laws such as the Personal Information Protection Act.

6. Matters concerning the person in charge of personal information protection

In order to protect the applicant's personal information and deal with complaints related to personal information, the company has a personal information protection manager. If you have any questions about personal information, please contact the personal information protection manager below. We will respond quickly and sincerely to the applicant's inquiries.

• Person in charge of personal information protection
  Name: Hong Gil-dong
  E-mail: forestlab@forestlab.kr

If you need to report or consult about other personal information infringement, please contact the institution below.

• -

  [Personal Information Dispute Mediation Committee] Phone : 1833-6972
  URL : http://www.kopico.go.kr

• -

  [Personal Information Infringement Report Center] Phone: (without country code) 118
  URL : http://privacy.kisa.or.kr

• -

  The Cyber Investigation Division of the Supreme Prosecutors' Office] Phone: (without country code) 1301
  URL : http://spo.go.kr

• -

  [National Police Agency Cyber Safety Bureau] Phone: (without country code) 182
  URL : http://cyberbureau.police.go.kr

7. Collection of personal information by cookies

he company uses "cookie" to store information about applicants and find them from time to time. Cookies are small amounts of information that websites send to applicants' computer browsers (such as Netscape, Internet Explorer, etc.). When an applicant accesses the website, the company's computer can read the contents of the cookie in the applicant's browser, find the applicant's additional information on the applicant's computer, and provide the service without additional input such as the name of the connection. Cookies identify applicants' computers, but do not personally identify applicants. Applicants also have a choice of cookies. By adjusting the options in your web browser, you have the option to accept all cookies, send a notification when they are installed, or reject all cookies.

8. Measures to ensure the safety of personal information

The company is taking the following measures to ensure the safety of personal information.

• -

  Management measures: Establishment, implementation, regular employee training, etc. of internal management plan

• -

  Technical measures: Management of access rights of personal information processing systems, etc., installation of access control systems, encryption of unique identification information, and installation of security programs

• -

  Physical Measures: Control of Access to Computer Room, Data Storage Room, etc

9. Change of personal information processing policy

This personal information processing policy was revised on October 1, 2022, and if there is a change in the personal information processing policy due to changes in related laws or security technologies, we will notify you of the change and the date of implementation on the website 7 days before the implementation.

Personal Information Protection Policy Amendment and Enforcement Date: October 01, 2022