Wemade (hereinafter “the company”) places great value on users’ personal information, and complies with relevant personal information protection regulations in related laws that the company must comply with, such as the "Personal Information Protection Act,” and the “Act on Promotion of Information and Communications Network Utilization and Information Protection.” With the privacy policy, the company informs the principal of information (hereinafter "applicant") about the methods in which the personal information provided by the applicant is used, and for what purposes, and what kind of measures are taken for personal information protection.

1. Types of personal information collected and collection methods

For applications: (required) Name, date of birth, email address, phone number, place of residence, education history, work experience, foreign language proficiency and licenses, description of career experience (optional) veteran information, disability information
Employment website: (Required) Work experience, education history, name, date of birth, phone number, email address, résumé ((optional) portfolio

2. Purposes for the collection and use of personal information

The company utilizes collected personal information for the following purposes.
(1) To provide information regarding ongoing application/candidate selection/hiring processes as the hiring process progresses, management of potential candidate resources, and candidate identification

3. Matters regarding the provision of personal information to third parties

The company as a rule does not provide applicants’ personal information to external entities. However, the following exceptions apply.
(1) If the applicant has agreed beforehand
(2) To respond to a request from an investigative agency following legal procedures and methods for the purpose of an investigation, or in accordance with legal regulations

4. Matters regarding the entrustment of personal information processing

The company does not entrust the processing of applicants’ personal information to external entities without applicants’ permission.
If such needs arise in the future, the company will inform applicants abouts the external entity with whom the information will be entrusted and the content of the tasks to be entrusted, and to get the applicants’ consent beforehand if necessary.

5. Period of retention and use of collected personal information

The company as a rule destroys applicable information without delay after the purposes of personal information collection and use have been achieved. However, for the following information, for the purposes shown below, for the period specified, the company securely retains the information in internal company servers.
(1) Personal information of hired job applicants
• Retention period: while they work for the company
• Reasons for retention: HR management while the applicants are with the company, welfare benefits after retirement, issuing of career certificates
(2) Personal information of job applicants that were not hired
• Retention period: destroyed within a week of the achievement of the purposes of collection and use (end of the hiring process for the specified opening), or when the applicant requests deletion, or when the applicant withdraws their agreement to collection and use

6. Procedure and method of destruction of personal information

The company as a rule destroys applicable information without delay after the purposes of personal information collection and use have been achieved.
However, the company will not do so in cases where the information must be preserved in accordance with related laws.
The procedure and method of destruction is as follows.
(1) Personal information printed on paper records: shredded through a shredder or incineration
(2) Personal information recorded or stored in electronic file formats: deleted using technical means which make the information unrecoverable

7. Rights to view and amend personal information, and to withdraw their agreement of providing personal information and how to exercise those rights

Job applicants may at any time make requests to view, amend, or delete personal information to the personnel responsible for the protection of personal information at the company in writing, by phone, or email, and the company shall process these requests without delay.
In cases where applicants have made requests to amend errors in personal information, applicable personal information will not be used or provided until the amendment is complete.
And if the company has already provided the personal information with the error to a third party, the company will inform the third party of the results of the amendment without delay to have the amendment be applied.
The company processes personal information cancelled or deleted by job applicants as specified in the “Period of retention and use of personal information” collected by the company and processes the information in a way that it cannot be viewed or used for other purposes.

8. Matters regarding the collection of personal information using cookies, and refusal of these matters

1. To identify users' history of visits to the website, the company uses “Cookies,” which save and load usage information, and the company does not use this information for other purposes or provide them to third parties.
2 Cookies are small units of information that are sent by the servers (http) used to operate the website to the users’ computer browsers, and they may also be stored in the hard disks of the users’ PC.
A. Purposes of using cookies
These are used to identify the website visit history such as the frequency and hours of users’ visits to provide users with personalized information.
B. Installation and operations of cookies, and refusal of these matters
Users may refuse to the storing of cookies through the options menu at the top of the web browser at Tools > Internet Options > Privacy.
C. If you refuse to the storing of cookies, there may be difficulties in your use of our personalized service.

9. Matters regarding the ensuring of the security of personal information

To ensure security, the company executes the following measures to ensure security of personal information to prevent loss, theft, leak, modification, and damage of users' personal information. However, the company will not be responsible for any accidents that occur in areas that are not managed by the company, or were incurred by the users’ carelessness such as loss of device, despite the company having fulfilled all of its personal information protection responsibilities.
1. Technical measures
1) Personal information of accounts connected by users are protected by passwords set by the users themselves, and the password for each user account can only be known by the user of the account. And applicable personal information can only be viewed or amended by the user that knows the password.
2) The company retains items of users’ personal information as designated in related laws in an encrypted format, and personal information may only be viewed or amended through requests from the owner of the information after identity verification.
3) Files and sent data with important data containing personal information are protected, either encrypted or retained using security features such as file lock features.
4) The company is always monitoring to prevent the leak or damage of users’ personal information due to hacking and computer viruses. The company also makes periodic backups of systems, data, and personal information in case of possible situations, and the company regularly manages vaccine programs to prevent of infringement of personal information.
5) The company is doing its best to take measures required for systematically structured database systems to process personal information.
2. Management measures
1) The company limits access to users’ personal information to the minimum number of personnel required, and the following is the minimum number of personnel.
- Entities that execute tasks for the purposes of marketing, events, customer support, and delivery directly for users (including employees of companies entrusted and cooperating companies)
- Personnel in charge of personal information protection, including the personnel in charge of personal information
- Other personnel that cannot avoid processing personal information for other tasks
2) The company holds regular training sessions for personnel in charge of handling personal information and entities entrusted on topics such as responsibilities to personal information protection.
3) The team in charge of personal information protection in the company establishes and manages principles on the processing of personal information. And the company regularly checks for compliance to internal regulations, does its best to immediately right any issues found.
4) The company scrutinizes and makes sure that the handover of tasks between personnel responsible for personal information protection and personnel in charge of handling personal information happens in secure settings, and clarifies matters of responsibility regarding accidents related to personal information after they join or leave the company.
5) The company does not takes responsibility for personal information leaks caused by users’ personal mistakes or due to the intrinsic risks of the internet. Users must manage their accounts and passwords in an appropriate manner for the sake of protecting their personal information and take responsibility for their actions.
3. Physical measures
1) The company keeps the physical retention location for the personal information system, which retains personal information, separate, and establishes and operates access control procedures for it.
2) Documents and secondary storage mediums that contain personal information are stored in a safe place with locking devices.

10. Personnel responsible for personal information protection

The company appoints personnel responsible for the protection of personal information as shown below to protect customers' personal information and to process complaints related to personal information.

Personnel responsible for the protection of personal information
- Name: HONGMIN PARK
- Phone Number: +82-2-3709-2000
- FAX: +82-2-3709-2007
- Email Address: privacy@wemade.com

Please contact the organizations shown below to report other instances of infringement of personal information or advice.
Principals of information may enquire at the organizations shown in each item below for damage relief and consults regarding matters of personal information infringement.
The organizations shown below are separate from the company. Please make enquiries if you are not satisfied with the company’s processing of personal information complaints, or with the results of damage relief, or require more detailed assistance.
1. Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
A. Matters of jurisdiction: Reports and consults regarding matters of personal information infringement
B. Website: privacy.kisa.or.kr
C. Phone: (without country code within Korea) 118
2. Personal Information Dispute Mediation Committee
A. Matters of jurisdiction: Personal information dispute mediation, group dispute mediation
B. Website: www.kopico.go.kr
C. Phone: (without country code within Korea) 1833-6972
3. Supreme Prosecutor's Office Cybercrime Investigation Division: (without country code within Korea) 1301, cid@spo.go.kr (www.spo.go.kr)
4. Korean National Police Agency: (without country code within Korea) 182 (ecrm.cyber.go.kr)

<Additional Clauses>
The effective date of this privacy policy is December 31, 2021.