Privacy Policy

Article 1: General Provisions

• 1) Hankook Tire Co., Ltd. (hereinafter referred to as the "Company", also refers to the Company's Internet site which is www.hankooktire.com) recognizes the importance of protecting your privacy, and abides by stipulations regarding privacy under the "The Act on Promotion of Information & Communication Network Utilization and Information Protection, etc." and the Privacy Guideline established by the Ministry of Information and Communication. The Company provides information on the purpose of collecting and using personal information and measures taken to protect your privacy through its Privacy Policy.
• 2) The Privacy Policy can be easily accessed via the main page of the Company's website (www.hankooktire.com). The Company also obtains a separate consent from members upon their registration.
• 3) The Company has set up procedures necessary to revise the Privacy Policy for its continued improvement. In the event of a revision to the Privacy Policy, steps are taken to ensure that you can easily recognize the revision.

Article 2: Scope of Collection of Personal Information

• 1) "Personal information" refers to information about a living person that identifies the individual based on his/her name and identification number, including symbols, text, voice data, sound and images (includes information which alone is not sufficient but when combined with other information can identify an individual).
• 2) The Company only collects information listed in Article 2-3 of the Privacy Policy which is the minimum information required to provide services, and the information is collected through fair and appropriate means. The Company shall not refuse to provide basic services even if you choose not to provide optional information.
• 3) List of information collected upon member registration Mandatory items: name, identification number, preferred user ID, user password, e-mail address, mobile phone number, phone number, address, whether you choose to receive e-mail service, whether you choose to receive SMS service, occupation, employer, title, car ownership Optional items: fax number, employer (company name), occupation, title
• 4) The Company does not collect personal information which poses an obvious risk of infringing upon your basic rights (race and ethnicity, ideology and beliefs, hometown and legal domicile, political inclination and criminal record, health conditions such as medical history, sex life, etc.). However, exceptions are made when the personal information to be collected is stipulated under laws or is directly related to and thus required to provide services, in which case your consent will be required.

Article 3: Consent to Collection of Personal Information

• 1) The Company provides a process through which you may click on the "Accept" or "Cancel" buttons related to the Privacy Policy and Terms of Service upon member registration. If you click on "Accept," you will be regarded as having consented to collection of personal information.

Article 4: Purpose of Collecting and Using Personal Information

• 1) The Company collects your personal information for the following purposes: Name, identification number: To identify adult users of services and to check whether you are an offline member, Address, phone number, e-mail address: To secure a communication channel for providing information on services/new products or events, conveying notices, verifying your decisions, handling complaints, etc. Identification number, address: Demographic analysis (statistical analysis of service users by age, gender, region, etc.), Optional items: Reference for individual services and special services (tire consulting, leaders club, etc.).
• 2) In order to provide you with diverse and high quality services, the Company may integrate and use/manage your personal information and data related to service usage with member information from mail order business and e-commerce that the Company is currently engaged in or will engage in in the future, including information gained via the "www.hankooktire.com" website, related websites through which you may receive services by using the single integrated member account (user ID and password) operated by the Company and offline customer data.

Article 5: Collection of Personal Information Through Cookies

• 1) Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.
  Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
  For further information on cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit http://www.allaboutcookies.org/.
• 2) The sites use cookies. You can find out more about cookies and how to control them below.
  By using the sites, you accept the use of cookies in accordance with this cookie policy. If you do not accept the use of these cookies, please disable them following the instructions in this cookie policy.
  
  The sites use the following cookies:
  
  Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet. This category of cookies cannot be disabled.
  Analytical cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. These cookies do not collect information that can identify you. All the information that these cookies collect is anonymous and is only used to improve how the website works.
  Our website uses Google Analytics cookies. Information collected by Google Analytics cookies will be transmitted to and stored by Google on servers in the United states of America in accordance with its privacy practices. To see and overview of privacy at Google and how this applies to Google Analytics, visit https://www.google.com/intl/en/policies/privacy/. You may opt out of tracking by Google Analytics by visiting https://tools.google.com/dlpage/gaoptout?hl+en-GB.
  
  You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
   

• 3) You may disable cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to disable all cookies (including strictly necessary cookies) you may not be able to access all or parts of the Sites.
  Disabling a cookie or category of cookie does not delete the cookie from your browser. You will need to do this separately within your browser.
  If you would like to make changes to your cookie settings, please go to the 'Options' or 'Preferences' menu of your browser. Alternatively, go to the 'Help' option in your browser for more details.
  
  To learn more about the cookie settings for your browser, please select the links below:
  Internet Explorer
  Firefox
  Chrome
  Safari
  
  If you have disabled one or more analytical cookies, we may still use information collected from cookies prior to your disabled preference being set, however, we will stop using the disabled cookie to collect any further information.
  Except for strictly necessary cookies, all cookies will expire after two years.

Article 6: Usage outside the Stated Purpose and Third Party Access

• 1) The Company uses your personal information within the scope stipulated in Article 4 [Purpose of Collecting and Using Personal Information] of this Privacy Policy and the Terms of Service. Usage does not go beyond the said scope and personal information is not provided to other persons, companies or organizations.
• 2) To facilitate work activities, the Company may contract the services of an outside party to handle your personal information, in which case, a detailed notice will be given in advance via e-mail, phone, in writing, or the homepage regarding the name of the handling company, the scope of information handled, the purpose of contracting the outside company, the handling process, and the contract period. For further information, please refer to Article 12 of the Privacy Policy.
• 3) In the event where the Company transfers rights and responsibilities due to a business transfer or merger, the Company shall inform you of the reason, details regarding the successor and the succession process on the initial screen of the homepage at least 30 days in advance. The Company will also give individual notice at least once in writing, e-mail or by other means, and give you the option to consent or revoke the transfer of personal information; however, the Company may substitute with a notice appearing more than once on two or more central dailies if it is not aware of your contact details through no error on the part of the Company, natural disaster or other justified reason for not providing individual notice.
• 4) Notwithstanding the stipulations in Article 6-1 and Article 6-3, exceptions are made in the following cases: When the user has given prior consent to disclosure, When information is needed to calculate mileage in accordance with provision of services, When needed for statistics compilation/academic research or market survey, provided that the information is provided to a third party including research groups, survey/research organizations, partner companies and suppliers after being processed in a way that does not allow identification of an individual, When special regulations are set forth in laws including the Act on Real Name Financial Transactions and Guarantee of Secrecy, Use and Protection of Credit Information Act, Framework Act on Telecommunications, Telecommunications Business Act, Local Tax Act, Framework Act on Consumer, Bank of Korea Act, and Criminal Procedure Act.
• 5) Your personal information may be provided to or shared with business partners in order to offer better services, in which case you will be given prior individual notice via e-mail or other means regarding the name of the partner company, the list of personal information to be provided or shared, and the reason for doing so, in order to receive your consent. If you do not consent, the said information will not be provided to or shared with a partner company.

Article 7: Retrieval/Revision of Personal Information

• 1) You may retrieve or revise your personal information through the Company's Internet homepage. In the event that you request retrieval or revision of your personal information through a visit, in writing, by phone or by e-mail, the Company will promptly take the necessary steps after confirming your identity. However, if there is justified reason to refuse retrieval or revision, you will be promptly notified of the reason.
• 2) In the event that you request a correction to an error regarding your personal information, the Company shall not provide or use the information until the said correction is made.

Article 8: Withdrawal of Consent for Collection, Use and Provision of Personal Information

• 1) You may withdraw your consent for the collection, use and provision of personal information given upon member registration at any time. For withdrawal of consent (withdrawal of membership), you may call the customer center or send an e-mail to the personal information officer or webmaster, and the necessary steps including destruction of personal information and notification will be taken promptly after confirming your identity. However, if regulations are otherwise set forth in laws as stated in Article 9 of the Privacy Policy, the pertinent laws shall prevail.
• 2) The Company will take the necessary steps so that withdrawal of consent for personal information collection can be executed with greater ease compared to the methods for collecting personal information.

Article 9: Period for Storing and Using Personal Information

• 1) Your personal information will be destroyed upon withdrawal of membership, dismissal of membership, or completion of the purpose of collecting or receiving personal information as listed below. However, it will be retained for a specified period as stipulated by related laws when necessary for reasons such as to identify rights and responsibilities related to transactions, as listed below, in accordance with related laws such as the Commercial Code
  
  Record on contract or subscription withdrawal: 5 years
  Record on payment settlement and provision of goods: 5 years
  Record on handling consumer complaint or conflict: 3 years
  
  
• 2) You may request retrieval of transaction information, etc. retained with your consent, and the company will promptly take the necessary steps for retrieval.

Article 10: Technical and Management Measures to Protect Personal Information

• 1) When handling your personal information, the Company takes the following technical measures to prevent the loss, theft, leak, alteration and damage of such information in order to maintain security: Your personal information is protected by your user ID and password, and important data are protected by separate security measures including encrypted file and data transmissions or the use of the file lock function. Vaccine programs are used to prevent damage caused by computer viruses, and such programs are updated regularly. In the event of a sudden virus outbreak, the related vaccine is provided as soon as it becomes available to prevent infringement of personal information. Code algorithms have been adopted to enable safe transmission of personal information over networks, firewalls have been installed to protect against hacking and outside intrusion, and intrusion blocking systems and weakness analysis systems are used in each server to maintain security.
• 2) When handling your personal information, the Company takes the following management measures in order to maintain security: Access to your personal information is authorized to a minimum number of personnel, who are as follows: Personnel carrying out marketing activities directly to the user Personnel carrying out activities related to personal information management including the personal information officer and personal information manager Other personnel who inevitably have to handle personal information in the course of carrying out their work activities Regular internal and external training is conducted for employees who handle personal information, with the said training pertaining to the acquisition of new security technology and on the responsibility for protection of personal information.
  
  A security pledge is obtained from all employees when they join the Company to prevent information leaks caused by people, and internal procedures are in place to monitor the implementation of and employees' compliance with the Privacy Policy.
  
  Handover of duties involving personnel who handle personal information is conducted thoroughly while maintaining security, and responsibility for incidents involving personal information after joining and leaving the Company are clearly set out.
  
  Personal information and general data are sorted and stored through separate servers.
  
  The computing room and data storage room are designated as special protection zones, and access to the said rooms is controlled.
  
  If there is a loss, leak, alteration or damage of personal information due to the error of an internal manager or a technical or management incident, the Company will notify you immediately, take the appropriate steps and provide suitable compensation.

Article 11: Link Sites

• 1) The Company may provide you with links to websites and data of other companies. As the Company does not have any control over external sites and data, it does not bear any responsibility nor guarantees the utility of services or data provided thereof. If you move to the page of another site by clicking on links included in the Company, you are advised to review the privacy policy of the newly visited site, as the privacy policy of the said site has no relation to the Company.

Article 12: Contracting an Outside Party to Handle Personal Information

• 1) The Company may contract the services of an outside party to handle your personal information to enhance services, in which case it must provide advance notice on the contracted service, the contracted party, the relationship between the contracted party and the Company, and the scope of responsibility via a pop-up screen, etc. on the homepage.
• 2) When an outside party is contracted to handle personal information, the Company will set forth explicit regulations on adherence with personal information protection guidelines, maintaining confidentiality of personal information, prohibiting provision of the information to a third party, the contract period, and the obligation to restore or destroy personal information after the contract is terminated through a contract. The Company will require the contracted party to abide by the said regulations and will store the said contract in written or electronic format.

Article 13: Rights and Obligations of Users

• 1) Safeguarding your user ID and password is crucial to protecting your personal information. The primary responsibility in safeguarding the user ID and password lies with the user. Accordingly, take special caution when you are online. In particular, you are advised to log off after using services in a public place as a precaution against revealing your password.
• 2) The Company will do its utmost to protect your personal information, as stated in this Privacy Policy; however, the Company is not liable for incidents caused by your own error or basic risks of the Internet.
• 3) Along with the right for protection of your personal information, you have the obligation to protect yourself and not to infringe upon others' information. If you fail to fulfill the said obligations and cause damage to others' information, you may be subject to penalty under the "Act on Promotion of Information & Communication Network Utilization," etc.

Article 14: Receiving Suggestions and Handling Complaints

• 1) The Company has set up a channel through which you may submit your opinions and complaints regarding personal information protection. Suggestions or complaints related to personal information may be sent to the personal information officer or the personal information manager. Upon their receipt, the Company will promptly take measures and inform the sender of how the matter was handled. You may also file complaints with the privacy violation reporting center run by the government.

Article 15: Transmission of Advertising Content

• 1) The Company does not transmit advertising content for the purpose of profit generation that runs counter to your explicit refusal to receive such content.
• 2) The Company does not transmit advertising content on media which are inappropriate for minors (youths aged 19 years or younger).

Article 16: Chief Privacy Officer and Personal Data Protection Officer

• 1) The Company designates a Chief Information Security Officer and a Chief Privacy Officer to receive suggestions and handle complaints related to personal information. The Chief Information Security Officer and the Chief Privacy Officer are as follows.
  
  [Chief Privacy Officer]
  Name: Jeong Hoon Oh
  Team: Information Security Team
  E-mail: ventus@hankooktech.com
  
  [Personal Data Protection Officer]
  Name: Ji Hyung Lee
  Team: Information Security Team
  E-mail: ljhbajo@hankooktech.com

Article 17: Obligation of Notice

 The current Privacy Policy was established on July 1, 2005. The Privacy Policy may be amended through the addition, deletion or revision of contents in accordance with changes in government policy, security technology or the Company's policy. Notification of such amendments will be given at least ten days in advance via the 'notice' column on the homepage.

Date of initial establishment of Privacy Policy: July 1, 2005
Date of initial implementation of Privacy Policy: July 29, 2005