LG Energy Solution Ltd. (hereinafter referred to as “The Company”) has established and published the following Privacy Policy in order to protect the personal information of data subjects and to promptly and smoothly resolve any related difficulties in accordance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (“Network Act” and the Personal Information Protection Act (“PIPA”)
Purpose of Processing (Collection and Use) of Personal Information
The Company processes personal information for the following purposes. Such personal information shall not be used for any purpose other than the purposes specified below, and if there are any changes in the purpose of use, necessary measures shall be taken, such as obtaining additional consent from users in accordance with Article 18 of PIPA.
-
Providing customer services
- Responding to 1:1 inquiries on the website, general inquiries and product inquiries through online and offline channels
- roviding customized services and consultation, responding to Voice of Customer (VoC)
- Providing management services for status of automotive battery
-
Other
- Receiving and managing any reports on ‘Ethics Management’
If any additional personal information is collected for any other purpose, or if there are any changes in the purpose of use, the Company will notify the data subject of the purpose of collection, items for collection, and the retention period of the personal information, and obtain additional consent. At this time, users may refuse to give consent and, in such a case, use of services may be restricted for such users. However, if users refuse to give consent to the use of optional items, use of services shall not be restricted.
Items of Personal Information Processed and Method of Collection
The Company collects the following personal information from users.
Purpose | Responding to customer inquiries | |
Data Subject | Customer making inquiries through the website | |
Information Collected | Required Items | Company name, person’s name, email address, location |
Optional Items | Contact information |
Purpose | Receiving and managing reports on ‘Ethics Management’ | |
Data Subject | Informant (name) | |
Information Collected | Required Items | Name, email address, contact information |
Optional Items | Relationship to the informing company |
Purpose | Receiving/Responding to customer complaints | |
Data Subject | Person reporting complaints | |
Information Collected | Required Items | |
Optional Items | Company name, name, email address, contact information |
Purpose | Responding to a “Reflection Survey” and delivering gifts | |
Data Subject | Person replying to surveys | |
Information Collected | Required Items | Company name, name, email address, contact information |
Optional Items |
Purpose | Managing battery status | |
Data Subject | Battery asset management service requester | |
Information Collected | Required Items | Battery status information (battery performance status, battery charge/discharge status, total operation time), name, phone number, email address, home address, vehicle number, vehicle identification number (VIN) |
Optional Items | Resident registration number |
In addition, information such as system usage logs, visit logs, cookies, login information, IP information, MAC address and statistical data, etc. may be collected automatically in the process of using online services.
The Company does not collect personal information from a user under the age of 14, however if the situation is unavoidable, it is collected and used after obtaining the prior consent of their legal representative. In this case, in order to obtain consent from their legal representative, minimal information of users under the age of 14 (name, contact information) will be collected without the consent of the legal representative.
-
Methods of Personal Information Collection
-
- Online collection :
- Collection of information provided directly by users on the website
-
- Offline collection :
- Collection of information through document, fax, email or telephone while using the call center, sales and customer services, etc. Collection of information through another company in a business partnership with the Company or a regulatory authority.
-
Processing and Use of Personal Information and Retention Period
Purpose of Collection and Retention of Personal Information | Period of Retention |
---|---|
Responding to 1:1 customer inquiries on the website, general/product inquiries | 6 Months |
Dealing with customer complaints, conducting customer consultations, carrying out events by inviting customers and receiving and managing reports on ‘Ethic Management’ | 1 Year |
Receiving and responding to customer complaints and improving customer services | 2 Years |
Responding to “Reflection Surveys” and delivering gifts | 6 Months |
Managing battery status | Retained during the service use period and disposed immediately after the purposes of collecting and using personal information are attained. |
However, in cases where it is necessary to retain personal information for a specified period under provisions of applicable laws and regulations, it is retained for the specified period, and the purpose of processing and use of personal information and the corresponding retention periods are as follows:
Purpose of Collection and Retention of Personal Information | Applicable Laws and Regulations | Retention Period |
---|---|---|
Preserving of web browsing history. | Protection of Communications Secrets Act | 3 Months |
Preserving records on resolving customer complaints or disputes | Act on the Consumer Protection in Electronic Commerce, etc. | 3 Years |
Preserving records on withdrawal of a contract or a subscription | 5 Years | |
Preserving records on payment and supply of goods, etc. | ||
Preserving records on payment of taxes | Framework Act on National Taxes |
Provision of Personal Information to Third Parties
The Company processes personal information of users within the specified purposes when collecting information and does not provide it to any other person, company or institution. The personal information will only be provided to a third party where the user’s prior consent on the issue has been obtained or it is allowed under PIPA or special provisions of other laws or regulations. When personal information is provided in a form that no specific individual is identifiable for compilation of statistics and/or academic research, no additional consent may be obtained.
Recipient | Kakao Mobility Corp. |
Personal information provided | Battery status information (battery performance status, charge/discharge status, total operation time) |
Recipient’s purpose of use | For service collaboration and improvement plans |
Period of retention and use | Retained only for the service usage period |
Outsourcing of Personal Information Processing and Overseas Transfer
The Company outsources personal information processing for seamless provision of services. In accordance with Article 26 of PIPA, the Company specifies in a contractual document the matters concerning the outsourcee’s responsibilities such as prevention of processing personal information for any purpose other than conducting outsourced services, technical/managerial safeguards, restriction on sub-outsourcing, management/supervision and compensation for damages, etc., and manages and supervises the outsourcee to confirm if information is processed safely.
1. Outsourced Services
Outsourcee | LG CNS Co., Ltd. |
Details of Outsourced Services | System development, management and maintenance |
Outsourcee | Logistics companies (Hanjin Transportation Co., Ltd., Kyoungdong Express, CJ Logistics Corporation, Logen Co., Ltd., Lotte Global Logistics Co., Ltd., CVSNet, KGB Co., Ltd., ePost Korea) |
Details of Outsourced Services | Gift delivery |
If there are any changes in the above Outsourcees or Outsourced Services, we will ensure that such changes are disclosed through this Privacy Notice without any delay.
2. Overseas Transfer (Matters under Article 39-12(3) of PIPA)
Name of Transferee | Google Cloud Platform |
Transferred Items | Name of the transferee, person’s name, email address, contact information |
Country to which Information is Transferred, Transfer Date and Method | Country to which information is transferred: Australia (Data Center) Transfer date and method: when data is updated, via network |
Purpose of Use by Transferee and Period of Retention and Use | Storing Data and the cloud system operation management |
Name of Transferee | SAP Qualtrics |
Transferred Items | Name of the transferee, person’s name, e-mail address, contact information |
Country to which Information is Transferred, Transfer Date and Method | Country to which information is transferred: Japan Transfer date and method: when data is updated, via network |
Purpose of Use by Transferee and Period of Retention and Use | Storing Data and the cloud system operation management |
Rights and Obligations of Data Subjects (Users) and Method of Exercising the Rights
Users have the right to request access, correction, deletion, and suspending the processing of personal information related to the protection of personal information, and the Company will process the users’ request without any delay. The exercise of these rights can be done in writing, by phone, by email, or through an agent such as the user's legal representative or a person who has been delegated to do so.
When a user requests correction or deletion of personal information for errors, the company will not use and/or provide the personal information to a third party until the correction or deletion is completed.
Users and/or their legal representatives have the right to have their personal information protected, along with the duties to protect their own personal information themselves, and not to infringe upon the personal information of others. As such, users and their legal representatives should be careful not to leak personal information of their own and their legal representatives, and not to damage the personal information of others, including postings. If you fail to fulfill these obligations and infringe upon or damage the personal information of others, you may be punished according to the relevant laws and regulations.
Destruction Procedures and Methods of Personal Information
When personal information becomes unnecessary, expiration of its retention period, and/or past the purpose of processing the Company will destroy the information without any delay. The procedures and methods are as follows:
-
- Destruction Procedure:
- Select the personal information that needs to be destroyed and destroy without any delay, unless laws and/or regulations prevent the destruction of the information.
-
- Destruction Method:
- The personal information recorded and stored in an electronic file format shall be destroyed through a technical method unable to recover the destroyed records, and the personal information recorded and stored on paper document shall be shredded or incinerated for disposal.
If it is required under other laws and regulations that personal information continue to be retained even after the expiration of the retention period of personal information consented by the user or the attainment of the purpose of processing, such information is retained in a different storage location.
Measures to Ensure the Safety of Personal Information
The Company takes the following measures to ensure the safety of personal information.
-
Administrative Measures
- An internal management plan for the safe management of personal information has been established and implemented.
- Information security training is conducted for personal information handlers at least once a year.
- The Company tightly manages access rights for employees that handle key personal information like unique identification information and other sensitive information.
-
Technical Measures
- Key personal information is encrypted and managed with access rights so that only those necessary for work can access it.
- Unauthorized access is blocked and external intrusions such as hacking is being dealt with by the operation of a server access control system and prevention device for forgery and falsification of access records.
- Unauthorized transmission of personal information to the outside is prevented by installation of security programs.
- Personal information is transmitted safely with encryption of the personal information section of the transmission.
-
Physical Measures
- Access to security areas like the server room and archive rooms are limited and controlled by the access control system.
Matters concerning Purpose of Automatic Collection of Personal Information and its Refusal
The Company uses 'cookies' to store and retrieve user information from time to time to provide personalized service. A cookie is a very small text file that the server uses to operate the website and sends to the user's browser which is then stored on the user's computer hard drive.
-
Purpose of Use of Cookies, etc.
- Used to improve services by identifying the frequency of access or length of stay of users.
-
How to Reject Cookie Settings
- The user may accept all cookies, check each time a cookie is saved or reject saving any cookies by selecting an option on the web browser.
- Rejection method (in case of Internet Explorer browser): Tools at the top of the web browser > Internet Options > Privacy > Advanced > Cookie setting
Personal Information Protection Officer and Customer Service Department
The Company has designated a person in charge of personal information protection as below, with overall responsibility for processing of personal information to handle complaints and damage relief sought by data subjects in relation to personal information processing, etc. Users may make any inquiries about personal information protection, complaint handling, or damage relief that may arise while using the Company's services (or business) through the person in charge and the relevant department, and the Company will respond to and address users' inquiries without delay.
-
Person and Department in charge of personal information protection
- Chief Privacy Officer : Department Leader of Information Security Department
- Department in charge of personal information protection : Security Policy Team
- Contact details : (+82) 02-3773-3340
- E-mail : privacy.es@lgensol.com
-
Customer Inquiry Service Department
- Customer Inquiry Service Department : Brand Team
- Contact details : (+82) 02-3773-1114
- E-mail : brandteam@lgensol.com
Remedies for Infringement of Rights
Users may inquire about damage relief and consultation for personal information infringement with the following organizations. These organizations are independent of the Company to contact if you are not satisfied with the Company's own personal information complaint handling and damage relief outcomes, or if you need more assistance, please inquire with the organizations listed below.
Organization | Personal Information Infringement Report Center |
Affiliation | The Korea Internet & Security Agency (“KISA”) |
Website | privacy.kisa.or.kr |
Contact Number | (without area code) 118 |
Organization | Personal Information Dispute Mediation Committee (“KOPICO”) |
Affiliation | Cyber Crime Investigation Division |
Website | www.kopico.go.kr |
Contact Number | 1833-6972 |
Organization | Cyber Crime Investigation Division |
Affiliation | Supreme Prosecutors Office |
Website | www.spo.go.kr |
Contact Number | (without area code) 1301 |
Organization | Cyber Bureau |
Affiliation | Supreme Prosecutors Office |
Website | cyberbureau.police.go.kr |
Contact Number | (without area code) 182 |
Amendment of Privacy Policy
This Privacy Policy shall take effect as of October 20, 2021.