Privacy Policy

• "Personal Information" means information about a living individual that can identify the person by name, date of birth, etc., including codes, characters, voice, sound, images, and biometric data (including information that can be combined with other information to identify the person).
• The Service highly values the protection of personal information and explains the purposes of collection, use, and protection measures through this Policy.
• This Policy is published on the website (www.hanteonews.com) for users to view at any time.
• In the event of a transfer of all or part of the business, merger, or inheritance, individual notice will be given by mail or email, or notice will be posted on the home page for at least 30 days.

The Service collects and uses personal information for the following purposes. If the purpose changes, prior consent will be obtained.

• Performance of service contracts and payment settlement: content provision, customized service, identity verification, purchase and payment processing
• Member management: identity confirmation, prevention of fraudulent use, age verification, confirmation of legal guardian consent for children under 14, complaint handling, delivery of notices
• Development of new services and use in marketing/advertising: development of new services, event information, customized services, demographic-based services, access frequency analysis, service usage statistics

1. Items of Personal Information Collected

The Service collects only the minimum personal information necessary for membership, consultation, and service provision. Information that may seriously infringe on fundamental rights — such as race, ethnicity, ideology, political views, criminal records, or health status — is not collected.

• • Required: minimum identification information such as mobile phone number and email address (date of birth and unique authentication key are added for real-name authentication)
  • For children under 14: legal guardian's contact and identity verification information (consent of legal guardian required)
• • Optional - device registration for paid services: phone number, carrier, payment approval number, model name, device-unique information
  • Optional - payment information: credit card details, mobile payment information, bank transfer information, membership card number
  • Auto-generated during service use: usage time/records, access logs, password, cookies, IP address, payment records, suspension records
  • Service inquiries: ID, email, contact information
  • Platform information: OS, OS version, device model, browser information

2. Methods of Collection

• Through membership registration (essential information such as phone, ID, email)
• Through identity verification, consultation, event entry, and delivery requests via website, written form, phone, or fax
• Auto-generated during service use or provided by partners
• Information collection tools used during wired/wireless internet service

In accordance with relevant laws, the Service informs users of the purpose of collection, use, third-party provision, and outsourcing of personal information and obtains consent or provides notice through this Policy. Users may consent in one of the following ways:

• Clicking the consent button after reviewing the consent details when registering or modifying paid services via mobile or website
• Signing the "Consent Form for Collection/Use/Outsourcing of Personal Information" attached to the registration/use/change application
• Indicating consent verbally during phone consultations after being informed by the agent

Personal information collected with consent is retained and used only during the service period. It is destroyed immediately upon a request for cancellation. However, the following information is retained for the periods specified below:

• When unpaid charges remain after service termination: until full payment
• During disputes between the Company and users: until resolution
• When the Company has obtained separate consent: until the agreed-upon period

Retention Required by Law

• Records of contracts or withdrawal of subscription: 5 years (Act on Consumer Protection in Electronic Commerce)
• Records of payment and supply of goods: 5 years (Electronic Commerce Act, Framework Act on National Taxes, etc.)
• Records of consumer complaints or dispute resolution: 3 years (Electronic Commerce Act)
• Website visit records: 3 months (Communications Privacy Act)

The Service destroys personal information without delay once the purpose of collection has been achieved, in accordance with the retention and use period.

• Targets of destruction: membership information and customer information whose retention period under law has expired
• Procedure: stored for a certain period under internal policy and relevant laws after the purpose is achieved, then deleted or destroyed
• Methods: paper records are shredded; electronic files are deleted using technical methods that prevent recovery

• For smooth operations, the Service may outsource personal information processing to specialized external companies, who retain the information during the contract period.
• Outsourcing contracts stipulate compliance with privacy laws, confidentiality, prohibition of third-party provision, liability for incidents, and obligations to return or destroy information after processing.
• In principle, the Service does not provide personal information to third parties. When provision is necessary for service quality improvement or events, consent is obtained as required by law. Exceptions apply when government agencies require provision under the law.

• Users may view or correct their registered personal information at any time through "My Information."
• Users may withdraw consent for the collection, use, and provision of personal information through "Member Withdrawal."
• The Service responds in good faith to requests for inspection, certification, or correction by users or legal guardians, and takes prompt action when there are errors or the retention period has expired.
• Legal guardians may withdraw consent for the collection, use, or provision of children's personal information and may request inspection or correction.
• When inspection, certification, or correction requests are restricted because the law specifies the information for collection or storage, the Service notifies the user via email or customer center, including reasons and methods to file an objection.
• For requests by phone or in writing, identity is confirmed through a power of attorney, seal certificate, or copy of an ID card.
• Personal information that has been canceled, deleted, or corrected at the request of the user or legal guardian is processed according to this Policy and is not used for other purposes.

The Company takes protective measures so that children under 14 ("Children") and their legal guardians are not disadvantaged by personal information they provide.

• Consent of the legal guardian is obtained when collecting children's personal information for service registration, or when using or providing it beyond the original consent scope.
• Minimal information such as the legal guardian's name and contact is collected to obtain consent, with explanations easy for children to understand.
• Information collected to verify legal guardian consent is not used or provided for any other purpose.
• Legal guardians may withdraw consent and request inspection or correction of the child's personal information.

The Service uses "cookies" — small text files sent by the web server to the browser — to identify and store user information so that services can be provided without additional input.

• Information collected: ID, IP address, access logs, content viewed, and other service usage data
• Purpose: providing differentiated information, analyzing access frequency and visit time for targeted marketing, and measuring for service improvement
• Refusing cookies: users can adjust the level of cookie collection through their web browser settings

1. Technical Measures

• Protection through firewalls, internal networks, encryption of files and transmitted data, and file lock functions
• Installation and regular updates of antivirus programs on personal information processing systems
• Secure transmission across networks using encryption algorithms
• Operation of intrusion prevention/detection systems and periodic changes of system access privileges

2. Managerial Measures

• Objective certification of major systems and equipment by external specialized organizations (such as ISMS)
• Establishment of access and management procedures and ensuring employee compliance
• Minimization of personal information handlers and management of access rights
• Assignment and periodic renewal of identification codes (IDs) and passwords
• Regular education on new security technologies and personal information protection obligations
• Signing of information protection and confidentiality pledges by new and departing employees
• Access control to data centers and storage rooms

The Service handles user complaints promptly as a principle. Customer service provides quick and accurate responses.

• Service inquiries: +82-2-449-2347
• Email inquiries: news.cs@hanteo.com

For questions related to personal information protection, please contact the following. We will respond promptly and in good faith.

• Privacy Officer: Junhwa Jung, Service Planning Office (Team Lead)
• Privacy Manager: Songee Park, Service Planning Office (Assistant Manager)
• Phone: +82-2-449-2256
• Email: news.cs@hanteo.com

Other Privacy Consultation Agencies

• KISA Personal Information Infringement Report Center: 118 / privacy.kisa.or.kr
• National Police Agency Cyber Bureau: 182 / www.ctrc.go.kr

• When adding, deleting, or modifying the contents of consent for collection and use, the Service announces the reasons and details on the website "Notices" at least 7 days in advance, and at least 30 days in advance for material changes affecting user rights.
• When using personal information beyond the original consent scope or outsourcing to a third party, individual notice is given via mail, email, or phone.
• When entrusting collection, storage, processing, use, provision, management, or destruction of personal information to a third party, this is disclosed via the Service Terms and this Policy.
• For collecting, using, or providing personal information of children under 14, the Service notifies legal guardians by reasonable methods such as phone, fax, mail, or email.

• Users must keep their personal information current to prevent incidents. Users are responsible for incidents caused by inaccurate information.
• Users must protect their ID and password from leakage and refrain from infringing on the personal information of others.

The Service may provide links to other companies' websites or materials. The privacy policies of those sites are independent of the Service's policy, so please check the policy of any newly visited site.