Nabee Recycling (hereinafter referred to as "the Center") values customers' information and strives to manage and protect personal information effectively. The Center complies with the relevant laws and regulations concerning personal information protection, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection. Additionally, the Center has established and adheres to a Personal Information Processing Policy, which is made public so that customers can easily access it at any time. The Personal Information Processing Policy may change due to amendments in relevant laws, guidelines, or internal operational policies. Any changes will be promptly notified.

Personal information refers to information about a living individual that can identify a specific person (including information that may not identify an individual on its own but can easily be combined with other information to do so). The personal information collected by the Center is used for the following purposes.

1. Processing service registration, modification, termination, and handling inquiries related to A/S.

2. Settling service usage fees, processing payments, and verifying identity.

3. Determining eligibility for fee discounts and providing other services.

4. Engaging in various marketing activities, including introducing new products, sending event notifications, customer management, service usage statistics, newsletters, and customer surveys.

5. Delivering goods, sending bills, verifying legal guardians, and keeping records for dispute resolution.

6. Delegating necessary tasks for contract execution, such as service provision, to the Center’s contractors.

The Center collects the minimum personal information necessary for service registration, consultation, and provision. It does not collect information that may significantly infringe on your rights, such as race, ethnicity, ideology, beliefs, political affiliation, criminal records, or health status, unless you explicitly consent to such collection.

1. At the time of registration, the following personal information is collected.- Mandatory: User ID, password, username, company name, email address, business registration number, mobile phone number (or landline number)- Optional: Address, fax number

2. The following information may be generated and collected during service use, event participation, or other business processes.- Service usage records, bank/credit card information, billing and payment details, service suspension records, access logs, cookies, IP addresses, PC information

3. Personal information is collected through the following methods.a. Through membership application forms, internet service sites, telephone, fax, etc.b. Automatically generated information during service use or business processes, collected through tools.

The Center obtains customers' consent for personal information collection. Procedures are provided for customers to click "Agree" or "Disagree" regarding the Personal Information Processing Policy or Terms of Service. Clicking the "Agree" button indicates consent to the collection of personal information.

The retention and usage period for customers' personal information are as follows.

1. The Center retains the personal information for the duration of the service usage (from registration to termination) or the dispute handling period. However, in cases where specific laws require, the information will be retained per the applicable laws.

2. Retention is for six months after service termination to address fee disputes. If disputes persist, the information is retained until resolved.

3. The personal information of terminated customers is retained according to the relevant provisions of the National Tax Basic Act for five years.A. Items to be Retained:
Name, ID, password, phone number, email address, address, department information, legal representative information, service usage records, access logs, access IP information, billing details (amount billed, VAT amount, amount paid, billing date, payment date), payment records, name of the payer, services used, discount amounts and reasons, billing address, etc.B. Retention Period: 5 years

4. Other retention periodsA. Log records and IP addresses necessary for providing communication confirmation data: 3 months (Communication Secret Protection Act)B. Records necessary for providing communication confirmation data, including the date/time of communication, start/end time, phone numbers, and location tracking information of communication devices: 12 months (Communication Secret Protection Act)C. Records regarding display/advertisements: 6 months (Act on the Consumer Protection in Electronic Commerce)D. Records on contracts or withdrawal of subscription: 5 years (Act on the Consumer Protection in Electronic Commerce)E. Records related to payment and supply of goods: 5 years (Act on the Consumer Protection in Electronic Commerce)F. Records on consumer complaints or dispute resolutions: 3 years (Act on the Consumer Protection in Electronic Commerce)G. Records related to the collection, processing, and use of credit information: 3 years (Act on the Use and Protection of Credit Information)

In principle, the center destroys personal information without delay once the purpose of collection and use is achieved. However, if a member has not used the site for one year, the center will notify the member in advance and then manage the information separately before its destruction. The procedures and methods for destruction are as follows.

1. Destruction ProcedureA. In principle, the information provided by the customer is stored for a certain period according to the retention reasons mentioned in Article 5 (Retention and Use Period of Personal Information), internal policies, and relevant laws, after which it is destroyed.B. Information subject to destruction: Personal information of customers whose retention period, usage period, or legal retention period has expired, or personal information of customers who have not used the site for one year and is managed separately.

2. Destruction Methods
A. Personal information stored in electronic files: Deleted using technical methods that prevent recovery.B. Personal information written or printed on paper: Shredded or incinerated.

The center does not use or provide the customer’s personal information beyond the scope notified in the ‘Purpose of Collection and Use of Personal Information’ without the customer’s consent, except in cases required by law. However, personal information can be provided without the customer’s consent in the following cases in accordance with the relevant legal provisions.

1. When it is necessary for settlement of fees related to service provision.

2. When personal information is required for the performance of a contract related to service provision and obtaining regular consent is difficult due to economic or technical reasons.

3. When requested by an investigative agency for investigative purposes according to the relevant laws.

4. When there are special provisions in the relevant laws, personal information may be provided following the legally prescribed procedure.

The center outsources personal information processing tasks, such as membership registration, service usage contracts, A/S provision, and other ancillary tasks for customer convenience and management.

1. Due to the nature of the service, the center does not enter into contracts with minors under the age of 14, nor does it collect personal information from children under the age of 14.

2. Customers can view and request correction of their personal information or the status of its provision to third parties at any time, and the center will take necessary measures without delay. If a correction request is made, the center will not use the information until the correction is completed. If incorrect personal information has already been provided to third parties, the center will promptly notify them of the correction so that it is implemented. Customers can view and correct their personal information by entering their ID and password on the service site (www.kinx.net) and selecting the [User Information] menu. Depending on the type of service, there may be a separate form for modification requests, which can be submitted via fax.

3. Customers can withdraw their consent to the collection, use, and provision of personal information at any time, in accordance with Form 8 of the Enforcement Rule of the Personal Information Protection Act, by submitting a written or electronic mail request. After verifying the customer's identity, the center will take prompt action.

The center operates 'Cookies', which are small text files that store information necessary for the operation of the service website on customers' web browsers. Customers can choose whether to allow the collection of information through cookies by adjusting the security settings in their web browser.

1. Information Collected by Cookies and Purpose of Use

2. Customer's Choice Regarding Cookie Installationa. Customers can adjust the level of information collection through cookies by selecting [Tools] -> [Internet Options] -> [Security] -> [Custom Level] in their web browser.b. Customers can choose to be notified every time a cookie is stored or refuse all cookies. However, rejecting cookies may make it difficult to provide the service.

The center has established the following technical and managerial measures to ensure the security of customers' personal information and prevent its loss, theft, leakage, alteration, or damage.

1. Technical Protection MeasuresA. Personal information is protected by passwords, and important data is encrypted or locked to protect it.B. The system is installed in a zone where access is controlled to prevent unauthorized external access.

2. Managerial Protection MeasuresA. The center limits the number of people who can process personal information, manages access rights, and ensures compliance with regulations and policies through education. The people who can process personal information are:
. Those who perform marketing tasks that directly or indirectly interact with customers.. Personal information management personnel responsible for personal information protection.. Others who inevitably handle personal information in their duties.B. New employees are required to sign a confidentiality agreement to prevent internal information leakage.C. The handover of duties involving personal information is strictly controlled under secure conditions, and responsibility for personal information incidents is clearly defined for both entry and exit from the company.D. The center designates computer rooms and data storage rooms as control zones and restricts access.E. When collecting or providing payment information such as bank account details or credit card numbers, the center verifies the customer's identity before proceeding.F. The center is not responsible for incidents caused by the customer's personal mistake or the inherent risks of the internet. Customers are responsible for managing their own IDs and passwords to protect their personal information.G. If any personal information is lost, leaked, altered, or damaged due to internal or technical errors, the center will notify the customer immediately and take appropriate action.

Customers can send their opinions or complaints regarding personal information protection to the person in charge via email, and the center will respond promptly.

1. Personal Information Protection OfficerA. Person in Charge: Hyungchul ParkB. Contact: 010-6299-6979C. Email: nabeerecycling@gmail.com

2. For inquiries or reports on personal information infringement, contact the following organizations.A. Cyber Bureau of the National Police Agency: Website http://cyberbureau.police.go.kr / Phone: 182 (no area code)B. Cyber Investigation Division, Supreme Prosecutors' Office: Website http://www.spo.go.kr / Phone: 1301 (no area code)C. Personal Information Dispute Mediation Committee: Website http://www.kopico.go.kr / Phone: 1833-6972

If there are any additions, deletions, or modifications to the personal information processing policy, it will be notified through the ‘Notices’ section of the service site seven days before the changes take effect.

Article 1 (Effective Date)① This personal information processing policy is effective from January 1, 2020.
② This personal information processing policy was revised on January 1, 2021.
③ This personal information processing policy was revised on June 30, 2023.