Main Menu

HOME > Personal Information Processing Policy

Personal Information Processing Policy

Lotte Aluminum Co., Ltd (‘the company’ from hereafter), cares about customers’ personal information and complies with the relevant laws and regulations regarding “Promotion of Information and Communication Network Use and Protection of Information". In compliance with personal information processing policy, the company informs the customers about how and for what purpose the personal information provided are being used and also about what measures are being taken to protect their personal information. If the company is to amend personal information processing policy, it will be announced on the website (or individually notified). This policy will be effective from Jun 20, 2016.

Article 1. Items of personal information collected and Method of collecting them.

[Complaint Reporting Service]
- Required Fields: User’s name, company name, email address, contact information, report type, name of the person being reported, concerned department, contents of the report.
- Optional Fields: contact information, position
[Application Service]
- name, date of birth, phone number, cellphone number, email address, address, education information, military service information, certificates, foreign language scores, experience, religion, hobby, skills, height, weight, personal statement
- Record of using service, access log, cookie, access IP information

Article 2. Collection of Personal Information and Purpose of Use

The company uses the collected personal information for the following purposes.

[Complaint Reporting Service]
Personal information are used for personal verification, personal identification, prevention of illegal and unauthorized use when accessing to complaint reporting service and for processing complaints and delivering notifications.
[Application Service]
Personal information are used for processing applications, receiving and correcting application forms, checking results, communication with applicants, checking qualification (experience, education, certificates, etc.), managing other application procedures, and resolving conflicts regarding hiring process.

Article 3. Retention Period of Personal Information

[Complaint Reporting Service]
By principle, the personal information collected is destroyed without delay once the purpose of use is met. However, when it is necessary to keep them in accordance with the relevant regulations, the company keeps customers information for a specific period of time as specified by relavant regulations as follows.
Kept Items: personal information submitted at the time of inquiry registration and contents of the consultation Reason for Keeping: Record on processing complaints or conflicts
Keeping Period: 3 years
Record on contract or cancellation of contract: 5 years (laws regarding customer protection on e-commerce)
Record on payments and supply of goods: 5 years (laws regarding customer protection on e-commerce)
Record on processing complaints or conflicts: 3 years (laws regarding customer protection on e-commerce)
[Application Service]
Management of Application Forms: Until 5 years after the completion of application (However, when the following conditions occur, until the concerned conditions end.)
If investigation of the violation of relevant laws is underway, until concerned investigation ends.
If applicants wish their personal information to be deleted, delete their data without delay.

Article 4. Destruction of Personal Information and Destruction Method.

By principle, the personal information collected is destroyed without delay once the purpose of use is met. The procedure and method of destruction are as follows.

[Destruction Procedure]
Information put in for using services are transferred to separate DB after achieving that purpose (separate filing cabinet) and kept for specific period of time in compliance with internal regulations and relevant laws on information protection (refer to keeping and using period) and then destroyed.
The personal information transferred to separate DB are not used for other purpose unless owing to laws.
[Destruction Method]
- Printed Personal Information : shredded or incinerated
- Personal Information saved as electronic files: permanently deleted with technology to not be able to be replayed.

Article5. Providing and Sharing Personal Information

The company use customers’ personal information only within the range specified in ‘collected items and colleting method of personal information’ and ‘use of personal information’ unless with customers’ permission or owing to relavant regulations. The company does not overuse or provide the information to others or other companies/organizations.

In case of providing or sharing customers information through partnership, the company asks for permission after notifying the customers individually by email or post about who will be receiving or sharing their information, which items will be provided or shared, and the purpose of provision or sharing

According to relevant laws and regulations, provision of information without customers’ consent is possible in the following cases.

  • - When needed for drawing statistics, academic research, or market research, information can be provided after being processed so that specific individuals are not recognized.
  • - Upon the request of investigative agencies for the purpose of investigation or on the ground of laws and regulations, in accordance with stipulated procedure and method.

The company can provide information collected in the course of registering to Corporate Ethics Consultation Service to Lotte affiliates in order to transfer complaints and notification.

Providing and Sharing Personal Information
Affiliates Items Provided Purpose of Provision Using/Keeping Period
Every Lotte Affiliates Name, Contact Info, Email, Company, Department, Position Consultation with Corporate Ethical Consultation Service 3 years
LOTTE Data Communication Co. Record of using service, access log, cookie, access IP information Site Management 6 months

Article 6. Entrustment of Collected Personal Information

For service implementation, the company is outsourcing the data to manage them as follows. We are regulating in contract with outsourcing company that the data are safely managed in compliance with related laws.

Entrustment of Collected Personal Information
Entrusted Company Entrusted Items Purpose of Entrustment
LOTTE Data Communication Co. Complaint Reporting Service, Application Service Operation of Computerized System

When making an outsourcing contract, we are clearly regulating the outsourcer to obey orders regarding protection of personal information and to take responsibility in case of accident and keep the contract in paper and electronically. When the outsourcer is changed, notify the replaced outsourcer company name in the Personal Information Processing Policy section of the website.

The company will conduct appropriate inspection within the range of outsourced tasks to make sure the entrusted company is honestly following the stipulated regulations to safely manage the entrusted information.

Article 7. Correction and Deletion of Personal Information and Cancellation of Permission

To check, change, delete users’ personal information, contact the person in charge of personal information management via post, phone, or email.

If a customer has put in a request for correction of his/her personal information, the company does not use or provide the personal information until the correction is completed. Also, when false information has already been provided to a third party, we will notify the third party without delay to correct the information.

Article 8. Management and Use of Cookie

The company manages cookie that regularly saves and finds customer information. A cookie is a very small text file sent by server that is used for operating website to the user’s browser and saved in your computer’s hard disc. The company uses the cookie for the following purposes.

[Purpose of Using Cookies]
- To provide target marketing and customized service by analyzing access frequency, visiting time, user’s taste and interests, tracing tracks, and number of visits.
Customers have various options of installing cookies. Accordingly, customers can allow all cookies, or go through confirmation every time a cookie is saved, or reject saving all cookies by setting options.
[How to reject installation of cookies]
Example: You can allow all cookies, or go through confirmation every time a cookie is saved, or reject saving all cookies by setting options of the web browser you are using.
Installation Example (Interment Explorer) : Tools > Internet Option > Personal Information But, service provision might be limited when cookie installation is rejected.

Article 9. Technical/Institutional Management for Personal Information Protection

The company is taking technical/institutional and physical measures needed for securing security as follows in accordance with article 29 of Personal Information Protection Law.

  • - Technical Measures: encryption of personal information, installation of access contrail system. Installation and use of security program
  • - Institutional Measures: Minimization of number of staffs dealing with personal information and education/training, regular self-inspection, establishment and implement of internal controls.
  • - Physical Measures: Access control to document saving place with locks, access control of unauthorized people.

Article 10. Person(s) in Charge of Personal Information Management

The company is designating person(s) in charge of personal information management and related department as follows in order to protect customers personal information and handle personal information-related complaints.

Chief Managing Director of Information Protection
Person in Charge: Executive Lee, Kyoung-Don
Contact : 02-801-8002,
Managing Director of Information Protection Management
Person in Charge: Executive Jang, Dong-Won
Contact : 02-801-8003,
Managing Director of Personal Information Management
Person in Charge: Head of the Project, Kim, Tae-Ryong
Contact : 02-801-8100,

You can report every personal information-related complaint arouse while using our company’s service to the person in charge of personal information management or to the department. The company will promptly and thoroughly reply to customers’ complaints.

Should you need to make report or consultation regarding other personal information infringements, contact the following agencies.

  • 1. Personal Information Dispute Mediation Committee(
  • 2. Information Protection privacy Mark Authentication Committee (
  • 3. Forensic Science Planning Office & High-Tech Crime Investigation Division at Supreme Prosecutor’s Office
  • 4. Cyber Terror Response Center at the National Police Agency (