Privacy Policy

STX Aero Service (hereinafter, "the Company") regards the security of user's personal information to be
An extremely important matter, and abides the
'Information and Communication Network Utilization and Information Protection Act' and 'Privacy Act'

The Company will inform users of how and in what manner the provided personal information is used in compliance with its privacy policy, and what actions are being taken by the Company for the protection of personal information. In the case that the Company revises its privacy policy, any revisions will be posted on our website notice (or individual notification).

The following Privacy Policy is applied to this website (www.stxaeroservice.com).

01 Privacy Policy

The company collects the following personal information for membership sign-up, consultation, service requests, etc.

• Items to be collected : Name, home telephone number, mobile phone number, email address
• How to collect personal information: Webpage (Customer Inquiry, Ethical Management)

02 Purpose of the collection and use of personal information

The company uses the collected personal information for the following purposes.

• Membership Management : User identification according to the use of membership services, confirmation of the intention for membership sign-up, customer service handling complaints, delivery of notification, age check, confirmation of agreement of a legal representative regarding the collection of information from children aged under 14인
• Services Provided : Use of various content provided to only those members whose personal information has been collected through inquiry as well as entry for a competition
• Used for Marketing and Advertising : Delivery of information on competitions and advertising information / Delivery of goods when winning a competition
• Development and specialization of new services / Provision and publication of services according to demographic characteristics
• Examination of connection frequency / Statistics about the use of services by members

03 Sharing and Supply of Personal Information Collected

The Company will not provide outsiders with users’ information in principle, with the exception of the following cases:

• If the user agrees in advance.
• If it is significantly difficult to receive a normal agreement due to economical and technical reasons on the personal information required for the implementation of the contract regarding the provision of services.
• If there is sufficient evidence that the customer information should be disclosed in order to take legal action, as it could cause mental and physical harm to others.
• In the case of a users’ minimum information (name, address, telephone no.) required for business regarding customer service
• If law enforcement agencies demand for the purpose of investigation, in accordance with regulations, the procedures and methods.

04 Privacy Consignment

For the implementation of the Company’s services, privacy management is entrusted to a professional company as follows :

• Consignee : Forcetec Co., Ltd.
• Description of Consigned Services : Consigning the system operation for providing services and collecting personal information. In this case, however, the authority is entrusted to the trusted party to collect personal information only for those who sign up and agree through the site where the trustee operates.

05 Privacy Consignment

The Company will be entitled to possess and use the users’ personal information only during the period of providing services after signing up for membership.If any member requests withdrawal from membership or their consent regarding the collection and use of personal information, the relevant personal information will be destroyed without delay, when the purpose of the collection and use is achieved and terminated.

However, the personal information on the application stored in the company’s talent pool will be used for recruitment at all times. If any individual wants to delete the personal information of job applicants, the relevant information will be deleted immediately.

• Shelf life : Up to 12 months from the date of acquisition
• Destruction deadline : Twice per year.

06 Procedures and Methods of Destructing Personal Information

In principle, the Company will destruct the relevant information without delay after it has achieved the purpose of the collection and use of personal information. Destruction procedures and methods are as follows :

Procedures of Destruction The information that members have entered for registration will be moved to a separate DB (a separate filing cabinet in case of paperwork) after achieving its purpose, and will be destructed according to internal policy and other relevant laws and regulations in accordance with privacy reasons (see period of possession and use) after a given period of time saved.

Methods of Destruction

• Personal information stored in electronic files will be deleted, using technical means of no reproducible records.
• Personal information printed on paper will be destroyed using a shredder or incineration.

07 Rights and Exercises of Users and Legal Representatives

Users and their legal representatives can view their own registered personal information of or that of their children under the age of 14 at any time, and modify or request for unsubscribing of their memberships.

For queries or changes of the personal information of users or children under the age of 14, their direct access, correction or withdrawal is possible after a personal identification procedure by clicking on ‘Update Profile’ (or ‘Edit Profile’, etc.) for modification or ‘Delete My Account’ for revocation (withdrawal of consent). Alternatively, please contact the Privacy Officer by writing, phone or e-mail, and they will take the necessary steps without delay.

When a user requests a correction due to an error, their personal information is not available or provided until the correction is completed. In addition, when the wrong personal information has already been provided to third parties, the results of the correction process will be notified to the third parties without delay so that the correction can be made.

The Company ensures that any canceled or deleted personal information at the request of a user or their legal representatives may not be read or used for any purpose other than as specified in “the Company’s retention and use period of personal information collected” section.

08 Installation and Operation of Automatic Collection System of Personal Information and Related Matters about Refusal

The Company is not operating any system that automatically generates collection of personal information on the use of cookies, etc. When using such internet services as cookies, etc., the purpose of use, installation / operation, refusal, etc., are required to be specified. Procedures of Destruction

09 Publication of Personal Information and Measure

If any customer exposes another person’s personal information, the published relevant information will be deleted without notice.

10 Technical and Managerial Safeguards of Personal Information

The Company takes the following technical and managerial measures to prevent the loss due to theft, leakage, alteration or damage to personal information in handling the users’ privacy :

Password Encryption When a user signs up (job application), the password is encrypted, stored and managed. You are the only one who knows it and can confirm or change personal information.

Countermeasures against Hacking, etc. The data is backed up from time to time in preparation for the destruction of personal information, and leakage or damage of personal information or material is prevented by using the latest anti-virus software, users’ important personal information (such as social security numbers) is encrypted and stored, and transmitting personal information is secured through encrypted communication over the network. In addition, unauthorized access is controlled by using a firewall, and efforts are made to equip all available technical devices to ensure security.

Minimum Personnel Handling Privacy and Education Privacy handling on the part of the Company is limited only to the personnel in charge. A separate password is given and regularly updated. The regular and occasional training of personnel is performed. In particular, the applicant’s personal information is highlighted.

Privacy Department in Operation The privacy department checks the in-house implementation of the Company’s privacy policy and compliance of its personnel in charge. If any problem found, it will work to fix it immediately. However, the Company is not responsible for any consequences caused from leakage of such personal information as passwords, social security numbers, etc., due to the user’s carelessness or internet problems.

11 Privacy Officer's Contact

To protect the privacy of our customers regarding privacy complaints and to handle complaints, the Company appoints a Privacy Officer and Department as follows :

Privacy Department

• Name : Park, Dong-Moon
• Department : Management Support Team
• Contact : +82-32-710-2664
• e-mail : imandypark@onestx.com

You can report any privacy complaints that occur during your use of the Company’s services to the Privacy Officer or Privacy Department. The Company will be happy to answer quickly enough to meet your reports.

If any other reports of privacy violations are required or you need any advice, please contact the following organizations :

• Privacy Dispute Mediation Committee (www.1336.or.kr /1336)
• Privacy e-Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
• Prosecutor's Office Internet Crime Investigation Center (http://icic.sppo.go.kr / 02-3480-3600)
• Cyber Terror Response Center (www.ctrc.go.kr / 02-392-0330)

12 Notice of Obligation

This privacy policy is effective as of January 2, 2013. If any addition, deletion or modification is required due to changes in laws and regulations and policy or information security technology, it will be notified on our website seven days prior to the effective date of implementation of the change.

Private policy version number : STX_140601_1.0

Privacy policy effective date : June 1, 2014