According to the Article 30 of Personal Information Protection Act, Ethics Hotline hereby states our personal data processing policy, including the purpose for and method of personal data processing and the measures for data protection.
Article 1. Types of personal data to be collected and purpose of collection
Ethics Hotline shall collect personal data only to the least required extent to provide the related services
-
(1) Types of personal data to be collected
- ① Real name report: name, e-mail address, telephone (cell phone) number,report details (title of the report,
- report type, content of the report, relationship with the target company),
- report confirmation ID, password, and IP address
- ② Anonymous report: e-mail address (when provided), report details (title of the report, report type,
- content of the report, relationship with the target company), report confirmation ID,
- password, and IP address (In the case of an anonymous report,
- we do not utilize the IP address or any other information to identify the informant)
- (2) Purpose of providing personal information: to process the collected reports, verify the report information if necessary,
- confirm the receipt of the report, provide reward for reporting,
- and implement necessary follow-up measures including responding
- to related issues
Article 2. Period of retention and use of personal data
Personal information collected via LG Ethics Hotline system is to be kept in principle for 10 years after the closing of the case for the report. However, even after this period, if there is a need to retain the information separately for purposes such as providing reward for reporting, implementing follow-up measures, or addressing any outstanding issues, it will be kept until the relevant purpose is fulfilled.
Article 3. Consignment and provision of personal data to a third party
Ethics Hotline shall use collected personal data only to the extent stated in “Purpose of collection;” and if required for properly handling the case, with data subject’s consent, the data can be provided to a third party as follows:
-
(1) Provision of personal data to a third party
-
① Recipients: LG affiliates related to the contents of the report
- * LG Group companies: LG Corp(holding company), LG Electronics, Hi-plaza, Hi-msolutek, Hi-caresolution,
- LG MAGNA, LG Display, LG Innotek, LG Chem, LG ENERGY SOLUTION, Coca Cola Korea,
- LG Household & Skincare, HAI TAI HTB, HANKOOK BEVERAGE, TAI GUK PHARM,
- Balkeunnuri, FarmHannong, LG Uplus, LG HelloVision, LG CNS, Biztech i, Biztech On,
- Open Source Consulting, HANG BOK MARU, Rightbrain, D&O, HSAD, LG Sports,
- LG Management Development Institute, LG Economic Research Institute,
- LG Academy, LG AI
-
② Personal data to be provided
- (A) Real name report: name, e-mail address, telephone (cell phone) number, report details (title of the report, report type, content of the report, relationship with the target company)
- (B) Anonymous report: e-mail address (when provided), report details (title of the report, report type, content of the report, relationship with the target company)
- ③ Period of retention and use: same as Article 2. Period of retention and use of personal data
- ④ Purpose of providing personal information: to process the collected reports, verify the report information if necessary, confirm the receipt of the report, provide reward for reporting, and implement necessary follow-up measures including responding to related issues
-
① Recipients: LG affiliates related to the contents of the report
Article 4. Rights and obligations of the data subject and how to exercise the rights
-
(1) Data subject shall have the right to obtain from Ethics Hotline the followings:
- ① access to the personal data
- ② rectification of inaccurate personal data
- ③ erasure
- ④ and restriction of processing.
- (2) Data subject can exercise the rights provided for in Paragraph (1) by mail, phone, e-mail, and/or fax; upon receiving such requests, LG shall take necessary measures without undue delay
- (3) Upon receiving request for rectification or erasure of personal data from data subject, LG shall neither use nor provide the personal data unless the rectification or erasure is completed.
- (4) Data subjects can exercise the rights provided for in Paragraph (1) through their legal representative, agent, or proxy. In such cases, data subjects shall submit a proxy form according to Appendix 11 of Enforcement Decree of the Personal Information Protection Act.
- (5) Data subject shall not violate relevant laws and regulations to breach personal data or infringe privacy of others or himself/herself that is being processed by LG.
Article 5. Technical and organizational measures to protect personal data
Ethics Hotline shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risks of accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data, including the followings:
-
(1) Technical measures
Data of the persons who made report to Ethics Hotline shall be properly encrypted, and all necessary measures are taken to protect such data from leakage or destruction. To ensure safe processing and transfer of personal data, data protection tools (e.g. SSL) using secure encryption algorithms are applied to our network.
-
(2) Physical measures
Intrusion prevention system is applied to prevent unauthorized access, and other technical measures are taken to ensure stability of system.
-
(3) Number of data controllers and their training
Data controllers of Ethics Hotline shall be limited to those who are directly responsible for handling personal data. Data controllers shall use secure passwords to access to Ethics Hotline and shall receive regular trainings to boost understanding of personal data protection.
Article 6. Deletion of personal data
Ethics Hotline shall dispose of personal data without undue delay when the retention period is expired or the purpose of collection is fulfilled and therefore further retention is not required.
-
(1) Procedure of personal data deletion
Deletion of personal data, upon having the causes for deletion, shall be done under the supervision of the data protection officer.
-
(2) Method of personal data deletion
For all the personal data processed by LG is stored in electronic file form, technical measures shall be implemented to ensure permanent and unrecoverable deletion of the personal data.
Article 7. Revisions of the privacy policy
- (1) This policy shall become effective on March 8, 2024.
-
(2) Below you can find the former version of the privacy policy:
- From November 1, 2014 to June 21, 2023 (click here)
- From June 22, 2023 to July 21, 2023 (click here)
Article 8. Personal information protection officer and requests for access to personal information
- (1) LG Ethics Hotline designates a person responsible for personal information protection for ensuring the security of personal information and addressing any complaints or damages experienced by individuals regarding their personal information.
- (2) According to Article 35 of the Personal Information Protection Act, data subjects have the right to request access to their personal information to the following department. LG Ethics Hotline will endeavor to promptly process requests for access to personal information of data subjects.
-
‣ Personal information protection supervisor/manager
- Department: LG Business Research /IT Infrastructure team
- Name: Soo-il, Jung
- Job title: Team leader
- Contact: (02)3777-0497
- (3) The data subject can contact the person and the department in charge of personal information protection regarding all matters related to personal information inquiries and complaints, and remedies for privacy infringement that may have occurred while using LG Ethics Hotline. LG Ethics Hotline will promptly respond to and process inquiries from data subjects without delay.
Article 9. Remedies for violation of rights and interests
- (1) LG Ethics Hotline ensures the right to informational self-determination of data subjects and is dedicated to offering consultation and assistance for any personal information infringements or damages. If you need to report or seek consultation, please contact the department below.
-
‣ Department in charge of grievances management
- Department: LG Business Research /IT Infrastructure team
- Name: Soo-il, Jung
- Job title: Team leader
- Contact: (02)3777-0497
-
(2) The data subject may file a petition for settlement of a dispute, consultation, etc. with the Personal Information Dispute Mediation Committee or the Personal Information Infringement Report Center of Korea Internet & Security Agency to seek remedies for the breach of privacy. In addition, you may contact any of the following agencies to report or receive counselling on the breach of privacy
- ① Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
- ② Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
- ③ Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr)
- ④ National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)
- (3) Any person whose rights or interests are violated by any disposition or inaction of the head of a public agency with regard to a request made under the provisions of Article 35, 36 or 37 of the Personal Information Protection Act, may file a petition for an administrative hearing in accordance with the Administrative Appeals Act.
‣ Central Administrative Appeals Commission: (without area code) 110 (www.simpan.go.kr)