LINE Plus Corporation’s Privacy Policy (Ver. 1.5)

LINE Plus Corporation (hereinafter referred to as the "Company,” which includes https://www.linepluscorp.com/ and https://careers.linecorp.com/), complies with the relevant legal regulations related to the protection of personal information, including the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Telecommunications Secrecy Protection Act, the Telecommunications Business Act, and other applicable laws. The Company has established a Privacy policy in accordance with these laws to ensure the protection of the rights and interests of data subjects including the following :

1. Purpose and the Type of Personal Information Collected

Firstly, the Company collects the following personal information for the purpose of job application, recruitment process, application modification, verification of qualifications, notification of application results, responding to inquiries related to job applications, ensuring smooth communication with job applicants, ongoing job offers, and confirmation of employment protection eligibility.
- Mandatory Information: Name, password for application modification, email address, phone number (both mobile and landline), date of birth, gender, nationality, educational background (school name, enrollment/graduation date, major, minor, GPA, graduation classification), employment history (company name, department, job duties, employment period, employment type), military service information, and veteran status (including veteran ID if applicable), disability information
- Optional Information: Employment history (for fresh graduates), qualifications, awards, language skills, portfolio
- Others: Information related to external referrals, reference check information (applicable to those concerned).

Furthermore, depending on the applicant's country, additional information may be collected in accordance with that country's specific requirements.

Secondly, during the process of using services or conducting business operations, the following information may be automatically generated and collected.
- Information such as the type of browser and operating system used by the data subject, browsing history (IP address, access time), and cookies
- Additionally, during the reception and response process for job applications and partnership proposals, contact information such as email addresses and phone numbers (both mobile and landline) may be collected as identification information based on the method of contact.

The Company collects personal information through user input on the website, and in some cases, information may also be collected in the form of printed documents or via email.
2. Third-Party Provision of Personal Information

The Company uses personal information within the scope notified in "1. Purpose and the type of Personal Information collected" and does not exceed this scope or generally disclose the personal information of data subjects to external parties without the data subject's prior consent. However, exceptions apply in the following cases:
- When the data subject has given separate consent.
- When there is a specific provision in the law or it is necessary to comply with legal obligations.
- When it is deemed necessary for the urgent interests of the life, body, or property of the data subject or a third party.
- When it is urgently necessary for public hygiene, public safety, etc.

The Company allows access to job application details to companies with a special relationship with the Company (subsidiaries, affiliated companies, overseas corporations, etc.) in order to provide ongoing job offers to job applicants. The details are as follows :
Recipients of Personal Information Purposes of Personal Information Use by Recipients Personal Information Items Provided

Retention and Use Period of              Personal Information by Recipients

LINE BIZ PLUS Corporation, LINE Financial Corporation, LINE STUDIO Corporation, IPX Corporation, LINE Investment Technologies Corporation, LINE NEXT Corporation, LINE PLAY Corporation, ,LINE PAY PLUS Corporation, LY Corporation,LINE FRIENDS INC., LINE Bank Taiwan Limited, LINE Company (Thailand) Limited, LINE Man (THAILAND) Company Limited,RABBIT-LINE PAY COMPANY LIMITED,LINE Friends Taiwan Limited, LINE Pay Taiwan Limited,Ltd, LINE Taiwan Limited, PT. LINE PLUS INDONESIA, LINE NEXT Inc., LINE Man Corporation PTE. LTD, LINE VIETNAM COMPANY LIMITED Ongoing job offers, management of the recruitment process, ensuring smooth communication with applicants, personnel management All application details 5 years

3. Entrustment of Personal Information Processing

The Company outsources the processing of personal information as follows to enhance services and ensure smooth business operations. Necessary provisions are made in accordance with relevant laws and regulations to ensure the secure management of personal information in outsourcing contracts.

The Company entrusts the processing of personal information to subcontractors (including cases of re-subcontracting), and the details of the entrusted tasks are as follows.
Trustees Content of business entrusted Retention and use period of Personal Information
NAVER CLOUD Corporation Website development and maintenance, system operation for service provision Until the completion of the task's purpose or termination of the entrustment contract
Reference Check Korea Inc., WECRUIT Reference checks (limited to relevant individuals)
Grepp Coding test
Assesta HRC Personality assessments

4. Overseas Transfer of Personal Information

The Company transfers personal information overseas to third-party companies for outsourcing and the details of the third-party companies and the outsourced tasks are as follows:

Trustees Personal Information Manager and contact information Purpose of handling personal information outside the country Relevant personal information items The country where personal information is handled When to move personal information out of the country and how Period for using personal information
Avature privacyofficer@avature.net Proceeding with recruitment procedure; personnel management, etc., as determined by LINE Plus. Job application-related details including resume, as determined by LINE Plus Data is stored in Japan. In order to perform technical support or professional services, data may be accessed from Australia, the United States, Europe and Argentina (and other approved countries under Article 45, GDPR). Transmission through network at the time of submittal of job application. Access may also be required at the time of performance of technical support or professional services. 5 years

5. Personal Information Processing and the Retention Period

Personal information is processed and the retained period for which consent was obtained from the data subject for the collection of personal information, and it is generally disposed of without delay once the purpose of processing personal information is achieved.

However, the personal information of job applicants is retained in the Company's talent pool for a period of 5 years, and if recruitment is needed, it is used for ongoing recruitment from that talent pool. If a request for the deletion of personal information is made by a job applicant, the information in question will be promptly deleted.

6. Procedure and Method for Personal Information Destruction

The personal information of data subjects is generally destroyed without delay once the purpose of processing personal information is achieved. The Company's personal information destruction procedure and method are as follows.

A. Destruction Procedure
- Information provided by data subjects is transferred to a separate database (or separate document storage if using paper) after the purpose is achieved and is retained for a certain period as required by internal policies and other relevant laws and regulations (refer to "4. Personal Information Processing and Retention Period"). It is then destroyed.
- This personal information will not be used for any purpose other than retention unless required by law.

B. Destruction Method
- Personal information printed on paper is destroyed using a shredder or incinerated.
- Personal information stored in electronic file format is deleted using technical methods that make the data irrecoverable.
- In cases where the above methods are significantly difficult due to technical characteristics, the information is processed into anonymous data to ensure irrecoverable deletion.

7. Rights and Obligations of Data Subjects and their Exercise Methods

Data subjects have the right to access, modify, delete, or request the suspension of their registered personal information at any time. If you wish to delete or suspend your personal information, please contact the Data Protection Officer in writing, by phone, or via email, and we will promptly take appropriate action.

8. Measures to Ensure the Security of Personal Information

The Company is implementing the following technical and administrative measures to ensure the security of personal information in the processing of personal information of data subjects, in order to prevent its loss, theft, leakage, alteration, or damage.

A. Password Encryption
The passwords set by job applicants are encrypted and stored securely, known only to the individuals themselves. Confirmation and modification of personal information can only be done by the individual who knows the password.

B. Measures to Counter Hacking and Similar Threats
The Company strives to prevent the leakage or damage of personal information of data subjects due to hacking or computer viruses, among other threats. Data is regularly backed up to prepare for data loss, and up-to-date antivirus programs are used to prevent the leakage or damage of personal information. Encryption communication is used to securely transmit personal information over networks. Intrusion prevention systems are employed to control unauthorized access from external sources. Additionally, all possible technical measures are taken to ensure system security.

C. Minimization and Training of Personal Information Processing Personnel
The Company restricts access to personnel responsible for handling personal information and provides them with separate passwords that are regularly updated. Furthermore, the Company conducts periodic training for these personnel and emphasizes the protection of the personal information of job applicants.

D. Operation of a Personal Information Protection Team
The Company operates a personal information protection team within the organization to monitor compliance with the Company's Privacy Policy and to promptly correct any issues found. However, the Company is not responsible for damages that do not result from the Company's negligence or occur in areas not managed by the Company, even if the Company has fulfilled its obligation to protect personal information.

9. Installation, Operation, and Refusal of Automatical Personal Information Collecting Devices

The Company uses “cookies” to provide web services. Cookies are used in operating websites and are small pieces of information sent by the server and stored on the user's computer browser's hard drive.

A. Purpose of Using Cookies
Cookies are used to track information such as the visit and usage patterns of users on visited web pages, as well as their security access status.

B. Installation, Operation, and Refusal of Cookies
The storage of cookies can be rejected through the option settings in the Tools > Internet Options > Privacy menu of the web browser.

If cookie storage is rejected, there is a possibility that the convenience and functionality of all or some features of the webpage may be restricted.

10. Chief Privacy Officer's Contact Information

A data subject may file complaints about personal information protection to our Chief Privacy Officer stated in the following table and he will handle them promptly and faithfully.

Chief Privacy Officer

Name: Geunsu Byeon
Affiliation: Security Policy&Privacy
Position: CPO
Phone: 1544-9430
Email: privacy_kr@linecorp.com

Data subjects can apply for dispute resolution, counseling, and other services related to personal information infringements through the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency, and the Personal Information Infringement Report Center to seek remedies for personal information infringements. For other reports and consultations related to personal information infringements, please contact the following organizations.

Personal Information Dispute Mediation Committee: (www.kopico.go.kr / 1833-6972 without area code)
Personal Information Infringement Report Center: (privacy.kisa.or.kr / 118 without area code)
Cyber Investigation Department of the Supreme Prosecutors' Office: (www.spo.go.kr / 1301 without area code)
Cyber Safety Bureau of the Korean National Police Agency: (cyberbureau.police.go.kr / 182 without area code)

11. Other 

This "Privacy Policy" does not apply to the actions of websites linked to this website that collect personal information.

12. Privacy Policy Alternation History

In the event of any additions, deletions, or modifications to the current privacy policy, notice will be provided through a "separate window" on our website at least 7 days prior to the revision. However, if there are significant changes that impact the rights of the data subject, such as the collection and utilization of personal information or third-party disclosures, notification will be made at least 30 days in advance.

Public notice posted on: Sept. 2, 2023
To enter into force on: Oct. 1, 2023