Privacy Policy
Effective date: April 17, 2026
AT HVAC-R Co., Ltd. ("the Company") publishes this Privacy Policy pursuant to Article 30 of the Personal Information Protection Act of the Republic of Korea, to safeguard personal information of data subjects and to promptly and smoothly handle related complaints.
1. Purpose of Processing
The Company processes personal information for the following purposes and will not use it for any other purpose. If the purpose changes, separate consent will be obtained. a. Responding to technical inquiries and project consultations b. Receiving and replying to estimate requests c. Reviewing and responding to partnership and supply proposals
2. Items Processed
The Company processes the following items collected through the inquiry form. - Required: company name, contact person, email, inquiry content - Automatically collected: IP address, User-Agent, access timestamps
3. Retention Period
The Company retains and uses personal information within the period consented to by the data subject or stipulated by law. - Inquiry receipt and response: 3 years from the date of collection - Longer periods apply only when separately required by law.
4. Third-Party Disclosure
The Company processes personal information strictly within the scope of Section 1 and does not provide it to third parties without the prior consent of the data subject.
5. Entrusted Processing
The Company entrusts personal information processing as follows: - Entrustee: Google LLC (Firebase Authentication, Firestore) - Scope: member authentication, inquiry data storage and management - Hosting region: Google Cloud asia-northeast3 (Seoul, Republic of Korea) - Retention: until termination of service or the entrustment agreement
6. Rights of Data Subjects
Data subjects may exercise the following rights at any time: a. Request access to personal information b. Request correction of errors c. Request deletion d. Request suspension of processing Requests may be made in writing, by phone, or by email to the Company's representative contact (hwh011@daum.net, +82-61-242-9506). The Company will respond without undue delay.
7. Destruction Procedures
Personal information is destroyed without delay once it is no longer needed. - Method: Electronic files are permanently erased using technical means that prevent restoration - Timing: Within 5 business days after the retention period ends
8. Security Measures
The Company implements the following administrative, technical, and physical safeguards pursuant to Article 29 of the Personal Information Protection Act. - Administrative: Admin allowlist, principle of least privilege - Technical: HTTPS with HSTS, Content Security Policy, Firebase Security Rules, clickjacking / XSS / MIME-sniffing protections - Physical: Access-controlled Google Cloud Seoul region facilities
9. Cookies and Automated Collection
Firebase Authentication uses cookies and browser storage to maintain login state and for security. Users may refuse cookie storage via browser settings, which may limit certain features such as administrator login.
10. Privacy Officer
The Company has designated a Privacy Officer responsible for overseeing personal information processing and handling related complaints and remedies. - Name: Hong Wan-Hyoung - Position: CEO - Email: hwh011@daum.net - Phone: +82-61-242-9506
11. Remedies
Data subjects may seek dispute resolution or counseling from the following institutions: - Personal Information Dispute Mediation Committee: 1833-6972 · www.kopico.go.kr - KISA Privacy Infringement Report Center: 118 · privacy.kisa.or.kr - Supreme Prosecutors' Office Cyber Investigation: 1301 · www.spo.go.kr - National Police Agency Cyber Bureau: 182 · ecrm.cyber.go.kr
12. Changes to This Policy
This policy takes effect on the effective date above. Any material changes will be announced on this website at least 7 days before they take effect.