SAMSUNG SDI has established an information security system governing its organization, facilities, and technology to safeguard its critical assets and key information. As our technology portfolio includes automotive battery technology that is considered as national core technology, we are operating an industrial technology leakage prevention and management system to abide by the Act on Prevention of Divulgence and Protection of Industrial Technology. We also engage in regular reviews and improvements to minimize the risk of information security.
Our information security policy consists of basic principles and their implementation guidelines for the company and employees to follow to bolster our competitive edge. We also operate a separate index to measure our security performance in the field. The scope of this policy extends to tangible and/or intangible information assets owned, held or generated by the company, and the policy applies all outsiders who visit SAMSUNG SDI including contract-based partner employees as well as our own employees. We keep our information security policy up-to-date each year in reflection of applicable laws in Korea and overseas and security measures associated with new information technology and new security threats, and the amendments made are posted on our in-house online bulletin board.
We abide by the Personal Information Protection Act to ensure that personal data of our employees, customers and visitors is not lost, stolen, leaked, falsified, fabricated or damaged. To keep personal data secure, we take technical and managerial protection measures as well as safety measures as notified by the Personal Information Protection Commission.
SAMSUNG SDI has established the personal data processing guidelines which governs the items of personal data collected, the purpose of data processing, the duration of use, and safeguards among others for employees, customers and visitors. Pursuant to Article 29 (Duty of Safeguards) of the Personal information Protection Act, we have also developed the internal management plan to protect and manage personal data. . In addition, ‘image data processing device operation and management guidelines’ contain provisions on matters related to the company’s image data processing devices and image data.