Privacy Policy

IGIS Asset Management (“the Company”) is committed to safeguarding users’ personal information. In accordance with Article 30 of the Personal Information Protection Act, this Privacy Policy is disclosed to ensure transparency and ease of access for users at all times.

1. Collection and Use of Personal Information

① The Company collects and uses personal information when users make inquiries regarding estimates, tours, or consultations.
  - Purpose of Collection: User identification, service provision, and customer support
  - Items Collected: Name, mobile phone number, email address
  - Retention Period: 90 days from the completion date of the relevant service
② Notwithstanding the above, the Company may retain personal information for a certain period as required by applicable laws and regulations.

2. Outsourcing of Personal Information Processing

① The Company may outsource certain personal information processing tasks to third parties to ensure smooth service operations. The outsourced entities and details of such tasks are as follows:

② Any changes in the outsourced entities or entrusted tasks will be disclosed without delay via this Privacy Policy, and appropriate supervision will be conducted in accordance with relevant laws.

3. Provision and Sharing of Personal Information with Third Parties

The Company processes users’ personal information only within the specified scope and will not provide it to third parties without the user’s consent, unless required by law or under exceptional circumstances as stipulated by relevant legislation.

4. Rights of Users and Legal Representatives & How to Exercise Them

① Users may exercise the following rights at any time in relation to their personal information:
  - Request to view personal information
  - Request correction of errors
  - Request deletion
  - Request suspension of processing
② These rights may be exercised via written request, phone, or email. The Company will process such requests within 10 business days in accordance with internal procedures. (However, this excludes information that must be retained under applicable law.)
③ If a user requests correction or deletion of personal information due to an error, the Company will not use or provide that information until the correction or deletion is completed.
④ The above rights may also be exercised by a user’s legal representative or authorized agent.

5. Destruction of Personal Information

① The Company promptly destroys personal information once the retention period expires or the processing purpose has been fulfilled.
② If the user has consented to a specific retention period, or if personal information must be retained under other laws even after the purpose has been fulfilled, such information will be securely stored in a separate database or storage location.
③ Electronically stored personal information is destroyed in an unrecoverable manner, while printed documents are shredded or incinerated.

6. Measures to Ensure the Security of Personal Information

The Company takes the following technical and administrative measures to prevent loss, theft, leakage, alteration, or damage of personal information:
  - Administrative Measures: Establishment and implementation of internal management plans, regular employee training
  - Technical Measures: Access control for personal information processing systems, installation of access control systems, encryption of unique identification information, security software installation
  - Physical Measures: Access control to server rooms and physical storage areas

7. Use of Cookies and Related Information

① The Company uses cookies to provide personalized services by storing and retrieving user information.
② Cookies are small text files sent by the server to the user’s browser, stored on the user's computer.
  - Purpose: To analyze visit patterns, popular search terms, and secure log-ins to provide optimized services.
  - Cookie Management: Users may refuse cookie storage by adjusting browser settings via Tools > Internet Options > Privacy menu.
  - Note: Disabling cookies may limit the functionality of certain customized services.

8. Contact for Inquiries and Reporting of Infringements

① The Company designates the following person and department to protect personal information and handle related complaints:

• Privacy Officer: Sue Lee
• Department: CBRE Marketing
• Phone: +82-10-3994-8390
• Email: sue.lee3@cbre.com

* Inquiries will be directed to the department in charge of privacy protection.

② For further consultation or to report a breach, you may contact the following government agencies:

  - Personal Information Infringement Report Center: 118 / http://privacy.kisa.or.kr
  - Supreme Prosecutors’ Office Cybercrime Division: 1301 / http://www.spo.go.kr
  - Cyber Investigation Department, National Police Agency: 182 / http://ecrm.cyber.go.kr/
  - Personal Information Dispute Mediation Committee: 1833-6972 / https://www.kopico.go.kr/

9. Duty to Notify

① If any additions, deletions, or modifications are made to this Privacy Policy, such changes will be announced on the Company’s website or via email at least 7 days in advance (or 30 days in advance for significant changes).
Effective Date of Notice and Implementation: June 30, 2025