Privacy Policy

ST SUNLAB Co., Ltd. | Effective Date: June 16, 2025

1. Introduction

ST SUNLAB Co., Ltd. ("ST SUNLAB," "we," "us," or "our") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and interact with our services.
Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

2. Who We Are (Data Controller)

ST SUNLAB acts as the Data Controller as defined under applicable data protection laws, including GDPR Article 4(7) for EU/EEA residents.

Company ST SUNLAB Co., Ltd.
Address Kreuzberger Ring 44a, 65205 Wiesbaden, Germany
Privacy Officer Junyong Park
Email jy.park@stsunlab.com
Phone +82-2-6327-5656
EU Representative (GDPR Art. 27) bj.kim@stsunlab.com

EU/EEA residents may contact our EU Representative directly for any privacy-related inquiries.

3. Information We Collect

  • Information You Provide Directly
    • Contact Inquiries
      • Purpose of inquiry
      • Country of residence
      • Full name
      • Email address
      • Mobile phone number
      • Inquiry content
    • Newsletter Subscription
      • Full name
      • Email address
  • Information Collected Automatically
    • When you visit our website, we may automatically collect:
      • IP address
      • Cookie identifiers
      • MAC address
      • Service usage logs
      • Visit history
      • Irregular usage records
      • Browser type and version
      • Device information

4. How We Use Your Information

Purpose Legal Basis (GDPR) Retention Period
Responding to contact inquiries Legitimate Interest / Contract (Art. 6(1)(b)(f)) Until deletion request
Sending newsletters Consent (Art. 6(1)(a)) Until unsubscribe
Website analytics & security Legitimate Interest (Art. 6(1)(f)) Per log retention cycle
Legal compliance Legal Obligation (Art. 6(1)(c)) As required by law

We never sell your personal data to third parties.

5. Legal Basis for Processing (GDPR)

For users in the EU/EEA, we process your personal data under the following legal bases:

  • Consent (Art. 6(1)(a)) — Newsletter subscription. You may withdraw consent at any time without affecting the lawfulness of prior processing
  • Legitimate Interests (Art. 6(1)(f)) — Responding to contact inquiries, improving website security and performance.
  • Legal Obligation (Art. 6(1)(c)) — Where processing is required by applicable law.

6. Cookies

We use cookies to provide optimized services. Cookies are small text files stored on your device by your browser.

Type Purpose
Essential Core website functionality; cannot be disabled
Analytics Understanding usage patterns and popular content
Security Detecting irregular access and protecting accounts

How to opt out: You can disable cookies at any time via your browser settings (Tools > Internet Options > Privacy).
Note that disabling cookies may limit certain features of our website.
For EU/EEA users: Non-essential cookies require your prior consent in accordance with the ePrivacy Directive.
A cookie consent banner will be displayed on your first visit.

7. Data Retention

Data Type Retention Period
Contact inquiry data Indefinitely; deleted upon request
Newsletter subscription data Until unsubscribe or deletion request
Automatically collected data Per applicable log retention cycles
Data subject to legal hold Until investigation or legal proceeding concludes

When personal data is no longer necessary, we delete it securely:

  • Electronic files — Deleted using irreversible methods
  • Physical documents — Shredded or incinerated

8. Your Rights

Depending on your location, you may have the following rights:

Right EU/EEA (GDPR) California (CCPA) Others
Access your data Yes Yes Yes
Correct your data Yes Yes Yes
Delete your data Yes Yes Yes
Restrict processing Yes - -
Data portability Yes - -
Object to processing Yes - -
Opt out of data sale - Yes -
Non-discrimination - Yes -
Withdraw consent Yes Yes Yes

To exercise any of these rights, contact us at: jy.park@stsunlab.com
We will respond within 30 days (GDPR) or 45 days (CCPA) of receiving your verified request. Identity verification may be required.

9. Data Security

We implement the following technical and organizational measures to protect your personal data:

  • Administrative: Internal data management policies and regular staff training
  • Technical: Access control systems, encryption of sensitive identifiers, security software, and access logging

While we take all reasonable precautions, no transmission over the internet is 100% secure.
We encourage you to use strong passwords and report any suspected security incidents to us immediately.

10. International Data Transfers

ST SUNLAB is headquartered in the Republic of Korea. If you are accessing our services from outside Korea, your data may be transferred to and processed in Korea. For EU/EEA users: Such transfers are conducted in accordance with GDPR Chapter V. The Republic of Korea has received an adequacy decision from the European Commission, meaning your data receives equivalent protection to that within the EU.

11. Third-Party Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only with:

  • Service providers acting as data processors on our behalf (e.g., email delivery, web hosting), bound by data processing agreements and confidentiality obligations
  • Legal authorities when required by applicable law, regulation, or valid legal process

12. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us immediately for deletion.

13. Newsletter & Marketing Communications

If you subscribe to our newsletter, you may unsubscribe at any time by:

  • Clicking the "Unsubscribe" link in any newsletter email, or
  • Contacting us directly at jy.park@stsunlab.com

We will process your unsubscribe request without delay and no later than 10 business days.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will:

  • Update the Effective Date at the top of this page
  • Notify you via email (for material changes) or a prominent notice on our website

We encourage you to review this policy periodically to stay informed.

15. Contact & Complaints

Privacy Officer: Junyong Park
Email: jy.park@stsunlab.com
Phone: +82-2-6327-5656
EU Representative: bj.kim@stsunlab.com
EU/EEA Users: If you are unsatisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs is available at: https://edpb.europa.eu/about-edpb/board/members_en