Article 1 (Purpose of Collection and Use of Personal Information)

• The Company provides a procedure for users to click the "Agree" or "Cancel" button regarding the content of the Company's personal information collection and use consent or Terms of Use. Clicking the "Agree" button is deemed as consent to the collection of personal information. The collected personal information is used for the following purposes: A. Performance of contracts for service provision and fee settlement according to service provision. B. User management.

Article 2 (Items and Method of Collection)

• The Company receives essential/optional information online for service provision when users sign up to use member services.
• A. Items Collected
• • Essential Information for Membership: ID, Password, Company Name, Representative Name, Address, Business Registration Number, Manager Name, Email Address, Mobile Phone Number.
• • Optional Information for Membership: Fax Number, Company Main Phone Number.
• • In the case of applicants under 14: Information of the legal representative.
• B. Collection Method The Company collects personal information through the following methods:
• • During membership registration through the website.
• • During the input of essential information according to service use.

Article 3 (Retention and Use Period of Personal Information)

In principle, the Company destroys personal information without delay once the purpose of collection and use is achieved. However, the following information is preserved for the specified period for the reasons below:

• A. Reasons for Information Retention under Relevant Laws
• • Records on contracts or withdrawal of subscription: 5 years (Act on the Consumer Protection in Electronic Commerce, etc.)
• • Records on payment and supply of goods, etc.: 5 years (Act on the Consumer Protection in Electronic Commerce, etc.)
• • Records on consumer complaints or dispute handling: 3 years (Act on the Consumer Protection in Electronic Commerce, etc.)
• • Records on visits (logs): 3 months (Protection of Communications Secrets Act)

Article 4 (Destruction Procedure and Method)

The Company processes valuable personal information of members safely and destroys it through the following methods to prevent leakage:

• A. Destruction Procedure Information entered by users for service use is transferred to a separate DB (separate file box for paper) after the purpose is achieved and destroyed after being stored for a certain period according to internal policies and other relevant laws (refer to the retention and use period). Personal information transferred to a separate DB will not be used for any purpose other than those required by law.
• B. Destruction Method
• • Personal information printed on paper: Shredded with a shredder or incinerated.
• • Personal information stored in electronic file format: Deleted using technical methods that cannot reproduce the records.

Article 5 (Sharing and Provision of Collected Personal Information)

The Company uses users' personal information within the scope consented to and does not, in principle, share or provide it to the outside beyond this scope without the user's prior consent. However, the following cases are exceptions:

• • When users have consented to sharing and provision in advance.
• • When necessary for fee settlement according to service provision.
• • When requested by an investigative agency in accordance with the procedures and methods prescribed by laws for the purpose of investigation.

Article 6 (User's Management of Their Own Personal Information)

• Users can view their personal information at any time if they wish and correct stored essential information. In addition, supplementary information other than the essential information required at the time of registration can be viewed, corrected, or deleted at any time. Changes, deletion, and membership withdrawal can be accessed after logging in at the Company's customer center.

Article 7 (Operation and Refusal of Cookies)

• A. Purpose of Using Cookies
• 1. The Company uses 'cookies' that store and frequently retrieve information about users to provide services quickly. Cookies are small amounts of information sent by the website server to the user's browser and stored on the hard disk of the user's computer.
• 2. The Company may use cookies to identify members and maintain their login status.
• B. Installation/Operation and Refusal of Cookies
• 3. Users have the right to choose regarding cookie installation. Therefore, users can allow/refuse all cookies or check each time a cookie is saved by adjusting the options in the web browser.
• 4. If you refuse to store cookies, some services provided by the Company, such as personalized services, may be difficult to use.

Article 8 (Technical/Managerial Measures for Personal Information Protection)

The Company takes the following managerial, technical, and physical measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged:

• • A. Managerial Measures: Establishment and implementation of internal management plans, regular employee training, etc.
• • B. Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs.
• • C. Physical Measures: Access control for the computer room and data storage room.
• The Company is not responsible for incidents that occur due to the user's personal mistakes or the basic risks of the internet. Individual users must appropriately manage their ID and password to protect their personal information and take responsibility for them.

Article 9 (Opinion Collection and Complaint Handling)

• The Company collects opinions from users regarding personal information protection and has all procedures and methods in place to handle complaints. Users can report complaints via phone or email by referring to "Article 10," and the Company will provide quick and sufficient answers.

Article 10 (Privacy Officer and Contact Information)

• The Company has designated a Privacy Officer as follows to take overall responsibility for personal information processing and to handle user complaints and damage relief related to personal information processing.
• • Name: Choi Seong-soo
• • Department/Position: Director of Development Division
• • Email: trustsoo@UBICUS.co.kr
• • Phone: (02) 780-2898

Article 11 (Rights of Users and Legal Representatives and How to Exercise Them)

• A. Users and legal representatives may view or modify their registered personal information or that of children under 14 at any time and may request termination of the contract (withdrawal of consent).
• B. To view or modify personal information, click "Change Personal Information" (or "Edit Member Info"). For termination (withdrawal of consent), click "Withdraw Membership." You may also contact the Privacy Officer via writing, phone, or email.
• C. If a user requests correction of an error in personal information, the information will not be used or provided until the correction is completed.
• D. Personal information terminated or deleted at the request of the user or legal representative is processed as specified in the "Retention and Use Period" and cannot be viewed or used for other purposes.

Article 12 (Personal Information Protection Responsibility and Counseling/Reporting)

• Users may inquire about damage relief and counseling for personal information infringement to the following organizations. These are separate from the Company:
• • Personal Information Infringement Report Center (KISA) (privacy.kisa.or.kr / 118)
• • Personal Information Dispute Mediation Committee (KOPICO) (www.kopico.go.kr / 1833-6972)
• • Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr)
• • National Police Agency Cyber Bureau (cyberbureau.police.go.kr)

Article 13 (Notification)

• Any additions, deletions, or modifications to the current Privacy Policy due to changes in government policy or security technology will be notified through 'Announcements' on the website.
• • Enforcement Date: August 28, 2018
• • Last Modified Date: August 28, 2019