A. Management of Membership

Personal information is collected and used for the following purposes: confirmation of Users' intent to join membership, verification of his/her identity for the use of Services, management of membership, prevention of illegal use of the Services, notification and notice to Users, and record keeping for dispute resolution.

B. Provision of Products and Services

Personal information is collected and used for the following purposes: delivery of products and giveaway, provision of the Services and settlement of payment, provision of contents and customized Services, verification of identity, and collection of payment

C. Marketing and Product Advertisement (Optional)

Personal information is collected and used for the following purposes: introduction of new Services (products) and customized Services, events and provision of opportunity to participate therein, confirmation of validity of the Services, collection of data regarding Member's use of the Services and access frequency.

A. Non-Members

(1) Event participants

- Items to be collected: e-mail, phone number, SNS, etc.

- Method: event participants enter through the event webpage

B. Members

(1) Purpose of data collection & collected info.

Membership with Email Account

- Purpose of data collection: Identify users

- Collection of information: Name, e-mail, password

- Collection of information (created): IP, cookie, browsing history, service usage history, and bad records

Membership with Social Login

- Purpose of data collection: Identify users based on SNS (Facebook, Weibo, AliPay)

- Collection of information (SNS provides): Name, e-mail

- Collection of information (created): IP, cookie, browsing history, service usage history, and bad records

Email Subscribers

- Collection of information: e-mail

- Data collection method: Collected when you agree to subscribe email/newsletters

mobile service

- device identification (IMEI, etc), version of operating system, device names

when purchasing products or making payment

- identity information(required): name of payor, contact information (mobile phone number or telephone number), shipping address, identity confirmation information (CI, DI), personal customs clearance code
* However, for international shipping, in accordance with customs law, any resident registration number (or legal alien registration number, personal identification number) may be additionally collected and provided to relevant government authorities.

- Payment information: Depending on payment gateway companies and payment methods, collection of the following information may be requested.

• 1. Payment by credit card: name of card company, card number
• 2. Payment by mobile phone: mobile phone number, service provider name
• 3. Fund transfer: bank name, account number
• 4. Online deposit: bank name, depositor's name
• (person to person customer service requested ) name, e-mail, contact information (mobile phone number or phone number)

(2) method

through homepage (membership, customer service board), information entered at the time of purchase, event participation or contacting the customer center by phone or online

1. A. To the extent of the retention and usage period consented by subjects of information or in accordance with under relevant laws such as commercial law and the Act on the Consumer Protection in the Electronic Commerce Transactions, Etc, the Company processes and retains personal information.
2. B. Applicable durations of retention are set out as follows

(1) Records on contracts or withdrawal of offers and the like

• - Reason for Retention: the Act on the Consumer Protection in the Electronic Commerce Transactions, Etc.
• - Duration of Retention: 5 years

(2) Records on payment settlement and supply of goods, etc.

• - Reason for Retention: the Act on the Consumer Protection in the Electronic Commerce Transactions, Etc.
• - Duration of Retention: 5 years

(3) Records on processing of customer disputes and complaints

• - Reason for Retention: the Act on the Consumer Protection in the Electronic Commerce Transactions, Etc.
• - Duration of Retention: 3 years

(4) Records on access

• - Reason for Retention: the Communications Secrecy Protection Act
• - Duration of Retention: 3 months

(5) Records on marks and advertisement

• - Reason for Retention: the Act on the Consumer Protection in the Electronic Commerce Transactions, Etc.
• - Duration of Retention: 6 months

1. A. The Company uses personal information within the scope notified in Collection/Use of Personal Information, and shall not use such information beyond the purpose of collection or provide it to any third parties without prior consent from customers.
2. B. If placement of an order or payment is made for a transaction through services provided by the Company, the Company may provide the Seller with relevant information to facilitate the transaction such as communication and delivery.

   	Recipients	Purpose of Use	Items to Be Provided	Duration of Retention and Use
   The Sellers on the website	List of the Sellers	Verification of intent to offer, performance of transaction, delivery, customer service, AS, etc	Name, ID, address, phone number, mobile phone number, order information, recipient information (name, phone number, mobile phone number, address)	Destroyed immediately when provision of products or services is completed to the extent that such information is retained for the duration required by relevant laws.

3. C. The Company will use personal information within the scope notified to the subjects of such information, and shall not use or disclose to others such information beyond such scope. However, if required by law, such information may be provided to the law enforcement, administrative agency, or any third parties pursuant to the procedures and methods prescribed by applicable laws and regulations without the consent of the subjects.

• A. Regarding the collection, use, and provision of personal information through membership registration, etc. any user can withdraw and delete data at any time, which he/she agreed when they register the service.
• B. Withdrawal of consent and deletion of data is available through " LOGIN > MY PAGE > MY ACCOUNT SETTINGS > DEACTIVATE YOUR ACCOUNT ". The information will be destructed at the same time as your deactivation. However, a user ID is necessary information to prevent confusion in service use, to fulfill the obligation to keep member transaction information within the retention period stipulated by laws and related regulations, and to provide other stable services. So it is not allowed to re-register with the same ID, after the withdrawal
• C. If it is difficult to destroy personal information directly, you can request to delete your data by the complaints-handling department about personal information.
• E-Mail: cs_global@interpark.com

1. A. The Company outsource personal information processing service to facilitate and improve its Services as follows:

   Category	Assignees	Outsourced tasks
   Customer service	Global Interpark Branch Company (Shanghai Wangyuan Trading Corporation)	All of a call center's services such as use and management of customer and order information
   Identity verification	NICE Information Service	Verification of identity by I-PINS
   	Korea Mobile Certification Inc.	Verification of identity by mobile phones
   Delivery service		Delivery of products and giveaways
   Payment settlment / sms dispatch	LG Uplus Corp., KCP Co., Ltd	Credit card, payment by mobile phone, fund transfer, online deposit, payment by virtual account, SMS dispatch

2. B. The Company continuously manages and supervises the assignees to ensure their secure handling of personal information entrusted, and immediately upon expiration of such assignment, have the personal information retained by the assignees to be destroyed. (If separate retention period required by relevant laws, the Company stores the personal information safely to comply with such laws.)
3. C. Any change to such assignees or the contents entrusted shall be disclosed without delay in accordance with this Privacy Policy.

1. A. If Users need to check or correct their personal information, they may do so themselves at any time by using my page → my information →check information → correction menu.
2. B. Using the membership withdrawal menu on the homepage at any time, Users may withdraw from membership (or withdraw their consent).
3. C. Users, if not agreeing to the Company's handling of personal information, may refuse the consent or request the cancellation of membership (or withdrawal from membership), which may restrict use of Services completely or partially. (Subscription service users may withdraw consent by using blocking function at the bottom of the email received).
4. D. If Users request the correction of any mistake in personal information, the relevant personal information shall not be used or provided until correction is completed. In the event that any wrong personal information is already provided to a third party, the result of correction thereof shall be immediately notified to such third party to make such correction.

A. Procedures of Destruction

Personal information of which purpose of collection/retention is achieved is transmitted to a separate database (separate documentation for papers containing such information) under its internal policy and other applicable laws, and immediately after the lapse of the prescribed time, shall be destroyed. Such personal information transferred to the database shall not be used beyond the purpose consented by each of you or for other purposes unless required by laws.

B. Method of Destruction

1) Personal information stored in the form of an electronic file shall be deleted by a technical method preventing reproduction thereof.

2) Personal information printed on papers shall be shredded or incinerated.

A. What is Cookie?

Cookie, a small text file which the web server sends to a User's computers, is stored in the hard disk of the User's computer. Therefore, you may choose installation and collection of cookie voluntarily and refuse such collection.

B. How can we refuse cookie?

1) Internet Explorer

"tool → Internet option → personal information → personal setting " indicated in the upper part of the web browser

2) Chrome

"click '☰ (Customize and control Google Chrome)' icon → setting → advanced setting → contents setting in personal information → personal setting in cookie" indicated in the upper part of the web browser

* Please note that, when a User refuses to install cookie, there may be any inconvenience in use of or difficulty in provision of Services.

A. Minimum number of employees who have access to personal information, and education programs

Employees who have access to personal information are designated and we manage the minimum number of such employees engaging in management of personal information. The Company makes its best efforts to protect personal information through continuous implementation of education programs for personal information protection.

B. Internal Inspection

We hire employees specifically assigned to internal affairs department for securing technical and administrative protection measures to handle personal information securely, and internally perform routine inspections to check whether our personal information managers are in compliance with the internal Policy and relevant laws.

C. Establishment and Implementation of Internal Management Plan

For the purpose of secure handling of personal information, internal management plans have been established and implemented.

D. Encryption of Personal Information

Your personal information is encrypted, kept and managed in accordance with the standard prescribed by relevant laws, and separate security functions such as encryption of files and transmitted data are used.

E. Anti-Hacking Measures

The Company installs security programs to prevent leakage of and damages to personal information by hacking or computer virus, performs routine maintenance checks, sets up relevant systems in the area restricted to be accessed from outside, and observes and blocks any intrusion physically and technically.

F. Restricted Access to Personal Information

We take measures necessary to restrict access to personal information through grant, change, and renewal of authorization to have access to database handling personal information, and controls unauthorized access from outside by using intrusion prevention system.

G. Storage of Access Record and Prevention of Forgery

Records on access to personal information management system pursuant to relevant laws are kept and managed at least for six months and securely stored to prevent forgery, theft or loss thereof.

H. Use of Locking Device for Security of Documents

Documents and supplemental storage medium containing personal information are kept in a safe place equipped with a locking device.

I. Control over Unauthorized Personnel's Access

Separate physical storage spaces to keep personal information are provided and procedures for the restriction of any access thereto have been established and managed.

1. A. Company appoints the person responsible in charge of management of personal information, who shall be responsible for management of all the tasks related to handling personal information matters and take care of Users' complaints and damage reliefs as follows:

   Person in charge of management of personal information

   Name: Dong U Kim

   Division: Information Security Office

   Position: General Manager

   E-Mail: cpo@interpark.com

   Tel: 02-6924-9230

   Fax: 02-6924-9001

   Department handling complaints related to personal information

   Name: Jin Sook Park

   Division: Metanet Mplatform Co., Ltd.

   E-Mail: pjs9284@interparkcs.com

   Tel: 02-6924-9230

   Fax: 02-6924-9001

2. B. Users may report any complaint incurred in relation to the use of our services, such as all inquiries about personal information protection, complaint handling, damage reliefs to the person in charge of management of personal information and the customer support center, and the Company will respond to and handle such inquiries without delay.
3. C. If any other reporting or counseling is required in relation to infringement of personal information, please contact the following institutions for inquiry.

   Personal Information Infringement Call Center (operated by Korea Internet & Security Agency)

   - (with no preceding number) 118 / privacy.kisa.or.kr

   Online Privacy Association

   - 02-550-9531~2 / eprivacy.or.kr

   Cyber Crime Investigation Unit, Supreme Public Prosecutors' Office

   - (with no preceding number) 1301 / www.spo.go.kr

   Cyber Terror Response Center in the National Police Agency

   - 1566-0112 / www.police.go.kr

This Privacy Policy applies from the effective date, and any addition, deletion, or revision of this Policy shall not notified in advance through announcement at least seven (7) days prior to the effective date thereof; provided, however, that any material changes to Users' rights, such as collection and use of personal information, provision of personal information to a third party, shall be notified in advance at least thirty (30) days prior to the effective date thereof.

• - Privacy Policy version no.: 2.7
• - Date of Notification: 19th, May, 2022
• - Effective Date: 26th, May, 2022