1 Homepage membership registration and management
Confirmation of intention to sign up as a member, identification and authentication according to membership service provision, maintenance and management of membership qualifications, identification by enforcement of limited identification system, prevention of illegal use of services, consent of legal representative when processing personal information of children under the age of 14 Personal information is processed for the purpose of verification, various notices and notices, and grievance handling.

2 Providing goods or services
Personal information is processed for the purpose of delivering goods, providing services, providing contents, providing customized services, authenticating users, and verifying age.

3 Complaint handling
Personal information is processed for the purpose of confirming the identity of the complainant, confirming the complaints, contacting and notifying for fact-finding, and notifying the processing result.

4 Use for marketing and advertising
For the purpose of developing new services and providing customized services, providing event and advertising information and opportunities to participate, providing services according to demographic characteristics and posting advertisements, verifying the validity of services, identifying access frequencies, or statistics on members' use of services. We process personal information.

1 The company processes and retains personal information within the period of retention and use of personal information in accordance with laws and regulations, or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.

2 Each personal information processing and retention period is as follows.
1) Homepage member registration and management: Until withdrawal from the homepage (however, until the end of the reason in the case of the following reasons)
ㆍIn case an investigation or investigation in violation of related laws is in progress, until the end of the investigation or investigation
ㆍIn the case of remaining bonds/debt relations following the use of the website, until the settlement of the relevant bonds/debt relations

2) Provision of goods or services: Until the completion of supply of goods and services, payment of fees, and settlement (however, until the end of the period in the case of the following reasons)
ㆍRecords of transactions, such as indications, advertisements, contract details and performance in accordance with the 「Consumer Protection Act in Electronic Commerce, etc.」 -Records on display and advertisement: June
-Record of supply of contract or subscription withdrawal, payment, goods, etc.: 5 years
-Records on consumer complaints or dispute settlement: 3 years
ㆍStoring communication fact confirmation data according to Article 41 of 「Communication Secret Protection Act」 -Subscriber telecommunication date and time, start/end time, other party's subscriber number, frequency of use, source station location tracking data: 1 year
-Computer communication, Internet log record data, access point tracking data: 3 months

1 The company uses your personal information within the range notified in [Purpose of collecting and using personal information], and does not use it beyond that range or provide it to others or other companies or institutions.

2 Notification and consent method shall be notified at least 30 days in advance through the notice on the initial screen of the online homepage, and at the same time, individually notified via e-mail, etc., must be actively consented to the sale or merger. We will proceed with the procedure only by expressing our intention to provide and share with a third party).

3 The following are exceptions:
ㆍWhen there is a request from a related agency for investigation purposes under related laws ㆍIn the case of providing to advertisers, partners, or research organizations in a form that cannot identify a specific individual for statistical writing, academic research or market research. ㆍWhen there is a request in accordance with the procedures stipulated in other related laws
ㆍHowever, even with exceptions, when information is provided in accordance with relevant laws or at the request of an investigative agency, it is operated in principle to notify the parties. There may be cases in which notification may not be made unavoidably due to legal grounds. We will do our utmost to ensure that information is not provided indiscriminately against the original purpose of collection and use.

1 The company entrusts personal information processing tasks as follows for smooth personal information processing.
ㆍConsignee (trustee): None
ㆍDetails of entrusted work: None
ㆍConsignment period: undecided

2 When signing a consignment contract, the Company shall provide information on responsibilities such as prohibition of processing of personal information other than the purpose of performing consignment work, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, compensation for damages, etc. in accordance with Article 25 of the Personal Information Protection Act. It is specified in the document and oversees whether the trustee handles personal information safely.

3 If the contents of the consignment business or the consignee change, we will disclose it through this personal information processing policy without delay.

1 The information subject can exercise the following rights related to personal information protection at any time to the company.
ㆍRequest to view personal information
ㆍRequest for correction if there is an error, etc.
ㆍDelete request
ㆍRequest to stop processing

2 The exercise of the rights pursuant to Paragraph 1 can be made in writing to the company, by phone, e-mail, fax, etc., and the company will take action without delay.

3 If the information subject requests correction or deletion of errors in personal information, the company will not use or provide the personal information until the correction or deletion is completed.

4 The exercise of the rights pursuant to Paragraph 1 can be done through the legal representative of the information subject or through an agent such as a person who has been delegated. In this case, you must submit a power of attorney in accordance with the form of Attachment 11 of the Enforcement Regulations of the Personal Information Protection Act.

5 The information subject must not infringe on the personal information and privacy of the information subject or others processed by the company by violating related laws such as the Personal Information Protection Act.

1 Homepage member registration and management
ㆍRequired items: Name, ID, password, contact information, email address, and address.
ㆍOptional items: date of birth, occupation, job/department, access route, mailing service.

2 Providing goods or services
ㆍRequired items: Name, ID, contact number, email address, and address.

3 In the course of using the Internet service, the following personal information items may be automatically generated and collected.
ㆍIP address, cookie, MAC address, service use record, visit record, bad use record, etc.

1 The company destroys the personal information without delay when personal information becomes unnecessary, such as the elapse of the personal information retention period or achievement of the processing purpose.

2 If the personal information retention period agreed by the information subject has elapsed or the purpose of processing has been achieved, if personal information must be kept in accordance with other laws and regulations, the personal information may be transferred to a separate database (DB) or the storage location may be changed. To preserve it.

3 The procedure and method of destroying personal information are as follows.
ㆍDestruction Procedure: The information entered by the user is transferred to a separate DB (separate document in the case of paper) after the purpose is achieved, and is destroyed after a certain period of time or immediately after being stored in accordance with internal policies and other related laws. At this time, the personal information transferred to the DB is not used for other purposes unless it is required by law.
ㆍDestruction period: When the retention period of personal information has elapsed, the personal information of the user will be unnecessary within 5 days from the end of the retention period, such as achieving the purpose of processing personal information, abolition of the service, termination of business, etc. When it is determined that the processing of personal information is deemed unnecessary, the personal information will be destroyed within 5 days.
ㆍDestruction method: Information in the form of electronic files uses a technical method that cannot reproduce records, and personal information recorded and stored in paper documents is destroyed by shredding or incineration.

1 Administrative action
Establishment and implementation of internal management plans, regular employee training, etc.

2 Technical action
Management of access rights such as personal information processing system, installation of access control system, encryption of unique identification information, etc.

3 Physical action
Access control of computer room, data storage room, etc.

1 The company uses'cookies' that store and retrieve usage information from time to time to provide individual customized services to users.

2 Cookies are a small amount of information sent to the user's computer browser by the server (http) used to operate the website, and may be stored on the hard disk in the user's PC computer.
ㆍPurpose of using cookies: It is used to provide optimized information to users by identifying the types of visits and usage of each service and website visited by the user.
ㆍInstallation, operation and rejection of cookies: You can refuse to store cookies by setting options in the Tools> Internet Options> Personal Information menu at the top of the web browser.
ㆍIf you refuse to store cookies, you may experience difficulties in using customized services.

1 The information subject can request the following department to view personal information pursuant to Article 35 of the Personal Information Protection Act. The company will endeavor to expedite the request for access to personal information from the information subject.

ㆍName of department: Computer Information Office
ㆍPerson in charge: Lee Yong-gil
ㆍPhone number: +82-62-960-5000
ㆍFax No.: +82-62-951-9981
ㆍE-mail address: seoam@smiltd.co.kr
ㆍAddress: 738-5, Ancheong-dong, Gwangsan-gu, Gwangju

2 The information subject can request the following department to view personal information pursuant to Article 35 of the Personal Information Protection Act. The company will endeavor to expedite the request for access to personal information from the information subject.

1 Personal information viewing request reception/processing department
ㆍName of department: Computer Information Office
ㆍPerson in charge: Lee Yong-gil
ㆍPhone number: +82-62-960-5000
ㆍFax No.: +82-62-951-9981
ㆍE-mail address: seoam@smiltd.co.kr

1 Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
Duties: Report on infringement of personal information, request for consultation Homepage: privacy.kisa.or.kr
Phone number: (without area code) 118
Address: (58324) Personal Information Infringement Reporting Center on the 3rd floor, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)

2 Personal Information Dispute Mediation Committee
Duties: Personal information dispute mediation application, collective dispute mediation (civil settlement)
Homepage: www.kopico.go.kr
Phone number: (without area code) 1833-6972
Address: (03171) 4th floor of Seoul Government Complex, 209 Sejong-daero, Jongno-gu, Seoul

3 The Supreme Prosecutor's Office Cyber Crime Investigation Division
Homepage: www.spo.go.kr
Phone: 02-3480-3573

4 Cyber Security Bureau, National Police Agency
Website: cyberbureau.police.go.kr
Phone number: (without area code) 182

1 This privacy policy will take effect from January 19, 2021.