Privacy Policy (Effective: 2021.11.30 to 2023.05.25)

In order to provide the best service to users, ZEP Co., Ltd. (the “Company”) uses personal data from users to provide some of its services.

With respect to handling personal data of the users, the Company will comply with the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., and other relevant laws and regulations including regulations enacted by the relevant authorities. The Company is to enact and apply the following Privacy Policy in order to prevent the misuse of users' valuable personal data and to clarify the purpose, methods, and scope in which personal data is collected and used. This Privacy Policy is subject to change due to amendments to applicable laws and regulations or amendments to the Company's internal policies.

Article 1 [Personal Data Collection and Collection Method]

① The Company will collect and handle the following personal data, and the collected personal data will not be used for purposes other than those specified herein.

1. Membership registration and managementRequired: email address (member ID), age verification (14 years of age or older), nickname, profile photo
2. Data automatically created and collected while using servicesIP address, service usage history, browsing history, date and time of membership registration, abuse history, device information

② The Company will collect personal data using the following methods:

• Data being directly input by the user on the Company’s website, applications, or within its services
• Data being collected through automatic collection devices

Article 2 [Purpose of Collection and Use of Personal Data]

① The Company may use collected personal data for the following purposes. Personal data which is handled by the Company is not used for other purposes than the following, and in the case of changes to the purpose of use, necessary measures such as consent receipt will be taken according to relevant laws and regulations.

1. Official website membership registration and user managementConfirmation on membership registration, self-identification/verification for provision of services, maintenance/management of membership qualifications, confirmation of valid membership registration records, management of abusers, revealing abusers and restricting their use, fulfillment of the contractual obligations, dispute resolution
2. Use of servicesComplaint handling and provision of other customer services, delivery of notices
3. Use required as per other applicable lawsPerformance of obligations stipulated in law, etc.

Article 3 [Retention Period of Personal Data and Withdrawal of Users]

① The Company will retain and use the personal data collected from the user while the user's status is maintained. If the purpose for the collection of the data is completely achieved, the data will be deleted immediately regardless of whether or not the user’s status is maintained. However, the Company will keep and use personal data for the written retention period if the Company has any of the following bases for retention:

• Retention basis : consumer satisfaction, dispute settlement, restriction to re-registration of membership, etc., when cancelling membership
• Retention period : 30 days
• Retained items : email, access records, abuse records, nickname