Hucord Co., Ltd. (hereinafter referred to as “the Company”) is committed to protecting users’ personal information in accordance with the Personal Information Protection Act and other applicable laws and regulations. To ensure prompt and smooth handling of related concerns, the Company establishes and discloses the following policy.

1. Purpose and Scope of Personal Information Collection

The Company collects and uses personal information for the following purposes. The collected personal information will not be used for any purpose other than those listed below:

1) Purpose of Collection

Providing services and managing memberships

Responding to customer inquiries and complaints

Complying with legal obligations and contract performance

2) Collected Information

Mandatory Information: Name, email address, contact number

Automatically Collected Information: Access IP information, cookies, visit record

2. Retention and Usage Period of Personal Information

The Company destroys personal information immediately after the purpose of collection and use has been fulfilled. However, certain information may be retained as required by law.

• Membership registration and management: Retained for 5 years after membership cancellation
• Contract and withdrawal of subscription: Retained for 5 years after contract termination or withdrawal
• Legal obligations: Retained in accordance with statutory retention periods

3. Rights and Methods for Exercising User Rights

Users have the right to access, correct, or request deletion of their personal information at any time. Requests can be made via written communication, email, or telephone.

Once a correction or deletion request is made, the relevant information will not be used until the process is complete.

4. Destruction of Personal Information

Personal information is destroyed immediately after the purpose of its processing is achieved. The destruction procedures and methods are as follows:

• Electronic Files: Permanently deleted using technical methods that prevent recovery
• Paper Documents: Shredded or incinerated

5. Measures to Protect Personal Information

The Company implements the following measures to protect personal information:

• Minimizing the number of personnel handling personal information and providing regular training
• Establishing and enforcing an internal management plan
• Operating security systems to prevent hacking and external intrusions
• Retaining and inspecting system access logs for a minimum of 6 months

6. Delegation of Personal Information Processing

To ensure seamless service provision, the Company may delegate personal information processing tasks to external entities. Prior notification and consent will be obtained regarding the details of the delegation and the receiving party.

7. Reporting and Consulting on Personal Information Breaches

If you need to report or consult about personal information breaches, please contact the following organizations:

• Personal Information Dispute Mediation Committee: www.kopico.go.kr, 1833-6972
• ersonal Information Infringement Report Center: privacy.kisa.or.kr, 118
• Supreme Prosecutors’ Office Cyber Crime Investigation Division: www.spo.go.kr, 1301
• Cyber Bureau of the Korean National Police Agency: cyberbureau.police.go.kr, 182

8. Changes to the Privacy Policy

The Company will notify users of any changes to the Privacy Policy, including the reasons for the changes, at least 7 days prior to implementation.

9. Personal Information Protection Officer

The Company designates the following officer to oversee personal information management, handle complaints, and provide remedies for damages:

• Personal Information Protection Officer: Director Sunggi Kim
• Contact Information: +82-10-2505-3544, sg.kim@hucord.com

This policy is effective as of 3^rd February 2025.