The Personal Information Handling Policy is designed to protect IBO's personal information, and to ensure basic privacy, freedom, and communication secrets of IBO and to prevent human rights damage due to information leakage.
In accordance with Article 30 of the Personal Information Protection Act, ENZACTA Co., Ltd. establishes and discloses personal information handling policies as follows to protect personal information of information subjects and to handle related grievances quickly and smoothly. ENZACTA Co., Ltd. will inform you of the purpose and method of personal information provided by IBO through the personal information handling policy, and what measures are being taken to protect personal information.
If you change the personal information handling policy of ENZACTA Co., Ltd., we will provide appropriate guidance through the website notice. Please visit ENZACTA's website frequently to check the changes.
ENZACTA Co., Ltd. will announce through a website notice (or individual notice) when revising its personal information handling policy.

Article 1 Items for collecting personal information and the purpose of use.

ENZACTA Co., Ltd. uses the collected personal information for the following purposes. The personal information being processed will not be used for any of the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act. Collection items: resident registration number or alien registration number and bank account information, purpose of use of business registration number: confirmation of intention to join IBO, maintenance and management of IBO qualifications, prevention of illegal use of IBO services, various notices and notices, complaints, purchase/payments, etc Age certification based on relevant laws, including the Act on Provision, Contract and Billing, Content Provision, Customized Service Provision, Identification, Use of IBO Services, Age Verification, IBO Subscription and Management, IBO Listing.

Article 2 The period of personal information retention and use

While receiving services provided by ENZACTA Co., Ltd., IBO's personal information will continue to be held by ENZACTA Co., Ltd. and used to provide services. However, if the IBO's personal information is collected or provided, or if the IBO's qualification is revoked due to the reason for termination of qualification expressed in Article 3(7) of the ENZACTA IBO Management Regulations, the personal information is deleted and cannot be viewed or used for any purpose.
However, if it is necessary to hold the data for a certain period of time due to the confirmation of the transaction-related rights and obligations as follows pursuant to the provisions of related laws such as the Commercial Act, the relevant data shall be held for a certain period of time.
Records on withdrawal of contracts or subscriptions: 3 years
Records on payment and supply of goods, etc.: 3 years
Records on the handling of consumer complaints or disputes: 3 years
In accordance with the prevention of re-entry within 6 months of IBO withdrawal and internal policy, identification of persons who are not legal as IBO of ENZACTA Co., Ltd. : 3 years

Article 3 Provision and sharing of personal information

In principle, ENZACTA Co., Ltd. does not disclose IBO's personal information to other companies and institutions unrelated to IBO's service. However, in the following cases, personal information may be provided without consent.
① (Where it is determined that personal information should be disclosed to take legal action against a person who violates ENZACTA's IBO regulations, damages others, or harms the manners and customs of others by using ENZACTA's services
② Where there is a request from an investigative agency in accordance with the procedures and methods prescribed in the Act or for investigative purposes;

Article 4 Entrustment of Personal Information Processing and Provision to Third Parties

In order to improve the service, IBO's personal information can be collected, handled, managed, etc. to the consignee, and according to the relevant laws, personal information can be safely managed.
① When the company concludes an entrustment contract, it prohibits the processing of personal information other than the purpose of performing entrusted business pursuant to Article 25 of the Personal Information Protection Act, and technology.Management protection measures, restrictions on re-entrustment, and management of the trustee.It stipulates matters related to liability, such as supervision and compensation for damages, in documents such as contracts, and supervises whether the trustee handles personal information safely.
② If the details of the entrusted work or the trustee changes, we will disclose it through this personal information processing policy without delay.

Article 5 Rights, obligations, and methods of exercise of information subjects

1 The information subject may exercise the following rights related to personal information protection against the company at any time:

• Request for access to personal information
• Request correction if there is an error, etc
• Delete Request
• Processing stop request

② The exercise of rights under paragraph (1) can be made in writing, by phone, e-mail, fax, etc., and the company will take action without delay.
③ If the information subject requests correction or deletion of personal information errors, etc., the company will not use or provide the personal information until the correction or deletion is completed.
④ The exercise of rights under paragraph (1) may be conducted through an agent, such as a legal representative of the information subject or a person entrusted. In such cases, a power of attorney under attached Form 11 of the Enforcement Rules of the Personal Information Protection Act shall be submitted.
⑤ The information subject shall not infringe on the personal information and privacy of the information subject himself or others handled by the company in violation of relevant laws such as the Personal Information Protection Act.

Article 6 Technical and administrative measures

① Technical Countermeasures ENZACTA Co., Ltd. is taking the following technical measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged in handling IBO's personal information.

• IBO's personal information is protected by passwords, and important data is protected by separate security features, either by encrypting files and transfer data or by using file lock.
• ENZACTA Co., Ltd. is taking measures to prevent damage caused by computer viruses using a vaccine program.
• Vaccine programs are updated periodically, and if a sudden virus appears, it is provided as soon as the vaccine is released to prevent personal information from being violated.
• ENZACTA Co., Ltd. adopts a security device (SSL or SET) that can safely transmit personal information on the network using a password algorithm.
• In preparation for external intrusion such as hacking, each server uses an intrusion prevention system and a vulnerability analysis system to ensure security.

② Administrative Measures

• ENZACTA Co., Ltd. limits IBO's access to personal information to a minimum number of people, and provides regular in-house and outsourced training for employees who handle personal information about acquiring new security technologies and their privacy obligations.
• When joining the company, we prepare internal procedures to prevent information leakage by people in advance through the security pledge of all employees and to monitor the implementation of personal information handling policies and compliance of employees.
• The transfer of duties by personal information-related handlers is carried out thoroughly while security is maintained, and the responsibility for personal information accidents after joining and leaving the company is clarified.
• ENZACTA Co., Ltd. is not responsible for what happens due to personal mistakes of users or the dangers of the basic Internet.
• Individual IBOs must properly manage their IDs and passwords and take responsibility for them in order to protect their personal information.
• In the event that personal information is lost, leaked, altered, or damaged due to an internal manager's mistake or technical management accident, ENZACTA Co., Ltd. will immediately inform the IBO of the fact and take appropriate measures.

Article 7 Personal ID and password management

In principle, IBO numbers and passwords used by IBO are only used by IBO. ENZACTA Co., Ltd. is not responsible for problems caused by the theft of IBO's ID and password or other use of others if there is no intention or negligence of ENZACTA Co., Ltd. Under no circumstances should you let others know your password and pay special attention to prevent personal information from being leaked to others around you while you are logged on. If an IBO subscription or purchase is confirmed by stealing another person's personal information, the IBO contract may be terminated unilaterally, and up to three years in prison or a fine of up to 10 million won may be imposed under the Resident Registration Act.

Article 8 Matters concerning information protection for children under the age of 14;

ENZACTA Co., Ltd. can only be signed up as an IBO for those aged 19 or older.

Article 9 Person in charge of personal information management

ENZACTA Co., Ltd. is in charge of personal information processing and designates a personal information protection manager (management and practice) as follows to handle complaints and remedy damages by information subjects related to personal information processing. You can contact the person in charge of personal information protection and the department in charge of personal information protection for all personal information protection inquiries, complaints, and damage relief that occurred while using ENZACTA's service (or business). ENZACTA Co., Ltd. strives to provide a quick and sufficient response to the information subject's inquiries.
① Person in charge of personal information management

• Name: Kim Byung-chul
• Phone number: 02-565-4011
• Email: enzactakorea@enzacta.co.kr

Article 10 Method of remedy for infringement of rights and interests

The information subject can inquire about personal information infringement about the institutions below. The institution below is a separate institution from the company, and if you need to report or consult about personal information infringement, please contact the institution below.
Personal Information Infringement Reporting Center and Dispute Mediation Committee (operated by the Korea Internet & Security Agency)

• Responsible duties: reporting personal information infringement, applying for counseling, and requesting dispute settlement
• Homepage: privacy.kisa.or.kr
• Phone: (without station number) 118
• Address: (58342) 9 Jinheung-gil, Naju-si, Jeollanam-do, Korea Internet & Security Agency Personal Information Infringement Report Center (Bitgaram-dong)

Personal Information Infringement Report Center

• Cyber Investigation Division of the Supreme Prosecutors' Office: 1301 (cybercid.spo.go.kr)
• National Police Agency Cyber Crime Reporting Center: 182 (ecrm.cyber.go.kr)

If you need counseling on other personal information infringement/damage, you can contact the Personal Information Infringement Reporting Center (http://www.cyberprivacy.or.kr phone 1336) within the Korea Information Protection Agency (KISA).

Article 11 Changes in personal information processing policies

Privacy Policy: v2.0
This personal information processing policy will be applied from February 18, 2021.