Privacy Policy

The Company collects the following personal information to provide smooth service.

1. Membership Registration and Management - Required items: Name, email address (ID), password, mobile phone number

2. Paid Service Payment and Use - When paying by credit card: Card company name, card number, expiration date, etc. (Processed through a payment gateway, the Company does not store the full card number) - When making a bank transfer: Bank name, account number, etc. - Information generated during service use: Service usage records, access logs (including IP address, access time), cookies, payment records

3. Customer Inquiries and Consultation - Name, email address, mobile phone number, company name

The Company collects personal information in the following ways:

- Membership registration, service use, written forms, consultation via phone/fax, event participation on the homepage, mobile application, etc. - Automatic collection through information collection tools

The Company uses the collected personal information for the following purposes.

1. Fulfillment of Contracts for Service Provision and Fee Settlement - Provision of StreamGPU service, content provision, purchase and payment of fees, debt collection

2. Member Management - Identity verification for use of membership services, personal identification, prevention of fraudulent use by delinquent members and unauthorized use, confirmation of intent to join, preservation of records for dispute resolution, handling of complaints and other civil petitions, delivery of notices

3. Service Improvement and Use in Marketing and Advertising - Development of new services and provision of customized services, provision of services based on statistical characteristics, verification of service validity, identification of access frequency, statistics on members' service use - (With optional consent) Provision of event and advertising information and opportunities to participate

In principle, the Company does not provide users' personal information to external parties. However, the following cases are exceptions.

- When users have given prior consent - When there is a request from an investigative agency in accordance with the provisions of the law, or for investigation purposes according to the procedures and methods prescribed by the law

1. The Company does not transmit for-profit advertising information without the user's explicit consent to receive it. 2. The Company may transmit information about new services, events, etc. via email or text message, limited to members who have consented to receive marketing information. 3. Users can withdraw their consent to receive at any time, and the Company complies with relevant laws such as displaying the word (Advertising) in accordance with the Information and Communications Network Act.

In principle, the user's personal information is destroyed without delay once the purpose of its collection and use has been achieved. However, the following information is retained for the period specified for the reasons below.

1. Reasons for Information Retention according to the Company's Internal Policy - Preservation of records for prevention of fraudulent use and dispute resolution: 6 months after membership withdrawal - Purpose: To prevent the recurrence of illegal acts, identity theft, or service abuse that violates the terms and conditions after membership withdrawal, and to respond smoothly in the event of a related dispute. - Specific examples: - Attempting to re-register after abnormal use of the service (cryptocurrency mining, hacking attempts, etc.) - Repeatedly joining and withdrawing to unfairly obtain promotions, discounts, etc. - Having a record of identity theft or attempting illegal payments - Other acts that disrupt the service operation order, cause damage to other users, or have the potential for legal disputes - Items retained: Only the minimum information necessary to achieve the above purpose (email address (ID), name, mobile phone number, access IP information, etc.) is retained.

2. Reasons for Information Retention according to Relevant Laws - Records on contracts or withdrawal of offers: 5 years (Act on Consumer Protection in Electronic Commerce, etc.) - Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.) - Records on consumer complaints or dispute resolution: 3 years (Act on Consumer Protection in Electronic Commerce, etc.) - Website visit records: 3 months (Communication Secrets Protection Act)

In principle, the Company destroys the information without delay after the purpose of collecting and using personal information has been achieved. The destruction procedure and method are as follows.

1. Destruction Procedure - Information entered by the user for membership registration, etc., is transferred to a separate DB after the purpose is achieved and is destroyed after being stored for a certain period according to internal policies and other reasons for information protection under relevant laws.

2. Destruction Method - Personal information stored in electronic file format is deleted using a technical method that cannot reproduce the record. - Personal information printed on paper is shredded with a shredder or destroyed by incineration.

1. Users can view or modify their registered personal information at any time and can also request membership withdrawal (withdrawal of consent). 2. For viewing and modifying personal information, you can directly view, correct, or withdraw after going through the identity verification process using the 'Change Member Information' function for membership withdrawal. 3. Alternatively, if you contact the person in charge of personal information protection in writing, by phone, or by email, we will take action without delay.

The Company separates strictly necessary cookies from analytics and marketing cookies or similar technologies that are enabled only based on the user's optional consent. Non-essential tracking scripts for analytics or marketing purposes are not loaded before the user gives consent. The Company uses the following third-party tools according to its actual production configuration.

1. Categories of cookies and similar technologies - Necessary cookies: Used for functions required to provide the service, including login, session management, security, and abuse prevention. - Analytics cookies: May be used for visit and usage statistics, service performance analysis, and usability improvements. - Marketing cookies: May be used for event notices, advertising performance measurement, and personalized notices. - Cookie consent data: The user's analytics and marketing choices, consent schema version, and update timestamp are stored in browser storage (localStorage) to keep the user's choice.

2. Purpose of collecting and using behavioral data - If the user consents to analytics or marketing, the Company may process information generated during service use, such as visited pages, clicks and navigation behavior, access environment, and usage time, for service improvement, statistical analysis, personalized notices, and advertising performance measurement. - The Company processes such information only within the scope permitted by applicable laws and the user's consent choices.

3. Third-party automatic collection devices and overseas processing details - Google Tag Manager - Type of automatic collection device: Tag management script - Collecting/processing provider: Google LLC - Country of transfer/processing: The United States and other countries where Google LLC provides its services - Timing and method of transfer: Network transmission through the user's browser while using the website after the user consents to analytics or marketing - Processed items: Access environment information, page URL, event trigger information, and other information necessary to execute tags and process consent state - Purpose of use: To execute and manage analytics and marketing tags configured by the Company according to the user's consent state - Retention and use period: Until the service is terminated. If the user withdraws consent, new analytics or marketing tag execution and new collection will stop. - Google Analytics - Type of automatic collection device: Web analytics script and cookies or similar technologies - Collecting/processing provider: Google LLC - Country of transfer/processing: The United States and other countries where Google LLC provides its services - Timing and method of transfer: Network transmission through the user's browser while using the website after the user consents to analytics - Processed items: Page visits, traffic sources, browser and device information, service usage events, approximate access region, cookies or similar identifiers, and other information necessary for usage statistics - Purpose of use: Visit and usage statistics, service performance analysis, and usability improvement - Retention and use period: Until the service is terminated. If the user withdraws consent, new analytics collection will stop. - Cloudflare Web Analytics/Insights - Type of automatic collection device: Web analytics script or web analytics feature provided by Cloudflare - Collecting/processing provider: Cloudflare, Inc. - Country of transfer/processing: The United States and other countries where Cloudflare, Inc. provides its services - Timing and method of transfer: Network transmission through the user's browser while using the website after the feature is enabled in production and the user consents to analytics - Processed items: Page visits, access environment, performance and error-related events, request metadata, and other information necessary for service quality and usage statistics - Purpose of use: Service quality, performance, error, and usage statistics analysis - Retention and use period: Until the service is terminated. If the user withdraws consent, new analytics collection will stop. - These tools are operated so that they are activated only when the user consents to analytics or marketing. Any third-party analytics tool found to load before consent will be disabled or placed behind a separate consent gate before being added to the allowlist.

4. How to refuse or withdraw consent - On the first visit, users can choose "Accept all", "Reject all", or "Detailed settings" in the cookie and privacy choice dialog. - Users can change or withdraw consent for analytics and marketing cookies at any time through the "Cookie settings" menu in the website footer. - Users may also restrict or delete cookies through their browser settings. In that case, some necessary functions such as login may be limited. - Third-party cookies or behavioral data collection may also be limited through browser settings such as blocking third-party cookies, tracking prevention, or deleting site data.

In processing users' personal information, the Company devises the following technical and managerial measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged.

1. Encryption of Personal Information : The user's password is encrypted, stored, and managed so that only the user can know it, and for important data, separate security functions such as encrypting file and transmission data or using a file lock function are used. 2. Technical Measures against Hacking, etc.: To prevent personal information leakage and damage from hacking or computer viruses, we install security programs, perform periodic updates and inspections, install systems in areas where access from the outside is controlled, and monitor and block them technically/physically. 3. Restricting Access to Personal Information Processing Systems: We take necessary measures to control access to personal information by granting, changing, and revoking access rights to the database system that processes personal information, and we control unauthorized access from the outside using an intrusion prevention system. 4. Minimizing and Educating Personal Information Handling Staff: We are implementing measures to manage personal information by designating and limiting the staff who handle personal information to a minimum.

The Company has designated the relevant department and person in charge of personal information protection as follows to protect customers' personal information and handle complaints related to personal information.

Person in Charge of Personal Information Protection

- Name: Kyungrok Kim - Email: [email protected]

Department in Charge of Personal Information Protection

- Department Name: Technical Support Team - Phone Number: 02-6741-2425 - Address: B-dong 815ho, Magok Grand Twin Tower, 18 Magokjungang 4-ro, Gangseo-gu, Seoul

If you need to report or consult about other personal information infringements, please contact the following organizations.

- Personal Information Protection Commission - Korea Internet & Security Agency Personal Information Infringement Report Center / (without area code) 118 - Supreme Prosecutors' Office / (without area code) 1301 - National Police Agency / (without area code) 182

Any additions, deletions, or modifications to the current personal information processing policy will be notified through the 'Notice' section of the homepage at least 7 days before the revision.