FOAV lnc. (hereinafter referred to as "Company") establishes and discloses the following personal information handling policies to protect your personal information and to handle related grievances quickly and smoothly under the Information Network Utilization Promotion and Information Protection Act.

Article 1 (Items and methods of collecting personal information)

1. The company collects the following personal information at the time of membership registration, to fulfill the contract for service provision, to settle fees for service provision, and to provide other services

A. Membership and management - Required items: Login ID, password (encrypted storage), gender, date of birth, name, mobile number, e-mail

B. Records of walking and volunteer activities or provision of services - Required items: GPS records and mobile phone numbers when using flogging - Service usage records, access logs, cookies, access IP information, bad usage records, number of steps (gyrosensor), etc

2. How to collect personal information

Membership registration of FORAVE web/mobile application, wired counseling through customer center, and online counseling through e-mail

Article 2 (Purpose of Collection and Use of Personal Information)

1. The company collects your personal information as follows. The personal information being processed will not be used for any of the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act.

Purpose of collecting and using personal information:
1) Membership and management
2) Provision of foot donation services
3) Statistics/Analysis of Service Performance Information and Service Recommendation for Forever Service
Items of personal information collected:
1)Login ID, password (encrypted storage), gender, date of birth, name, email, mobile phone number, service usage history, access log, cookie, access IP information, bad usage record, number of steps (gyrosensor), etc
2) Address, mobile phone number, payment method information
3) All collected personal information items

Period of retention and use of personal information:
1) Until you withdraw from the business/group service
2) Until the completion of the service supply and the completion of the payment and settlement of charges: Provided, That where there is a period prescribed by Acts and subordinate statutes, until the end of the relevant period

(1) Act on the Protection of Consumers in Electronic Commerce, etc. - Records on Labeling and Advertising: 6 months
- Records on the withdrawal of contracts or subscriptions, payment, supply of goods, etc.: 5 years
- Records on the handling of consumer complaints or disputes: 3 years
(2) Communication Secret Protection Act - Internet log record data: 3 months

(3) Electronic Financial Transactions Act
- Record of Electronic Financial Transactions: 5 years

Article 3 (Provision of Personal Information)

1. The company provides personal information to third parties only if it falls under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the information subject and special provisions of the law.

1)The company provides personal information to third parties for the record of volunteer work performance as follows.

(1) < Person in charge of providing results and rewards for the step donation campaign/certification challenge >
- Person who receives personal information: A person in charge of a local government, institution, enterprise, or volunteer center who has established a campaign or certification challenge
- Purpose of using personal information of the recipient: Date of birth to check the performance of the walking donation campaign/certification challenge and provide rewards,
Name, phone number, activity performance (walking, certification photo)
- the possession of the recipientPeriod of use: Until the end of the campaign

Where other users agree in advance;
Where there is a request from an investigative agency in accordance with the provisions of laws and regulations or in accordance with the procedures and methods prescribed in laws and regulations

Article 4 (Rights of Members and Method of Exercise)

1. You can inquire or modify your personal information at any time, and withdraw your consent to the use of personal information through the member withdrawal process.

2. I would like to inform you of what rights you have for your personal information and how and procedures you can exercise it. In addition, it also guides what rights legal representatives (parents, etc.) can exercise to protect personal information of children under the age of 14.

- If a legal representative agrees to use or provide location information for children under the age of 14, he/she may exercise the right to retain consent, withdraw consent and temporarily suspend consent, and the right to request access and notification under the Act on the Protection and Use of Location Information.

3. To check/correct personal information, you can check the My Information Management item on the site, and withdrawal of membership (withdrawal of consent) can be done through "Withdrawal of membership" at the bottom of the Modification of Membership in Settings. In addition, you can contact the company's customer center and personal information protection manager in writing, by phone, fax, or email to request access/correction.

4. If you request correction of your personal information error, you will not use or provide personal information until the correction is completed. In addition, personal information canceled or deleted at the request of the member is handled as specified in "2. Purpose of Collection and Use of Personal Information" and is not allowed to be viewed or used for other purposes.

Article 5 (Obligations of Members)

1. You are obligated to protect your personal information, and the company is not responsible for any problems caused by the leakage of personal information due to your own carelessness.

2. Please enter your personal information accurately and up-to-date. You are responsible for problems caused by your inaccurate information entry, and you can be punished according to the Personal Information Act along with the loss of membership when you sign up for membership or use services by stealing other people's personal information.

3. You have the right to protect your personal information, as well as the obligation to protect yourself and not infringe on other people's information. Please be careful not to leak your personal information, including your ID and password, and be careful not to damage other people's personal information, including posts.

4. Members must comply with other personal information laws such as the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc. and the Personal Information Protection Act.

Article 6 (Link Site)

The Company may provide you with links to external websites or materials. In this case, the Company does not have control over external websites and materials, and therefore cannot be responsible or warranted for the usefulness of the services or materials it receives. If you go to the page of an external website through the link included in the company's site, the privacy policy of the website is irrelevant to the company, so please review the policy of the newly visited website.

Article 7 (Matters concerning the installation, operation, and rejection of automatic personal information collection devices (cookies, etc.)

1. The company uses 'cookie' to store and retrieve your information from time to time to provide more appropriate and useful services to members. Cookies are tiny text files that the server used to run a company's website sends to your computer and are stored on your computer's hard disk. You can choose whether to use cookies or not.

2. How to reject cookie settings
- By setting options for your web browser, you can allow all cookies, go through verification each time you save them, or refuse to save all cookies. However, refusing to save cookies may limit the use of some services that require login.

- To specify whether to allow cookies to be installed (for Internet Explorer)

1) Select Internet Options from the Tools menu
2) Click Personal Information
3) Click Advanced
4) Select whether to allow cookies

Article 8 (Destruction of Personal Information)

1. The company shall destroy the personal information without delay when personal information becomes unnecessary, such as the lapse of the personal information retention period and the achievement of the purpose of processing.

2. If the personal information retention period agreed by the member has elapsed or the purpose of processing has been achieved, the personal information shall be transferred to a separate database (DB) or stored in a different storage place.

3. The procedure and method of destroying personal information are as follows.
1) Revocation procedure

The company selects personal information that causes destruction and destroys personal information with the approval of the company's personal information protection manager.

2) Destruction method
The company destroys personal information recorded and stored in the form of an electronic file by using methods such as Low Level Format so that records cannot be played, and destroys personal information recorded and stored in paper documents by shredder or incinerator

Article 9 (Measures to secure the safety of personal information)

The company is taking the following measures to ensure the safety of personal information.
1. Management measures: Establishment and implementation of internal management plans, regular employee training, etc
2. Technical measures: Management of access rights such as personal information processing systems, installation of access control systems, encryption of unique identification information, and installation of security programs
3. Physical measures: Control access to computer rooms, data storage rooms, etc

Article 10 (Personal Information Protection Manager)

1. The company is in charge of personal information processing, and designates a personal information protection manager as follows to handle complaints and remedy damages related to personal information processing

▶ Person in charge of personal information protection
Name: Park Sung Jip
Affiliate: FOAV lnc.
Position: Representative Director
Contact point: Tel +82 10 59044723
E-mail : foav20@naver.com

2. You can contact the personal information protection manager and the department in charge of personal information protection for all personal information protection inquiries, complaints, and damage relief that have occurred while using the company's service (or business). The company will answer and process your inquiry without delay.

Article 11 (Method of remedy for infringement of rights and interests)

You can inquire about the following institutions for damage relief and counseling for personal information infringement.
< The organization below is separate from the company, so please contact us if you are not satisfied with the company's own personal information complaint handling and damage relief results, or if you need further help >

▶ Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
▶ Cyber Crime Investigation Team of the Supreme Prosecutors' Office: 02-3480-3573 (cybercid.spo.go.kr)
▶ National Police Agency Cyber Terrorism Response Center: 1566-0112 (cyberbureau.police.go.kr)

Article 12 (Amendment of Personal Information Handling Policy and Notice thereof)

If there is any addition, deletion, or modification of the current personal information handling policy, it will be notified through the "notification" on the website at least seven days before the revision.

This policy will take effect from the effective date below.

- Announcement date: November 15, 2022
- Revised date: November 23, 2022