Privacy Policy D&T Holdings Co., Ltd. (hereinafter referred to as the “Company”) values ​​your personal information and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection. Through its Privacy Policy, the Company informs you of how and for what purpose your personal information is used and what measures are taken to protect your personal information.

■ Personal information items collected and collection method A. Personal information items collected o The company collects the following personal information for membership registration, consultation, service application, etc. – When registering as a member: Name, date of birth, gender, login ID, password, home phone number, mobile phone number, email, and information on legal representative for subscribers under the age of 14 – When applying for a service: Address, payment information
o During the process of using the service or processing business, service usage records, access logs, cookies, access IP, payment records, and records of improper use may be generated and collected.
B. Collection Methods
– Collection via website, written forms, bulletin boards, email, event applications, delivery requests, phone, fax, and information collection tools

■ Purpose of collection and use of personal information The company uses the collected personal information for the following purposes: o Performance of contracts for service provision and settlement of fees according to service provision Provision of content, purchase and payment, delivery of goods or invoices, financial transaction identity verification and financial services o Member management Identity verification, personal identification, prevention of fraudulent use by bad members and prevention of unauthorized use, confirmation of intent to join, age verification, confirmation of consent of legal representative when collecting personal information of children under 14 years of age, handling of complaints, etc., delivery of notices o Use in marketing and advertising Delivery of advertising information such as events, understanding of access frequency or statistics on members’ use of services

■ Personal information retention and use period In principle, after the purpose of collecting and using personal information has been achieved, the information is destroyed without delay. However, the following information will be retained for the period specified below for the reasons stated below.
go. Even if a member withdraws membership due to internal company policy, the member’s information may be retained for 5 years from the date of termination of the service agreement to prevent recurrence of fraudulent use by delinquent members, resolve disputes, and cooperate with requests from investigative agencies.
B. Reasons for retaining information according to relevant laws In cases where it is necessary to retain information according to the provisions of relevant laws such as the Act on Consumer Protection in Electronic Commerce, etc., the company retains member information for a certain period of time as stipulated in the relevant laws as follows. o Records on contracts or cancellation of subscription, etc. – Reason for retention: Act on Consumer Protection in Electronic Commerce, etc. – Retention period: 5 years o Records on payment and supply of goods, etc. – Reason for retention: Act on Consumer Protection in Electronic Commerce, etc. – Retention period: 5 years o Records on consumer complaints or dispute resolution – Reason for retention: Act on Consumer Protection in Electronic Commerce, etc. – Retention period: 3 years o Log records – Reason for retention: Protection of Communications Secrets Act – Retention period: 3 months

■ Personal information destruction procedures and methods In principle, the company destroys the relevant information without delay after the purpose of collecting and using personal information has been achieved. The destruction procedures and methods are as follows. o Destruction procedures The information you entered for membership registration, etc. is transferred to a separate DB (separate filing cabinet in the case of paper) after the purpose has been achieved and stored for a certain period of time according to the internal policy and other relevant laws and regulations for information protection reasons (see retention and use period) and then destroyed. Personal information transferred to a separate DB will not be used for any purpose other than retention, except in cases required by law. o Destruction methods Personal information stored in electronic file format is deleted using a technical method that makes it impossible to reproduce the record.

■ In principle, the personal information provider does not provide users’ personal information to external parties. However, exceptions are made in the following cases: o When users have given prior consent o When there is a request from an investigative agency in accordance with the procedures and methods stipulated by law or for investigative purposes based on the provisions of the law

■ The company entrusted with the collected personal information operates by entrusting it to an external specialized company as follows to provide services. o Entrusted party: Lotte Express o Entrusted work: Logistics and delivery agency
o Entrusted party: KG Inicis Co., Ltd. o Entrusted work: Payment agency
o Entrusted party: POSMAN o Entrusted work: Sending text messages such as SMS and MMS

■ User and legal representative rights and how to exercise them o Users and legal representatives may view or modify their own registered personal information or that of children under the age of 14 at any time, and may also request cancellation of membership. o To view or modify the personal information of children under the age of 14, the user or legal representative may click on “Change Personal Information” (or “Modify Member Information”), and to cancel membership (withdraw consent), click on “Cancel Membership” and go through the identity verification process to directly view, correct, or cancel membership. o Alternatively, you may contact the Personal Information Protection Officer in writing, by phone, or by email, and we will take action without delay. o If you request correction of errors in your personal information, we will not use or provide the personal information until the correction is complete. In addition, if incorrect personal information has already been provided to a third party, we will promptly notify the third party of the results of the correction process to ensure that the correction is made. o The company processes personal information that has been canceled or deleted at the request of the user in accordance with the provisions of “Retention and Use Period of Personal Information Collected by the Company” and processes it so that it cannot be viewed or used for any other purpose.

■ Matters concerning the installation, operation, and rejection of automatic personal information collection devices The Company operates “cookies” that store and retrieve your information from time to time. Cookies are very small text files that the server used to operate the website sends to your browser and are stored on your computer’s hard disk. The Company uses cookies for the following purposes: o Purpose of use of cookies, etc. 1. Analysis of access frequency and visit time of members and non-members, identification of user preferences and areas of interest and tracking of traces, target marketing and provision of personalized services through identification of the degree of participation in various events and number of visits, etc. 2. You have the option to install cookies. Therefore, you can allow all cookies, confirm each time a cookie is saved, or reject the saving of all cookies by setting options in your web browser. o How to reject cookie settings 1. To reject cookie settings, you can select options in your web browser to allow all cookies, confirm each time a cookie is saved, or reject the saving of all cookies. 2. Example of setting method (for Internet Explorer): Tools at the top of the web browser > Internet Options>Privacy 3. However, if you refuse to install cookies, you may have difficulty receiving services.

■ Personal Information Complaint Service The company has designated the following departments and personal information protection officers to protect customers’ personal information and handle complaints related to personal information. o Personal Information Protection Officer Name: Choi Won-hee Affiliation: Individual Business Headquarters Phone Number: 070-4773-6808 Email: dnt2022@naver.com
o You may report any complaints related to personal information protection that arise while using the company’s services to the personal information protection officer or the relevant department. o The company will promptly and sufficiently respond to users’ reports. o If you need to report or consult about other personal information infringements, please contact the following organizations: Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code) Supreme Prosecutors’ Office Cyber ​​Crime Investigation Division (www.spo.go.kr / 02-3480-2000) National Police Agency Cyber ​​Security Bureau (www.ctrc.go.kr / 182 without area code)