MaumEmoji (hereinafter "Company") complies with the Personal Information Protection Act and related laws to protect the freedom and rights of data subjects, and legally processes and safely manages personal information.

In accordance with Article 30 of the Personal Information Protection Act, we establish and disclose the following privacy policy to guide data subjects on procedures and standards for personal information processing and to handle related complaints quickly and smoothly.

The Company processes personal information for the following purposes. Personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be taken in accordance with Article 18 of the Personal Information Protection Act.

• Contract fulfillment for service provision and fee settlement according to service provision
• User identification and verification of user intent
• Restricting service use for illegal or terms-violating users
• Sanctions for acts that interfere with smooth service operation and service abuse
• Record preservation for complaint handling and dispute resolution
• Delivery of notices and collection of opinions for service improvement

1. The Company processes and retains personal information within the retention and use period of personal information according to laws or the retention and use period of personal information consented to when collecting personal information from data subjects.

2. The processing and retention periods for each personal information are as follows:

1. The Company processes personal information of data subjects only within the scope specified in Article 2 (Purpose of Personal Information Processing) and provides personal information to third parties only when it corresponds to Article 17 of the Personal Information Protection Act, such as consent of the data subject and special provisions of the law.

2. Currently, the Company does not provide personal information to third parties.

1. For smooth personal information processing, the Company entrusts personal information processing tasks as follows:

2. When signing an entrustment contract, the Company specifies matters regarding responsibility such as prohibition of personal information processing other than the purpose of performing entrusted tasks, technical and administrative protection measures, restriction of re-entrustment, management and supervision of consignees, and compensation for damages in documents such as contracts in accordance with Article 26 of the Personal Information Protection Act, and supervises whether the consignee processes personal information safely.

1. Data subjects may exercise the following personal information protection-related rights against the Company at any time:

• Request for notification of personal information processing status
• Request for correction and deletion in case of errors
• Request for suspension of processing

2. Exercise of rights under paragraph 1 may be made to the Company in writing, by telephone, email, facsimile (FAX), etc., and the Company will take action without delay.

1. The Company destroys the personal information without delay when personal information becomes unnecessary, such as the expiration of the personal information retention period and achievement of processing purposes.

2. The procedures and methods for destroying personal information are as follows:

In accordance with Article 29 of the Personal Information Protection Act, the Company takes the following technical/administrative and physical measures necessary to ensure safety:

• Regular internal audits
• Restriction of access rights to personal information processing systems
• Encryption of personal information
• Technical measures against hacking, etc.
• Inspection of personal information processing status and establishment and implementation of internal management plans

The Company designates a personal information protection manager as follows to take overall responsibility for personal information processing tasks and to handle complaints and remedy damages of data subjects related to personal information processing:

1. This privacy policy applies from January 1, 2025.

2. Previous privacy policies can be found below.