05 Policies Regarding Personal Information Provision to Third Parties

The Company utilizes the Users’ personal information within the scope outlined in the “Collection and Usage of Personal Information” section and will not exceed that scope or disclose user information without consent. However, exceptions may apply in the following circumstances: In addition, the Company will inform the User via email or pop-up about the party to whom the personal location data was shared, as well as the date and reason for the disclosure, immediately after sharing the information with a third party in exceptional circumstances.

1. Upon the User's consent

2. Provision in accordance with relevant laws

• The Company may disclose personal information without the User’s consent to relevant organizations as mandated by relevant laws such as the “Personal Information Protection Act” and during national emergencies such as natural disasters, pandemics, accidents/incidents causing bodily harm, imminent property loss, and other situations in compliance with government's “Methods for Processing and Protecting Personal Information in Emergencies”

06 Procedures and Methods for Destroying Personal Information

The User’s personal information will be destroyed immediately if the purpose of collection and usage is fulfilled. (‘Fulfilling Usage Purpose’ refers to withdrawal request, Service contract expiration, and account deletion) However, personal data may be stored for certain periods if a designated storage period is outlined in the Company's internal policies or relevant laws.

Personal information printed on paper will be destroyed by shredding or incinerating, and information in electronic file formats will be deleted through methods that render the files unrecoverable.

The Company automatically records and retains proof of collecting/using/providing location data for the purpose of providing customer service to Users. The data will be kept for 6 months and then promptly destroyed.

07 Rights and Obligations of Information Subjects and Legal Representatives

Users may access and rectify their personal information and request account deletion at any time.

Users may use the following methods to rectify personal information or to delete their account

• Access personal information: My Page > Settings > Account Information

• Change personal information: My Page > Settings > Account Information

• Delete account: My Page > Settings > Account Information > Delete Account

You can also contact the administrator or post on a separate message board and we will process your request as soon as possible

• Contact details for customer service related to personal information

• Email: pr@immersivecast.com

• Inquire through customer service: Storymate website > Support > Customer service > Inquiries & Feedbacks

The User may also exercise their rights through proxies such as legal representatives and locum tenens, and are required to provide a letter of attorney as outlined in the specified format in the appendix of the eleventh Clause of the “Personal Information Protection Act.”

Request to halt personal information access and processing may restrict the User's rights as an information subject under the fourth Clause of Article 35 and the second Clause of Article 37 in the “Personal Information Protection Act.” If a User asks for their personal information to be corrected or removed, the Company may not be able to delete such information if it is listed as an item for collection.

The Company will verify if the requested User is identical or a proxy if a User requests access, rectification, or deletion of their personal information as an information subject.

08 Policies Regarding Measures to Ensure the Safety of Personal Information

The Company implements the following technological, administrative, and physical protection measures in accordance with Article 29 of the “Personal Information Protection Act.”

• Minimizing and educating personal information handlers

  • The company ensures a limited number of employees are responsible for handling personal information. Regular education and awareness campaigns are conducted for all executives and employees to emphasize the importance of protecting personal information.

• Restricting access to personal information

  • Implementing procedures for granting, adjusting, and terminating access to the personal information processing system

  • Restricting unauthorized access from external sources using an intrusion detection system

• Encryption of personal information

  • All sensitive information, including credit card numbers, is securely stored and managed through encryption.

  • Sensitive data will be subject to additional security measures like encryption during storage or transmission

• Technological measures against threats such as hacking

  • Installing security programs and implementing routine updates and maintenance in order to prevent information leaks and damage caused by hacking or computer virus

  • Setting up systems in locations that are inaccessible and under surveillance using technological/physical methods

  • In addition to monitoring network traffic, identifying any illegal attempts to alter information

09 Implementing and Declining to Use of Automatic Personal Information Collection Devices

The Company uses 'cookies' to store and regularly retrieve usage information to offer personalized services to the User.

A cookie is a small piece of information that a website server (http) sends to the User's web browser and can also be found on the User's PC hard drive.

Cookies are used to provide optimized personal information, including advertisements, to users by analyzing Users' browsing habits, popular search terms, secure connections, and user demographics.

Users are given the choice to install cookies. Users can choose to accept all cookies, confirm their choices when cookies are saved, or reject them altogether by adjusting cookie settings in their preferred web browser. However, Users may experience inconveniences when using certain services which require them to log in to their accounts should they reject cookies saved to their PC.

How to configure cookie settings

• Internet Explorer

  • Click on the cog icon at the upper part of the browser window > Select “Internet options” > Select “Privacy” tab > Click “Advanced” > Configure in “Cookies” section

• Microsoft Edge

  • Click on the ellipses icon at the upper right part of the browser window > Select “Settings” > Select “Cookies and site permissions” > Configure using “Manage and delete cookies and site data”

• Chrome

  • Click on the ellipses icon at the upper right part of the browser window > Select “Settings” > Select “Privacy and security” > Configure under “General settings” within “Cookies and other site data”

• Whale

  • Click on the ellipses icon at the upper right part of the browser window > Select “Settings” > Select “Privacy” > Configure under “General settings” within “Cookies and other site data”

10 Policies Regarding Behavioral Information Collection, Usage, Provision, and Rejection

The Company collects the following behavioral information in order to provide personalized service, benefits, and advertisements during service use to information subjects.