(Gourmeet Corp. hereinafter referred to as the "Company") complies with the personal information protection regulations of relevant laws and regulations that information and communication service providers must comply with, such as the 「Act on Promotion of Information and Communications Network Utilization and Information Protection」, 「Communication Secrets Protection Act」, 「Telecommunications Business Act」, and 「Personal Information Protection Act」, and does its best to protect the rights and interests of users by establishing a personal information processing policy in accordance with relevant laws and regulations.

This Privacy Policy applies to your use of the services (hereinafter referred to as the "Service") provided by the service platform [Metnam] (including web, mobile web, and app, hereinafter referred to as the "Platform") managed and operated by the Company, and contains the following contents.

1. what personal information about users we collect

2. Purpose of collecting and using personal information

3. How we collect personal information

4. Delegation of Personal Information

5. Retention and use period of personal information

6. Procedures and methods for destroying personal information

7. Ensure user personal information is accurate

8. Suspension of services that may be taken to protect your personal information

9. information sharing and provision with third parties

10. what we do to keep your personal information confidential

11. What users need to know to protect their personal information

12. handling of personal information and other complaints from unaware users

13. about data controller restrictions

14. Rights of users and legal representatives and how to exercise them

15. Installation/operation and rejection of automatic personal information collection devices

16. Contact information for the Privacy Officer and the person in charge

17. Notice Obligations

1. what personal information about your users are you collecting

A. Items of personal information we collect

1. Required: Full name, mobile phone number, date of birth, email address, gender, date of birth, location, nickname, height, religion, alcohol consumption, occupation, photo, nickname, access device information (including ADID and IDFA), access device IP address, location information

2. Optional: Other information for creating a profile and using the service (such as where you live, style, religion, personality, hobbies, interests, possessions, wishes, education and job-related information, profile picture, address book information to avoid matching acquaintances, and other profile information that you enter yourself to use the matching service) is determined and entered by the information subject.

We may also collect the following additional information to provide a reliable service

1. cookies, date and time of visit, service usage history, bad usage history

2. when applying for identity verification or manual direct deposit: mobile carrier, account number, etc.

3. for credit card payments: Card company name, card number, etc.

4. for mobile phone micropayments: Mobile phone number, carrier, payment authorization number, etc.

5. when paying by check or bank transfer: Bank name, account number, etc.

6. part of the address book information of the accessing device when using the acquaintance avoidance feature (full name and mobile phone number of the contact who has selected acquaintance avoidance).

B. How we collect personal information

We collect personal information in the following ways

- Website, mobile web/app, paper form, fax, phone, message board, email, event entry

- Collecting information from our partners through joint ventures and collaborations

- Collecting information through generated information collection tools

2. Purpose of collecting and using personal information

a. To fulfill contracts for the provision of services and to settle charges for the provision of services.

- Provide content, provide certain personalized services, authenticate yourself, purchase and pay for content, and collect payments.

B. We use some user information for user management

- Confirmation of identity, personal identification, prevention of fraudulent use by bad users (users who violate the terms of use or do not perform diligently), prevention of unauthorized use, limitation of the number of applications for service use, record-keeping for dispute settlement, handling of complaints such as complaint handling, and delivery of notices.

- When a user applies for membership, the Company may temporarily provide the applicant's profile to existing members in the process of membership verification and screening refinement. This is inevitable due to the nature of the [Metnam] service, which considers feedback from existing members as an important factor in the membership verification and screening refinement process, and is limited to the purpose of such business.

- Existing members who are entrusted with part of the above tasks by the Company in the process of membership verification and screening refinement may, as a trustee, process the applicant's profile information only for the purpose of performing the above tasks, and are prohibited from collecting, creating, linking, interconnecting, recording, storing, retaining, processing, editing, searching, outputting, correcting, recovering, using, providing, disclosing, destroying, or otherwise handling the above personal information by any similar means, or re-commissioning the processing of the above personal information.

- As part of our efforts to technically and administratively protect personal information, we adopt encryption technology to prevent leaks in advance, and establish a system to check the management status of personal information by detecting the first replicator or first distributor in the event of unauthorized reproduction or distribution.

- Existing members who are partially entrusted with tasks as described above may be liable for damages if they violate their obligations as a trustee, such as processing personal information for purposes other than those tasks and prohibiting re-commissioning of such processing, and the Company may exercise its right of recourse against such trustees in this regard.

c. Develop new services and use them for marketing and advertising

- New service development and certification services, provision of customized services, provision of services and advertisements according to statistical characteristics, provision of event and advertisement information and participation opportunities, identification of access frequency, statistics on users' use of services, and validation of services

3. How we collect personal information

All users need personal information to receive services from the Company, and personal information is collected through the applicant's consent on the application form when applying to use the service.

4. Delegation of Personal Information

We may outsource and process your personal information to improve our services.

- If we outsource the processing of personal information, we will notify you in advance.

- In the case of entrusting the processing of personal information, we will clearly stipulate the service provider's compliance with the instructions related to personal information protection, confidentiality of personal information, prohibition of providing it to a third party, and responsibility in the event of an accident through an entrustment contract, and keep the contents of the contract in writing or electronically.

[Custodian: Amazon.com, Inc (Amazon Web Service)

o Server location: Seoul region, South Korea

o Contents of consignment work: Stable server and service operation, storage of databases and various information, etc.

5. Retention and use period of personal information

If a member withdraws from membership, or if the purpose of collecting and using personal information is fulfilled, the member's personal information shall be destroyed without delay. However, we exceptionally retain members' personal information only for each of the following reasons and periods.

1) Due to internal company policy

Prevent bad users from rejoining, prevent fraud, and respond to other complaints and questions.

Retention period :

For approximately 7 days after withdrawal (to prevent regular members from rejoining after withdrawal)

(In the case of responding to unauthorized use and violations of the Terms of Service, including preventing the re-subscription of unauthorized users) until the resolution of the dispute over such unauthorized use and violations of the Terms of Service, and if the dispute is not resolved amicably, the dispute settlement procedure of the relevant laws shall be followed in this regard.

(for complaints or service questions) until the complaint or question is resolved.

Holdings :

Email address (ID), mobile phone number, real name, nickname, identification information for the purpose of preventing duplicate registration or fraudulent registration (user photo, account information, user device information, etc.), duplicate registration confirmation information, registration date, withdrawal date, approval date, contents of complaints/questions or unauthorized/infringing use, etc.

2) The member directly requested the retention of personal information or the company individually obtained the member's consent.

- Retention period and retained information: Only items/periods of time for which you have the member's request or consent.

3) If the law requires us to retain the information without your consent

In accordance with the Act on Consumer Protection in Electronic Commerce, etc.

A. Records on transactions such as contracts, subscription withdrawals, and user service usage history: 5 years (For records falling under paragraph (a) above, identification data for user identification is kept only for the minimum information, such as email address (ID) and mobile phone number, and all other personal information is destroyed within 7 days after withdrawal in accordance with paragraph (d)).

I. Records on payment and supply of goods, etc.: 5 years

C. Records on handling consumer complaints or disputes: 3 years (For records falling under paragraph (c), identification data to identify the author for response and handling are kept only for the minimum information, which is email address (ID) and mobile phone number, and all other personal information is destroyed within 7 days after withdrawal in accordance with paragraph (d)).

d. Records of site visits: 3 months

e. All personal information provided at the time of registration that does not fall under paragraphs 'a'-'d' above: 7 days after application for withdrawal (All other personal information will be destroyed within 7 days after withdrawal in accordance with paragraph 'e').

4) Application of personal information expiration system

In accordance with the relevant provisions of the Information and Communications Network Act, if a member who joined after September 1, 2022 has no record of using the service or activity for one year (hereinafter referred to as the "personal information validity period"), the Company shall notify the user in advance and store and manage personal information separately in accordance with Article 29 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to ensure the safe protection of personal information and prevent damage. The Company shall notify the user in advance through the contact method entered by the member, such as email, text message, or mobile phone, 30 days before the expiration date. However, even in the case of a member whose personal information expiration date has arrived, ① if there is an individual consent such as a request for a separate extension of the validity period or a request for renewal of the validity period, ② if there is an information (point), etc. remaining, ③ if other laws and regulations as specified in Paragraph 3.1 above prescribe a separate retention period, it will be preserved for the period prescribed by the relevant laws and regulations before taking action. Even in cases separated by the personal information validity period system, if the member wishes to reuse the service, he/she can reuse the service through the identification procedure.

6. Procedures and methods for destroying personal information

The Company destroys personal information without delay when it becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the purpose of collecting and using personal information.

The Company's procedures and methods for destroying personal information are as follows

A. Destruction Procedures

- Information entered by users for service applications, etc. is transferred to a separate DB after the purpose is fulfilled (in the case of paper, a filing cabinet with a separate lock) and stored for a certain period of time in accordance with the information protection reasons under the internal policy and other relevant laws (see Retention and Use Period), and then destroyed.

- Personal information will not be used for any purpose other than for which it is held unless required by law.

I. Destruction Methods

- Personal information printed on paper is destroyed by shredding or incineration.

- Personal information stored in the form of electronic files is deleted using technical methods that make the records unrecoverable.

7. Ensure user personal information is accurate

Inaccurate personal information may cause inconvenience in use, so if the user enters clearly inaccurate personal information judged by the personal information manager, the inaccurate personal information may be destroyed.

8. Suspension of services that may be taken to protect your personal information

The Company does its best to ensure the safe use of its services. However, if the Company's services are damaged by unwanted methods, the Company may suspend services using the user's personal information until the problem is completely resolved in order to protect the user's personal information.

9. in connection with sharing and providing information to third parties

The Company shall not use personal information beyond the scope notified or specified in accordance with Article 24(2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection (Consent to Provide Personal Information, etc.) or provide it to a third party unless the user consents or there are special provisions in the law.

In addition, pursuant to Article 59 (Prohibited Acts) of the Personal Information Protection Act, any person who handles or has handled personal information for the provision of the Company's services shall not engage in any of the following acts.

A. Obtaining personal information by false or other fraudulent means or methods or obtaining consent to process personal information

B. Disclose personal information learned in the course of business or make it available to others without authorization.

c. Damage, destroy, alter, falsify, or disclose another person's personal information without lawful authority or in excess of permitted authorization.

10. what we do to keep your personal information confidential

In order to maintain the confidentiality of the user's personal information, the Company does not disclose personal information to third parties without the user's consent. In addition, even if the user has consented, the Company does not disclose the user's personal information to persons who are likely to re-disclose it through third parties. The Company does not provide the user's personal information in response to unilateral requests from various government agencies. The Company provides the user's personal information only when the government agency in accordance with the law requests the data after fully completing the official procedures in accordance with the law. The Company does not use the user's personal information other than for basic services and other service activities set by the Company. If the user's information is required for the above activities, the user's personal information will be collected through a separate form and consent will be obtained.

11. What users need to know to protect their personal information

When using [Metnam] in an external place such as a PC, external WIFI, etc., please make sure that there are no hacking programs or other harmful programs. While we do our best to protect your personal information, we cannot be held responsible for your own mistakes or problems on the Internet.

12. handling of personal information and other complaints from unaware users

The Company assigns a manager in charge of handling user complaints regarding the use of users' personal information and other complaints that the Company is not aware of, and handles user complaints continuously and promptly, and responds immediately to the results of the handling.

13. about data controller restrictions

Employees who handle personal information are limited to those in charge and are given a separate password for this purpose, which is updated regularly, and training is conducted from time to time to emphasize compliance with the Privacy Policy.

14. Rights of users and legal representatives and how to exercise them

- Users and their legal representatives may view or modify their personal information at any time, and may request its use.

- To view or modify the user's personal information, you can directly modify it through the mobile app or web, or apply through email to the customer center or person in charge, and to terminate the use (withdrawal of consent), you can contact the customer center by email according to the withdrawal application form prescribed by the company or apply online through the mobile app.

- Please contact the Customer Center or the Privacy Officer in writing or by email and we will take action without delay.

- If you request the correction of errors in your personal information, we will not use or provide such personal information until the correction is completed. In addition, if we have already provided incorrect personal information to a third party, we will notify the third party without delay of the results of the correction process so that the correction can be made.

- The Company handles personal information that has been terminated or deleted at the request of the user or legal representative as specified in the Privacy Policy "5. Retention and Use Period of Personal Information" and prevents it from being viewed or used for any other purpose.

15. Installation/operation and rejection of automatic personal information collection devices

In order to provide users with specialized and customized services, the Company uses 'cookies' to store and retrieve users' information from time to time. A cookie is a small amount of information sent to the user's computer browser by the server (HTTP) used to operate the website and is stored on the hard disk of the user's PC computer.

A. Purpose of use of cookies

It is used to provide convenient features for users and is not used for harmful purposes.

I. Installing/operating and rejecting cookies

You have a choice about the installation of cookies, so you can set options in your web browser to accept all cookies, confirm each time a cookie is stored, or refuse to store all cookies.

- You can refuse to set cookies by selecting the options in your web browser to either accept all cookies, confirm each time a cookie is saved, or refuse to save all cookies.

- Example settings (for Internet Explorer): Tools > Internet Options > Privacy at the top of your web browser.

- However, if you refuse to store cookies, you may have difficulty using the service.

16. Contact information for the Privacy Officer and the person in charge

You may report any complaints related to personal information protection arising from the use of the Company's services to the person in charge of personal information management or the department in charge. The Company will provide prompt and sufficient responses to users' complaints.

Privacy Officer

Name: Jin Kim

Title: Co-President

Tel: 01033907665

Email: report@metnam.com

If you need to report or consult about other privacy violations, please contact the following organizations.

- Personal Information Breach Report Center (www.118.or.kr / 118)

- Information Security Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)

- High-tech Criminal Investigation Division of the Supreme Prosecutors' Office (www.spo.go.kr / 02-3480-2000)

- National Police Agency Cyber Terrorism Response Center (www.ctrc.go.kr / 02-392-0330)

17. Notice Obligations

We will notify you of any additions, deletions, or modifications to the current Privacy Policy at least 7 days prior to the revision through the 'Notice' board in the mobile application.

By-laws

1. This Privacy Policy is effective as of September 11, 2023.