The Company collects the following personal information:

• At the time of membership registration: name, mobile phone number, email address, IP address, cookies, device information
• During the process of service use: service usage records

The Company collects personal information in the following ways:

• At the time of membership registration: directly entered online or offline
• During the process of service use: information automatically generated in the course of service use
• Event participation
• Access logs
• Server logs

The Company uses “cookies” and similar technologies (e.g., local storage) to store and retrieve usage information from time to time in order to provide individualized services and improve service safety and user experience.

1. Purpose of Cookie Use

• Essential (Service Provision/Security): Maintaining login status, security tokens, CSRF protection, session identification, cookie consent status storage (CMP), etc.

• Analytics and Statistics: Service improvement through page views, click/scroll events, dwell time, referral paths, and error/performance indicators

• Personalization (Function): Optimizing user experience through preference settings (e.g., dark mode, models/options), recently used features, etc.

2. Cookie Installation/Operation and Rejection

Data subjects can allow/block cookies and withdraw consent through browser options or the website's "Cookie Settings (Consent Management)" function.

The company may collect and use the following behavioral information through automatic collection devices (cookies, etc.) during service use. Analysis and statistical/personalized cookies are, in principle, used only with the consent of the information subject.

Current Status of Behavioral Information Collection and Use

• Legal Basis: Article 15, Paragraph 1, Subparagraph 1 of the Personal Information Protection Act (Consent)
※ Essential cookies are used only to the extent necessary for service provision/security

• Collected Information: Website visit/usage history (page views, click/scroll events, dwell time, referral path), browser/device information, cookie/session identifiers, error/performance indicators

• Collection Method: When accessing and using the website Automatically collected via cookies/scripts, etc.

• Collection Purpose: Service usage statistical analysis, UX improvement (heat maps/session replays, etc.), error analysis, and service quality improvement

• Retention/Use Period (Operational Standard):
· GA4: 14 months of user-level data (cookie expiration up to 25 months)
· Microsoft Clarity: 13 months of user data, 30 days of session recording data
· Matomo (installed): Adjusted based on company settings (e.g., user data up to 3 years, aggregate reports retained for statistical purposes)
※ The retention period is kept to a minimum based on service operation policies/tool ​​settings.

The company may use third-party scripts/tags to analyze services and improve user experience. When the information subject visits or uses the website, these third parties may collect behavioral information through automatic collection devices.

Behavioral information collected by third parties

• Collection device name / type / collecting business / collected items / purpose

1. Google Analytics 4 Tag (JavaScript) / Google LLC
· Visit/usage history, referral path, browser/device information, events (pageviews/clicks, etc.)
· Service usage statistical analysis and service improvement

2. Microsoft Clarity Script (JavaScript) / Microsoft Corporation
· Visit/usage history, on-page interactions (scrolling/clicking/mouse movements, etc.), browser/device information
· UX improvements (heat maps/session replays) and service quality enhancements

3. Matomo (open-source web log analysis tool, installable) / Matomo.org

• Opt-out:
· You can opt-out of or withdraw consent for each category at any time in the "Cookie Settings" section of the website.
· You can block/delete cookies in your browser.

In order to provide users with personalized services, the Company uses “cookies” that store and retrieve usage information from time to time.
A cookie is a small piece of information that the server (HTTP) operating the website sends to the user’s computer browser, and it may be stored on the hard disk of users’ PCs.

A. Purpose of use of cookies:
Cookies are used to identify each service visited by the user and patterns of use (such as popular search terms) in order to provide more convenient services to users.

B. Installation, operation, and rejection of cookies:
Users can choose to allow or block cookies by setting options in their web browser.

The Company retains the collected personal information until membership withdrawal. In principle, the Company retains personal information until membership withdrawal and, after the purposes of use have been achieved, destroys it in a manner that cannot be restored. However, in the following cases, personal information may be retained for a certain period in accordance with the provisions of relevant laws and regulations. The Company, in principle, retains personal information until membership withdrawal. However, in the following cases, it may exceptionally retain personal information for a certain period:

• When consent is refused or withdrawn
• When membership withdrawal is requested
• When the retention period has expired
• When there is a legal basis for retention
• Legal grounds and retention periods

Users and their legal representatives may request access to, correction of, deletion of, or suspension of processing of personal information. To do so, they may fill out an application form in accordance with the [Withdrawal of Consent to Collection and Use of Personal Information] form under this Privacy Policy and submit it by mail, email, fax, etc.

Members may request access, correction, deletion, or suspension of processing of their personal information by contacting the Company by phone, email, fax, etc.

The Company will promptly take necessary measures in response to requests from users and legal representatives.

Users may exercise the following rights:

Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.

Technical measures: Management of access rights to personal information processing systems, installation of access control systems, installation of intrusion prevention systems, etc.

Physical measures: Safe management of computer rooms and data storage rooms

The Company designates the following person as the Personal Information Protection Officer to protect personal information:

• Name: Jae Yong Shin
• Position: CTO
• Contact: contact@lightweight.kr

Complaints and reports regarding personal information infringement may be filed with the civil service office on the first floor of the Government Complex or with the following organizations:

• Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
• Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
• Supreme Prosecutors’ Office: (without area code) 1301 (www.spo.go.kr)
• Cyber Investigation Bureau of the National Police Agency: (without area code) 182 (ecrm.police.go.kr)