ENPLUG Co., Ltd. (“Company”) values the personal information of its users and complies with the Personal Information Protection Act and other related laws.
This Privacy Policy explains how the Company collects, uses, and protects personal information across all services provided by the Company, including its website, products, applications, and customer support channels.

1. Items of Personal Information Collected and Methods of Collection

1) Items Collected

The Company collects the following personal information for membership registration, inquiries, service applications, product usage, and technical support:

• Name, date of birth, email address, mobile phone number, address

• Company name and position (for corporate users)

Automatically collected information:

• Service usage records, access logs, cookies, IP address, device information

• Payment records, service restriction records

Optional information (voluntary):

• Marketing communication preferences

• Additional contact information

• Other information necessary for the use of specific services

Providing optional information is not required to use the Service.

2. Purpose of Collecting and Using Personal Information

The Company uses collected personal information for the following purposes:

• Provision of services, delivery of products, content distribution, billing and payment processing

• Device integration (trackers, Health Hub, smartwatch, etc.) and personalized service features

• Handling user inquiries, technical support, complaint resolution, and sending notices

• Data analytics and service improvement for AI/IoT enhancement

• Preventing fraudulent or unauthorized use (e.g., account theft, abnormal activity monitoring)

• Development of new services and features, and sending promotional information (only with user consent)

3. Consent to the Collection of Personal Information

When a user selects [I agree to the collection and use of personal information] and submits an inquiry or membership form, the Company considers this as valid consent.

However, the Company may collect and use personal information without separate consent in the following cases:

• When necessary to provide essential services

• When required for paid service billing

• When required by law

4. Provision of Personal Information to Third Parties

The Company does not provide personal information to third parties without the user’s consent.
Exceptions apply in the following cases:

• When prior consent from the user has been obtained

• When requested by law (e.g., courts, investigative authorities)

• When necessary for payment processing (financial institutions, payment gateways)

• When service operations require information to be shared with partners
  In such cases, the Company will notify the user and obtain consent in advance.

• When providing anonymized statistical data for research or analysis

5. Entrustment of Personal Information Processing

The Company may entrust personal information processing to external providers to ensure stable service delivery.

• Currently, the Company does not entrust personal information to any external parties.

• If such entrustment becomes necessary, the Company will notify users in advance and obtain consent when required.

6. Retention and Use Period of Personal Information

Personal information is destroyed without delay once the purpose of collection is achieved.
However, the following information may be retained for the periods required under relevant laws:

• Records of contracts or withdrawal of contracts: 5 years

• Records of payment and supply of goods: 5 years

• Records of consumer complaints and dispute resolution: 3 years

7. Procedures and Methods of Destroying Personal Information

1) Destruction Procedure

• Information is destroyed immediately once the purpose is fulfilled or retention period expires.

• If retention is required by law, information is stored separately and then destroyed after the mandatory period.

2) Destruction Methods

• Paper documents: shredded or incinerated

• Electronic files: permanently deleted using irreversible technical methods

8. Use of Cookies and Refusal Options

The Company may use cookies to provide customized services.

1) Purpose of Cookies

• Analyzing access frequency and visit duration

• Understanding user interests

• Providing personalized content and advertisements

2) Cookie Settings and Refusal

Users may refuse cookie storage through browser settings.
Example: Internet Explorer → Tools → Internet Options → Privacy

Refusing cookies may restrict some service features.

9. Youth Protection Policy

The Company operates a youth protection policy in compliance with applicable laws to prevent minors from accessing harmful content.

• Blocking harmful, violent, or obscene material

• Ongoing internal monitoring

• Appointing a Youth Protection Officer to handle issues and complaints

10. Reporting and Dispute Resolution Related to Personal Information

For personal information complaints or consultation:

KISA Personal Information Infringement Report Center

• ☎ 118 (No area code required)

• www.privacy.go.kr

Personal Information Dispute Mediation Committee

• ☎ 1833-6972

• www.kopico.go.kr

11. Personal Information Protection Officer

The Company designates the following officer to protect personal information and handle related inquiries:

Personal Information Protection Officer

• Name: Doosub Yeon

• Position: Executive Director, Management Planning Division

• Email: plug@enplug.co.kr

12. Notification of Changes to the Privacy Policy

This Privacy Policy may be updated due to legal, policy, or security changes.
Any changes will be announced at least seven days prior to enforcement through the Website notice board.

• Date of Announcement: November 25, 2025

• Effective Date: November 25, 2025