Article 1 (Purpose)

The purpose of these Terms and Conditions is to prescribe the rights, duties, and responsibilities of users during their use of Internet-related services (hereinafter referred to as "services") provided via online, mobile web, and app services (www.delio.io) operated by Delio Co., Ltd. (hereinafter referred to as "Company").

Article 2 (Definitions)

① The term "service" means a virtual place of business established by the Company to trade goods, etc. using information and communications facilities, such as computers, so as to provide goods or services (hereinafter referred to as "goods, etc.") to users. ② The term "user" means a member or a non-member accessing the "services" and receiving the services provided by "Company" under these Terms and Conditions. ③ The term "member" means a person who has registered as a member of the "Company" and who is eligible to continue using the services provided by the "Company." ④ The term "non-member" means a person who uses the services provided by the Company without signing up for membership.

Article 3 (Statement, Explanation, and Revision of Terms and Conditions, etc.)

① The Company will post on the initial service screen (front) of the "Online Service" -- to make it easier for users to understand the contents of these Terms and Conditions -- the trade name and name of representative, addresses of the places of business (including the address that will handle consumer complaints), telephone number, fax number, electronic mail address, business license number, mail-order business report number, and privacy officer. Note, however, that the Terms and Conditions may be available for users to view through the connection screen. ② Before the user agrees to the Terms and Conditions, the Company must seek the user's confirmation by providing a separate connection screen or a pop-up screen to ensure that the user understands the important contents such as agreement revocation or refund conditions. ③ The "Company" may revise these Terms and Conditions to the extent that it does not violate the relevant statutes, such as the “Act on Consumer Protection in Electronic Commerce, Etc.,” “Framework Act on Electronic Documents and Transactions,” “Electronic Financial Transactions Act,” “Digital Signature Act,” “Act on the Promotion of Information and Communications Network Utilization and Information Protection, etc.,” “Act on Door-to-Door Sales, Etc.,” and “Framework Act on Consumers.” ④ If the Company amends these Terms and Conditions, the effective date and reasons for said amendment will be specified and announced along with the current Terms and Conditions beginning seven days prior to the effective date of the revised Terms and Conditions until the effective date. Where these Terms and Conditions are amended in a manner unfavorable to users, however, the announcement will be made with a grace period of at least 30 days. In this case, the Company will clearly compare the details of the Terms and Conditions before and after the amendment for users' easy understanding. ⑤ Where the Company revises these Terms and Conditions, the revised Terms and Conditions will be applicable to the agreements concluded subsequent to the effective date thereof, and the agreements entered into prior to said date will be subject to the Terms and Conditions prior to the amendment. If a user who has already entered into an agreement sends his/her intention to be subject to the revised Terms and Conditions to the Company within the notice period for the revised Terms and Conditions under Paragraph 3, however, the revised Terms and Conditions shall apply thereto. ⑥ Any and all matters other than those set forth under these Terms and Conditions and the interpretation of these Terms and Conditions will be governed by the Act on Consumer Protection in Electronic Commerce, Etc., Act on the Regulation of Terms and Conditions, and “Guidelines for Consumer Protection in Electronic Commerce, Etc.” prescribed by the Fair Trade Commission and relevant statutes or commercial practices.

Article 4 (Provision and Modification of Services)

① The Company has the following duties:     1. Provision of information on goods and services and conclusion of purchase agreements;     2. Processing of goods or services subject to signed agreements;     3. Other duties prescribed by the Company; ② The Company may modify the contents of goods and services to be provided under the agreements to be entered into in the future due to shortage of goods, etc. or changes in technical specifications. In this case, the contents of the modified goods or services and the date of provision will be immediately relayed to the place where the current contents of the goods or services are posted. ③ If the contents of the service subject to an agreement with a user are modified due to shortage of goods, etc. or changes in technical specifications, the user will immediately be notified of the reason via the address available for notification. ④ In the foregoing paragraph, the Company will compensate for any damage sustained by the user. Where the Company proves that there was no intentional act or negligence on its part, however, this will not apply.

Article 5 (Suspension of Service)

① The Company may temporarily suspend the provision of services in the event of maintenance inspection, replacement, breakdown, communication failure, etc. of information and communication facilities such as computers. ② The Company will compensate the user or a third party for any damage caused by the temporary suspension of service provision due to the reasons referred to in Paragraph 1. Note, however, that this will not be the case if the Company proves that there was no intentional act or negligence on its part. ③ Where the Company is unable to provide services due to the conversion of business category, abandonment of business, or integration between companies, the Company will notify the users via the method prescribed under Article 8 above and compensate the consumers under the original conditions provided by the Company. If it fails to notify the compensation standards, etc., however, the Company will provide goods or cash equivalent to the cash value used in the Company for the user mileage or reward points.

Article 6 (Membership Subscription)

① To apply for membership, the user must enter the membership information in accordance with the subscription form set by the Company and sign to indicate that he/she agrees to these Terms and Conditions. ② The Company will register the user among the users who have applied for membership subscription pursuant to Paragraph 1 above, insofar as he/she does not fall under any of the following cases:     a. Where there is false or omitted entry or error in the registered details;     b. Where it is deemed that registration as a member will cause significant technological interruption to the Company; ③ The time the membership agreement is entered into will be the time the acceptance of the Company reaches the member. ④ The time the membership agreement is entered into will be the time the acceptance of the Company reaches the member.

Article 7 (Membership Termination, Disqualification, etc.)

① The member may request the Company to withdraw his/her membership at any time, and the Company will process the membership withdrawal immediately upon the termination of all transactions. ② Where a member falls under any of the following cases, the Company may restrict or suspend his/her membership:     a. Where false information has been registered at the time of membership application;     b. Where a member fails to make payment for goods, etc. purchased using the Company or other debts borne by the member in relation to the use of the Company by the due date;     c. Where he/she threatens the order of e-commerce by means such as obstructing the use of the Company by others or stealing such information;     d. Where he/she engages in an act prohibited by statutes or by these Terms and Conditions by using the Company or which is contrary to public order and good customs; ③ Where the membership qualification is restricted or suspended, if the same conduct is repeated twice or more or the reasons therefor are not remedied within 30 days, the Company may revoke the membership status of the member. ④ Where the membership status is revoked, the Company will cancel the membership registration. In this case, the member will be notified and given the opportunity to explain his/her conduct for at least 30 days prior to the cancellation of membership registration.

Article 8 (Notification of Members)

① Where the Company notifies a member, such notification may be sent to the email address designated in advance through an agreement with the Company. ② As for a notice to many and unspecified persons, the Company may post the notice on its bulletin board for at least one week in lieu of the individual notice. Note, however, that the Company may file individual notices in relation to matters that have a significant impact on the transaction of the member himself/herself.

Article 9 (Protection of Personal Information)

① When collecting the personal information of users, the Company will collect only the minimum amount of personal information to the extent necessary for providing services. ② The Company does not collect information necessary to perform the purchase agreement in advance when the member signs up for membership. Note, however, that this will not be the case where certain minimum personal information is collected as identity verification is required prior to entering into a purchase agreement so as to perform the duties under the relevant statutes. ③ At the time of collection and use of personal information of users, the Company will notify the relevant user of the purpose thereof to and obtain his/her consent. ④ The Company will be prohibited from using the collected personal information for any purposes other than those set forth; where a new purpose of use arises, or the personal information is to be provided to a third party, the Company will notify the corresponding user accordingly and obtain his/her consent. Note, however, that exceptions will apply if provided otherwise under the relevant statutes. ⑤ Where it is required to obtain consent under Paragraphs 3 and 4 above, the Company will be required to specify in advance or notify matters prescribed under Article 22 (2) of the “Act on the Promotion of Information and Communications Network Utilization and Information Protection, etc.” such as the identity of the privacy officer (affiliation, name, telephone number, and other contact details), purpose of collection and use of information, matters related to the provision of information to a third party (party who has been provided with information, purpose of provision, and details of the information to be provided), and the user may withdraw his/her consent at any time. ⑥ The user may, at any time, request the Company to access and correct his/her personal information retained by the Company, and the Company will be obliged to enforce the necessary measures thereto without delay. Where the user requests correction of an error, the Company will not use the personal information until the error is corrected. ⑦ In order to protect personal information, the Company will keep the number of persons allowed to process the personal information of users to the minimum, and the Company will be held fully liable for any damage sustained by users caused by loss, theft, leak, provision to a third party without consent, or falsification of personal information of users, including credit card and bank account information. ⑧ The Company or a third party provided with personal information therefrom will destroy the personal information without delay once the purpose of collection and purpose of provision of personal information are fulfilled. ⑨ The Company does not set the consent column as already agreed upon for the collection, use, and provision of personal information. In addition, the Company specifies in detail the services restricted when the user refuses to agree to the collection, use, and provision of personal information and does not restrict or refuse service provision such as membership subscription for reasons such as the user’s refusal to agree to the collection, use, and provision of optional personal information.

Article 10 (Duties of the Company)

① The Company does not engage in any conduct prohibited under these Terms and Conditions or which is contrary to public order and good customs but remains obliged to make every effort to provide goods and services in a sustainable, stable manner as set forth under these Terms and Conditions. ② The Company will be required to have a security system for protecting the personal information of users so as to ensure the safe use of Internet services by users. ③ The Company will be held liable to compensate for any damage sustained by users arising from any unjust display and advertising activities for the goods or services, corresponding to Article 3 of the “Act on Fair Labeling and Advertising.” ④ The Company does not send any unwanted advertising e-mails for profit to users.

Article 11 (Duties Regarding the ID and Passwords of Members)

① Each member will remain responsible for managing his/her member ID and password. ② The member must not allow a third party to use his/her ID and password. ③ Where a member finds that his/her ID and password has been stolen or is being used by a third party, he/she must notify the Company immediately and must follow any instructions provided by the Company.

Article 12 (Duties of the User)

The user must not engage in any of the following conducts:     a. Registering false information at the time of application of modification;     b. Stealing the information of others;     c. Modifying the information posted on the Company;     d. Sending or posting any information other than that set by the Company (computer software, etc.);     e. Infringing upon intellectual property rights, such as copyrights, of the Company or a third party;     f. Defaming or obstructing the business of the Company or a third party;     g. Disclosing or posting obscene or violent messages, videos, voices, or other information that run counter to public order and good morals;

Article 13 (Relation between the Connecting Company and the Connected Company)

① If the parent Company and the child Company are connected by hyperlinks (e.g., the targets of the hyperlinks include characters, pictures, and videos), the former is referred to as the connecting Company (website), and the latter is referred to as the connected Company (website). ② Where the connecting Company has specified on the initial screen of the connecting Company -- or the pop-up screen at the time of connection -- that it will not be held liable for surety for transactions carried out between the user and the connected Company for goods, etc. provided independently by the connected Company, said connecting Company will not be held liable for surety thereof.

Article 14 (Reversion and Restriction on the Use of Copyrights)

① Copyrights and other intellectual property rights to works created by the Company will remain reserved to the Company. ② The user will be prohibited from using the information whose intellectual property rights are reserved to the Company, among the information obtained by using the Company for profit -- or allowing a third party to use said information without prior consent from the Company by means such as duplication, transmission, publication, distribution, and broadcasting or any other means. ③ Where the Company uses any copyright reserved to the user under the Terms and Conditions, the corresponding user will be notified accordingly. ④ The ownership of the posts uploaded by users to the Company will be transferred to the Company.

Article 15 (Dispute Resolution)

① The Company establishes and operates a damage compensation handling body to reflect reasonable opinions or complaints raised by users and to compensate for such damages. ② The Company will give priority to dealing with complaints and opinions submitted by the user. If it is difficult to process said complaints or opinions promptly, however, the user will be notified of the reason therefor and the processing schedule immediately. ③ In the event that the user files a damage relief application in connection with an e-commerce dispute arising from and between the Company and the user, the parties herein may follow the mediation of the dispute mediation agency commissioned by the Fair Trade Commission or city mayor or provincial governor.

Article 16 (Jurisdiction and Governing Law)

① Any litigation arising from an e-commerce dispute between the Company and the user will be subject to the court having jurisdiction over the registered address of the user at the time of complaint filing; where there is no such registered address, the litigation will be subject to the exclusive jurisdiction of the district court having jurisdiction over the permanent residence of the user. If the address or the place of domicile of the user is not clear at the time the complaint is filed or if the user resides overseas, the lawsuit will be filed with the competent court under the Civil Procedure Act. ② Any lawsuit filed between the Company and the user will be governed and construed pursuant to the laws of the Republic of Korea.

Delio Co., Ltd. (hereinafter referred to as the "Company") complies with the privacy policy regulations under the relevant statutes such as the “Act on the Promotion of Information and Communications Network Utilization and Information Protection, Etc”, “Act on Consumer Protection in Electronic Commerce, etc.”, “Telecommunication Business Act”, “Personal Information Protection Act”, etc., and user rights and interests are protected by establishing a personal information processing policy in accordance with relevant laws. The personal information processing policy of the “company” may be changed according to changes in laws or guidelines related to personal information protection and changes in our policies, so please check it frequently when visiting our site. The privacy policy of the "Company" contains the following contents.

1. Details of personal information collected and methods of collection

a. Details of personal information collected ① The “Company” does not collect sensitive personal information that may violate users’ basic human rights (race and ethnicity, ideology and religion, place of birth and domicile, political orientation and criminal record, health status and sex orientation, etc.). ② “Company” collects and uses only essential personal information as follows.     1) Confirmation of identity and intention to sign up     – [Required] Name, mobile phone number, telecommunication company, duplicate subscription confirmation information (DI), email address, password     [Optional] Receive marketing/event information     2) Identity verification for payment and withdrawal     - Name, date of birth, gender, telecommunication company, mobile phone number, connection information (CI)     3) Password reset     – email address     4) Prevention of illegal use and unauthorized access     - User IP address, visit date and time, mobile device information     6) Identity verification for processing CS inquiries     – A copy of your ID (only the first 6 digits of your resident registration card, driver’s license, or alien registration card), call recording for identity verification, your face taken with a selfie, and information about your face and voice received through self-video for self-verification     7) Request confirmation of incorrect coin deposit     – Coin withdrawal history from other exchanges, including Delio login process     ※ Masking (masking) information: A copy of the ID must be attached with masking (masking) of personal information other than the first 6 digits of the name, date of birth, and resident number ③ The following information may be generated and collected during the use of ‘services’. - Service use record, payment record, use suspension and cancellation record, access log, cookie, user access IP address, bad or abnormal usage record

b. Methods of collection of personal information “Company” collects personal information in the following ways. Homepage, mobile phone application, mobile phone web page, fax, telephone, consultation board, e-mail, event application Collection through the tool that collects generated information The "Company" collects the minimum personal information necessary for the establishment and implementation of the service use contract in a legal and fair way, and provides the contents of consent to the collection and use of personal information before collecting information that can be used to identify the user.

2. Purpose of collection and use of personal information

The “Company” collects and uses users' personal information for the following purposes. a. User management     - Verification and personal identification according to the use of service     - Prevention of illegal use and prevention of unauthorized access     - Confirmation of registration     - Minors’ identification     - Records keeping for customer consultation, customer complaint handling, and dispute resolution     - Disclaimer b. Implementation of contract for service provision and settlement of charges     - Provision of services, provision of content, provision of customized services     - Fee payment and settlement     - Event/Giveaway result announcement and prizes delivery c. Marketing and advertising     - Provision of optimized service to customers     - Development and specialization of new services (products)     - Provision of services and advertisements according to demographic characteristics     - Identification of web page access frequency     - Statistics on service use     - Sending periodicals, introduction of new products or services     - Web services and event planning that meet customer needs and interests     - Operation of a shared user space and sharing advertising information such as news of affiliates/partners that may include events, company news, etc.     - Customer survey

3. Provision of personal information

The “Company” does not use or provide to third parties the personal information of the customer beyond the scope notified to the customer at the time of collection or the scope specified in the Terms of Service. However, with the customer's consent or in the following cases, exceptions are made. a. Affiliate relationship: in order to provide better service, we may provide or share your personal information with our affiliates. When providing or sharing personal information, customers are informed about who the affiliates are, which personal information details are provided or shared, why such personal information should be provided or shared, and how long and for how long it will be protected and managed. We will go through the process of asking for consent by notifying users individually in written form or by e-mail, etc., and if the customer does not agree, we will not provide or share personal information with the affiliates. When there is a change in the partnership or when the partnership is terminated, the same procedure will be followed to notify or seek consent. b. Sales, mergers and acquisitions, etc.: When all or part of a business is transferred or the rights and obligations of a service provider are transferred or succeeded due to a merger or inheritance, etc. c. In those cases when it is remarkably difficult to obtain a consent for economic and technical reasons, but personal information is essential for the implementation of the contract for the provision of services d. In case it is necessary for the settlement of charges according to the provision of services e. In case of special provisions in related laws such as the Basic Act, the Bank of Korea Act, and the Criminal Procedure Act, Communication Secret Protection Act, Framework Act on National Taxes, Act on Promotion of Information and Communications Network Utilization and Information Protection, Act on Real Name Financial Transactions and Confidentiality Act, Act on Use and Protection of Credit Information, Framework Act on Telecommunications, Telecommunications Business Act, Local Tax Act, Consumers. However, even if there is any special provision in the law, the personal information of the customer will not be provided unconditionally, even if the administrative agency or investigative agency has requested it for administrative or investigation purposes, and will be only provided in accordance with legal procedures that require a warrant or the seal of the head of the agency and in the written form. f. When there are sufficient grounds to determine that personal information should be disclosed in order to take legal action against mental and physical harm to others using the company's service

4. Consignment of processing of personal information

The “Company” may entrust the management of personal information to other companies within a limited range for smooth and improved services. Currently, the companies that we entrust the processing of personal information for the implementation of service contracts with users are as follows, and in accordance with relevant laws and regulations, necessary matters are stipulated so that personal information can be safely managed in the consignment contract. • Personal information processing consignment company

If the contents of the entrusted work or the consignee are added or changed, the “Company” shall disclose it through this Privacy Policy without delay, and the user’s consent will be obtained if required

5. Period of retention and use of personal information

a. The "Company" processes personal information according to the period of retention and use of personal information and according to related laws. The period of retention and use of personal information agreed upon when collecting personal information from customers. b. The "Company" retains and uses personal information only when necessary, as follows. ① Period of retention and use of personal information for deposit·lending services

② Preservation according to laws and regulations and according to the provision of goods or services

※ However, in case of accident investigation, dispute resolution, civil complaint handling, and fulfillment of statutory obligations, it is stored separately. c. If the user requests to view the transaction information held with the consent of the user, measures are taken so that the user can check it without delay.

6. Personal information destruction procedure and method

After the purpose of using the collected personal information is achieved, the “Company” destroys or separates the information without delay according to the retention period and period of use. The procedure, timing, and method are as follows. a. Destruction procedure and schedule After the purpose of use, such as service termination, is achieved, and the personal information filled by the customer for service subscription, etc., has passed the retention period according to information protection reasons (refer to the period of retention and use of personal information above) users’ personal information is destroyed immediately according to internal policies and other related laws. In general, if there is no residual bond-debt relationship, personal information collected and managed in the form of an electronic file that is deleted immediately at the time of account withdrawal b. Destruction method Personal information printed on paper is shredded or incinerated with a shredder, dissolved by chemical treatment, and personal information stored in electronic file format is deleted using a technical method that cannot reproduce records. c. Methods of separate storage According to the 'personal information validity period', if the service is not used for one year, the user's account becomes inactive. Personal information of inactive users is stored separately and managed by restricting access and applying security.

7. The Exercise of Rights between Users and their Legal Representatives

a. Users and their legal representatives can exercise the following rights with respect to their registered personal information at any time.     Request to read personal information     Request for correction if there is an error in personal information     Request to delete personal information     Request to suspend processing of personal information b. Users and their legal representatives log in to the "Company" website (www.delio.io) and read or correct personal information in 'Change User Information' tab. Making corrections through e-mail or written request to the person in charge of personal information protection of the 'Company' is also possible. c. The withdrawal (cancellation) of the ‘consent to the collection and use of personal information’ of users and their legal representatives can be done by e-mail, telephone, or fax. d. If a user or legal representative requests correction or deletion of personal information errors, the personal information will not be used or provided until the processing is complete. In addition, the “Company” handles personal information that has been canceled or deleted at the request of a user or legal representative as specified in the “Period of Retention and Use of Personal Information”, and is processed so that it cannot be viewed or used for any other purpose.

8. Measures to ensure the safety of personal information

The “Company” is taking the following measures to ensure the safety of personal information. a. Administrative safeguards     ① Establishment and implementation of internal management plan     - Matters concerning the designation of the person in charge of personal information protection     - Matters concerning the roles and responsibilities of the personal information protection officer and personal information handler     - Matters concerning measures necessary to secure the safety of personal information     - Matters related to education for personal information handlers and consigned companies     - Other matters necessary for the protection of personal information     ② Regular self-audits     - Division of duties between the person in charge of personal information protection and the auditor     - Matters concerning the role and responsibility of the personal information auditor     - Regular self-audit to ensure safety related to processing personal information b. Technical safeguards     ① In order to prevent leakage of customer information by personal information handlers, a personal information leakage prevention system is maintained. A secure encryption algorithm is applied to personal information transmitted over the terminal (PC) and network.     ② By limiting the access right to the personal information processing system to the minimum range necessary for business performance, one user account is differentially assigned to each person in charge of the task. We keep those records for at least 5 years. In addition, we have established and applied the rules for creating passwords for personal information handlers.     ③ When transmitting/receiving personal identification information and passwords through information and communication networks or transmitting them through auxiliary storage media, they are stored using commercial encryption software, and passwords are encrypted and stored with a secure encryption algorithm.     ④ The records of personal information handlers accessing the personal information processing system are kept and managed for at least two years, and the access records of personal information handlers are safely stored to prevent forgery, alteration, theft, or loss.     ⑤ We install and operate security programs such as vaccine software that can prevent and treat malicious programs on personal information processing systems or business computers, use the automatic update function of security programs, and conduct periodic terminal (PC) inspections are doing c. Physical safeguards     We establish and operate access control procedures for physical storage places where personal information is stored, such as computer rooms and data storage rooms, and store and manage documents and media containing personal information in a safe place with a lock.

9. Matters concerning the installation, operation and rejection of an automatic personal information collection device

a. In some cases, cookies may be installed and operated to store and find customer information through the Internet service provided by the “Company”. Cookies are string information that the web server sends to the web browser to store and then sends back to the server when there is an additional request from the server. When a customer accesses the "Company" website, the contents of the cookie in the customer's browser can be read, additional information can be found, and the service can be provided without additional input such as the name of the connection. b. The “Company” may use the customer information collected through cookies for the following purposes.     ① Provide customized information according to individual interests     ② By analyzing the frequency of access or time spent by users and non-users, the user's taste and interests are identified and utilized for target marketing.     ③ Track traces of the contents you are interested in and provide personalized service the next time you connect     ④ Obtain information on the period of use when using paid services     ⑤ Analyze customer habits and use them as a basis for service improvements, etc. c. Users have an option to install cookies. You can accept all cookies, send a notification when cookies are installed, or reject all cookies in “Tools > Internet Options > Privacy > Advanced” at the top of your web browser. However, if the user refuses to install cookies, there may be difficulties in using the service or providing the service. d. Cookies expire when you close your browser or log out.

10. Person in charge of personal information protection and other people in charge

a. The “Company” acknowledges the importance of protection of customer personal information and is fully committed to do its best to prevent damage, infringement or leakage of customer personal information. However, in spite of taking technical supplementary measures, we are not responsible for information damage caused by unexpected accidents caused by basic network risks such as hacking, and for various disputes caused by internet posts made by netizens. b. We ensure that the customer center responds promptly and faithfully to customer inquiries related to personal information protection. In addition, if the customer wants to contact the person in charge of personal information protection of the "company", please contact us at the contact information or e-mail below and we will respond promptly and sincerely to inquiries related to personal information.

c. If you need consultation for other personal information infringement, you can contact the Personal Information Dispute Mediation Committee, Supreme Prosecutors' Office, National Police Agency, Korea Internet & Security Agency, etc.     ① Personal Information Dispute Mediation Committee (www.kopico.go.kr): 1833-6972     ② Prosecutors’ Office Cyber Crime Center (http://www.spo.go.kr): 1301     ③ National Policy Cyber Security Center (http://cyberbureau.police.go.kr): 182     ④ Personal Information Infringement Report Center (http://privacy.kisa.or.kr): 118

11. Duty of notice

The current personal information processing policy was revised on September 9, 2021, and if there are additions, deletions, or modifications to the government policy or security technology changes, users will be notified through the website “Notice” section These terms and conditions are effective from September 16, 2021.