Privacy Policy

① The Operator collects the following personal information to provide services: [Required Items] - When registering events: Representative name, contact person name, contact information (email, phone number), business license [Automatically Collected Items] - When using the service: Cookies, access logs, device information, IP addresses, browser information, operating system information, screen resolution, language settings, access time, page visit paths, click and scroll behavior data - When utilizing Google Signal data: Demographic information such as gender, age, and interests may be collected for users who are logged into their Google account and have consented to ad personalization. (For service usage statistics analysis and personalized advertising delivery through Google Analytics, Google Tag Manager, Google AdSense, and Microsoft Clarity) - Note: * Google Analytics (including Google Signal data): Collects IP addresses in anonymized form and uses data linked to Google accounts for cross-device analysis and to estimate demographic information (gender, age, etc.) for statistical purposes. * Google Tag Manager: A tag management tool that manages the deployment of Google Analytics and other marketing tags. * Google AdSense: May collect cookies, IP addresses (anonymized), device information, browser information, etc. for personalized advertising delivery. * Microsoft Clarity: May collect IP addresses and device information to generate user session recordings, click maps, and heatmaps. ② Methods of collecting personal information: - Direct input through the website - Information automatically generated and collected during service use (automatic collection through analytics tools)

The Operator processes collected personal information for the following purposes: - Service provision and operation: Providing event information registration, search, and inquiry services - Inquiry and complaint handling: Responding to and processing user inquiries - Service improvement: Analyzing usage statistics and improving service quality - Legal compliance: Fulfilling obligations under relevant laws

① The Operator processes and retains personal information within the period of retention and use of personal information agreed upon when collecting personal information from the information subject or as stipulated by law. ② The processing and retention periods for each type of personal information are as follows: - Personal information collected during event registration (representative name, contact person name, contact information, business license, etc.): 3 years after event completion or retention period under relevant laws ※ Note: Event information itself (event name, date, venue, and other public information) is not deleted and will be retained. However, personal information collected during event registration will be deleted (or anonymized) from the relevant fields after the retention period has elapsed. - Service usage records: 3 years (Communications Secrets Protection Act) - Inquiry and complaint handling records: 3 years (E-Commerce Act) ③ The Operator destroys personal information without delay when it becomes unnecessary, such as when the retention period has elapsed or the processing purpose has been achieved. However, due to technical constraints, if it is difficult to selectively delete only personal information fields, the entire record may be deleted.

The Operator does not provide users' personal information to external parties in principle. However, exceptions are made in the following cases: - When the user has given prior consent - When required by law or when requested by investigative agencies in accordance with procedures and methods prescribed by law for investigative purposes

The Operator may consign personal information processing tasks to external specialized companies for service improvement: ① Consignment Companies and Consigned Tasks: - Cloud service provision: Supabase (data storage and management) - Web analytics services: * Google Analytics (Google LLC): Website visit statistics, user behavior analysis, performance measurement * Google Tag Manager (Google LLC): Management of marketing tags and analytics tools * Microsoft Clarity (Microsoft Corporation): User session recording, click maps, heatmap analysis - Advertising services: * Google AdSense (Google LLC): Personalized advertising delivery and advertising performance measurement ② Consignment Company Information: - Google Analytics, Google Tag Manager, and Google AdSense * Consignment Company: Google LLC * Location: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA * Privacy Policy: https://policies.google.com/privacy * Google Analytics Terms of Service: https://marketingplatform.google.com/about/analytics/terms/ * Google AdSense Terms of Service: https://www.google.com/adsense/new/localized-terms - Microsoft Clarity * Consignment Company: Microsoft Corporation * Location: One Microsoft Way, Redmond, WA 98052, USA * Privacy Policy: https://privacy.microsoft.com/en-us/privacystatement ③ Safety Measures for Consignment: When entering into contracts with consignment companies, the Operator specifies matters such as instructions on personal information protection, confidentiality, prohibition of third-party provision, limitation of personal information processing purposes and periods, restriction of re-consignment, and liability for damages in contracts and other documents, and supervises them regularly.

① Users may exercise the following rights related to personal information protection at any time: - Request for access to personal information - Request for correction in case of errors - Request for deletion - Request for suspension of processing ② The exercise of rights under paragraph 1 may be made to the Operator in writing, by email, facsimile transmission (FAX), etc., and the Operator will take action without delay. ③ If a user requests correction of errors in personal information, the Operator will not use the personal information until the errors are corrected.

① The Operator destroys personal information without delay when it becomes unnecessary, such as when the retention period has elapsed or the processing purpose has been achieved. ② The procedures and methods of destruction are as follows: - Destruction procedure: The Operator selects personal information for which destruction reasons have occurred and destroys it after obtaining approval from the Operator's personal information protection officer. - Destruction method: Information in electronic file format is deleted using technical methods that cannot reproduce records, and personal information printed on paper is destroyed by shredding or incineration.

The Operator is responsible for overseeing all matters related to personal information processing and has designated a personal information protection officer as follows to handle complaints and damage relief related to personal information processing. Personal Information Protection Officer - Email: kormarathon@gmail.com Information subjects may contact the personal information protection officer regarding all matters related to personal information protection inquiries, complaint handling, and damage relief that occur while using the Operator's services.

The Operator takes the following measures to ensure the security of personal information: - Technical measures: * Personal information is stored in a secure cloud database * Database access is restricted to authenticated administrators only * Files containing personal information are stored in a separate storage with restricted access * Encrypted communication is used * Authentication information (auth schema) is excluded from database backups - Administrative measures: * Access rights to personal information are restricted to administrators only * Personal information is deleted after the retention period expires * Backup files are automatically deleted after a maximum of 60 days - Physical measures: * Data is stored on secure cloud servers and follows the service provider's security policies * Backup files are stored in secure storage with restricted access

① The Operator uses analytics tools and advertising services such as Google Analytics, Google Tag Manager, Google AdSense, and Microsoft Clarity for service usage statistics analysis and personalized advertising delivery, and cookies are automatically set in this process. ② Purpose of Cookie Use: - Google Analytics: Analysis of website usage statistics such as visitor count, page views, session duration, and bounce rate. In particular, Google Signal data is used to understand users' demographic characteristics (gender, age, interests) and analyze cross-device behavior patterns. - Google Tag Manager: Management and deployment of marketing tags and analytics scripts - Google AdSense: Personalized advertising delivery, advertising performance measurement, and advertising-related personalization - Microsoft Clarity: User behavior analysis, session recording, click and scroll pattern analysis ③ Cookies are very small text files sent by the server used to operate the website to the user's computer browser and stored on the user's PC hard disk. ④ Retention and Use Period of Cookies: - Google Analytics: Up to 2 years (may vary depending on user settings) - Google AdSense: Up to 2 years (advertising-related cookies) - Microsoft Clarity: 12 months ⑤ Users have the right to choose whether to install cookies, and can set cookie acceptance, cookie blocking, etc. in web browser settings. However, if you refuse to install cookies, service usage statistics analysis may be limited. ⑥ How to Reject Cookies: - Chrome: Settings > Privacy and security > Cookies and other site data - Edge: Settings > Cookies and site permissions > Cookies and site data - Firefox: Settings > Privacy & Security > Cookies and Site Data - Safari: Preferences > Privacy > Cookies and website data Additionally, for Google Analytics, you can opt out by installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout). ⑦ Google AdSense Related: - Google AdSense uses cookies to provide personalized advertisements. Google's privacy policy and cookie policy can be viewed at https://policies.google.com/privacy. - To change or disable Google AdSense ad personalization settings, you can do so at https://adssettings.google.com. - Google AdSense may use third-party cookies to display ads relevant to users' interests.

This Privacy Policy will be notified through the homepage's notice board 7 days before the implementation of any additions, deletions, or modifications to the contents due to changes in laws, policies, or security technology.