Effective Date: July 31, 2025 TetherWant (hereinafter referred to as the "Company") establishes and discloses the following Privacy Policy to protect the personal information of users (hereinafter referred to as "Users") using TetherWant (hereinafter referred to as the "Service") in accordance with relevant laws and to handle related complaints promptly and smoothly. Collection and Use of Personal Information (1) Items of Personal Information Processed The Company collects and processes the following personal information items for service users and does not process personal information of children under the age of 16. (a) Required for membership registration: Email address, password (b) Required for exchange UID linkage: Exchange name, UID of the exchange, exchange futures trading history (date/time, trading volume) (c) Required for non-member payback service: Exchange name, UID of the exchange, exchange futures trading history (date/time, trading volume) (d) Automatically generated and collected when using the service: User’s IP address and browser type, language used, service usage records (visit logs such as access date and time, payback/commission accrual and application, withdrawal records), device information (mobile model name, OS name and version), cookies (e) When providing feedback via surveys, email, or other channels: Necessary items among the above and additional items required for the specific survey or feedback (2) Processing and Retention Period of Personal Information The Company deletes and destroys collected user information without delay when the user withdraws from the service or loses user qualification, even without a separate request. However, in the following cases, information will be retained for the period specified below: (a) If an investigation is ongoing due to violation of relevant laws: Until the end of the investigation (b) If there are outstanding claims or debts arising from service use: Until settlement (c) To prevent re-registration with the same email: Email address retained until service termination (d) Payback/commission accrual and application, withdrawal records: Retained for 5 years (UID and other identifiable information will be masked from the date of withdrawal) (e) To comply with legal obligations: Retained and used to the extent required by relevant laws specifying retention periods Purpose of Processing Personal Information (a) Membership registration and management: To confirm intention to register, maintain and manage membership, prevent misuse, and provide various notifications (b) Fraud or loss detection and prevention: Detecting and preventing fraud, misuse, account compromise, and financial loss (c) Service provision: To provide the Service to users (d) Service communication: For security issues, update notifications, and transaction-related information (e) Customer support: For issue resolution and dispute response (f) Ensuring network and information security: For security purposes such as spam, malware detection, and identity verification (g) Service improvement and development: Content optimization and new service development (h) Marketing and advertising: Providing marketing communications and targeted advertising Provision of Personal Information to Third Parties The Company provides personal information to third parties only with the user's consent or if specifically required by the Personal Information Protection Act or other laws. Use and Provision of Personal Information Within Reasonable Scope Related to Collection Purpose Within a reasonable scope related to the original collection purpose, the Company may use or provide personal information to third parties without user consent, considering the following: (a) Relevance to the original purpose (b) Predictability of additional use or provision (c) Whether user interests are infringed (d) Implementation of safety measures such as pseudonymization or encryption Installation, Operation, and Refusal of Automatic Personal Information Collection Devices (a) Purpose of cookies: Analyze access frequency, visit time, usage patterns, provide customized services, etc. (b) Installation/operation and refusal of cookies: Users can refuse cookie storage via browser settings, but some services may be restricted Destruction of Personal Information (a) Personal information is destroyed without delay when no longer needed (b) Destruction procedure and method: Procedure: Destroyed with the approval of the personal information protection officer Electronic files: Deleted using technical methods that prevent recovery Paper documents: Shredded or incinerated Measures to Ensure the Security of Personal Information (a) Administrative measures: Establishment and implementation of internal management plans, employee training (b) Technical measures: Access control, encryption, hacking prevention (c) Physical measures: Access control to server rooms and data storage rooms Rights and Obligations of Users and Legal Representatives and How to Exercise Them (a) Users may request access, correction, deletion, or suspension of processing of their personal information at any time (b) If exercising rights through a representative, a power of attorney is required (c) Email for rights requests: weewnsdks88@naver.com (d) Service provision may be suspended if consent for collection and use is withdrawn Personal Information Protection Officer Department: Security Team Email: weewnsdks88@naver.com Additional Provisions for EU Users (a) When transferring outside the EU, appropriate safeguards are implemented in accordance with GDPR (b) GDPR rights: Right to access, correct, and delete personal information Right to restrict processing Right to data portability Right to withdraw consent, etc. Changes to the Privacy Policy The Company may amend this policy to reflect legal or service changes and will notify users 7 days before the effective date. If user rights are affected, notice will be given 30 days in advance.