GITSN, INC

GITSN, Inc. (hereinafter referred to as the “Company”) values customers’ personal information in accordance with Article 30 of the Personal Information Protection Act, and complies with the Act on the Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection regulations, and the technical and administrative protection measures for personal information prescribed by the Korea Communications Commission. Through this Privacy Policy, the Company informs customers how their personal information is used and processed, and what measures are taken to protect it. This Privacy Policy applies from the effective date. In the event of additions, deletions, or corrections in accordance with laws and regulations, the amendments will be announced in the website’s notice section (or through separate notifications) before implementation.

Personal information is processed for the following purposes. The processed personal information is not used for purposes other than those specified below. In the event of changes in the purpose, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act. Processing of personal information refers to collection, creation, recording, storage, retention, processing, editing, retrieval, output, correction, restoration, use, provision, disclosure, destruction, and other similar activities involving personal information.

Personal identification, consultations, complaint handling, other inquiry processing, and delivery of notices

Retention period: Until necessary for business purposes. Also used for auditing and record management.
Personal information collected by the Company may be transferred to and stored in the Republic of Korea, in compliance with applicable data
protection laws to ensure an adequate level of protection.

The Company processes personal information of data subjects only within the scope specified in Article 1 (Purpose of Personal Information Processing). Except for the following cases, the Company does not process personal information beyond its original purpose or provide it to third parties without the consent of the data subject or special provisions under applicable law.

• ➀ Obtained separate consent from data subjects
• ➁ Special provisions under other applicable laws
• ➂ The data subject or their legal representative is unable to express consent, or prior consent cannot be obtained due to an unknown address, and it is clearly deemed necessary for the urgent protection of the life, body, or property of the data subject or a third party
• ➃ Personal information is provided in a form that does not identify a specific individual, for purposes such as statistical analysis or academic research
• ➄ Personal information must be used for purposes other than originally intended or provided to a third party to perform duties prescribed by other laws, and such use has been reviewed and approved by the Personal Information Protection Commission
• ➅ Necessary to provide personal information to a foreign government or international organization for the implementation of treaties or other international agreements
• ➆ Necessary for the investigation of crimes, or for the initiation and maintenance of a public prosecution
• ➇ Necessary for the conduct of court proceedings
• ➈ Necessary to enforce criminal sentences or correctional and protective measures

In principle, the Company does not outsource the processing of personal information to third parties without the user’s consent. In the event it becomes necessary to outsource the processing of personal information, the Company will notify users through notices and the Privacy Policy regarding the entrusted party, the details of the outsourced tasks, the duration of the outsourcing, and the contents of the outsourcing agreement (including compliance with personal information protection laws, prohibition of providing personal information to third parties, and allocation of responsibilities). The Company will also ensure prior consent is obtained.

Data subjects may exercise the following rights related to personal information protection.

• ➀ Request to access personal information
• ➁ Request to correct any errors
• ➂ Request to delete information
• ➃ Request to suspend processing

The Company collects the following personal information for purposes such as consultations and applications for detection services.

• Collected information (customer inquiry) : Name, contact, email, company name, history of service usage, and IP address
• Collection method : Customer inquiries and online consultations
• Disposal :  The Company disposes of personal information without delay when it is deemed unnecessary due to surpassing the retention period or achieving the purpose of processing
  The Company retains data when necessary for business operations or logistics service’s history management
• Disposal method : Personal information in electronic file format is destroyed using technical methods that render the records irrecoverable. Paper-based information is shredded

The Company takes the following measures to ensure the security of personal information.

• Administrative measures : Establish and implement an internal management plan and regular employee training
• Technical measures : Manage access permissions to the database, install an access control system, encrypt unique identification information, and install security programs
• Physical measures : Access control to the server room

The Company has overall responsibility for the processing of personal information and has designated a Chief Privacy Officer, as shown below, to handle complaints, provide remedies for damage, and address other matters related to the processing of personal information.


Data subjects may contact the Chief Privacy Officer regarding all inquiries, complaints, and remedies for damage related to personal information protection that arise while using the Company’s services or conducting businesses.
The Company will respond and handle inquiries from data subjects without delay.

Privacy Policy Updates - Last Revised : July. 10,2025