Mgpp.io Privacy Statement for Business Partners

Last Updated: January 2022

Introduction

This Privacy Statement describes how “Matenetworks Co., Ltd." (16 Terran-ro-8-gil, Gangnam,Seoul, South Korea) (“Mgpp.io,” "we," "us," "our") collects, uses, and shares information about (potential, existing or former) affiliate partners and other business partners. This Privacy Statement therefore applies to personal data of owners, employees, representatives or other individuals acting on behalf of involved merchant partner, affiliate partner, connectivity provider or other business partners (together or individually referred to as “Business Partners”, “you”, “your”) This Privacy Statement is applicable whenever you visit, access and interact on "Mgpp.io" Extranet, Partner Center, Partner Hub, Partner Portal, Affiliate API Developer Portal on our website (mobile and desktop) and mobile app (collectively, "Site") or other similar pages and means connected to the Site (such as contacting our support team via email, chat or telephone). Below is a summary of our privacy practices found in the Privacy Statement. Our full Privacy Statement is available below, or you can click the links on any of the points detailed in the summary table for further details. 1. Collection We may collect information about you, such as your name, business email address, user ID and password, business address, phone number and business title or position whenever you use/access the Site. 2. Use We may use your information to provide the requested services (e.g., setting and updating reward rates, setting promotions, changing app details, other portal services) and to maintain, improve, secure and tailor the Site. 3. Sharing We may share your information with service providers and our affiliates. 4. Country-Specific Privacy Rights You may request us information on how we share your information we have gathered from you with any third party/ies. 5. Cookies We may use cookies and similar technologies to help provide and customize our Site. 6. Opting out of marketing communications You may opt-out of “Mgpp.io”'s email marketing communications by clicking the unsubscribe link in our marketing emails or, where applicable, by changing your account preferences settings. 7. Mobile Devices We may send you push notifications as part of the services. Where legally required, we will only send push notifications with your express consent. 8. International Transfers We maintain appropriate protections for cross-border transfers as required by law for international data transfers. 9. Information from Other Partners We may collect information from your affiliated entities, business partners, or other third-party providers, as you may designate and subject to the restriction you may impose or termination period sets. 10. Security We maintain reasonable security measures to protect your information and require our service providers to do the same. 11. Access Rights You may exercise certain rights of access, correction, deletion, portability, or interpose objection to certain processing of your information. 12. Updates to Privacy Statement We will notify you of any material changes by posting the updated version of this Privacy Statement. We will also take other steps as needed. 13. Third Party Websites We may provide links to Third Party Websites that are not owned or controlled by us, and are governed by separate users' terms and privacy statements. 14. Additional Considerations We have drafted this Privacy Statement in English; but, other translations are available for your convenience. 15. Contacting Us Please contact us on any questions about this Privacy Statement or our privacy practices as detailed below.

1. Information We Collect

Any information we collect depend: on the context of the business relationship and interaction with “Mgpp.io”, the choices made by a Business Partner and the products, services and features used. Depending on the specific situation, all the below information items below may not be considered personal data because they may relate to a business instead of an individual concern. The personal data “Mgpp.io” collects about a Business Partner can include the following: We collect information that you provide to us when using the Site such as your name, user ID and password, your contact details such as business e-mail address, business phone number, position or title, photograph. As part of the registration process, we may also collect, store and process additional information (such as a copy of your ID card or passport, date of birth, or other relevant information) necessary for “Mgpp.io” to verify your true identity as contact or representative of the Business Partner. These may be taken for fraud prevention and to comply with applicable legal requirements including for anti-money laundering and anti-terrorism. We may collect data where necessary for payment, including invoicing purposes, including your bank details such as bank account number, VAT number, credit slips. If you participate in an “Mgpp.io” program or service, there may be limited additional information that we may collect for that program or service as well. If you need to get in touch with our support team, contact us or reach us out to through other means (such as through social media). Nonetheless, we may still be able to collect any of your information you would want us to know. By sharing other individual’s personalize data in relation to your business (for example of your staff members), it is understood that you are confirming that these individuals have been informed about the use of their personalize data by “Mgpp.io” in accordance with this Privacy Statement and the securing of corresponding consents. By visiting our Site, or any site or system we operate for interacting with Business Partners, we may also automatically collect certain usage information, such as your IP address, geographic data, country, browser, and information about your device's operating system, application version, language settings, and pages that have been shown to you. If you are using a mobile device to access our mobile app or mobile optimized Site, we may also collect information that identifies your mobile device, such as the device ID, location of the device (with your consent, where applicable), and device-specific settings and characteristics. We may also collect certain information through cookies, tags, and similar technologies as detailed in Section 5 below. We may receive information about you from other sources such as law enforcement or tax authorities that contact “Mgpp.io” in case of investigations and, in certain instances, and as permitted by applicable law, through third party sources for fraud detection and prevention purposes. We may receive information about you from other sources such as law enforcement or tax authorities while they are in touch with “Mgpp.io” in the performance of their functions such as investigations. In certain instances as permitted by applicable law, we may receive information from third party sources for fraud detection and prevention purposes. Communications on the Site or through other means We offer owners, employees, representatives, or other individuals acting on behalf of Business Partners various means to communicate through the Site. You can contact us via our sites, and via other channels that we may make available. We also communicate with Business Partners via telephone using recorded, automated, and in-person communications. During your calls with our support team, live listening may be taken, or calls may be recorded for quality and reference purposes which includes the usage of the recordings for the handling of claims, training, fraud detection and reference purposes. If you wish that your call would not be as not recorded, you can state this so, or by simply hanging up. Call recordings are kept for a limited period of time and automatically they are deleted thereafter. Unless “Mgpp.io” has a legitimate reason or legal purpose such as fraud investigation, to keep such recording may continue to be at our disposal for a longer period of time. We may access your communications through our automated systems to review, scan, track and analyze them for security purposes such as fraud prevention; compliance with legal and regulatory requirements; investigations of potential misconduct; product development and improvement; research; optimizing the communications with you and technical support. At our discretion and belief, we reserve the right to block the delivery of or review of any communications that may contain malicious content, spam, or may pose a risk to you or, customers/guests, this Company us, among or other interests. Note, we will store all communications sent or received using the Site’s communication tools. It is understood that by agreeing or consenting to the processing of communications by “Mgpp.io” and its affiliated group of companies shall be for the purposes of conducting the activities contemplated by this Privacy Statement (including any collection, use, disclosure, storage, receipt, access, insight, screening, blocking or otherwise processing of communications by “Mgpp.io”). You warrant that you have diligently informed and met all regulatory requirements to enable the contemplated processing including, as the laws required, the obtaining the written consent of your employees, agents, representatives, staff members and other individuals of/for/when using our Communication Service. Where required by law, we rely on the following legal bases to process your information:

Necessity to Perform the Contract - In order to enter into contract and conduct ongoing business with Business Partners, we need to process your information in order to provide our Business Partners the requested and related services such as using historical data and details and or providing portal services.

Our Legitimate Interests – In the exercise of our rights and interests, we process your information: for security and safety; to detect and prevent fraud; to protect and defend the rights or property of others; to provide and tailor our business and marketing services; to conduct surveys; to share information with affiliated group companies; to respond to lawful requests, court orders, and legal process.

Compliance with Legal Obligations - we need to process your information to comply with relevant laws and regulatory requirements;

Consent for Non-Essential Cookies – we rely on your consent, where required, to place nonessential Cookies. Please see "Your Choices" under Section 5 below for details on how to optout of such Cookies; and

Protect Vital Interest - we may need to process your information in case of emergency involving an individual's life or health.

2. How We Use the Information We Collect

We may use information collected through the Site to:

provide you with the requested services, including creating a user account, verify your identity as contact or representative of the Business Partner, and communicating with you when you access our Site on behalf of a Business Partner; and

conduct business with the Business Partner including communicating with “Mgpp.io”'s or its business partner's products and services and provide you with support services;

provide you with information about our services, including notifications of their availability, and providing system/product updates, conducting surveys, inviting you to participate in referral programs or competitions, attending and hosting events we believe may be of relevance to you, or offering and hosting online forums to enable you to find answers to commonly asked questions on the usage of “Mgpp.io”'s or its business partner's products and services;

if you are making use of an online registration facility and have not finalized the registration, we may also send you a reminder to carry on with the registration;

sending you email marketing communications about products and services that may be of relevant to you; whenever we would be using use personal data for direct marketing messages in electronic form, “Mgpp.io” will include a link to unsubscribe;

maintaining and improving the Site, assisting in understanding, analyzing and tailoring the user’s experience, as well as and for internal training;

protecting your security and this Site, including detecting and preventing fraudulent activities, and sending you security alerts;

assisting you to comply with applicable legal requirements including for anti-money laundering, sanctions screening and anti-terrorism;

exercising a right or obligation conferred upon imposed by law, including responding to authorities’ requests and other legal demands.

3. Sharing and Disclosure of Your Information

In connection with your visit to our Site and use of our services, we may share your information as follows:

To Third Party Service Providers – on such occasion as web hosting, data analyzing, customer relationship management, marketing or distribution of surveys, to facilitate the delivery of online services and, if applicable, in advertisement tailored according to your interests, and/or in fraud prevention, user support, and other add-on services that Providers we designate appoint to perform services on our behalf.

To Other Business Partners - with whom we may jointly offer products or services, or whose products or services may be offered in our Sites. As soon as you choose to avail of these optional services, we may share your information with them.

To Our Affiliated Group Companies – we may share any information about you with our affiliates and subsidiaries, as well as with our parent corporation, Matenetworks co., Ltd. and its other subsidiaries (collectively, our "Affiliated Group Companies"). Conversely, we may take in information about you from them. This is in order to: support or perform the service requested by you (including support services); for quality, analytical and product improvement purposes; personalize the online services and for marketing; detect, prevent, and investigate fraudulent transactions and/or activities, other illegal activities, and data breaches; for internal (audit/compliance) investigations; or as otherwise required or permitted by applicable law.

Where Required or Permitted by Law - such as to protect ourselves against liability, to respond to subpoenas, judicial processes, legitimate requests, warrants or equivalent by law enforcement officials or authorities, relevant tax authorities where legally permissible according to applicable law, government and local government authorities in jurisdictions where a registration, notification, permit, or license is required with a local governmental authority to list application on sites such as ours in accordance with local law, to investigate fraud or other wrongdoing or as otherwise required or necessary in order to comply with applicable law, protect our legitimate interests or to the purchasers in connection with any sale, assignment, or other transfer of all or a part of our business or company. We may also, in compliance with applicable law, disclose your information to enforce or apply the terms and conditions applicable to our services or to protect the rights, property, or safety of “Mgpp.io”, our users, or others.

In case of Business Reorganization - such as part of any sale, assignment or other transfer of our business, or transition of service to another provider. We will ask for your consent if required by applicable law.

We may also share information in aggregate form and/or in a form which their recipient/s would not be able to identify you as well as the third party who may be their succeeding recipient. Some examples of these situations may be in case of industry analysis and demographic profiling. We provide appropriate protections for such sharing as required by applicable law. This is to prohibit third parties from using your information for their own purposes, and to address the security and confidentiality of your information. Except as disclosed in this Privacy Statement or as required or permitted by applicable law, we will not disclose your information to third parties without your consent.

4. Country-Specific Privacy Rights

California Privacy Rights

If you are a resident of California resident, please take note of the following concerns regarding about how we collect, use and disclose your information, including additional rights that you may have with respect to your information:

CA Personal Information. Consistent with the "Information We Collect" section above, we may collect certain categories of information about California residents, such as:

Identifiers: name, user ID number and password, business phone number, business email address, government identification information, date of birth, IP address, cookie ID and information collected via Cookies;

Commercial Information: financial information, site preferences, transaction history and communications sent or received using the Site's communications tools;

Internet or Other Electronic Network Activity: browser, operating system, application version, device ID, device-specific settings and characteristics, and pages shown;

eolocation Data: physical location of your mobile device with your consent;

Purposes of Processing CA Personal Information. We process your CA Personal Information consistent with the descriptions above under “How We Use the Information We Collect."

"Do Not Sell My Personal Information." Please be advised that “Mgpp.io” does not sell your personal information.

South Korea Privacy Rights

If you are a South Korean resident, you may request information from us about how we may share certain categories of your information with third parties as detailed above under "Sharing and Disclosure of Your Information". We also entrust the processing of your information as provided below, accompanying such entrustment with contractual safeguards to protect your information: Web Hosting Trustee Hosting databases used to maintain user’s information. Customer Relationship Management Trustee Managing interactions and relationships with you. User Support Trustee Responding to user inquiries about “Mgpp.io”'s Site and services. Analytics Trustees Assessing how users interact with the Site and third-party websites. This is in order to improve the Site. As described in more detail under the section "How You Can Access or Change Your Information" you may have certain data subject rights under local law. For further information, please contact the “Mgpp.io” Data Governance Officer at privacy@mgpp.io with "South Korean Privacy Matter" in the subject line to request such further information. You may also contact your local authorities (local numbers provided):

Privacy Invasion Reporting Center (privacy.kisa.or.kr / dial 118)

High-Tech Crime Investigation Division, Supreme Prosecutors’ Office (www.spo.go.kr / dial 1301)

Korean National Police Agency Cyber Bureau (www.cyberbureau.police.go.kr / dial 182)

We will retain your information for the period necessary for the purposes outlined in this Privacy Statement and internal company policies. When “Mgpp.io” no longer needs the use of your information, we will remove your information from our systems and records and/or take steps to hide their identity or their sourcing. Otherwise, we need to keep your information longer to carry out corporate tasks and achieve our business objectives or to comply with applicable legal or regulatory obligations.

China Privacy Rights

If you are a Chinese resident, please take note the following regarding the cross-border transfer/sharing of your information. Disclosure / Transfer of Information We will maintain the confidentiality of your information even though we may provide or transfer your information to third parties as detailed above under "Sharing and Disclosure of Your Information". These said details may include transferring your information to persons with whom we are required to make disclosures to under applicable law within or outside PRC. Transfer of Information Overseas We will generally maintain your information on servers in Hong Kong and Singapore, or any other data centers outside the PRC. However, we may transfer your information to third parties mentioned above who may be located outside the PRC.

5. Cookies

Our Site uses and allows third parties to place cookies (session and persistent), pixels/tags, SDKs, application program interfaces ("APIs"), and other technologies (collectively, "Cookies") on our Site that collect and store certain information about you. Some of these Cookies are necessary to provide, secure, and maintain the Site for you, such as to keep you logged in while your visit our Site, Other functional/analytic Cookies are used to provide you with a better user experience, such as:

To personalize the Site by remembering information about your activities on the Site (e.g., the language you selected or your log-in details); and

Perform website analytics, such as demographic reporting to improve our Site and services.

Your Choices

Please review your Internet browser settings, typically under the sections "Help" or "Internet Options," to exercise choices you wish for certain Cookies. If you disable or delete certain Cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site. To go back to previous features or functions, you may be required to re-enter your log-in details. Please also visit the following third parties' websites to exercise your choice of retention or disabling of Cookies:

Google Analytics - https://tools.google.com/dlpage/gaoptout?hl=en

You may need to make such choices on each browser and device you may use to exercise choice regarding certain Cookies. Presently, the Site is not configured yet to honor browsers' "Do Not Track" signals. We will issue timely updates on the progress of our browsers configuration.

6. Opting out of marketing communications

You may opt out of receiving marketing communications from us at any time by using the "Unsubscribe" link in each newsletter or communication, or, where applicable, through your Account – Preferences settings.

7. Mobile Devices

We may send you push notifications as part of our services. Where legally required, we will ask your express consent before sending. You may also disable push notifications in your device settings.

8. International Transfers

In connection with the purposes described above, your information may be stored in locations outside of your home country, which may have different standards of data protection than your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers, including information transferred to third parties. With respect to such transfers from the European Economic Area ("EEA") to the United States and other non-EEA jurisdictions, we may rely on the EU Model Clauses and/or the need to process your information in order to provide the requested services (performance of a contract) to transfer your information. As permitted by applicable law, you may request details about the suitable safeguards we have in place by contacting us as detailed below. For Chinese residents, please see the details provided above under "China Privacy Rights."

9. Information from Other Partners

On certain occasion, affiliated entities, business partners, or other third-party providers may share information with us. As an illustration, if you access or sign-in to our Site through social media, such as Facebook Connect, we may collect information from you such as your username, and other information made available to us via such services. In general, as you provide such information is through the service provider themselves you can change those settings in your account settings of the relevant service provider. Likewise, we may work with our partners and affiliates to improve and personalize the use of our website in accordance with this policy.

10. Protecting Your Information

We maintain reasonable physical, electronic, and organizational security measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, or unauthorized disclosure or access. We will retain your information for longer period necessary for the purposes outlined in this Privacy Statement and internal company policies. When “Mgpp.io” no longer needs your information, we will – unless we need to keep your information to comply with applicable legal or regulatory obligations or the information is required to carry out corporate tasks and achieve our business objectives – remove it from our systems and records and/or take steps to hide its identity or sourcing.

11. How You Can Access or Change Your Information

If you wish to update your information, or in certain circumstances exercise rights to access, correct, delete, restrict, or object to processing of your information, as well as the right to revoke consent for certain processing or to exercise the right to data portability, please contact us by sending an email to:

help@mgpp.io

To protect your privacy and security, we will verify your identity before responding to such request, and your request will be answered within a reasonable timeframe. To the extent permitted by applicable law, we reserve the right to charge a reasonable fee for such access. We may need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law.

12. Updates to Privacy Statement

On occasion, “Mgpp.io” may revise this Privacy Statement to reflect changes in the law, our information collection and use practices, the features of our Site, or advances in technology. If we make revisions that change the way we collect or use your information, those changes will be posted in this Privacy Statement and the effective date will be noted at the beginning of this Privacy Statement. Therefore, you should review this Privacy Statement periodically so that you are up to date on our most current policies and practices. Agoda will also prominently post such material changes prior to implementing the change and ask for your consent if required by law.

13. Links to Third Party Websites

On our Sites, we may provide links to other websites that are not owned or operated by us ("Third Party Websites"). When you use a link online to visit a Third-Party Website, you will be subjected to that website’s privacy and security practices, which may differ from ours. You should familiarize yourself with the privacy policy, terms of use and security practices of the linked Third-Party Website before providing any information to that website.

14. Additional Considerations

A Special Note About Minors

None of our arrangements with business partners are expected to involve us engaging with a representative or worker of a business partner who is a minor.

Language

This Privacy Statement has originally been drawn up in the English language. Translations in other languages are not yet available. If Translations in other languages is provided for your convenience, in case of any conflict between the English language version and a translated version, the English language version shall prevail.

15. Contacting Us

If you have any questions about this Privacy Statement or our privacy practices, please contact our "Mgpp.io" Officer by email at privacy@mgpp.io, phone at +82 2 1599 7317(South Korea, charges apply) or by sending a registered letter to the address at: Matenetworks co., Ltd. 3F Jihee Bldg., 16 Teheranro-8gil, Gangnamg-gu, Seoul South Korea, 06233 If you reside in the EU, you may contact your local data protection authority with any questions or complaints about our privacy practices. If you reside in Thailand, you may contact your local data protection authority with any questions or complaints about our privacy practices. If you reside in South Korea, you may contact our resident representative in South Korea whose contact details are as follows: Representative: Wooho Jun 3F Jihee Bldg., 16 Teheranro-8gil, Gangnamg-gu, Seoul South Korea, 06233 Telephone: +82-2-1599-7317 E-Mail: privacy@mgpp.io