We are deeply committed to safeguarding your personal information, and our privacy principles guide all of our global business operations. These principles ensure that we protect your privacy consistently across all regions. Our approach to privacy complies with the laws of each respective country, and it is fundamentally shaped by the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy governs the information provided or collected through the applications of the company available on the website platform where this policy is posted

It delineates our policies and procedures concerning the collection, use, and disclosure of your information when utilizing our services. Additionally, it informs you of your privacy rights and the protections afforded to you by law.

This policy will take effect on October 1, 2024. Any subsequent revisions will be communicated through announcements on our website (or via individual notifications, such as emails).

(1) Personal Information Provided Directly by Users and Its Purpose
OSSVIS USA utilizes your personal data to provide and enhance our website services. By using our services, you consent to the collection and use of information in accordance with this Privacy Policy.

※ The Company processes users' personal information lawfully in accordance with applicable laws only under the following circumstances:

• When the user has expressly consented to the processing of their personal information
  - When processing is necessary for the performance of a contract to which the user is a party, or in order to take actions at the user's request prior to entering into a contract
  - This includes, but is not limited to, member management and identity verification
• When processing is mandated for compliance with a legal obligation to which the Company is subject - This encompasses adherence to relevant laws, regulations, legal procedures, and government requests
• When processing is deemed necessary to protect the vital interests of the user or another natural person
  When processing is required for the execution of a task carried out in the public interest or in the exercise of official authority vested in the Company
• When processing is necessary for the legitimate interests pursued by the Company or a third party (provided that such interests do not override the interests or fundamental rights and freedoms of the user—particularly in instances where the user is a minor and heightened privacy protections are warranted).

(2) Automatically Collected Information
In the course of utilizing the website, the Company may collect the following personal information, strictly adhering to relevant laws and maintaining a respect for user rights:

※ Reason for Using Cookies

• Analytics cookies: These cookies are utilized to analyze user behavior patterns
• Essential cookies: These are necessary for users to navigate the website and utilize its core functionalities
• Cookies for enhancing user experience: These cookies remember user preferences and settings (e.g., region or language) to provide personalized services
• Adopting website tracking technologies: Tracking does not utilize personal information; instead, it employs non-identifiable data (i.e., data that cannot be specifically linked to you)

You may disable cookies through your browser's help or settings menu. However, please be aware that disabling cookies may limit your ability to use certain features of the website or affect its overall functionality. For instructions on how to disable cookies, please refer to the [Appendix]

(1) Automatically Collected Information
- Addressing product inquiries submitted by users via the website
- Responding to user requests for information regarding areas of interest
‒ Obtaining marketing consent for the enhancement of personalized services

(2) Provision to third parties
- Delivering customized services related to products through local operators in the EU and other jurisdictions

(3) Profiling
We may process users' personal information for the purpose of profiling. Profiling encompasses the identification, analysis, and prediction of users' interests and preferences, thereby facilitating the automatic provision of tailored content and commercial information that aligns with specific interests and requirements.
Such information will be utilized exclusively to establish customer profiles and preferences, thereby ensuring the delivery of more pertinent content.

(4) Compliance with legal obligations
Users' personal information may be utilized for the following purposes:
- Compliance with requests from governmental authorities, the judiciary, and law enforcement agencies, or the enforcement of court judgments
- Adherence to integrated terms and conditions as well as the privacy policy
- Safeguarding our rights and managing resultant consequences in the event of damages
- Prevention of unlawful activities, including but not limited to fraud

(1) The Company retains personal information for the duration stipulated by applicable laws or within the retention period agreed upon at the time of collecting personal information from the user.

(2) The specific retention period of personal information is as follows:

※ Users have the right to request the deletion of their personal information.
The Company will promptly undertake corrective and deletion measures upon such requests within the stipulated retention periods. However, personal information may be retained in accordance with applicable laws in cases of legal disputes or other permitted reasons

The company may provide users' personal information to third parties, including but not limited to:
(1) Partners providing customized services to which the user has consented [List of Partner Companies]

(2) Domestic and foreign parties involved in processing legal actions or requests for the transmission of personal information

(1) The right to provide information regarding the processing of personal data, as well as the rights to access, rectify, delete, or restrict such processing.
You have the right to request access to, modification of, rectification of, or deletion of the personal data we have collected about you. However, we reserve the right to refuse deletion if we can demonstrate a compelling legitimate basis for retaining your information

(2) You are entitled to restrict the processing of your personal data under the following circumstances:
- In the event that you contest the accuracy of your personal data
- If the processing is deemed unlawful, yet you oppose the deletion of your personal data and instead request its processing to be restricted
- When your personal data is no longer necessary for the purposes for which it was collected, but you require it for the establishment, exercise, or defense of legal claims
- In circumstances where the processing is essential for the performance of a task carried out in the public interest or for the purposes of legitimate interests, and the controller is engaged in assessing whether the legitimate grounds of the organization supersede those of the individual

(3) Right to data portability
The Company acknowledges your right to data portability, which grants you the ability to transfer your personal data to another system for your convenience, provided that such transfer does not adversely affect the rights and freedoms of other individuals

(4) Right to object
‒ For direct marketing purposes, should your personal data be processed for the promotion of goods or services
‒ Profiling: In situations where an individual's behavior, interests, and preferences are analyzed to predict specific characteristics or behaviors.
‒ For processing carried out in the public interest: You may exercise the right to object, even when your personal data is utilized for scientific research or statistical purposes, based on your specific circumstances.

(5) Right to withdraw consent
You are granted the right to withdraw your consent (if present) to the processing of your personal data at any time. This encompasses the right to revoke consent concerning automated decision-making and profiling.

(6) Rights related to automated decision-making
You have the right to refrain from being subjected to decisions that rely solely on automated processing, particularly in cases where such decisions significantly impact you and are predicated exclusively on automated means.

California residents are granted the right to be informed about the personal information we collect regarding them and how we sell or disclose this information to third parties.
(1) We do not share your personal information with third parties for direct marketing purposes, except as permitted by law. We may share personal data with third parties for marketing purposes in relation to our product inquiry services. Should our policy change, we will make the necessary adjustments in accordance with applicable laws and notify you in advance.

(2) You have the right to request disclosure of the information we have collected about you by contacting our Privacy Department via email.

(3) You also have the right to request the deletion of your personal information by contacting our Privacy Department via email

(4) You have the right to exercise your rights free from discrimination.

The Company has appointed a Data Protection Officer to oversee and protect personal data. As a user of our services, you have the right to exercise your rights regarding personal data, including the rights to provide information, access your data, make modifications, request deletion, or impose restrictions. If you have any questions about our privacy practices, please feel free to contact the Data Protection Department using the details provided below.

• Privacy Officer
  - Department: Administration
  - Address : 1805 Royal Ln Suite #100 Dallas, TX. 75229
  - Phone : 469-587-1414
  - Email: info@ossvis.com
• Data Protection Officer (DPO)
  - Name: Alex Park
  - Phone Number: 469-587-1414
  - Email: alexpark@ossvis.com

We undertake the transfer of personal data to third countries strictly in accordance with the appropriate protective measures stipulated in this Privacy Policy. In this regard, South Korea is recognized as a country that has received an adequacy assessment approval. Consequently, the personal data of users is afforded protection under the provisions of the South Korean Personal Information Protection Act.

(1) Data Security
The Company is committed to taking reasonable and appropriate measures to ensure that your personal information is accurate, complete, up-to-date, secure, and reliable for its intended purposes. We have instituted both procedural and technical security measures designed to safeguard your personal information against loss, unauthorized access, disclosure, alteration, or destruction.

(2) Data Retention
The Company shall retain your personal information for a duration that is reasonably necessary to fulfill legitimate business purposes or as mandated by applicable law. The specific duration of personal data retention is detailed in our data retention policy. Consequently, when your personal information is no longer required, we will undertake the necessary actions to ensure its deletion.

(3) Data Transfer
Personal data may be transferred to service providers or systems located in countries that do not provide a level of data protection equivalent to that of your country. In such cases, the Company will ensure compliance with the cross-border data transfer and export control laws of the countries in which it operates.
When transferring personal data outside the European Union ("EU") or the European Economic Area ("EEA"), we will adhere to the requirements governing such transfers. Additionally, in accordance with the California Consumer Privacy Act (CCPA), we will disclose the fact of such transfers to users and obtain their consent to ensure the protection of their rights.

(4) Policy on the Protection of Children’s Personal Information
Our website is designed for use by adults or businesses, and we do not knowingly collect personal information from children under the age of 16. The Company does not intentionally collect personal information from children and has no intention of doing so. If you believe that we may possess specific information about a child, please contact us at it@huvitz.com.

This Privacy Policy may be amended, supplemented, or modified in response to changes in laws, policies, or security technologies. Any such changes will be communicated to users via our website or through email notifications.