Halfsim Privacy PolicyEffective date: July 12, 2026
Hills Inc. (the "Company") complies with applicable laws, including the Personal Information Protection Act, and establishes and discloses this Privacy Policy to protect the personal information of users of the Halfsim service.Article 1 (Purposes of Processing)The Company processes personal information for the following purposes. Processed personal information is not used for any other purpose; if the purpose changes, the Company takes necessary measures such as obtaining separate consent.• Fulfilling Product (eSIM) purchase contracts: issuing and delivering eSIMs, providing purchase details• Payment processing: payment, refunds, and withdrawal handling• Customer support: confirming inquiries and complaints and notifying results• Legal compliance: retaining e-commerce records, etc.
Article 2 (Items Collected and Collection Methods)• At purchase: email address, order details• At payment: payment approval information (payment method details such as credit card numbers are collected and processed directly by the payment processor and are not stored by the Company)• At customer inquiries: email address, inquiry details• Collected automatically during use: IP address, access logs, cookies, device and browser information
Article 3 (Processing and Retention Periods)The Company destroys personal information without delay once the purpose of processing is achieved. However, the following records are retained for the periods required by applicable laws:• Records on contracts or withdrawal: 5 years (Act on Consumer Protection in Electronic Commerce)• Records on payments and the supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce)• Records on consumer complaints or dispute handling: 3 years (Act on Consumer Protection in Electronic Commerce)• Service access records: 3 months (Protection of Communications Secrets Act)
Article 4 (Provision to Third Parties)The Company processes personal information only within the scope stated in Article 1, and provides it to third parties only with the User's consent or where specifically required by law.
Article 5 (Outsourcing and Cross-Border Transfer)The Company outsources personal information processing as follows to provide the Service smoothly; where the processor is located overseas, a cross-border transfer occurs.• eSIM supply partners: issuing and delivering eSIM profiles (order information, email address / overseas)• Payment processor: payment processing and refunds (payment information, email address)• Cloud infrastructure providers: data storage for service operation
When entering into outsourcing contracts, the Company stipulates the matters necessary for the secure management of personal information and supervises whether processors handle it safely. Article 6 (Destruction Procedures and Methods)Personal information whose retention period has expired or whose processing purpose has been achieved is destroyed without delay. Electronic files are deleted using irreversible technical methods, and paper documents are shredded or incinerated.
Article 7 (User Rights and How to Exercise Them)Users may at any time request access to, correction or deletion of, or suspension of processing of their personal information. Requests may be made by email to the Privacy Officer under Article 10, and the Company acts without delay. A User's legal representative or an authorized agent may also exercise these rights.
Article 8 (Security Measures)• Restricting and managing access rights to personal information• Encrypting personal information and protecting data in transit (HTTPS)• Technical measures against hacking and retention of access records• Minimizing the number of people handling personal information
Article 9 (Cookies)The Company may use cookies to provide personalized services. Users may refuse cookies through their web browser settings, in which case some parts of the Service may be difficult to use.
Article 10 (Privacy Officer)Users may contact the Privacy Officer regarding any privacy-related inquiries, complaints, or requests for remedy arising from use of the Service. Article 11 (Remedies for Infringement)Users may apply for dispute resolution or consultation to the following organizations to obtain relief from personal information infringement:• Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)• Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)• Supreme Prosecutors' Office: 1301 (www.spo.go.kr)• National Police Agency: 182 (ecrm.police.go.kr)
Article 12 (Changes to This Policy)If this Policy is added to, deleted from, or amended, the changes are announced on the Service at least 7 days before the effective date.
AddendumThis Policy takes effect on July 12, 2026.