Privacy Policy

Pomerium (hereinafter the "company") strives to protect users' personal information. All the personal
information that the company hold is collected, used, disclosed, and protected according to the Singapore
Personal Data Protection Act (“PDPA”).

When a user visits a website indicating a link to the personal information protection policy or uses the
service, he/she is considered to agree to the contents of the privacy policy.

1. Personal Information to be Collected

Personal information, as defined in the PDPA, refers to information about an individual that can be
identified in certain information or in relevant information and other information that the company can
access to or has a possibility to access. Personal information that the company may hold includes:

i. Email, password, nickname, referral code

ii. Pomerium wallet account information
ⅲ. User's service use history
ⅳ. Details on the transaction between the user and the company
ⅴ. Third-party wallet addresses and transaction information
ⅵ. Additional information provided for participation in the event
ⅶ. Additional information provided for consultation processing when inquiries and consultations
viii. Other personal information that users may provide from time to time

The company collects information directly from users as much as possible. The company collects, uses,
and discloses personal information only when permitted in accordance with the PDPA or other applicable
law.
The company can collect not only the personal information that the user provides, but also certain
information relating to the user which is not considered as personal information according to the PDPA.
Information such as terminal information (OS, screen size, device ID, phone model, terminal model name),
IP address, cookies, visit date & time, unauthorized use records, service use records, etc. can be
automatically generated and collected while using PC web homepage or mobile web/app. Users can
accept or reject cookies by modifying their browser settings.

2. Use of Personal Information

The personal information that the company collects is used only for the purposes of providing the services
of Pomerium, including member management, service provision/improvement, new service development,
etc. The company collects the minimum personal information necessary for providing services as follows
through the website or individual applications or programs while registering membership or using service.

ⅰ. User identification/confirmation of intention to join, identification, prevention of unauthorized use

ⅱ. Provision of various services, treatment of inquiries or complaints, and delivery of notices
ⅲ. Prevention and sanction against acts that disrupt the smooth operation of the service (including
account theft and unauthorized use, etc.)
ⅳ. Development of new services and utilization for marketing
ⅴ. Service use records, statistics on access frequency and service use, service environment establishment
in terms of privacy protection, and use for service improvement
ⅵ. Anti-money laundering, fraud prevention & detection

User’s personal information may be used at the company's sole discretion in exceptional circumstances,
such as national emergencies, security concerns, or other circumstances that is regarded as reasonable.
For the above purposes, the company may contact users through other means of communication, such as
e-mail.

The company tries further to observe the EU's General Data Protection Regulation (“GDPR”), particularly
to protect the personal information of data subjects within the European Union. A company or a third
party that uses personal information may not belong to a country within the European economic zone
(“EEA”) as needed. The user recognizes that the protection of personal information provided by the
corresponding country may not be appropriate level of protection for the personal information determined
by the European Commission.

3. Provision of Personal Information

The company does not provide the user's personal information to a third party except when there is a
user's separate consent or when laws and regulations stipulate it.

4. Other Companies’ Links

The company’s platform may include links to websites of the company’s partner network, advertisers, etc.
These websites and all the services that users can access through them have their own privacy policies,
and the company does not take any responsibility for personal information that may be collected through
them.

5. Destruction of Personal Information

The company holds the user's personal information for the period required according to the purpose of
collection or by applicable laws. If users withdraw their joining, the company will keep their personal
information in a separate database in accordance with applicable laws. When a user complains about the
use of personal information before the user withdraws his/her joining, the company may extend the
possession of personal information for up to 3 years from the date when the complaint is presented.
The company can anonymize users' personal information for the purpose of research or statistics, in which
case the company can use the information indefinitely without further notice to the user.
Users can contact the company to request information related to their personal information. The company
will try to respond within 30 days of receiving the request and will respond in accordance with applicable
laws. If the company accepts the user’s request to withdraw his/her personal information, the company
will permanently delete all electronic files and destroy any physical documents disclosing the user’s
personal information.
Those who are under the age of 14 cannot use the service of Pomerium. The company does not request
or collect information from anyone under the age of 14. If the company identifies the users who are
under the age of 14, it will immediately suspend their account and delete their personal information.

6. Security
Although there are inherent risks in the electronic data transmission over the Internet, the company takes
proper proactive measures to avoid exposing users' personal information to unnecessary risks. The
measures are as follows:

ⅰ. The company is encrypting users’ personal information.

ⅱ. The company is installing and monitoring related systems in an accessible area to protect personal
information from hacking or computer virus. The company blocks the use of external Internet services with
a PC for business within the company.
ⅲ. The company minimizes the person who can access personal information and prepares and
continuously checks the systematic criteria for the creation, change, and access to passwords for the
database system that stores personal information and the system that processes personal information.

7. Modification of Privacy Policy

The company may modify the privacy policy for the purpose of reflecting changes in laws or services. The
updated privacy policy will be posted on the company's website with the date of the modification. If there
is a material change in user rights due to a change in the policy, the company will notify the user of it at
least 30 days in advance. Unless otherwise requested or rejected by the user, the user is considered to
agree to the policy change.

8. Inquiry
If there are inquiries, complaints, advice, and other matters related to personal information protection that
occur while using the service, please contact the person in charge of personal information protection.
Contact: contactus@pomerium.com

9. Governing Law
The privacy policy follows the Singapore’s Personal Information Protection Act. All the articles are governed
by the laws of the Republic of Singapore, and users agree to follow the exclusive jurisdiction of the courts
of Singapore.

This policy will be applied from on 11 16, 2022.