Privacy Statement

SUPERCAT Inc. (hereinafter referred to as "the Company") uses your personal information to provide some services in order to provide the best service to the users.

In dealing with user's personal information, the Company shall comply with laws and regulations such as the Act on the Promotion of Information and Communication Network Utilization and Information Protection Act, the Personal Information Protection Act, the Act on the Protection and Use of Location Information, In order to prevent abuse of important personal information of users, we will clarify purpose, method and scope of personal information collection and use by establishing and operating the following personal information handling policy. This Privacy Policy is subject to change due to changes in related laws and regulations or Company's internal policies.

This policy will take effect May 14, 2019.

Article 1 [Personal Information of Users To Collect]

1. The following information may be collected and used for the purpose of providing services and customer consultation when registering and providing services. The User and his legal representative may refuse to collect or use any of the following information at any time by withdrawing their consent to withdraw their personal information.

(1) It is necessary to register the user ID (including the e-mail address), the password, the mobile phone number, the date of birth, and the game version information, the terminal information (model name, communication Company information, OS information and version, Terminal language and country information)

(2) In the case of a service that is linked to an external platform such as SNS and chat service, the contact information such as ID, nickname, friend list, profile picture, name, sex, address, date of birth, language and country code

(3) Service usage record, access log, payment record, IP address

2. The following information may be collected and used if the user wishes to use additional services operated on the basis of the user's personal information, such as participating in an event or advertisement, or purchasing paid contents. In this case, the Company shall notify the User of such fact and obtain the User's consent.

(1) Mobile phone number, address, gender, e-mail address, age, marital status, area of interest, occupation

(2) In the case of a service that is linked with social community functions, information of a third party such as a phone number or e-mail stored in the address book of the device such as a mobile phone of a user is temporarily stored,

(3) In the case of the purchase or related services of paid contents, the credit card number, the ID and password of the voucher partner, the account number of the bank

3. For services that require age verification or personal authentication, you may collect the following information with your consent.

(1) Encrypted personal identification information (CI)
(2) Duplicate registration confirmation information (DI)
(3) Name, date of birth, sex
(4) Foreigner information

4. The Company may use the following Google Analytics advertising features to collect personal information provided by Google and may opt-out of such use of the Google Advertising or Mobile App preferences.

(1) Remarketing with Google Analytics
(2) Google Display Network Impression Report
(3) Google Analytics Demographics and Interests report
(4) An integrated service that allows Google Analytics to collect data using advertising cookies and anonymous identities

5. Information on terminals (terminal model, hardware ID, operating system version information) and service usage basic statistics

(application use information for providing synchronization, reading function, bookstore and application for user or personalized recommendation function) Usage information) may be collected, but this is an unidentifiable form of the individual. If additional personal information is required during the use of the Service, the Company will notify the User of such fact and obtain consent in advance.

6. The following information may be automatically generated and collected during the process of using the service or processing the business.

- IP address, cookie, access log, payment record, bad use record, service use record

7. In the course of using paid services, the following information may be collected by the personal information trustee (payment agency), but the Company does not keep payment information.

- At the time of credit card payment: Mission of the card, card number, etc.
- Mobile phone settlement: phone number, carrier, payment authorization number, etc.
- When transferring money: Account name, bank name, account number, telephone number, etc.
- When using Gift Vouchers: Gift Voucher Number

8. Name, date of birth, gender, national / foreigner, if identity verification is required to comply with relevant laws and regulations. Your mobile number, carrier information, or i-pin info (optional), identity verification values may be collected.

9. The Company may collect personal information of users through the use of services, event application, fax, telephone, customer center, or from partner companies, as well as the collection of information generated by users.

Article 2 [How to Collect Personal Information]

1. The Company collects personal information in the following ways:

(1) The method that the user directly inputs in the process of using the homepage or service
(2) User's response contents during the wireline consultation process
(3) Receiving information from affiliates
(4) Collection through network communication information or access history
(5) Other fax, telephone, consultation board, e-mail, event entry

2. The Company operates cookies just like a regular website.

(1) Cookies are small text files sent by the server used to run the website to the user's browser and stored on the hard disk of the user's computer.

(2) When a user visits a website, the website server reads the contents of the cookie and maintains the preferences, thereby allowing the user to access the website and use it conveniently.

(3) Cookies are used to identify only the user's computer, not the user, and to provide optimized services to the user, such as keeping logins, storing IDs, and analyzing usage patterns.

(4) The login identification cookie expires when logging out or when the browser is closed. Cookies for storing the ID and automatically logging in are kept for 90 days.

(5) The Company uses cookies in mobile devices (such as smartphones and tablet PCs) in order to provide the same Internet environment for mobile services as the PC environment.

Article 3 [Purpose of Collection and Use of Personal Information]

1. The Company may use collected personal information for the following purposes.

(1) User management

Identification of individuals based on content provision, confirmation of duplicate membership, age and gender identification, internal / foreign identification, bad user management, detection and use of abnormal users, contract execution, dispute settlement

(2) Service provision

Provide complaints and other customer service, deliver notices, provide paid payment service and notify payment details, co-play in game and support community service

(3) Develop new services and use marketing and advertising

New service, event information guide, service quality improvement and statistical information processing

(4) Providing automatic friend addition and automatic friend registration

Provides a function to add and register an automatic friend by collecting and using a mobile phone number of a user and a mobile phone number of a third party stored in the address book of the user's device

Article 4 [Consent for Collection of Personal Information]

1. The Company does not collect personal information without the consent of the individual.

2. The Company shall establish a procedure by which the user can choose whether to agree to the contents of the Privacy Policy or the Terms of Use through the 'I agree' button, and if the 'I agree' button is selected, Stored in the Customer DB and considered to be used in accordance with the stated purpose of use.

3. If you agree to collect your personal information through a third party such as an affiliate, you will also have the option of agreeing to the Privacy Policy or Terms of Use through the "I agree" button, if you select the "I agree" button, it will be considered the same as agreed.

Article 5 [Sharing and Providing Personal Information]

The Company shall use the personal information of the user within the scope of notifying the purpose of collecting and using the personal information of Article 3 of this Guideline and providing the personal information to the third party not specified in the personal information handling policy and the Terms of Use Will notify the user in advance of the notice or consent, and if you do not agree to provide such information, we will not provide your personal information to any third party. However, in the following cases, exceptions may be made to third parties without the consent of the user.

(1) If there is a request by the investigating agency in accordance with the special provisions of the law, the judgment and order of the court, the binding order of the administrative organ or the procedure and method prescribed by the law for the purpose of investigation

(2) When it is necessary for the settlement of charges by the suppliers in accordance with the service provision

(3) Provided in a form in which personal information cannot be identified for marketing purposes such as various events and surveys, customer orientation analysis

Article 6 [Retention Period of Personal Information and Withdrawal of Users]

1. The Company shall, in accordance with Article 29 of the Promotion of Information and Communication Network Utilization and Information Protection Act, in order to protect the personal information of long-time service cosmeticians, if the following conditions are met, the Company may immediately destroy the personal information of the user, Save, and manage the data.

- Target: Customers who have not logged in for the past year or have no consultation history

- The Company notifies the user through e-mail, etc. 1 month before the separation / storage of the personal information of the user who has not been in the long-term service.

2. The Company shall retain and use the personal information collected from the user while the user's status is maintained. If the purpose of the information is completely achieved even if the user's status is lost or the user's status is maintained, It's possible. However, the Company retains the following information during the "Retention Period" in accordance with the grounds stated in the "Retention Basis".

(1) Possession basis: purpose of consumer dissatisfaction and dispute settlement when leaving membership

Retention period: 30 days

Items: mobile phone number, e-mail, connection record, connection date, access point information, bad use record, device model information, download record, payment record, member ID, password, nickname

(2) Possession basis: Guidance for event progress and purpose of selecting winner

Retention period: 30 days

Items: Name, address, phone number, mobile phone number, email, member ID, nickname, carrier, open market store ID, open market store nickname, date of birth

3. Notwithstanding the provisions of Paragraph 2 above, if there is reason to hold information under relevant laws and regulations, if it is necessary to preserve in accordance with relevant laws and regulations, such as the Commercial Act, Consumer Protection Act in Electronic Commerce, etc., Keep your information for a period of time. In this case, the Company uses the information it keeps only for the purpose of keeping it, and the preservation period is as follows.

(1) Records concerning advertising and advertising: 6 months (Consumer Protection Act for Electronic Commerce etc.)

(2) Record of contract or withdrawal of subscription: 5 years (Act on Consumer Protection in Electronic Commerce etc.)

(3) Record of payment and goods supply: 5 years (Consumer Protection Act for Electronic Commerce etc.)

(4) Record of complaints or disputes of consumers: 3 years (Act on Consumer Protection in Electronic Commerce etc.)

(5) Books and supporting documents on all transactions prescribed by the tax law: 5 years (National Tax Basic Act)

(6) Record on Electronic Financial Transactions: 5 years (Electronic Financial Transactions Act)

(7) Record of identity verification: 6 months (Act on Promotion of Information and Communication Utilization and Protection of Information, etc.)

(8) Record of access logs, connection IP information, etc. Service use: 3 months (Communication Privacy Protection Act)

4. If you apply for withdrawal, the account will be withdrawn immediately. This ID will be permanently disabled. User registration with the same e-mail address will be restricted for one month after withdrawal.

5. In principle, the Personal Information Protection Act has the right to refuse personal information collection consent.

Article 7 [Procedures and Methods for Destroying Personal Information]

1. In principle, when the purpose of collecting and using personal information about the user's personal information is achieved, the Company will destroy the information without delay. The procedure and method of personal information destruction of the Company are as follows.

(1) The information entered by the customer for the purpose of user enrollment, etc. is transferred to a separate DB after the purpose is accomplished (in the case of paper, separate document box). In accordance with the internal policy and other information protection reasons Refer to) after being stored for a certain period, it is destroyed. Personal information will not be used for any purpose other than that held by law unless otherwise provided by law.

(2) Personal information printed on paper is crushed by a crusher and destroyed. Personal information stored in the form of electronic files is deleted using a technical method that cannot reproduce the record.

Article 8 [Rights and Obligations of Users and Legal Representatives and Their Duties]

1. The Company shall obtain the consent of the legal representative separately from the child's consent if the consent of the collection, use, provision, etc. of the personal information protection of the person who is under 14 years of age (hereinafter referred to a "child") is required.

2. In order to obtain the consent of Section 1, the Company may request the minimum necessary information such as the name and address of the legal representative, and the collected personal information of the legal representative may be used for other purposes other than to confirm the consent of the legal representative We do not offer it to third parties.

3. The agreement of the legal representative is used for the complaint of the consumer and the settlement of the dispute when the contract between the child and the Company, the withdrawal of the subscription, the settlement of payment, and the supply of goods occur.

4. The withdrawal of consent or the expiration of the validity of the statutory agent's consent will be terminated in a non-playable manner after thirty (30) days after the expiration date. However, if there is a need to preserve by law of related laws such as commercial law or consumer protection law in e-commerce, Company keeps personal information of legal representative for the period set by related laws and regulations.

5. The legal representative of the child may request the retrieval of the child's personal information, the correction request, or the withdrawal of the consent to the collection, use and provision of personal information. If such a request is made, the Company shall take necessary measures without delay.

6. Users and their legal representatives may view or modify their personal information. This can be done through the ability to view and change membership information in the service or through a wired phone call with the agent. However, if the user's personal information is linked with an external platform such as SNS or chat service, you must inquire or change the personal information according to the method provided by the platform vendor.

7. If a user requests correction of a personal information error, the Company shall correct the error without delay or inform the user of the reason for not correcting it, and take necessary measures until the necessary action is taken. Or do not provide. However, when requested to provide personal information under other laws, we may provide or use the personal information.

8. You have a duty to protect yourself and not to infringe on the information of others. Please be careful that your personal information including your password is not leaked, and please do not disturb personal information or posts of others.

9. If the user fails to fulfill the responsibilities set forth in paragraphs 6 to 8 and violates the information and dignity of others, he/she may be punished by the Act on Promotion of Information Network Usage and Information Protection, etc.

Article 9 [Matters Concerning the Installation and Operation of Automatic Collection Device of Personal Information and Its Refusal]

1. The Company installs and operates a device that automatically collects personal information such as cookies (cookies, access information files) that store and retrieve user's information from time to time to provide personalized services. A cookie is a small text file sent to your device by the server used to run the application and stored in your device's storage. When the user uses the application, the server reads the contents of the cookies stored in the user's device to maintain the user's preferences and provide customized services.

2. The Company may use cookies for the following purposes.

(1) Analyze the frequency of users' accesses and visit times

(2) Identify and track user's taste and interests

(3) Provide targeted marketing and personalized services through various event participation and number of visits

3. You have the option to install cookies. As a result, you can allow all cookies in the device settings or options, check each time a cookie is saved, or refuse to save all cookies. However, if the user refuses to store all cookies, the service may be restricted or not available.

Article 10 [Technical and Administrative Protection Measures of Personal Information]

1. The Company takes the following technical and administrative measures to ensure the safety of personal information in order to prevent personal information from being lost, stolen, leaked, altered or damaged in handling personal information of users.

(1) Password encryption

Your password is encrypted and stored and managed. Therefore, even if the user forgets his or her password, it is impossible to confirm the password, and a new password is issued after a predetermined identification process.

(2) Enhanced network security

A. The Company takes various technical measures to prevent the leakage of user's personal information through unusual network access such as hacking, computer virus, etc., and is constantly monitoring the network connection.

B. We use secure cryptographic communication method for communication between Company server and database, and try to have all possible technical devices to secure security system.

(3) Minimization and training of handling staff

A. The Company's personal information handling staff is limited to the person in charge. A separate password is assigned to the person in charge, and the information is periodically updated. The Company constantly emphasizes compliance with the privacy policy through regular training.

B. At the time of entry of all employees, the Company has internal procedures for preventing the leakage of information by the person through the security contract of the handler and auditing the implementation of the personal information policy and compliance with the employee.

C. Personal information is handled thoroughly while maintaining security and clarifies responsibility for personal information accidents after entering and leaving the Company.

(4) Access and storage control

A. The area where the personal information is handled and stored is set as a security zone so that only those who have the right to handle personal information can control access. Tangible and electronic records containing personal information can be stored in a place I keep it on my computer with access privileges.

(5) Operation of personal information protection organization

A. Through the in-house personal information protection organization, we check the implementation of personal information protection policy and compliance with the person in charge. However, the Company will not take any responsibility for any problems caused by leakage of personal information such as ID, password, e-mail address due to user's carelessness or problems on the Internet.

Article 11 [Personal Information Manager and Person in Charge]

1. The Company is doing its best to provide the best service by using personal information safely. The personal information manager is responsible for the protection of personal information in case of an accident that is against the above notice. However, despite technical remedies, there is no liability for any damage to information due to unexpected accidents caused by basic network dangers such as hacking, and any disputes over the posts made by visitors.

2. Contact department

You may contact the designated person or person designated below to communicate your opinions or complaints about the Company's privacy policy. The following staff will do their best to collect your opinions and handle complaints.

- Personal information manager

Name: Lee Taesung

Email address: iwanlee@supercat.co.kr

3. You may report all personal information related complaints arising from your use of the Company's services to the Personal Information Management department or Customer Center (we@supercat.co.kr). The Company will respond promptly to the users' complaints.

4. Please contact the following organizations if you need to report or consult about other personal information infringement.

- Personal Information Infringement Notification Center (http://www.1336.or.kr/ (02) 1336)
- ePRIVACY (www.eprivacy.or.kr / (02) 580-0533~4)
- Supreme Prosecutor's Office, Advanced Crime Investigation Department (www.spo.go.kr / (02) 3480-2000)
- Cyber Terrorism Response Center (http://www.police.go.kr/ctrc/ctrc_main.htm / (02) 392-0330)

Article 12 [Opinion Collection and Complaint Processing]

The Company has opened a window for filing opinions and complaints regarding the protection of personal information. If you are dissatisfied with your personal information, we will notify you of the result of your inquiry when you give your opinion to the person in charge of personal information management of the Company.

Personal information manager Email address: iwanlee@supercat.co.kr

Article 13 [Duty of Notification]

The Company's Privacy Policy may be changed due to changes in laws and the internal policies of the Company. In such cases, the Company shall notify the user of the changes at least 7 days prior to the date of the change.