The Company collects the minimum necessary personal information to provide membership registration, smooth customer support, and service operation.

[Items of Personal Information Collected]
1. Website Membership Registration
-ID, password, nickname, email address

2. Social Network Service (SNS) Membership Registration
-Social identification value (key), nickname, email address (may vary depending on SNS settings)
-Supported SNS platforms: Kakao, Google, Facebook, Twitter(X), Line, WeChat, etc.

3. Events and Marketing Activities
-Mobile phone number, prize delivery address, name

4. Automatically Collected Information During Service Use
-IP address, cookies, access date and time, service usage records, records of improper use
-Device information (device ID, IMEI, etc.)

[Collection Methods]
-Membership registration through the website/ app, service use, event participation, phone, and customer center inquiries

The Company uses the collected personal information for the following purposes.

[Provision of Services and Contract Fulfillment]
Provision of content, provision of specialized services, delivery of goods, and identity verification

[Membership Management]
Identity verification and personal identification for the use of membership services, prevention of fraudulent and unauthorized use by delinquent members, confirmation of intent to join, age verification, handling of complaints, and delivery of notices

[Marketing and Advertising]
Development of new and specialized services, delivery of advertising information such as events, provision of services based on demographic characteristics, and analysis of access frequency

In principle, the Company destroys personal information without delay after the purpose of collection and use has been achieved. However, if retention is required by relevant laws and regulations, the Company stores membership information for a specific period as follows:

[Information Retention Pursuant to Relevant Laws]
- Records on contracts or withdrawal of subscription: 5 years (Act on the Consumer Protection in Electronic Commerce)
- Records on payment settlement and supply of goods: 5 years (Act on the Consumer Protection in Electronic Commerce)
- Records on consumer complaints or dispute resolution: 3 years (Act on the Consumer Protection in Electronic Commerce)
- Login records (access location info, etc.): 3 months (Protection of Communications Secrets Act)
- Records on labeling/ advertising: 6 months (Act on the Consumer Protection in Electronic Commerce)

[Information Retention Pursuant to Internal Policy]
Information of withdrawn members to prevent fraudulent use: Destroyed after 6 months of retention

In principle, the Company destroys personal information without delay once the purpose of processing has been achieved.

[Destruction Procedure]
Information entered by users is transferred to a separate database (or a separate filing cabinet for paper documents) after the purpose is achieved, stored for a certain period according to internal policies and relevant laws, and then destroyed.

[Destruction Methods]
- Electronic files: Deleted using technical methods that make recovery or reproduction impossible
- Paper documents: Shredded or incinerated

[Dormant Accounts]
If a user does not use the service for 6 months, the account is converted to a dormant account, and personal information will be restored upon subsequent reuse of the service.

In principle, the Company does not provide personal information to external parties or third parties without the user's prior consent. However, exceptions may be made in the following cases to ensure smooth service provision and improve user convenience:

- If users have given their prior consent
- If required by laws and regulations, or if requested by investigative agencies in accordance with the procedures and methods prescribed by law for investigative purposes

- Users may view or modify their personal information at any time through the "My Information" menu and may withdraw their consent to the use of personal information by canceling their membership.

- Users may request correction of errors in their personal information. The Company will not use or provide the relevant personal information until the correction is completed.

In accordance with Article 29 of the Personal Information Protection Act, the Company takes the following technical, administrative, and physical measures necessary to ensure safety.

[Administrative Measures]
Establishment and implementation of internal management plans, and regular employee training

[Technical Measures]
Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, and installation of security programs

[Physical Measures]
Restricted access to cloud servers

The Company uses cookies and mobile advertising identifiers to provide personalized services.

[Purpose of Cookies]
Analysis of access frequency, visit time, and usage patterns to provide optimized information

[How to Refuse Cookie Settings]
- Chrome: Settings > Privacy and security > Cookies and other site data
- Edge: Settings > Cookies and site permissions > Manage and delete cookies and site data
- Mobile (Android): Settings > Google > Ads > Delete or reset advertising ID
- Mobile (iOS): Settings > Privacy & Security > Tracking > Turn off "Allow Apps to Request to Track"

The Company designates the following personnel to oversee personal information processing and handle complaints and remedies.

[Personal Information Protection Officer]
Name : Jaegwan Park
Department/Title : Media Development Division / Director
Email : bluesoul@tf.co.kr

[Personal Information Protection Manager]
Name : Kwanghoon Lee
Department/Title : Management Planning Division / Director
Email : khlee@tf.co.kr