privacy policy

This Privacy Policy describes the processing of information provided or collected on the website where this Policy is posted. In addition, we describe the processing of information provided or collected by using the application of TriFriend (hereinafter referred to as the Company) on third-party websites or platforms. The company values the user's personal information, and through the personal information handling policy, the company uses the personal information provided by the user for what purpose and in what way, and what measures are being taken to protect personal information.

This policy is effective from December 14, 2017, and if it is amended, it will be notified through the website notice (or individual notice in writing, fax, e-mail, etc.).

 

1. Information to be collected and method of collection

(1) Items of personal information to be collected Items of personal information collected by the company are as follows. • Information provided by users The company may collect information directly provided by users.

Name, address, phone number, e-mail address, etc. ∘ Payment information such as account number, card number, etc. ∘ Delivery information such as delivery address, name of the recipient, contact information of the recipient, etc. In addition to information directly provided by users, the information company may collect information in the course of users' use of the company's services. Log data, usage time, search terms entered by users, Internet protocol addresses, cookies and web beacons, etc. ∘ Users’ preference for service use, advertising environment, pages visited, etc.

(2) Collection method The company collects user information in the following ways. • Web page, written form, fax, telephone, e-mail, generated information collection tool, etc. • Provided by partner companies

 

2. Use of collected information The company uses the collected user information for the following purposes. • Member management, identity verification, etc. • Detect and prevent unauthorized service use and illegal use, etc. • Implementation of contracts for service provision requested by users, settlement of fees, etc. • Improvement of existing services, development of new services, etc. • Company site or Notification of changes in application function or policy • Other users' prior consent (for example, use for marketing advertisements, etc.) Search and notification • Statistics on member's service use, service provision and advertisements according to statistical characteristics • Provision of promotional event information and participation opportunities • Compliance with applicable laws or legal obligations When using the information, the company will seek the user's consent.

3. Sharing of collected information The company does not share users' personal information with third parties except in the following cases.

• Sharing with the company's affiliates, partners, and service providers ∘ The company's affiliates, partners, and service providers perform services such as payment processing, order fulfillment, product delivery, and dispute resolution (including payment and delivery disputes) on behalf of the company When the user agrees in advance ∘ When the user chooses to share the user's personal information with a specific company and receive information on the company's products and services ∘ When the user's personal information is shared with a social networking site When a user chooses to share with a third-party site or platform ∘ When other users have agreed in advance • When required by law - When required to be disclosed by law - For investigation purposes, the request of an investigative agency in accordance with the procedures and methods stipulated in the law if there is

4. Cookies, Beacons and Similar Technologies The company may collect non-personal aggregate information through 'cookies' or 'web beacons'. A cookie is a very small text file that the server used to operate the company's website sends to the user's browser and is stored on the user's computer hard disk. A web beacon is a small piece of code placed on a website or email. Web beacons allow us to know whether a user has interacted with certain web or email content. These features are useful to personalize the user experience by evaluating and improving the service, to provide a better service to our users.

The items of cookies collected by the company and the purpose of collection are as follows. Essential Cookies These cookies are essential for users to use the company's website functions. If these cookies are not accepted, services such as shopping carts and electronic billing cannot be provided. These cookies do not collect information that can be used for marketing or to remember the sites you visit on the Internet.

(Example of mandatory cookies) ∘ Remember information entered in the order form when browsing other pages during a web browser session

∘ For products and checkout pages, remember the service you ordered ∘ Check whether you are logged in to the website Cookies collect information on how users use the company website, such as information on pages most frequently visited by users. This data helps us optimize our website and make it easier for users to browse our website. These cookies do not collect information about who you are. All information collected by these cookies is processed collectively to ensure anonymity. (Example of performance cookies) ∘ Web analysis: Provides statistics on how to use the website ∘ Ad response fee: Checks the effect of the company's advertisement ∘ Affiliate tracking: When one of the company's visitors visits the affiliate's website Provide anonymous feedback to affiliates about ∘ Error Management: Help improve the website by measuring errors that occur ∘ Design Test: Test the different designs of the company's website with the 'Like' button and 'Share' button Links to services provided by the same third party. The third party provides these services by recognizing that the user has visited the company's website. (Example of target cookie) ∘ Connect to a social network, and the social network uses the user's visit information to later promote it to users on other websites ∘ Visit users to present advertisements that may be of interest to users Providing information to advertising agencies Users have the option of installing cookies. Therefore, by setting options in the web browser, you can accept all cookies, check each time a cookie is saved, or refuse to save all cookies. However, if the user refuses to install cookies, there may be difficulties with some services provided by the company.

5. Users’ access rights and options Users or their legal representatives, as the subject of information, can exercise the following options in relation to the company’s collection, use, and sharing of personal information. • Right to access personal information • Correction or deletion of personal information • Temporary suspension of processing of personal information • To request withdrawal of previously provided consent, use the 'Modify Member Information' menu on the web page, or If you contact the department in charge of the company (or the person in charge of personal information management) in writing, by phone or by e-mail, we will take action without delay. However, the company may reject such a request only when there is a valid reason specified in the law or an equivalent reason.

6. Security The company takes the security of users' personal information very seriously. The company has implemented the following security measures to prevent unauthorized access, disclosure, use and modification of user personal information.

• Encryption of personal information - Transmitting the user's personal information using an encrypted communication section - Encrypting and storing important information such as passwords • Measures against hacking - Preventing users' personal information from being leaked or damaged by hacking or computer viruses Install the system in an area where access is controlled from outside to prevent it • Establishment and implementation of an internal management plan

7. Children's Privacy In principle, the Company does not collect information from children under the age of 13 or the minimum age equivalent to the applicable law. The company's website, products and services, etc. are, in principle, websites for the general public. The Company's website or application has age-restricted features that prevent it from being used by children, and we do not knowingly collect personal information from children through such features. (Additional when collecting children's personal information) will be additionally passed through. • Obtain parental consent to collect children's personal information or send the company's product and service information directly to children • Notify the guardian of the company's children's privacy policy including collected personal information items, purpose, and sharing • Legal representative Granting the right to request access to the child's personal information / correction or deletion of personal information / suspension of processing of personal information / withdrawal of previously provided consent • Collection of personal information beyond what is necessary for participation in online activities limitation of

8. Change of Privacy Policy The company reserves the right to amend or change this policy from time to time. If the company changes this policy, it will be notified through the website notice (or individual notice in writing, fax, e-mail, etc.), and if required by relevant laws, the user's consent will be obtained.

9. Other data transfer As the company operates worldwide, it may provide users' personal information to companies or other companies located in other countries for the purposes specified in this Privacy Policy. Where personal information is transferred, retained or processed, the company takes reasonable measures to protect personal information. In addition, when using or disclosing personal information obtained in the European Union, the Company may comply with the Safe Harbor Principles set forth by the US Department of Commerce, use standard contractual clauses approved by the European Union enforcement authorities, or otherwise within European Union regulations to ensure appropriate safeguards. Take measures or seek the user's consent. THIRD PARTY SITES AND SERVICES Our websites, products, services, etc. may contain links to websites, products, services, etc. of third parties. The privacy policies of linked third-party sites may be governed by the company's policies. Therefore, users should additionally review the privacy policy of the linked third-party site. Notice to California Residents If you are a California resident, certain rights may be added. The Company takes the necessary precautions to protect the personal information of its members in order to comply with the California Online Privacy Protection Act. If personal information is leaked, the user may request to confirm the information leakage. In addition, all users of the company website can change their information at any time by accessing their personal account and using the information edit menu. Also, the company does not track website visitors. It also disables 'do not track' signals. The company does not collect personally identifiable information through advertising services and do not provide it to third parties without the user's consent. Information for Korean Residents The Company informs you of some additional disclosures required by the Korea Information and Communications Network Act and the Personal Information Protection Act as follows.

(1) Information to be collected Items of personal information collected by the company are as follows. ∘ Name, address, phone number, e-mail address, etc. ∘ When paying by credit card: name of the credit card company, card number, card expiration date, etc. ∘ For small payments by mobile phone: mobile phone number, payment approval number, etc. ∘ For payment by bank transfer: name of bank, account number , Account password, etc. ∘ When depositing without a bankbook: Remitter name, contact information, etc. ∘ Delivery information such as delivery address, name of recipient, contact information of recipient, etc. ∘ Information such as bidding, purchase, and sales There is. ∘ Device information (device identifier, operating system, hardware version, device setting, phone number, etc.) Information on device location including specific geographic location through GPS, Bluetooth or Wi-Fi signals, etc.) , it will be disposed of without delay after the purpose is achieved.)∘ Examples of other generated information optional items Users may refuse to consent to the collection and use of optional items, and even if they refuse consent, there are no restrictions on service use. User analysis: ∘ Provision of customized advertisements such as reason for joining, occupation, marital status, wedding anniversary, interest categories, SNS account information, etc.: ∘ Delivery of urgent notices such as marketing activities and results, event participation contents and results: ∘ Other contracts Marketing of information provided by users in connection with the conclusion, maintenance, implementation, management, and participation in events: ∘ Retention and period of use of personal information such as user preference for service use, advertising environment, and pages visited When the purpose of collection and use is achieved, when the legal and business needs for personal information are resolved, or when the user requests it, the user's personal information is destroyed without delay. However, if it is necessary to preserve it in accordance with the relevant laws and regulations, the company keeps the member information for a certain period set by the relevant laws and regulations. The information that must be kept in accordance with the relevant laws and regulations is as follows. ∘ Records related to contract or subscription withdrawal: 5 years (Act on Consumer Protection in Electronic Commerce, etc.) ∘ Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.) ∘ Records on complaint or dispute handling: 3 years (Act on Consumer Protection in Electronic Commerce, etc.) ∘ Records on collection/processing and use of credit information: 3 years (Act on Use and Protection of Credit Information) Advertising records: 6 months (Act on Consumer Protection in Electronic Commerce, etc.) (Protection of Communications Secrets Act) Procedures and methods of destruction of personal information In principle, the company destroys the information without delay after the purpose of collection and use of personal information is achieved. However, information that must be kept in accordance with the relevant laws and regulations is stored for the period set by the laws and then destroyed. In this case, personal information stored and managed separately will never be used for any other purpose except as stipulated by law. Paper records containing personal information are shredded or incinerated, and personal information stored in electronic files is deleted using a method that is technically impossible to restore. Technical, administrative, and physical measures to protect personal information The company takes the following technical, administrative and physical measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in handling users' personal information are doing ∘ Measures to encrypt confidential information ∘ Establish and implement an internal management plan ∘ Point out the person in charge of personal information protection ∘ Education for personal information handlers ∘ Establish and implement an internal management plan ∘ Differentiate access rights to the personal information processing system Personal information manager in charge of personal information management The manager is as follows.

Name: Jo Gye-yeon

Affiliation: Wea Friends Co., Ltd. Phone: 02-2039-9660

Contact: richardcho@tripriend.net

Last updated January 17, 2020

10. Department in charge of the company The company has designated the relevant departments as follows to protect users' personal information and handle complaints related to personal information. If you have any questions about this policy or would like to update the user's information held by the company, please contact the company at the contact information below.

Operating address: Room 401, 160-2 Bangi-dong, Songpa-gu, Seoul

Phone: 02-2039-9660

Email: richardcho@tripriend.net

Last updated January 17, 2020