Time Grindy

Privacy Policy

Article 1 (Purpose)

  • Time Grindy (hereinafter referred to as the "Company") establishes the following Privacy Policy (hereinafter referred to as "this Policy") in order to protect the information (hereinafter referred to as "Personal Information") of individuals (hereinafter referred to as "Users" or "Individuals") using the services provided by the Company (hereinafter referred to as the "Company Services"), to comply with relevant laws and regulations, and to promptly and smoothly handle grievances regarding the protection of personal information of Service Users.

Article 2 (Principles of Personal Information Processing)

  • In accordance with personal information laws and regulations and this Policy, the Company may collect users' personal information, and the collected personal information may be provided to third parties only with the individual's consent.
  • However, if lawfully compelled by the provisions of laws, etc., the Company may provide the collected users' personal information to third parties without the individual's prior consent.

Article 3 (Disclosure of This Policy)

  • The Company discloses this Policy on the homepage or on a screen linked from the homepage so that users can easily check this Policy at any time.

Article 4 (Amendment of This Policy)

  • 1. This Policy may be amended in accordance with changes in laws, guidelines, or notices related to personal information, or in the policies or content of the government or the Company's services.
  • 2. When the Company amends this Policy pursuant to Paragraph 1, it shall provide notice through one or more of the following methods:
    • 2.1 Notification via the notice section on the first screen of the Company's internet homepage or through a separate window.
    • 2.2 Notification to users via written document, fax, email, or similar methods.
  • 3. The Company shall provide notice under Paragraph 2 at least 7 days prior to the effective date of the amendment to this Policy. However, if there is a significant change to user rights, notice shall be provided at least 30 days in advance.

Article 5 (Information for Provision of Company Services)

  • The Company collects the following information to provide the Company's services to users.
  • 1. Mandatory Information to be Collected: USER ID

Article 6 (Methods of Collecting Personal Information)

  • The Company collects users' personal information in the following ways:
  • 1. By users entering their personal information through services provided by the Company, such as applications, other than the website.
  • 2. By users entering information during the process of using the Company's services, such as consultations at the Customer Center or activities on the bulletin board.

Article 7 (Use of Personal Information)

  • The Company uses personal information in the following cases:
  • 1. When necessary for the operation of the Company, such as the delivery of notices.
  • 2. When necessary for the improvement of services for users, such as responding to inquiries and customer service.
  • 3. When necessary to provide the Company's services.
  • 4. When necessary for measures to restrict usage by members who violate laws and regulations or the Company's Terms and Conditions, and for the prevention and sanctioning of acts that hinder the smooth operation of the Service, including fraudulent use.

Article 8 (Retention and Use Period of Personal Information)

  • 1. The Company retains and uses the user's personal information for the period required to achieve the purpose of its collection and use.
  • 2. Notwithstanding the preceding paragraph, in accordance with internal policies, the Company retains records of fraudulent use of the service for a maximum of one year from the time of membership withdrawal to prevent fraudulent registration and use.

Article 9 (Principles for Destruction of Personal Information)

  • In principle, the Company destroys personal information without delay when it is no longer needed, such as when the purpose of processing the user's personal information has been achieved or the retention and usage period has expired.

Article 10 (Procedure for Destruction of Personal Information)

  • Information entered by users for purposes such as membership registration is transferred to a separate database (or a separate filing cabinet in the case of paper documents) after the purpose of processing personal information has been achieved.
  • It is then destroyed after being stored for a certain period in accordance with internal policies and reasons for information protection under other relevant laws and regulations (refer to the retention and usage period).
  • The Company destroys personal information for which a reason for destruction has arisen through an approval process by the Chief Privacy Officer.

Article 11 (Method of Destruction of Personal Information)

  • IThe Company deletes personal information stored in the form of electronic files using technical methods that prevent the records from being reproduced, and destroys personal information printed on paper by shredding with a shredder or by incineration, etc.

Article 12 (Measures for Transmission of Advertising Information)

  • 1. When the Company transmits advertising information for profit using electronic transmission media, it shall obtain the explicit prior consent of the user. However, prior consent shall not be obtained in any of the following cases:
    • 1.1 Where the Company has directly collected contact information from the recipient through a transaction relationship regarding goods, etc., and the Company intends to transmit advertising information for profit regarding goods, etc. of the same type as those processed and transacted with the recipient within six months from the date the transaction ended.
    • 1.2 Where a telemarketer verbally notifies the recipient of the source of collection of personal information and makes a telemarketing call.
  • 2. Notwithstanding the preceding paragraph, if the recipient expresses an intention to refuse receipt or withdraws prior consent, the Company shall not transmit advertising information for profit and shall notify the recipient of the results regarding the refusal to receive or the withdrawal of consent.
  • 3. Notwithstanding Paragraph 1, when the Company transmits advertising information for profit using electronic transmission media during the hours from 9:00 PM to 8:00 AM the following day, it shall obtain separate prior consent from the recipient.
  • 4. When the Company transmits commercial advertising information using electronic transmission media, it shall specifically disclose the following matters, etc., in the advertising information:
    • 4.1 Company name and contact information
    • 4.2 Indication of matters regarding the expression of intent to refuse receipt or withdraw consent to receive

Article 13 (Inquiry into Personal Information and Withdrawal of Consent to Collection)

  • 1. Users and their legal representatives may inquire about or modify their registered personal information at any time and may request the withdrawal of consent to the collection of personal information.
  • 2. To withdraw consent for the collection of their sign-up information, etc., users and their legal representatives may contact the Chief Privacy Officer or the person in charge in writing, by phone, or via email, and the Company will take action without delay.

Article 14 (Change of Personal Information, etc.)

    1. Users may request the Company to correct errors in their personal information through the methods described in the preceding article. 2. In the case of the preceding paragraph, the Company shall not use or provide the personal information until the correction is completed. If incorrect personal information has already been provided to a third party, the Company shall notify the third party of the results of the correction process without delay to ensure that the correction is made.

Article 15 (Obligations of Users)

  • 1. Users must keep their personal information up to date, and users are solely responsible for any problems arising from the input of inaccurate information.
  • 2. In the event of membership registration using another person's personal information without authorization, the user may lose their eligibility or be punished under relevant personal information protection laws.
  • 3. Users are responsible for maintaining the security of their email address, password, login ID, etc., and may not transfer or lend them to a third party.

Article 16 (Company’s Management of Personal Information)

  • In processing users’ personal information, the Company takes necessary technical and administrative protective measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged.

Article 17 (Processing of Deleted Information)

  • The Company processes personal information that has been terminated or deleted at the request of a user or their legal representative in accordance with the "Retention and Use Period of Personal Information" collected by the Company, and processes it so that it cannot be accessed or used for any other purpose.

Article 18 (Encryption of Passwords)

  • User passwords are stored and managed using one-way encryption, and verification or modification of personal information is possible only by the user who knows the password.

Article 19 (Measures Against Hacking, etc.)

  • 1. The Company is doing its utmost to prevent the leakage or damage of users' personal information caused by hacking, computer viruses, or other intrusions into information and communications networks.
  • 2. The Company uses the latest antivirus programs to prevent the leakage or damage of users' personal information or data.
  • 3. The Company is doing its best to ensure security by utilizing an intrusion prevention system to prepare for any eventuality.
  • 4. In cases where the Company collects and retains sensitive personal information, it ensures that personal information can be safely transmitted over the network through encrypted communication, etc.

Article 20 (Minimization of Personal Information Processing and Training)

  • The Company limits the number of personnel responsible for processing personal information to a minimum and emphasizes compliance with laws and internal policies through administrative measures, such as training for personal information processors.

    • Article 21 (Measures Regarding Personal Information Leakage, etc.)

    • When the Company becomes aware of the fact of the loss, theft, or leakage of personal information (hereinafter referred to as "Leakage, etc."), it shall notify the relevant user of all matters listed in each of the following subparagraphs without delay
    • 1. Items of personal information that have been leaked, etc.
    • 2. The time at which the leakage, etc. occurred
    • 3. Measures the user may take
    • 4. Response measures by the information and communication service provider, etc.
    • 5. Department and contact information where the user may receive consultation, etc.

    Article 22 (Exceptions to Measures Regarding Personal Information Leakage, etc.)

    • Notwithstanding the preceding article, if there is a legitimate reason, such as the inability to know the user's contact information, the Company may take measures to substitute the notification under the preceding article by posting on the Company's website for at least 30 days.

    Article 23 (Designation of the Company’s Chief Privacy Officer)

    • The Company designates the relevant department and Chief Privacy Officer as follows to protect users' personal information and handle complaints related to personal information.
    • Chief Privacy Officer
    • Name: Kim Young-mo
    • Position: CEO
    • Email: timegrindy@gmail.com

    Addendum

    • This policy shall take effect on May 19, 2026.