UBIGWORLD (hereinafter referred to as the "Company"), complies with the provisions on personal information protection pursuant to related laws that information and communication service providers must obey, such as the Protection of Communications Secrets Act, the Telecommunications Business Act, and the Act on Promotion of Information and Communications Network Utilizations and Information Protection, Etc. and it is striving to protect users' rights by establishing privacy policies pursuant to related laws.

1. Personal information items collected and method of collecting personal information
A. Collection of Personal Information
We collect the following personal information in order to provide the TopL service.
- Mandatory Items: mobile phone information(unique device number), profile info(country,city,birth,favorite message type), service use record (date of visit, initial login time, record of usage violations if applicable), device id and push key, UserSerial Number, The user information entered in the service process, purchase and payment history
- Mandatory Items(Only Korea): identification information(name, mobile phone number, mobile phone number, mobile carrier information, date of birth, gender, domestic and foreign information, connection information (CI), duplicate subscription information (DI))
- Optional Items: user e-mail address, face photo, personal introduction info, device info(model name,OS info,manufacturer), phone number(Auth)

Collection and Use of PersonalInformation

B. Method of collecting personal information
The Company collects personal information in the following ways:
- Automatically collecting personal information by executing or using the TopL program
- Collecting personal information provided when signing up for service or voluntarily agreed

2. Purpose of collecting and using personal information
A. Provision of basic TopL functions
TopL collects User status information, user introduction, TopL user names, IDs, and photographs are information users register to describe themselves when communicating with other users. The above information is shared between members.
B. Fulfillment of contracts regarding service provision and charges for service provision
Content provision, provision of customized service, delivery of goods, mailing invoices, personal identification, purchasing, bill payment, fee collection
C. Member management
Personal identification for the use of membership service and user identification pursuant to the Real Name Verification Law, personal identification, prevention of illegal and unauthorized use by rejected members, verification of intention to sign up, sign-up and limitation of the frequency of sign-up, checking whether the legal representative consented to the collection of the personal information of children under age 14, subsequent identification of legal representatives, maintaining records for resolution of disputes, handling civil petitions, including complaints, and delivery of notices
D. Use of personal information for development of new services and for marketing and advertising
Development of new services and provision of customized services, provision of services according to statistical characteristics and advertising, checking the effectiveness of services, provision of information on events and advertising information, provision of opportunities to participate, checking connection frequency, statistics on member service use, giving members the right of choice regarding transfer of existing service account information to similar new services

3. Personal information retention and use period
In principle, user personal information is immediately destroyed once the purpose of collecting and using personal information is fulfilled. However, the following information is retained for the specified period for the following reasons:
A. Reason for retaining the information in accordance with the internal policy of the Company
- Records on personal identification
Reason for retention: Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.
Retention period: 6 months
- Records on illegal use
Reason for retention: prevention of illegal use
Retention period: 1 year
B. Reason for retaining the information in accordance with relevant law
If it is necessary to retain personal information in accordance with relevant law, such as the Commercial Act and Act on Consumer Protection in Electronic Commerce, the Company retains member information for the period stipulated by the relevant law. In this case, the Company uses the information only for the purpose of retention for the following retention period.
- Records on cancellation of contracts or subscription
Reason for retention: Act on Consumer Protection in Electronic Commerce, Etc.
Retention period: 5 years
- Records on payment and supply of goods
Reason for retention: Act on Consumer Protection in Electronic Commerce, Etc.
Retention period: 5 years
- Records on consumer complaints or resolution of disputes
Reason for retention: Act on Consumer Protection in Electronic Commerce, Etc.
Retention period: 3 years
- Records on visits
Reason for retention: Protection of Communications Secrets Act
Retention period: 3 months

4. Outsourcing the handling of personal information
The company entrusts the service to an external professional company as follows.
- Consignment to: KG Mobilians
- Purpose of entrustment: Confirmation of identity to prevent illegal use and criminal damage

5. Sharing and providing personal information
The Company uses user personal information within the scope stipulated in "2. Purpose of collecting and using personal information," and does not use it outside of this scope or disclose it without the user's prior consent in principle. However, an exception is made in the following cases:
- In the event that users consented to disclosure in advance; and
- In the event that an investigative agency requests disclosure in accordance with law, or in accordance with procedures and methods stipulated by law for the purposes of investigation

6. Procedure for and method of destroying personal information
In principle, user personal information is immediately destroyed once the purpose of collecting and using personal information is fulfilled. The Company destroys personal information in accordance with the following procedure and method.
A. Procedure for destroying personal information
- The information users entered to sign up for membership is moved to a separate database (a separate filing cabinet in the case of paper) after the purpose is fulfilled and stored for a certain period to protect personal information in accordance with internal policies and relevant laws, and then destroyed.
- This personal information is not be used for purposes other than retention, unless otherwise stipulated by law.
B. Method of destroying personal information
- Personal information printed on paper is shredded using a shredder or incinerated.
- Personal information saved in an electronic file is deleted using a technical method ensuring that records cannot be recovered.

7. The rights of users and legal representatives and the method of exercising them
- TopL services are only available to those aged 18 or older.
- Users and legal representatives may inquire about or modify their own registered personal information and request the cancellation of membership sign-up or suspension of the processing of personal information.
- To inquire or modify the personal information of users or children under age 14, you can click "My Profile" within the service. To cancel membership (withdraw consent), you can click delete TopL app.
- If you request in writing or by e-mail that the personal information manager inquire about or modify personal information, cancel membership, or suspend the processing of personal information, we will take immediate action.
- If you request that errors in personal information be corrected, the personal information is not used or provided until the correction is completed. Also, if incorrect personal information has already been provided to a third party, the correction is immediately sent to the third party.
- The Company processes cancelled or deleted personal information in accordance with the request of the user or legal representative as stipulated in "3. Personal information retention and use period" and does not view or use it for other purposes.

8. Technical/administrative measures to protect personal information
In handling user personal information, the Company is taking the following technical/administrative measures to ensure safety and prevent the loss, theft, leak, alteration, or damage of personal information.
A. Measures against hacking and other data damage
The Company is taking every measure to prevent the leak or damage of member personal information due to hacking or computer viruses. The Company frequently backs up personal information and data and uses the latest vaccine programs to prevent personal information or data from being leaked or damaged. The Company uses a firewall to prevent unauthorized access from outside and technical devices for systematically maintaining security.
B. Minimization and training of employees handling personal information
Only authorized persons in the Company are permitted to handle personal information. Separate passwords are assigned to them and updated periodically, and they receive frequent training focusing on compliance with the TopL privacy policy.
C. Operating an organization dedicated to protection of personal information
The Company uses the internal procedures for protection of personal information to check that the TopL privacy policy is carried out and the persons in charge comply with the policy. If problems are uncovered, the Company immediately makes changes and corrects them. However, the Company cannot be held liable for any problems caused by the leak of personal information due to the user's negligence or Internet problems.

9. Personal information manager and contact information
You can use the Company's service to report all complaints about personal information protection to the personal information manager or the department in charge. The Company promptly responds to user reports.

(1) Personal information manager
- Name: UI JUN HWANG
- Team: R&D Team(Development Team)
- Position: Team Leader
- E-mail: : info.ubigworld@gmail.com

(2) If you need to report invasion of privacy or need counseling, please contact the following organizations.
- Privacy Invasion Reporting Center (without area code) 118 (privacy.kisa.or.kr)
- Cybercrime Investigation Department, Supreme Prosecutors’ Office 02-3480-3571(cybercid@spo.go.kr)
- Cyber Terror Response Center, National Police Agency 1566-0112(www.netan.go.kr)

10. Provide information to investigative agencies
At the request of the investigative agency for cooperation, the company provides the "A. Collection of Personal Information" of the suspect's "1. Personal information items collected and method of collecting personal information".

11. Obligation to notify
If content is added to the current privacy policy or its content is deleted or modified, the Company will indicate the change on the TopL website (http://www.ubigworld.com) or the "Megaphone" screen in the TopL service at least seven days before the effective date.
Date of notification: Apr 01, 2023
Effective date: May 01, 2023

한국어