Article 1 (Purpose of processing personal information)

The company processes personal information for the following purposes. The personal information being processed will not be used for any purpose other than the following purposes, and if the purpose of use is changed, it will be guided in detail in accordance with Article 18 of the Personal Information Protection Law and will receive separate consent from the user.

1. Member identification and management
   Identification of members and acceptance of membership, provision of game services, identity verification through service provision, purchase and payment, product and service delivery, etc. Prevention of unauthorized use and unauthorized use of defective members, confirmation of intention to join, member identification, restriction of subscription and number of subscriptions, confirmation of purchase breakdown, confirmation of settlement facts by others
2. Customer consultation and complaint handling
   Confirmation of identity by using membership service, identification of individuals, prevention of unauthorized use and unauthorized use of defective members, confirmation of intention to join, collection of personal information of children under 14 years old, confirmation of consent of legal representative Presence / absence, later identification of legal representative, record keeping for dispute adjustment, handling of complaints, notifications, etc.
3. Use for new service development, advertising and marketing
   Development of new services and provision of custom-made services, service provision and advertisement placement based on statistical characteristics, service validity confirmation, provision of events and advertising information and participation opportunities, understanding of access frequency, use of user services Statistics, gift shipment.
4. (Selection information) service improvement and custom-made service development

Article 2 (Personal information items to be processed and collection methods) The company processes the following personal information items.

1. Member identification and management (when joining THE SALT members)
   • ·Required item

     -THE SALT membership account creation: ID, email, password, nickname, gender

     -When an authentication provider-linked account is created: Facebook, Google or Apple game center identification information (user primary key, nickname / profile photo, etc.)

     · Selectable items: birthday, phone number, auxiliary email, country, profile picture

     * There is no restriction on the use of games and services even if the user does not enter the selection information.

2. Use of game services (THE SALT membership and guest users)
   • ·Required item : User's mobile phone terminal information (model name, OS type and version, Mac Address, IMEI, communication company information, mobile phone number, Android ID, ADID, IDFA, etc.) Game usage and connection IP record, authentication record, settlement Cookies such as records, bad usage records, game versions, etc.

     * The collected items may differ depending on the terminal OS version.

     · Selection item: None

3. Customer consultation and complaint handling service

   • · Required fields: Email, ID or game nickname, IP address

     · Selection item: Information necessary for confirmation and answer to inquiry

4. Under the internet service usage process, personal information items are automatically generated and can be collected.

   • · IP address, cookie, MAC address, service use record, visit record, defect use record, etc.

5. Events and promotions
   • ·Required item :

     · Participation in new game reservation events: name, contact information, email

     -Delivery of gifts, etc .: Name, contact information, address

     -Tax levy for event winners (exceeding $500): Resident registration number and copy of ID

     * Users may or may not participate in company events and promotions. The mandatory collection information in this section applies only when users participate in events and promotions.

6. Confirmation of consent from legal representative
   • ·Required item : For children under 14 years old, The legal representative information (name, date of birth, gender, mobile phone number, information on eyepin)

     * If you have not confirmed your consent, you can restrict the use of the game by users under 14 years of age.

Article 3 (Personal Information Processing and Retention Period)

1. The company processes and retains personal information within the period of possession and use of personal information according to laws and regulations, or within the period of possession and use of personal information agreed upon when collecting personal information from users.
2. Each personal information processing and holding period is as follows.
   • ① Member's identification information: Withdrawal (however, ID and E-mail are 14 days after withdrawal)
   • ② Customer consultation and complaint handling: 3 years from the date of inquiry. However, in the case of the following reasons, until the end of the reason

     1) If investigation / investigation due to violation of related laws / regulations is in progress, until the end of the investigation / investigation

     2) When the receivable / debt relationship remains due to the use of the service, until the adjustment of the receivable / debt relationship

   • ③ Provision of goods or services: Until the completion of supply of goods and services and payment settlement. However, in the case of the following reasons, by the end of the period

     1) Records related to transactions such as display / advertisement, contract details, and transition under the Act on Consumer Protection in Electronic Commerce.

     -Records related to display and advertisement: 6 months

     -Contract or contract cancellation, price settlement, supply record of goods: 5 years

     -Records on consumer complaints or dispute resolution: 3 years

     2) Storage of communication fact confirmation materials in accordance with Article 41 of the Order for Enforcement of the Communications Secret Protection Act

     -Subscriber telecommunications date and time, start / end time, partner's subscriber number, frequency of use, source base station location tracking data: 1 year

     -Personal computer communication, Internet log recording materials, connection location tracking materials: 3 months

Article 4 (Provided by a third party of personal information)

• The company processes the user's personal information only within the scope specified in Article 1 (Purpose of processing personal information), and only when there is a user's consent or there is a special reason permitted by law. To a third party. However, we can provide personal information with care in the following cases:
  • ① When user agrees in advance
  • ② When provision of materials is compulsory or legally requested by a court, investigative body, or other administrative body based on legal provisions
  • ③ When it is necessary for fee settlement by service provision
  • ④ When providing to a third party in a form that does not identify a specific individual

Article 5 (Consignment of personal information processing)

• ① In principle, the company does not outsource the handling of personal information of users.
• ② In the event of outsourcing, the company will notify the user of the content generated by the personal information processing policy without delay and obtain separate consent.

Article 6 (Rights of Users and Legal Agents and How to Exercise)

1. Users can exercise the rights related to personal information protection of the following items at any time about the company.
   • ① Personal information browsing request
   • ② If there is a defect, request correction
   • ③ Request deletion
   • ④ Process stop request
2. The exercise of rights under paragraph ① can be made to the company via written, telephone, e-mail, or facsimile (FAX). The company will take necessary measures without delay when requested by the user.
3. If a user requests correction or deletion of a defect in personal information, the company will not use the personal information or provide it to a third party until the correction or deletion is completed.
4. The exercise of rights according to paragraph ① may be made through an agent such as a legal representative of the user or a person who has been delegated. In this case, you must submit a letter of attorney in accordance with the Enforcement Rules of the Personal Information Protection Law and Attachment No.11
5. Users must not infringe on the personal information and privacy of the users themselves and others who are being processed by the company in violation of relevant laws such as the Information and Communications Network Act and the Personal Information Protection Act.

Article 7 (Matters concerning the installation and operation and refusal of an automatic collection device for personal information)

1. In order to provide users with personalized services, the company uses 'cookies' that save usage information and load them from time to time.
2. A cookie is a small amount of information sent to the user's computer browser by the server (http) used to operate the website and may be stored on the hard disk in the user's computer.
   • ① Purpose of use of cookies: Used to provide information optimized for users by ascertaining the types of visits and usage of each service and website visited by users, popular search terms, presence of security connections.
   • ② Cookie Installation, Operation and Rejection: Cookies can be refused to be saved by setting options in the upper web browser→ Internet Options→ Personal Information menu.
   • ③ If you refuse to store cookies, it may be difficult to use a tailor-made service.

Article 8 (Disposal of Personal Information)

1. The company will destroy personal information without delay when personal information is no longer needed, such as when the retention period of personal information has passed or the processing purpose has been achieved.
2. If the retention period of personal information agreed to by the user has passed or the purpose of processing has been achieved, the personal information must be kept in accordance with other laws and regulations. Move to the database (DB) or change the storage location and save.
3. The procedures and methods for destroying personal information are as follows.
   • ① Procedure for destruction

     a. In principle, the user's membership information shall be retained and used during the period of notification and consent, and the purpose of collecting and using personal information will be achieved, or shall be destroyed without delay when the retention period expires, when the membership is withdrawn.
     However, IDs and e-mails are temporarily stored for 14 days from the date of withdrawal for the purpose of recovery from damage caused by theft of personal information and the protection of the victims, etc., and are completely deleted in a way that cannot be reproduced.

     b. The company will select the personal information for which the reason for destruction occurred, obtain the approval of the company's personal information protection officer, and destroy the personal information.

   • ② How to discard

     The company records and saves personal information recorded and stored in the form of electromagnetic files using a method such as Low Level Format so that it cannot be played back. Personal information is destroyed by crushing or incineration.

Article 9 (Measures to ensure the safety of personal information) The company has taken the following measures to ensure the safety of personal information.

1. Management measures: Establishing and implementing internal management plans, regular employee training
2. Technical measures: Access authority management of personal information processing system, access control system installation, encryption of unique identification information, security program installation
3. Physical measures: Access control for computer rooms, data storage rooms

Article 10 (Personal Information Security Officer)

1. The company shall be responsible for the overall processing of personal information, and to handle user complaints and damage relief related to the processing of personal information as follows: Has designated a Personal Information Security Officer.
   • ▶ Personal information protection officer
   • - Email: thesalt210813@gmail.com
   • * You will be connected to the department in charge of personal information protection.
2. Users can inquire about personal information protection inquiries, complaint handling, damage relief, etc. arising from the use of company services (or business) to the personal information protection officer and the department in charge. The company will respond to and process user inquiries immediately.

Article 11 (Personal Information Browsing Request)

• Users can make a request for browsing personal information in accordance with Article 30 of the Information and Communications Network Law and Article 35 of the Personal Information Protection Law. The company will endeavor to promptly process requests for browsing personal information of information subjects.
  • ▶ Personal information browsing request processing department
  • ▶ Department name: Policy Security Team
  • - Email: thesalt210813@gmail.com

Article 12 (Responsibility for Infringement of Rights)

Information subject can make inquiries about damage relief and consultation for infringement of personal information to the following organizations.

• [The following organizations are separate from the company. If you are not satisfied with the results of the company's own personal information complaint handling and damage relief, or if you need more assistance, please contact us.]
• ▶ Personal information infringement filing center (managed by Korea Internet Promotion Agency)
• -The work in charge: Declaration of personal information infringement fact, consultation application
• -Homepage: privacy.kisa.or.kr
• -Telephone: (No area code) 118
• -Address: (58324) 9, Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea
• ▶ Personal Information Dispute Mediation Committee
• - The work in charge: Personal information dispute mediation application, collective dispute mediation (civil settlement)
• -Homepage: www.kopico.go.kr
• -Telephone: (No area code) 1833-6972
• -Address: (03171) 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
• ▶ The Cyber Investigation Division of the Grand Public Prosecutors Office:()1301(www.spo.go.kr)
• ▶ Police Agency Cyber Safety Bureau: (No station number) 182 (http://cyberbureau. police.go.kr)

Article 13 (Others)

The company can provide links to other websites or materials. In this case, the company does not have any control over external sites and materials, so it cannot be held responsible for the usefulness, truthfulness, or legality of the services and materials from it, and cannot be guaranteed. If you click on a link included in a company and move to a page on another site (site), the personal information processing policy of that site is not related to the company, so please check the policy of the newly accessed site.

Article 14 (Change of Personal Information Processing Policy)

1. This personal information processing policy will be applied from January 22, 2024.
2. When there is a change in the personal information processing policy (addition, deletion / modification of contents), the company will revise it and announce it to users at least 7 days in advance. In particular, we will notify you at least 30 days in advance if there is a significant change in your rights.