Privacy Policy

Wolf Corp. ("the Company") adheres to laws and regulations related to personal information protection to safeguard users' valuable personal information. Through this Privacy Policy, users can understand what personal information the company collects, how it's used, to whom it's provided, and when and how it's destroyed. This policy is not only applicable to the gaming service but also to any additional services directly or indirectly related to the game service. Any changes will be announced through this Privacy Policy.

1. Collection of Personal Information

The company only collects essential personal information for service provision, and informs the users in detail and obtains their consent during the collection process.

• Mobile Game Services: [Mandatory] ID, Nickname, Payment Information, Email Address, IMEI, MAC Address, IP Address, Visit Date and Time, Service Usage Records, Misuse Records, Payment Records, Error Information
• Payment: [Mandatory] Mobile Number, Cultureland/Happymoney/BooknLife Member ID
• Event or Promotion Notification: [Optional] Mobile Number, Email Address
• Prize Delivery: [Mandatory] Name, Mobile Number, Address
• Prize Money Payment: [Mandatory] Bank Account Information (Account Holder Name, Account Number, Bank Name)
• Tax Handling: [Mandatory] Resident Registration Number, Address, Name
• Announcement Delivery: [Mandatory] Email Address, Mobile Number
• Event and Event Participation: [Optional] Name, Mobile Number, Gender, Date of Birth, Email Address
• Inquiry Response: [Mandatory] Nickname, ID, Email Address, Payment Information, Automatically Generated Information, Device Identification Information (Additional personal information may be collected depending on the type of inquiry).

For purposes such as ensuring service stability, preventing misuse, protecting accounts and items, restricting violations of laws and company terms, automatically generated information (IP, Access Records, Service Usage Records, Misuse Records, Download Records, Payment Records, Cookies, etc.) and device identification information (OS Information, Hardware Information, Mac Address, Advertisement Identifier, etc.) may be collected during service usage.

If you use the company's services with another company's account, only the personal information that the user has agreed to will be provided by the company and processed within the scope of the agreed purpose.

2. Use of Personal Information

The company uses personal information for the following purposes and if the purpose changes, users will be informed in detail and their consent will be obtained.

• Identify users and verify their identity for member management.
• Provide additional services directly or indirectly related to the game service.
• Use personal information for event or promotion notifications.
• Confirm event participation intentions and use personal information for prize delivery, tax handling, etc.
• Deliver announcements needed for service operation, such as terms of use changes, service disruptions, game usage history, and personal information usage history.
• Respond to inquiries, handle complaints, and improve user services using personal information.
• Create a safe environment for service usage with personal information.
• Analyze the service environment through service usage records and provide services tailored to user characteristics.

3. Sharing and Providing Collected Personal Information

For users to conveniently and quickly use the service, the company has entrusted some tasks to other companies. The company manages and supervises the entrusted companies to ensure that they handle users' valuable personal information safely. The entrusted companies are restricted from re-entrusting to another company without the company's prior approval. However, there are exceptions in the following cases:

1. When the user has agreed in advance to disclosure or provision.
2. In case of violation of the service terms of use, operation policies, or other policies set by the company.
3. When there is sufficient evidence to judge that personal information needs to be disclosed to take legal action against someone who harms others mentally or materially through the service.
4. In good faith, when it is deemed necessary by law (e.g., when the provision of data is enforced by laws or when there is a request from a court, investigative agency, or other administrative agency following a lawful procedure).
5. The company can provide user information to the Mobile/ARS Payment Arbitration Center within the scope requested by the Mobile/ARS Payment Arbitration Center to resolve disputes arising in connection with mobile/ARS payments when there is a request from the Mobile/ARS Payment Arbitration Center. Mobile/ARS Payment Arbitration Center (www.spayment.org) - Phone: 1644-2367
6. For customers who use paid services, information is provided to the payment agency for payment service provision, billing, etc.

The company may share users' personal information for new technology development or better service provision. In such cases, before collecting or providing information, the company informs users of who the institution, organization, business partner, or third party is, why the information is necessary, and how the information is used and stored. Without the user's consent, the company does not arbitrarily collect or share additional information. In case the company places and sends advertisements for gender, age, etc., users' personal information is not provided to advertisers, advertising agencies, etc. The company provides only the number of exposures, clicks, etc. for each advertisement.

If the personal information necessary for statistical processing, academic research, or market research is provided, it is provided in a form that cannot identify a specific individual. When providing information in a form that can identify a specific individual, the company obtains the consent of the user in advance.

4. Delegation of Personal Information Handling

The company delegates the handling of personal information as described below for the provision of game services and enhancement of user convenience. When delegating, the company stipulates necessary matters to ensure safe management of personal information in accordance with relevant laws.

The institutions and content of the company's delegation of personal information handling are as follows:

Entrusted Business and Duration of Personal Information Retention

1. Seoul Credit Evaluation Information Co., Ltd (Contact: 1588-4753/ Website: www.sci.co.kr)
   • Entrusted Business: Real name verification and personal authentication
   • Retention and Use Period: The information is already held by the credit evaluation agency, so it is not stored separately.
2. Danal Co., Ltd. (Contact: 031-697-1004 / Website: www.danal.co.kr)
   • Entrusted Business: ARS, mobile phone, bank transfer, culture gift card, game culture gift card, book culture gift card, Happy Money gift card payment processing, service operation, and customer support
   • Retention and Use Period of Payment Information: 5 years after payment completion
   • Retention and Use Period for Complaint Handling: Until member withdrawal
3. MPO Ltd.
   • Entrusted Business: SMS transmission system operation

5. Retention and Use Period of Personal Information

In accordance with the "Act on the Promotion of Information and Communication Network Utilization and Information Protection, etc.", the company can take necessary measures such as contract termination and personal information destruction to protect the personal information of members who have not used the company's services for a consecutive year (hereinafter referred to as "dormant accounts"). In this case, the member is notified of the measures taken, the expiration date of the personal information retention period, and the items of personal information 30 days before the action date.

Personal information collected with the consent of the user is retained and used as long as the member's qualifications are maintained. If termination is requested, it is completely deleted from the disk in a non-recoverable manner and is processed in a state where subsequent access or use is impossible.

However, for recovery and protection of victims in case of personal information theft, the company can temporarily retain personal information collected at the time of membership registration, such as name and contact information, for up to 14 days from the date of termination. The ID is retained for 30 days due to linkage with other services and is then completely deleted in a non-recoverable manner. The following cases are exceptions:

1. When there is a need for preservation under provisions of laws such as the Commercial Act
   • Record related to contract or withdrawal of offer
   • Reason for Retention: Consumer Protection in E-Commerce Act
   • Retention Period: 5 years
   • Record related to payment and supply of goods, etc.
   • Reason for Retention: Consumer Protection in E-Commerce Act
   • Retention Period: 5 years
   • Record related to consumer complaints or dispute resolution
   • Reason for Retention: Consumer Protection in E-Commerce Act
   • Retention Period: 3 years
   • Website visit record
   • Reason for Retention: Telecommunications Secrets Protection Act
   • Retention Period: 3 months
   • All transaction-related ledgers and evidential documents stipulated by tax law
   • Reason for Retention: Basic National Tax Law
   • Retention Period: 5 years
2. When there is a need for preservation according to the service use agreement
   • Service use restriction record
   • Reason for Retention: Prevention of unfair use
   • Retention Period: Service use restriction period
3. When the consent of the member has been obtained individually

6. Personal Information Destruction Procedure and Method

Once the purpose of collecting and using personal information is achieved, the company destroys the information without delay. However, exceptions are made if it is stipulated in relevant laws or if consent has been obtained from the user.

1. Consumer Protection in E-Commerce Act
   • Record related to contract or withdrawal of offer: 5 years
   • Record related to payment and supply of goods, etc.: 5 years
   • Record related to consumer complaints or dispute resolution: 3 years
2. Telecommunications Secrets Protection Act
   • Login-related records: 1 year

When a member/game user withdraws, the information collected for service provision is retained for 30 days for the purpose of handling consumer complaints and dispute resolution and then deleted. Information collected for events and the like is retained for up to 1 year, but this can vary by event, and the period stated on each event page takes precedence. Personal information of users who have not used the service for 1 or 5 years, according to the user's consent, is stored separately in a safe manner. Personal information in electronic file format is deleted using technical methods so that it cannot be reused, and personal information printed on paper is shredded.

7. Rights of Users and Legal Representatives and Their Exercise

1) Protection of personal information of children under 14

Users and legal representatives can view or modify their own or their child's personal information under 14 at any time and can also request to cancel their membership. To view/modify personal information of the user or child under 14, click on 'Change Personal Information' (or 'Modify Member Information', etc.), and for membership withdrawal (consent withdrawal), click on 'Membership Withdrawal Application'. After passing the identity verification procedure, you can directly view, correct, or withdraw.

2) On protection of user's personal information

Users can view or modify their registered personal information at any time. If you do not agree to the company's processing of personal information, you can refuse consent or request membership withdrawal. However, in such cases, it may be difficult to use some or all of the services. For viewing and modifying personal information, click on 'Change Personal Information' (or 'Modify Member Information', etc.), and for membership withdrawal (consent withdrawal), click on 'Membership Withdrawal'. After passing the identity verification procedure, you can directly view, correct, or withdraw. Additionally, by contacting the data protection officer in writing, by phone, or by email, immediate action will be taken. Personal information that has been canceled or deleted at the request of a user or legal representative is processed as specified in Article 5 "Retention and Use Period of Personal Information" by the company and is treated in such a way that it cannot be accessed or used for other purposes.

The company uses 'cookies' to provide users with a customized service. A cookie is a very small text file sent by the server used to operate the service to the user's PC or mobile device and can also be stored on the user's PC or mobile device.

8. Installation/Operation and Rejection of Personal Information Automatic Collection Devices

The company uses cookies to understand the visit and usage patterns of members and non-members and the size of the user base, and to create and provide more convenient services. Users have the option regarding the installation of cookies. You can either check every time a cookie is stored or refuse to store all cookies. However, if you refuse to store cookies, it may be difficult to use some or all of the services that require login.

To specify whether to allow the installation of cookies, you can set it in your web browser menu by going to "Tools > Internet Options".

9. Measures to Ensure the Safety of Personal Information

The company is actively working to protect users' valuable personal information.

• Personal information is encrypted. Important personal information such as passwords, unique identifiers, email addresses, etc. are stored encrypted and such encrypted personal information is safely transmitted using encrypted communication.
• The company is continuously interested in technology to protect personal information. It detects and blocks hacking attempts 24/7. In addition, it installs and operates antivirus programs to prevent malware or virus infections.
• Minimizing the number of employees handling personal information. Only a minimal number of employees handle personal information, and PCs processing personal information have been blocked from accessing the external internet.
• Regular education and campaigns are being conducted to emphasize the importance of personal information protection.

For inquiries related to personal information and complaints handling, a personal information protection officer has been designated as follows:

• Personal Information Protection Officer
• Email Address: samuraibladehelp@gmail.com
• For reports or consultations on personal information breaches, you can contact the following organizations:
• Personal Information Breach Report Center
• Phone Number: 118 without area code
• Website: http://privacy.kisa.or.kr
• Prosecutor's Office Cyber Investigation Department
• Phone Number: 1301 without area code
• Website: http://www.spo.go.kr
• National Police Agency Cyber Security Bureau
• Phone Number: 182 without area code
• Website: http://cyberbureau.police.go.kr

10. Others

The company announces any changes (additions, deletions, and modifications) to the personal information processing policy through website notifications. We will notify you at least 7 days before the revision, but if there is a significant change in the rights of users, we will notify you at least 30 days in advance.