LOOMLOOM Privacy Policy

Anipen Co., Ltd. (hereinafter referred to as the "Company") complies with personal information protection regulations under relevant laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., the Personal Information Protection Act, the Communications Secrecy Protection Act, and the Telecommunications Business Act, which information and communication service providers must adhere to. We are committed to protecting user rights by establishing a privacy policy based on these relevant laws. This privacy policy may be changed from time to time due to changes in relevant laws, guidelines, or the Company's internal policies. If the Company revises the privacy policy, we will announce the reason and content of the changes through the notice menu within the app, etc.

Article 1 (Purpose of Personal Information Processing)

The Company processes personal information for the following purposes and will not use the processed personal information for any purpose other than these. If the purpose of use changes, we plan to take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

Protection of personal information of children under 14 years of age: The Company provides services to members who are 14 years of age or older and does not collect personal information of children under 14 years of age. If we become aware that personal information of a child under 14 has been collected, we will delete that information without delay.
Member registration and management: We process personal information for the purposes of confirming the intention to register as a member, maintaining and managing member qualifications in accordance with the provision of member-only services, preventing fraudulent use of services, various notices and communications, and handling complaints.
Service provision: We process personal information for the purpose of providing the LOOMLOOM app (hereinafter referred to as the "App"), its services, in-app payments, content provision, and customized services including advertising (e.g., personalized content recommendations, ad exposure).
Complaint handling: We process personal information for the purposes of verifying the identity of the member, confirming inquiries, contacting and notifying for fact-finding, and communicating the results of the handling.
Event operation: We process personal information for the purpose of providing opportunities to participate in events, notifying winners, and shipping prizes.

Article 2 (Processing and Retention Period of Personal Information)

① The Company processes and retains personal information within the retention and use period specified by law or agreed upon by the member at the time of collection.

② The processing and retention periods for each type of personal information are as follows.

Member registration and management: Until the point of completion of member withdrawal processing
- When a member applies for withdrawal through the app or email, the information of the account for which the withdrawal was applied will be **switched to a dormant state and maintained for 180 days from the date of application**, and data will not be deleted during this period.
- If there is no attempt to re-register with the same account after 180 days from the date of application, the account and its information will be completely deleted and cannot be recovered.
- However, in the following cases, the information will be retained until the reason for retention is resolved.
  1. If an investigation or inquiry is in progress due to a violation of relevant laws, until the investigation or inquiry is completed.
  2. If a creditor-debtor relationship remains due to service use, until the creditor-debtor relationship is settled.
Service provision: Until the completion of goods or service supply or the termination of service use.
Complaint handling: Until the completion of complaint handling.
Event operation: Until the end of the event or the delivery of prizes to the winners.
Information retention based on relevant laws: In the following cases, the information will be retained until the end of the specified period.

However, in the following cases, the information will be retained until the end of the specified period.

Relevant Law	Information Collected	Retention Period
Communications Secrecy Protection Act	Service usage-related information (access logs)	3 months
Act on the Consumer Protection in Electronic Commerce, etc.	Records on consumer complaints or dispute resolution	3 years
	Records on contracts or withdrawal of offers, etc.	5 years
	Records on payment settlement and supply of goods, etc.	5 years
Article 85-3 of the Framework Act on National Taxes, Article 116 of the Corporate Tax Act	All books and evidentiary documents related to transactions as stipulated by tax law	5 years

Article 3 (Provision of Personal Information to Third Parties)

① The Company processes members' personal information only within the scope specified in Article 1 (Purpose of Personal Information Processing) and provides personal information to third parties only in cases corresponding to Article 17 and Article 18 of the Personal Information Protection Act, such as with the consent of the data subject or under special legal provisions.

Article 4 (Entrustment of Personal Information Processing)

① The Company entrusts the smooth handling of personal information tasks to the following external specialized overseas companies.

Recipient	Details of the entrusted task	Retention and use period of personal information
Google Cloud Platform (GCP)	System operation for service provision	Until the termination of service use or the termination of the entrustment contract

② If the content of the entrusted task or the recipient changes, we will promptly disclose this through this privacy policy.

Article 5 (Rights and Obligations of Members and Legal Representatives, and How to Exercise Them)

① Members can exercise their rights, such as requesting access, correction, deletion, or suspension of processing of their personal information, at any time to the Company.

Access to personal information: Launch LOOMLOOM app > My Page > Personal Information Management > View Account Information
Correction of personal information: Launch LOOMLOOM app > My Page > Personal Information Management > Select Nickname Change button to change nickname (For other information changes, contact customer service)
Deletion of personal information: Launch LOOMLOOM app > My Page > Personal Information Management > Member Withdrawal

② The rights of members to request access and suspension of processing may be restricted in accordance with Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.

③ The request for correction and deletion of personal information cannot be made if other laws specify that the personal information is subject to collection.

④ The Company can verify whether the person requesting access, correction, deletion, or suspension of processing is the data subject themselves or a legitimate representative.

⑤ If the person exercising the rights under paragraph 4 is a representative (a legal representative of the member or a person who has been delegated), a power of attorney in the form of Attachment No. 11 of the "Notice on Personal Information Processing Method (No. 2020-7)" must be submitted.

Article 6 (Items of Personal Information Processed)

① The Company processes the following items of personal information.

Category	Purpose of Collection/Use	Required/Optional	Items collected and used
Login Service	Member Registration / Login	Required	Apple	User identifier
			Google	User identifier
			KAKAO	User identifier
			NAVER	User identifier
Paid Service	In-app product payment/refund	Required	Provision and management of paid services	5 years from the date of purchase
Report	Management of inappropriate content	Required	User ID
Marketing	Advertising (including offer wall ads)	Optional	Advertising identifier, hashed service ID, service usage history, cookies
Inquiries	User inquiries and complaint handling	Required	Email address
Events	Provision of event information and opportunities to participate	Optional	SNS ID, Service ID, Nickname (required information may change depending on the event type)

② The following personal information items may be automatically generated and collected during the service use process.

IP address, cookies, service usage history, meta data (service usage history, connected device information, etc.)

③ The following information may be generated and collected during the service use process. (May not be considered personal information)

Advertising identifier, visit history, device information (type, model name, OS version, APP version, device identifier, language and country), purchase information provided during in-app purchases (subscription items, subscription start/end date, receipt ID, etc.)

④ When taking or editing photos using a mobile device's camera, the app may access the member's photos (or gallery) to provide the service, but it does not copy or transmit the member's photos to the Company's servers.

Article 7 (Destruction of Personal Information)

① The Company will destroy the personal information without delay when the retention period agreed upon by the member has expired or the purpose of processing has been achieved and the personal information is no longer needed.

② Notwithstanding Paragraph 1, if personal information must be preserved continuously in accordance with other laws, the personal information will be moved to a separate database (DB) or stored in a different location. (Please refer to Article 2 for the retention period according to law)

③ The procedures and methods for the destruction of personal information are as follows.

Destruction Procedure:
1. The Company selects personal information for which a reason for destruction has occurred and destroys the personal information after obtaining approval from the Company's personal information protection officer.
2. Members who joined through an SNS account can unlink the service through the respective SNS (Google, Apple, Kakao, Naver) channel. However, unlinking does not delete the member's information, such as the membership history through the SNS channel, so please contact customer service (support@anipen.com) or proceed with the member withdrawal process directly within the app.
3. Also, deleting the mobile app from the device in use does not delete the account created for using the app. Therefore, if you wish to delete personal information stored by the Company, please proceed with the member withdrawal process directly through customer service or within the app.
Destruction Method:
1. Electronic file format: Destroy using a technical method that makes it impossible to reproduce the record (e.g., low-level format)
2. Paper documents: Shred or incinerate them

Article 8 (Measures to Secure the Safety of Personal Information)

The Company takes the following measures to ensure the safety of personal information.

Administrative measures: Establishment and implementation of internal management plans, regular employee training, regular checks of access records and prevention of falsification, checking of consigned companies, etc.
Technical measures: Management of access rights to personal information processing systems, installation of access control systems, encryption according to internal management plans (during transmission and storage), installation and updating of security programs
Physical measures: Access control to data centers, material storage rooms, etc.

Article 9 (Installation and Operation of Personal Information Automatic Collection Devices and Matters Concerning Refusal)

① The Company uses 'cookies' to store and retrieve usage information from time to time to provide customized services to members. A cookie is a small amount of information that a web server (http) sends to a user's computer browser and may also be stored in the storage space of the user's device.

Purpose of using cookies: Used to provide optimized information and advertising (including personalized advertising) to members by identifying their visit and usage patterns, popular search terms, and whether they have a secure connection for each service and website they visit.
Installation, operation, and refusal of cookies: Members can refuse to store cookies in the settings of their web browser or mobile device.
- Chrome: Settings > Privacy and security > Clear Browse data
- Safari: Settings > App > Safari > Advanced > Block All Cookies
- Samsung Internet Mobile Browser: Settings > Internet usage history > Clear Browse data
If you refuse to store cookies: You may experience difficulties in using customized services.

② The Company uses members' advertising identifiers and analysis software to provide more suitable and useful services and advertising services (including personalized advertising). Advertising identifiers are automatically collected when a member activates the advertising function in the OS settings of their smartphone or tablet PC. By changing the device's settings or using the Opt-Out function of the advertising platform provider, members can refuse to have their advertising identifiers used for interest-based advertising.

Advertising Platform Provider: Google LLC
Blocking marketing information reception:
- Android: Settings > Google > Privacy > Uncheck 'Receive marketing information'
Blocking personalized advertising:
- Android: Settings > Google > Ads or Settings > Google > Privacy > Ads > Select “Opt out of Ads Personalization”
- iOS: Settings > Privacy & Security > Apple Advertising > Uncheck “Personalized Ads”

③ Analysis software is used to analyze information that is automatically generated when a member visits a website or uses a mobile service, and members can refuse this.

Android: Settings in the browser app > Privacy and security > Select "Smart Tracking Prevention" or "Do Not Track"
iOS: Settings > Privacy > Tracking > Uncheck “Allow Apps to Request to Track”

Article 10 (Linked Sites)

① This app may provide links to other services or applications to the user. However, in this case, the app cannot be held responsible for the usefulness of the respective service or application and cannot guarantee it. Furthermore, the privacy policy of the respective service or application is unrelated to the app, so this privacy policy does not apply. Be sure to review the policy of the respective service or application.

Article 11 (Posts)

① In principle, the member (poster) who created an account after installing the app is responsible for the content of the posts they publish while using the service, and personal information voluntarily disclosed through such posts is difficult to protect separately. Therefore, please be careful not to include sensitive personal information (e.g., resident registration number, health information, current location, etc.) in your posts.

Article 12 (Personal Information Protection Officer)

① The Company designates the following personal information protection officer to oversee all tasks related to the processing of personal information and to handle member complaints and provide relief for damages related to personal information processing.

② Members can contact the personal information protection officer for inquiries, complaints, or damage relief related to personal information protection that arise while using the Company's services. We will respond and handle your inquiry as soon as possible. However, in the event of an unavoidable delay, we will notify the member again.

Personal Information Protection Officer

Name: Jang Hyun-ho
Position: Executive Director
Fax: 031-261-0058
Email: support@anipen.com

Personal Information Protection Department

Department Name: Business Division
Fax: 031-261-0058
Email: support@anipen.com

Article 13 (Methods for Infringement Relief)

If you need relief for damages or consultation regarding personal information infringement, you can contact the following organizations.

Organization Name	Website	Phone
Personal Information Infringement Reporting Center	https://privacy.kisa.or.kr	(Without area code) 118
Personal Information Dispute Mediation Committee	https://www.kopico.go.kr	(Without area code) 1833-6972
Supreme Prosecutors' Office	https://www.spo.go.kr	(Without area code) 1301
National Police Agency	https://ecrm.police.go.kr	(Without area code) 182

Article 14 (Scope of Application and Changes to the Privacy Policy)

① This privacy policy applies to all services provided by the Company (including websites and apps). However, if the service characteristics are different, a specialized privacy policy for each service may apply.

② If you visit another company's website linked to the Company's service or if the website you visit collects personal information, this privacy policy does not apply. You must review the privacy policy of the respective website.

③ If there are additions, deletions, or modifications to the content of this privacy policy, we will give prior notice at least 7 days before the revision through a 'Notice'. Furthermore, if there are significant changes to the rights of members, such as a change in the items of personal information collected or the purpose of use, we may obtain the member's consent again in accordance with the Personal Information Protection Act.

④ This privacy policy is effective as of 2025.08.11.