[Catch Block! PRIVACY POLICY]

The Catch Block! (“Service”) that is operated by Woongjin Thinkbig Co., Ltd. (“Company”) is committed to make its data and personal data protection process transparent and is doing its best to protect the online personal data of the users of the Company’s website and application. This Privacy Policy (this “Privacy Policy”) explains the information collected by the Company through its application and website, how the information is used or disclosed, and the measures taken by the Company to protect the collected data.

1. PRIVACY POLICY

   Information related to personal information, such as what information the company collects, how it uses the collected information, with whom it is shared ('consigned or provided') as necessary, and when and how the information that has achieved the purpose of use is destroyed is provided transparently.

   As a subject of information, we inform you of the rights the user has with respect to his/her personal information and what methods and procedures he/she can exercise. In addition, it also informs about the rights that legal representatives (parents, etc.) can exercise to protect the personal information of children under the age of 16.

   Company collect, use and provid`e personal information based on the user's consent, and actively guarantee the user's right (the right to self-determination of personal information). In addition, in the event of a personal information breach, we will inform you of who to contact and how to get help in order to prevent further damage and repair damage that has already occurred.

2. Collection of Personal Data

   The company collects minimum personal information to provide services, and collects personal information to provide the following services in the process of using the service. [Mathpid Integration] [Required] E-mail, password You can agree or reject the provision of personal information when linking with the Mathpid service. However, if you refuse to provide essential information, linkage is not possible.

   The information collected from users in the process of using the service is as follows.

   • When using the service for the first time, the company may automatically collect technical information, identifiers and data about how users use the service. The data collected includes the device information you use to access our services (device ID), game version, device type and settings, operating system, learning language code, country information, date and time of request, and your interactions with our services. information may be included. The information collected in this way may or may not correspond to personal information depending on whether or not it is linked to personal information
   • The Company may collect data generated in the process of using the service by the user. The data collected may include progress codes, diagnostic IDs, question codes, answers entered, correct answers, and time to solve questions.
   • All information collected from the service is for the legitimate purpose of the company to provide better service to users and to improve the performance and design of the company service.

   How to collect personal information is as follows.

   In the case of collecting personal information, we must notify the user in advance and ask for their consent, and collect personal information through the following methods.

   • When the user agrees to the collection of personal information and directly enters information in the process of using the service
   • In the course of consulting through the customer center, e-mail, phone, etc.

3. Purpose of Use

   The Company collect the minimum personal information necessary to provide services as follows when registering as a member or in the process of using the service.

   • To provide services to users
   • To personalize and provide services to users (recommend and provide customized content)
   • To provide learning progress, learning status analysis, and diagnosis results
   • Business purposes such as data analysis, auditing, fraud monitoring, marketing and promotion, new product development, service improvement, identification of usage patterns, and determining effectiveness of marketing
   • To address information leaks and other inappropriate activities
   • When it is deemed necessary or appropriate to comply with legal procedures, enforce t erms of use, and protect the rights of the company, the rights of users, and the rights of others for the smooth operation of the service

   When using information for purposes other than those specified in this Privacy Policy, t he Company will seek the consent of users.

4. Provision and consignment of personal information

   The company does not provide the user's personal information to a third party except in cases where the user's separate consent is obtained or as stipulated by laws and regulations.

   The company entrusts the following tasks to operate and provide services such as cloud services and data analysis and processing. These service providers only use the information for the services contracted by the company, and comply with the same level of data protection as this Privacy Policy.

   Company	works	Period
   Amazon Web Services, Inc	Cloud infrastructure management	Until the game is deleted
   RootJade	Save game information

5. Destruction of personal information

   Personal information is destroyed without delay when the purpose of collection and use is achieved, and when a user requests or withdraws from membership, it is destroyed without delay. However, if the user has obtained separate consent for the storage period of personal information, or if the duty to keep the personal information is kept for a certain period of time by law, the personal information will be safely stored for the relevant period. - Destruction procedures and methods Personal information that has achieved the purpose of collection and use of personal information, such as membership withdrawal, service termination, and the arrival of the personal information retention period agreed by the user, is destroyed in a non-renewable way. Information for which preservation obligations are imposed by law will also be destroyed in a way that cannot be reproduced without delay after the relevant period has elapsed. In the case of an electronic file, it is safely deleted so that it cannot be recovered or reproduced.

   For your reference, the company's services separately store or delete personal information of members who have not used the service for one year according to the 'personal information validity period'.

6. Rights of users and their legal representatives and how to exercise them

   The company will process users' personal information without delay when there is a request for viewing, correction, or withdrawal of consent. Therefore, users can view or modify their registered personal information at any time and request withdrawal of consent.

   • Users can withdraw from linking with ‘Math Feed’ at ‘Menu > MY’ at any time.
   • Users can withdraw their consent to the collection and use of personal information at any time by deleting the service. This also applies to the withdrawal of a declaration of consent submitted to the company prior to checking the GDPR.
   • Users can request the processing of personal information at any time, and may reject the request to suspend processing in cases where there are special provisions in the law.
   • If a user requests correction of errors in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, we will notify the third party of the result of the correction without delay so that the correction can be made.

7. Measures to ensure safety for personal information protection

   The company does its best to safely manage users' personal information, and protects personal information beyond the level required by the Personal Information Protection Act.

8. Other matters

   [Guarantee the rights of users in the European Union] - If you are an individual or EU citizen of the European Union (EU), we only collect and process data about you if we have a legal basis for you in accordance with applicable EU law. In other words, we collect and process data only when: It is necessary for our legitimate interests (which do not infringe on privacy), such as preventing fraud, improving our services, and improving the security of our services and network infrastructure. If you agree to this collection and processing When it is necessary to fulfill contractual obligations To comply with our legal obligations If the user has given consent for the processing of personal data, the user can withdraw or refuse consent at any time. If you wish to revoke your consent, please contact us using the information in the Contact Us section of your Personal Rights Request. Some examples of data being processed for legitimate interests include:

   Network and information security (IP address, device ID)Customer Support and Anti-Cheating (Email Address)Improving products and services (hardware information, job logs)- If we process your personal data in our interests, you have the right to object. If you have any questions or require additional information about the legal basis on which we collect and use your personal data, please contact us at mathpid@wjtb.net.

9. Service for Personal Data-Related Civil Complaints
   • The Company has designated the following persons as personal data controller and manager to protect users’ personal data and handle personal data-related complaints:
   • Chief Privacy Officer: Lee Soo-jong, Head of the Management Assistance Division
   • Personal Data Manager: Ahn Won-pil, Head of the Information Protection Team
   • Tel. No: 02-2075-1142
   • Any complaints that may arise in connection with personal data while using the Catch Block! Service may be reported to the Personal Data Manager or the relevant department, and the Company shall promptly carry out sufficient measures regarding the matters reported by the relevant user.
   • If a user needs to report any other infringement on personal data or is in need of consultation, please contact any of the below agencies
   • Cybercrime Investigation Unit of the Supreme Public Prosecutors’ Office: http://spo.go.kr (Tel. No.: 1301)
   • Cyber Safety Bureau of the National Police Agency: https://ecrm.cyber.go.kr/minwon/main (Tel. No.: 182)
   • Personal Information Dispute Mediation Committee: http://privacy.kisa.or.kr (Tel. No.: 02-1833-6972)

10. Data Security and Notice of Breach
    • If the Company perceives any unauthorized access to personally identifiable data and determines that such data may be used in a harmful way, the Company shall attempt to contact you at the email address provided to the Company or notify you through the Company’s application or website.

    This Privacy Policy is effective as of 2022-11-30, and any amendment made hereto shall be notified to users by public notice on the Company’s website (or individual notice).