새로운 세상 속으로 l ifland

Privacy Policy for the Ifland Service and the Ifland Studio Service

Effective Date: October 12, 2023

Date Last Updated: October 12, 2023

SK Telecom Co., Ltd. (“Company” or “we” or “us”) is committed to protecting your personal data in a manner that is consistent with applicable laws. This privacy policy (“Policy”) explains how we collect, use and otherwise process and protect your personal data in connection with your use of the Ifland service and the Ifland Studio service (collectively, the “Service”). Ifland service refers to Company's Metaverse platform service offering an interactive user experience through diverse virtual spaces and avatars which Company provides via its application for mobile phones. Ifland Studio service refer to services related to the creation of avatar items and lands within the Ifland service.

1. General principles and information

• In this Policy, “personal data” refers to any information that relates to an identifiable or identified living individual. Information that falls within any of the following categories is defined as “personal data”.

1) A name or an identification card number that enables the identification of a particular individual

2) Pieces of information that may not enable the identification of a particular individual on their own but may lead to the identification of a particular individual when collected and pieced together

3) Pseudonymized information of 1) or 2) (‘masked data’) which can lead to re-identification by using or adding additional information

• We disclose this Policy on the landing page of our website [https://www.ifland.io/], making it readily available to you. Furthermore, this Policy can be accessed within our Service.

• The Policy may be revised based on amendments of applicable laws, regulations and guidelines, modifications to the internal rules on personal data management and/or changes to our processing activities related to personal data. Should there be a revision, a date when the revised Policy becomes effective is also provided to prevent any confusion between different versions.

• When there are revisions to the Policy, dates for the revision and effectiveness, and details of the revision are published at our website [https://www.ifland.io/].

• With regard to this Policy, “Members” for the Ifland services are persons who have consented to the Terms of Use for the Ifland service ( https://jumpvrapi.treal.xyz/wv/claus/detail/C002/us/en ), subscribed to the use of the service, and who have been authorized to use said service through the application. Members for the Ifland Studio service are persons who have consented to the Terms of Use for the Ifland Studio ( https://studio.ifland.io/terms/terms-of-service/us ), subscribed to the use of such service, and who have been authorized to use the service via the web or an app. “Guests” for the Ifland service are persons who have not become Members for the Ifland service and only use certain aspects of said service in guest-mode.

2. Purpose of collection and usage, scope and holding period

• When collecting and using personal data, we divide consent into ‘Required’ for essential service provision and ‘Optional’ for customized service provision. Customers who do not provide their consent for ‘Optional’ categories can still use the essential services.

• We do not collect sensitive personal information that can lead to a significant infringement of your privacy (e.g., information that reveals your race, ethnicity, faith, belief, hometown, legal domicile, political orientation, criminal records, health state, sexual life, and etc.) but when it becomes necessary to collect and process some sensitive information for the purpose of service provision, a minimum level of the sensitive information can be collected after obtaining your consent in accordance with the applicable laws and regulations.

• We collect and use personal data for the following purposes:

<Guests (Required Consent) for the Ifland Service>

Items of Personal Data	Purpose of Collection/Use	Retention/Use Period
Device information (i.e., access IP address, platform, OS, name of device model, device ID, firmware version, device token when installing mobile app, mobile carrier information, app version )	For compiling statistics to optimize service specifications and provide essential services related to the Service	Until deletion of the app for the Service or, if a longer retention is required by law, until the lapse of such retention period
Usage information (i.e., date/time of access/visit, service usage record, improper usage record, avatar type, meet-up usage details,)	For compiling statistics to optimize service specifications, to provide essential services related to the Service, and provide benefits based on usage information
Information directly registered by the user in the if home post (image, video, comment, nickname, URL)	Improvement of service usability by providing the ability to express the information the user wants to be shown to other members

<Members (Required Consent) for the Ifland Service>

Items of Personal Data	Purpose of Collection/Use	Retention/Use Period
Account information (i.e., T ID, name, mobile phone number, email)	To verify the identity of service users, address customer complaints, and provide notices related to the Service	Until withdrawal of membership for the Service or, if a longer retention is required by law, until the lapse of such retention period
Device information (i.e., access IP address, platform, OS, name of device model, device ID, firmware version, device token information when installing mobile app, mobile carrier information, app version)	To verify the specifications of a user device and app version, and provide response to service inquiries and appropriate measures for device conditions
Usage information (i.e., date/time of access/visit, service usage record, avatar type, meet-up usage details, cookies)	To facilitate easy service access and ongoing provision of user avatar information by maintaining usage records, and to utilize it for confirming and responding to reports of problematic customers
Information directly registered by the user in the if home post (image, video, comment, nickname, URL)	Improvement of service usability by providing the ability to express the information the user wants to be shown to other members
Social media accounts (email, ID, Username)	To increase user convenience in using the Service by providing the functionality of membership registration and login through social media accounts
The blend shape data produced by using True Depth API technology	To produce avatars’ facial expressions and AR effects (None of the meta data collected by the TrueDepth API will be shared with or transferred to any third party)	Destroyed immediately after facial expression/AR effects creation

<Members (Optional Consent) for the Ifland Service>

Items of Personal Data	Purpose of Collection/Use	Retention/Use Period
All items of personal data relating to the use of the Service for which you have granted required/optional consent to the collection/use thereof (including subscription/usage records), account information, CI information, device information, interest information, meet-up usage details, avatar-related information, service usage details, and information generated by combining any of the above	- Combining and analyzing the personal data relating to the Service and other services offered by the Company, and the provision of personalized services and other related services based thereon - Provision of personalized recommendations and information regarding the products, services, benefits offered by the Company and other third parties - Development of new services and improvement of existing services - Differentiation of customers, estimation of customer preferences/lifestyles/social relationships, and selection of high value customers - Analysis of personal data for the above purposes	For the duration of the use of the Service and any other services offered by the Company (Upon termination of the use of the Service or any other service, only data relating to those services will be excluded)
All items of personal data relating to the use of services offered by the Company (mobile telecom service, broadband service, landline service, T-World, T-Direct Shop, T ID, T-Membership, NUGU, T-Phone, Smarthome, PASS, Smart Planner, T-Factory, T-Space, A-Dot services, etc.) for which you have granted required/optional consent to the collection/use thereof
Information generated through the combination of the aforementioned data in this column

<Members (Required Consent) for the Ifland Studio Service>

Items of Personal Data	Purpose of Collection/Use	Retention/Use Period
Social media login ID, user related information, name, email address, date of birth, mobile phone number, foreign nationality status	To verify/authenticate the identity of users when using, registering for, and changing/terminating membership information for services	Until withdrawal of membership for the Service (immediate destruction upon withdrawal) unless a longer period is specifically required by law
Social media login ID, user related information, name, email address, date of birth, mobile phone number, foreign nationality status	To provide notifications related to services to users and secure channels of communications therewith (for verification of intent, etc.)
Usage information (i.e., service usage details)	To conduct statistical analysis regarding service operation and usage, and respond to user complaints and service errors
Device information (access IP address, platform OS version, device model information)	To optimize service specifications and provide essential services

<Members (Required Consent) for the Payment Service>

Items of Personal Data	Purpose of Collection/Use	Retention/Use Period
Payment amount, payment transaction ID, receipt information (market receipt token, purchase date, purchase status, receipt verification completion date)	To utilize for in-app payment	For 30 days after withdrawal of membership for the Service

※ This includes revised or updated personal data in addition to the original personal data entered upon membership subscription.

• We collect your personal data when you subscribe to the Service through our app by accessing the saved data or the installed functions (‘handset data’) of your mobile handset (e.g., a smartphone or others) after notifying you that we are accessing your ‘handset data’. Your personal data can be collected and used only within the bounds of your consent.

• We may use personal data without your consent if the purpose of using the data is reasonably connected to the purpose of collecting the data as required by the applicable laws and regulations. Whether the reasonable connection is justified is determined by looking into a range of factors such as relation to the original purpose of collection, predictability based on the circumstance or practice of collecting and processing the data, a possible breach of your interest in an unjustifiable manner, or security measures taken such as data anonymization or encryption.

• We may process the collected data for statistics, scientific research, or archiving for public interest after pseudonymization. Regarding the processing, outsourcing and providing the de-identified data to the third party, please see the following section.

• We may generate to use or provide de-identified data (i.e., statistics, etc.) without your consent when the data no longer identifies a certain individual even when combined with other information, reasonably considering time, cost, and technology, etc. in accordance with applicable laws and regulations.

3. How we collect data and obtain consent

• We have a process in place to obtain your consent to ‘collecting and using personal data’. You can check or click a box that says either ‘I agree” or “I do not agree”. When you check the ‘I agree’ box or click the button, we deem it as your consent to personal data collection and usage.

• You reserve the right not to allow your personal data to be collected and used, and are not subject to any forms of disadvantage. However, once you decline to give consent for services where consent is required, services we can provide to you would be limited.

4. Outsourcing of data processing

In the service outsourcing agreement, we state the principle for our contractors that personal data should not be processed other than to deliver the contracted services, in addition to technical/administrative measures for data privacy, the objective and scope of the contracted services, limits to sub-subcontracting, other security measures such as limiting the access to personal data, our control measures such as reviewing their data privacy status, their liabilities in the event of a data breach and obligations to return or delete personal data after data processing, and we oversee compliance of our subcontractors with the agreement.

We outsource the processing of personal data processing to external specialized vendors as below to provide better services and more benefits to customers. The list of our outsourced processors is subject to change when the service or its contract period changes. When such change takes place, it is notified through our Notice section.

Outsourced Processor	Details of Outsourced Tasks
UNA, atozstory	Responding to customer reports, responding to customer opinions, and supporting meeting space opening
atozstory, hectofinancial	Confirmation of account information for settlement of goods, deposit of settlement amount, and customer notification of incorrect information
NICE Information Service Co., Ltd.	Identification verification, duplicate subscription confirmation information (DI) issuance
atozstory, brightbell, ideot, bigband, communique, qroad	Marketing event operation, winner confirmation, customer consultation, gift delivery, official social media operation, advertising and viral affiliate marketing agency
atozstory, communique	Information management for influencer operation management
SK Communications Co., Ltd	Member registered posting review
Softworks Co., Ltd.	Marketing event webpage operation

5. Transfer to third parties

We use your personal data within the bounds agreed by you or allowed by the applicable laws, and we do not go beyond the agreed bounds to use or provide the data to the third-party. However, we can provide personal data without your consent if the purpose of providing it is reasonably connected to the original purpose of the collection in accordance with the applicable laws. If a situation necessitates such a decision, we make sure to consider various factors such as ‘whether the decision is related to the original purpose of data collection or is predictable based on the circumstance of collection or current data processing practices, whether it infringes on your interest without any justifiable reason, or whether a security measure such as pseudonymization or encryption has been taken for data privacy.

Especially in the cases described below, we can provide your personal data after taking necessary caution within the bounds described above.

A. Affiliate

We can provide for or share your personal data with our affiliates to improve our services. In the event of providing or sharing the personal data, we shall inform you in advance via mail or e-mail about the affiliate to share data with, how much data to be shared, why we provide or share the data, and how long and how the data is managed and protected to obtain your consent. Should you decline to give consent, we do not provide or share the data with the affiliate. We will also notify to you or obtain your consent through the same process when our relationship with an affiliate changes or is terminated.

B. Divestiture, M&A, etc.

In the event of total or partial business transfer, or merger/inheritance that hands over the rights /obligations of a service provider, we notify you of such change to ensure and protect your rights regarding personal data protection.

C. When it is necessary or permissible by the applicable laws

• When there is a special provision that allows data transfer in the applicable laws including the following laws of South Korea, which apply, or may apply, to our activities: Protection of Communications Secrets Act, the Framework Act on National Taxes, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, the Act on Real Name Financial Transactions and Confidentiality, the Credit Information Use and Protection Act, the Framework Act on Telecommunications, the Telecommunications Business Act, the Local Tax Act, the Framework Act on Customers, the Bank of Korea Act, and the Criminal Procedure Act

※ However, we do not provide your personal data simply because a public agency or an investigative agency asks us to share for an administrative or investigative purpose, which is the case stipulated in ‘a special provision of the applicable laws’. In such cases, we make sure to comply with the procedure required by the applicable laws such as receiving a warrant/document stamped with an official seal of the head of the organization that needs the data before providing the requested data.

6. Data retention and usage period

We retain and use your personal data from the day your subscription starts and until the day it ends unless you have agreed to different terms and conditions or there is a legal ground that says otherwise. When you withdraw your membership or consent that has enabled personal data collection and usage, the purpose of our collection and usage of your data is achieved or terminated, or business closure or other cases deemed justifiable for service termination takes place, we destroy the collected personal data without a delay. However, if we still need to retain your personal data for lawsuits, conflicts, and other necessary purposes, we can retain the data until the specific purpose of retention is satisfied.

Furthermore, if there is a need to keep the membership data as dictated by applicable laws, we keep the membership data for a period specified by the applicable laws. In such cases, we use the data only for the purpose of keeping the data. Examples of the reasons for, and the scope and period of holding the data are as follows according to each applicable law:

• A name, an ID number and a mobile phone number: Kept for 12 months according to the Protection of Communications Secrets Act as they need to be submitted when a service provider is requested to provide communications records of a specific member

• The date and hour of communications, the starting and ending time of communications, the assigned phone number, the number of times the service being used, and the location data of an ICT device connected to the communications network of a member whose data the service provider is obligated to have: Kept for 12 months according to the Protection of Communications Secrets Act

• Account books, and important business documents and statements: Important documents for 10 years, and statements for 5 years according to the Commercial Act

• Log data, IP addresses and others that confirm communications history: Kept for 3 months according to the Protection of Communications Secrets Act)

• Records about displaying information for e-commerce and ads: 6 months according to the Act on the Consumer Protection in the Electronic Commerce Transactions, etc.

• Records about cancellation of a contract or a subscription: 5 years according to the Act on the Consumer Protection in the Electronic Commerce Transactions, etc.

• Records about payment and provision of goods and services: 5 years as dictated by the Act on the Consumer Protection in the Electronic Commerce Transactions, etc.

• Records about consumer complaints or dispute settlement: 3 years according to the Act on the Consumer Protection in the Electronic Commerce Transactions, etc.)

7. Data deletion procedure and methods

We destroy data without a delay after achieving the purpose of data collection, or when the stated holding or usage period is over. The procedure, method and timeline for the data deletion is as follows:

A. Procedure and timeline

Your personal data submitted upon service subscription is deleted or destroyed when you withdraw your subscription after being kept for a period specified in the service policy and the applicable laws. The stated period to use and keep the data can differ depending on the reasons for data protection. (See the holding/usage periods).

Even after you delete our app from your mobile handset (smartphone, etc.), your personal data may remain in our service database if you did not make a request to withdraw your consent(membership withdrawal). This means you must withdraw your consent (or membership) first if you want us to destroy all your personal data.

B. Methods to destroy data

Personal data in digital forms is deleted by using technology that disables any replay or recovery of the data.

C. Separate saving and destruction of personal data of a member whose account remained dormant for a certain period

If you have not used our service for a defined period, we put your personal data in separate storage or destroy it in accordance with the following procedure unless other laws and regulations or your request says otherwise.

• No service access log for 1 year

We notify you that your personal data will be kept separately or destroyed at least 30 days before the scheduled action by using the contact number collected by our service database.

8. Customer rights, obligations and how to exercise them

A. Customer rights regarding personal data protection

You can view or be provided with information about your personal data status, records of us using or providing your data to the third party, and your consent status to our personal data policy. We have an obligation to faithfully accommodate your request to view, receive or correct your personal data, and correct or delete your personal data without a delay when correction or deletion is deemed necessary such as finding an error to personal data or personal data being kept after the mandatory holding period is over.

You can withdraw your consent to collecting/using/providing your personal data (upon subscription/cancellation). We take necessary measures to accommodate such demands without a delay. You can withdraw your consent anytime you want. However, when you withdraw your consent needed to provide essential services (i.e., membership subscription and basic service usage), we have no choice but to terminate your membership and service subscription, and you may no longer use our services.

B. Exercising your rights

You can exercise your rights described above by choosing one of the following methods. Using some of the methods may be restricted depending on the personal data type, or the level of necessity to protect personal data, and we can ask to see your ID document (an ID card, a passport, a driver’s license(a new version)) and other documents that prove ownership or rights(a power of attorney, a certificate of your or your agent’s seal impression).

• You can visit or call our customer center

• Click menus like ‘Change Member Info’ or ‘Check Info’ in the service section of the website, or make an inquiry to the uploaded contact number via a written form, a phone, or an email.

When we have a legitimate reason to refuse your request to view, prove or correct parts or all of the personal data, we notify you of the decision and provide the explanation.

C. Your obligation regarding personal data protection

For a customer’s part, you should also be committed to preventing an unfortunate event by providing accurate and updated information. You are held accountable for any accident caused by inaccurate information you have submitted, and if you have submitted false or stolen information for our membership subscription, you will forfeit your membership and may be subject to punitive measures in accordance with the service agreement.

You should protect your personal data including your log-in data (ID, PW, etc.) by making sure to log out when using a shared PC. Avoid a password that is too easy or simple, and change it on a regular basis.

You should also take caution not to breach or damage the uploaded contents and other people’s personal data or rights. Customers who breach or damage personal data or rights of others by violating the applicable laws will be held legally accountable.

9. Automatic data collection: deployment, operation, and option to refuse

We do not install and operate cookies or other devices that automatically collect your personal data.

10. Technical and administrative measures for data protection

A. Technical measures

We have introduced following technical measures for data privacy that prevent any loss, theft, leak, falsification, or damage when we process your personal data.

• Your personal data is protected with a passcode, and critical data is protected with a separate layer of security which encrypts files and transferred data, or uses the file locking function.

• We have installed the antivirus programs on all ICT devices used for personal data processing to prevent any damage by computer viruses. Our antivirus programs are updated on a regular basis to provide the latest version, enabling a prompt response to an attack by a new virus.

• We have a security measure in place to safely transfer personal data over the network by using encryption algorithms.

• To be prepared against external attacks such as cyber hacking, we are running the anti-hacking system and the detection system that protect the internal networks in addition to deploying the access control system at each server to tighten security.

B. Administrative measures

• To maintain rigorous data privacy, we have received a third-party accreditation for our major systems and facilities such as the accreditation of the information security management system issued by a specialized outside entity.

• We have in place a rigorous procedure for personal information access and management, and make sure our employees fully understand and comply with the procedure.

• We minimize the number of employees placed to process your personal data.

• When processing your personal data through a computer, we assign an owner who is allowed access to your personal data, give him/her an ID and a passcode to control the access and update the passcode on a periodic basis.

• We provide employees in charge of personal data processing with internal trainings and send them out for outside trainings as well about new security technologies and obligations for data security on a regular basis.

• When hiring new employees, we have them sign a data privacy pledge and a personal data privacy pledge to put employees on alert and prevent them from breaching our Policy. We have introduced action plans for the Policy and an internal compliance monitoring procedure for sustained implementation and compliance by employees.

• When our employees leave us, we have them sign a confidentiality agreement to prevent them from damaging or breaching the personal data that have come to their knowledge during their work process.

• When employees in charge of personal data processing hand over their works to their successors, they must go through very rigorous security measures, and we have clearly defined the employee accountability when a breach happens before they join us or after they leave us.

• We have designated the data processing room, the data archive room, and other data rooms as special security areas where access is tightly controlled.

• In other cases where personal information is lost, leaked, forged, falsified, or damaged, we notify you of the fact immediately and come up with appropriate measures and compensation.

11. Transmission of information for advertisement purposes

We do not send or transfer information for an advertisement purpose to make profit without your prior consent.

We obtain your consent to ads or information for commercial purposes in advance when we plan to offer you such information to carry out customer-oriented marketing by sending information on the newest products and customer events, and take various measures to make it easily recognizable that we are sending you ads.

• E-mail: We place ‘(ads)’ or ‘(ads for adults)’ at the first part of the mail title without a blank followed by the key message of the main content. Even when it is hard to show in the title that the message is for advertisement (e.g., via electronic devices), we take necessary measures to show the sender’s name to inform you that it is advertisement information.

• Fax, SMS and other methods: We take necessary measures such as showing the sender’s name.

When you give consent, refusal, or withdrawal to receiving ads information, we will notify you of the fact in less than 14 days for confirmation. We also confirm with you about your status on receiving ads or information for commercial purposes every 2 years from the date you give us the consent.

12. Customer inputs & complaints

We value your opinions. Should you have any inquiries, please contact our customer center for accurate information in prompt response. The contact information of our customer center is as follows:

- Online customer center: [https://www.ifland.io/helps_contactus], [iflandglobal@sk.com]

13. Cross-border data transfer

We store your personal data on servers located in South Korea. If necessary, we may store your personal data and outsource the processing thereof with third parties located abroad. Currently, we are not storing your personal data nor outsourcing its processing to third parties located outside of South Korea.

14. Data Privacy Manager and Department

We are doing our utmost to protect your personal information and make sure you use our services safely. We have designated Personal Data Privacy Managers and Office as below to take care of related inquiries, complaints, and remedies against damage, and provide prompt and kind responses to your request.

Data Privacy Office: Metaverse CO

Email: iflandglobal@sk.com

APPENDIX

To the Privacy Policy for the Ifland Service and the Ifland Studio Service

Additional information on the processing of personal data of persons located in USA

Notwithstanding anything to the contrary in this Policy, please note that the following provisions shall apply if you are a resident of USA. In the event of inconsistencies between this appendix and the Policy, this appendix shall prevail over the Policy.

In this appendix to the Privacy Policy (the “U.S. Appendix”), we describe how SK Telecom Co., Ltd. (“Company,” “we,” “our,” or “us”) collects, uses, and discloses information that we obtain about visitors to our website sktelecom.com and ifland.io (the “Sites”) and the services available through the Ifland Service and the Ifland Studio Service (collectively, the “Services”) in the United States. For more information about our privacy practices globally, please refer to our General Privacy Policy for the Ifland Service and Ifland Studio Service [https://www.ifland.io/privacy].

By visiting the Sites or using any of our Services, you agree that your Personal Information (as defined below) will be handled as described in this Policy (including the U.S. Appendix, the same shall apply herein). Your use of our Services, and any dispute over privacy, is subject to this Policy and our Terms of Use, including its applicable limitations on damages and the resolution of disputes. The Company Terms of Use [ https://jumpvrapi.treal.xyz/wv/claus/detail/C002/us/en , https://studio.ifland.io/terms/terms-of-service/us ] are incorporated by reference into this Policy.

TABLE OF CONTENTS

1. Personal Information We Collect

A. Personal Information We Collect Directly from You

B. Personal Information We Collect Automatically

C. Personal Information We Collect from Other Platforms

2. Our Purposes for Using Personal Information

3. How We Disclose Personal Information

4. Our Purposes for Sharing Personal Information

5. Our Use of Cookies and Other Tracking Technologies

A. Cookies

B. Third-Party Analytics

C. Do-Not-Track

6. Third-Party Links

7. Tracking and Advertising Choices

8. Additional Privacy Information for Certain Jurisdictions

A. Rights of Consumers Who Are Not California Residents

B. Rights of California Consumers

9. Submitting Privacy Rights Requests

10. Children

11. Security

12. Changes to this Policy

13. Contact Us

Residents of certain states may have additional rights concerning their Personal Information under the laws of those states. If you are a resident of California, Colorado, Nevada, or Virginia, please refer to the “Additional Privacy Information for Certain Jurisdictions” section below.

1. Personal Information We Collect

We collect information that describes or relates to you (“Personal Information”). Personal Information does not include:

Information we reasonably believe you or a third party have made publicly available.
Deidentified or pseudonymous data that cannot be attributed to you and is stored separately from other data that could be used to identify you. We may use this information for any purpose. To the extent we possess or process any deidentified information, we will maintain and use such information in deidentified form and not attempt to re-identify the information, except solely for the purpose of determining whether our deidentification process satisfies legal requirements.

We collect Personal Information directly from you when you use our Services and automatically when you visit our Sites.

Personal Information We Collect Directly from You

The Personal Information we collect from you depends on how you use our Sites and Services, but generally includes the following categories:

Account information such as your login information, avatar-related information, name, email, and mobile phone number. If you register as a member, we may also collect your date of birth, foreign nationality status, T ID, and social media login information (including email, ID and username). If you choose to register an account, you are responsible for keeping your account credentials safe. We recommend you do not share your access details with anyone else. If you believe your account has been compromised, please contact us immediately.
Commercial information such as your subscription information and usage records.
Payment information such as payment amount, payment transaction ID, and receipt information (market receipt token, purchase date, purchase status, receipt verification completion date).
User content such as images, nicknames, or URLs you may upload to Photo Moment. We or others may store, display, reproduce, publish, or otherwise use user content and may or may not attribute it to you. Others may also have access to user content and may have the ability to share it with third parties. If you choose to submit user content to any public area of the Services your user content will be considered “public” and will be accessible by anyone, including us.
Any information you choose to grant us access to such as your voice when using the microphone during use of the Services, photographs and video recordings.
Any other information you choose to include in communications with us such as when sending a message to us about the Services.

Personal Information We Collect Automatically

We automatically collect Personal Information about your use of our Services through cookies and other technologies, including:

Device information such as access IP address, platform, OS version, name of device model, unique ID, firmware version, device token information when installing mobile app, mobile carrier information, app version).
Usage information such as date/time of access/visit, service usage record, avatar type, meet-up usage details, and cookies.
Location information, we collect information about your IP address which links to the region you live in. With your permission, we may also collect location information from your mobile device. You may turn off this feature through the location settings on your mobile device.

To the extent permitted by applicable law, we combine this information with other information we collect about you, including your Personal Information. Please see the section “Cookies and Other Tracking Mechanisms” below for more information.

Personal Information We Collect from Other Platforms

You may log into our Services through your accounts with third-party platforms, including Facebook, Google, and Apple ID. If you do this, your privacy rights on third-party platforms will be governed by their respective policies. If you do this, we may obtain the following Personal Information from these platforms:

Facebook. If you log into our Services using Facebook, you must enter your Facebook login information. We will ask that you grant us permission to access and collect your Facebook profile information, including your name, profile picture, gender, networks, user IDs, list of friends, date of birth, email address, and any other Personal Information you have set to public on your Facebook account. If you allow us to have access to this Personal Information, then we will have access to this information even if you have chosen not to make that information public on Facebook.
Google. If you log into our Services using Google, you must enter your Google login information and we may collect your name, email address, language preferences, and profile picture from your Google account.
Apple ID. If you chose to log into our Services using your Apple ID login, we may collect your name and email associated with your Apple ID.

We store the Personal Information that we receive from these platforms with other Personal Information that we collect from you or receive about you. Any third-party site or platform controls the information it collects from you. For information about how they may use and disclose your information, including any information you make public, please consult their respective privacy policies. We have no control over how any third-party sites or platforms use or disclose the Personal Information they collect about you.

2. Our Purposes for Using Personal Information

We use your Personal Information for the following purposes:

Operating Services and Sites and Providing Related Support. To provide and operate our Sites and Services, authenticate logins to the Services, communicate with you about your use of the Sites and Services, provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, process your payments, communicate with you, and for similar service and support purposes.
Communicate With You. To respond to your questions, fulfill your orders and requests, and provide customer service. We also use Personal Information to provide notifications related to the Services.
Analyzing and Improving Services, our Sites, and our Business. To better understand how users access and use the Sites and Services, and our other products and offerings, and for other research and analytical purposes, such as to evaluate and improve our services and business operations and to develop services and features.
Personalizing Experiences. To tailor content we may send or display on the Services, including to offer location customization and personalized help and instructions, and to otherwise personalize your experiences.
Marketing Communications. To send you information about our Services, newsletters, or any other information that you sign up to receive.
Protecting Our Legal Rights and Preventing Misuse. To protect the Sites, Services, and our business operations; to prevent and detect fraud, unauthorized activities and access, and other misuse; where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms of Use or this Policy.
Complying with Legal Obligations. To comply with the law or legal proceedings. For example, we may disclose information in response to subpoenas, court order, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements.
Business Transfers. To consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping, and legal functions.

3. How We Disclose Personal Information

We may share the categories of Personal Information we collect with the following parties:

Vendors. We may disclose Personal Information we collect with our service providers or agents who perform functions on our behalf. These vendors include our customer service providers.
Affiliates, Subsidiaries, and Business Partners. We may disclose Personal Information we collect to our affiliates, subsidiaries, and business partners.
Public Authority/Agency. We may disclose Personal Information a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request, (b) to enforce our agreements, policies, and terms of service, (c) to protect the security or integrity of our Sites or Services, (d) to protect the property, rights, and safety of the Company, our users or the public from harm or illegal activities, (e) to respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person, or (f) to investigate and defend ourselves against any third-party claims or allegations.
Third-Parties.
- Analytics Providers. We may disclose Personal Information to marketing analytics service providers such as Google Analytics.
- With Your Consent. We may disclose to third parties to whom you request or direct us to disclose information, such as through your use of social media widgets or login integration.

4. Our Purposes for Sharing Personal Information

We may disclose information to the parties listed in Section 3 above for the following purposes:

Operating Services and Sites and Providing Related Support. To provide and operate our Sites and Services, communicate with you about your use of the Sites and Services, provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, process your payments, communicate with you, and for similar service and support purposes.
Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain of your Personal Information with lenders, auditors, and third-party advisors, including attorneys and consultants.
In Response to Legal Process. We may disclose your Personal Information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
To Protect You, Us, and Others. We disclose your Personal Information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Policy, or as evidence in litigation in which we are involved.

5. Our Use of Cookies and Similar Technologies

We use cookies and other tracking mechanisms to track information about your use of our Sites or Services. For more information on the types of Personal Information we collect through these technologies, please see the section above titled “The Personal Information We Collect.” For resources and instructions on how to disable tracking technologies, see the section below titled “Tracking and Advertising Choices.”

Cookies

Cookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Sites, while others are used to enable a faster log-in process or to allow us to track your activities on our Sites. There are two types of cookies: session and persistent cookies.

Session Cookies. Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged in. This allows us to process your online transactions and requests and verify your identity after you have logged in, as you move through the website.
Persistent Cookies. Persistent cookies remain on your device after you have closed your browser or turned off your device.

Third-Party Analytics

We use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Sites. We use these tools to help us improve our Site’s performance and user experiences. These entities may use cookies and other tracking technologies, such as web beacons, to perform their services. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/partners/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Do-Not-Track

Currently, our systems do not recognize browser “do-not-track” requests. You may disable certain tracking as discussed in this section (e.g., by disabling cookies) and opt out of targeted advertising by following the instructions in the “Tracking and Advertising Choices” section.

6. Third-Party Links

Our Sites and Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.

7. Tracking and Advertising Choices

If you wish to prevent cookies from tracking your activity on our Site or visits across multiple websites, there are tools you can use to disable cookies and opt out of interest-based advertising. Note, your opt-out may not be effective if your browser is configured to reject cookies.

Browser Solutions for Disabling Cookies: If you wish to prevent cookies from tracking your activity on our website or visits across multiple websites, you can set your browser to block certain cookies or notify you when a cookie is set. The Help portion of the toolbar on most browsers will tell you how to prevent your device from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site and Services who disable cookies will be able to browse the Site, but some features may not function.
Industry Solutions for Opting Out of Interest-Based Advertising. Notwithstanding the above, you may follow the steps provided by initiatives that educate users on how to set tracking preferences for most online advertising tools. These resources include the Network Advertising Initiative (https://thenai.org/about-online-advertising/) and the Digital Advertising Alliance (https://digitaladvertisingalliance.org/). The Digital Advertising Alliance also offers an application called AppChoices (https://youradchoices.com/appchoices) that helps users to control interest-based advertising on mobile apps.

8. Additional Privacy Information for Certain Jurisdictions

Note that these rights only apply to certain residents of the following states and to Personal Information that we collect and process under the terms of this Policy.

Rights of Consumers Who Are Not California Residents

If you are a California resident, please see the section below, entitled Rights of California Consumers. If you are a resident of another U.S. state, depending on the state you live in, you have the right to receive certain disclosures regarding a business’ processing of Personal Information and may have certain rights with respect to our processing of such Personal Information. These rights are not absolute and, in certain cases, we may decline your request as permitted by law.

Right to Access: To confirm whether or not we are processing your Personal Data and to access such Personal Data.
Right of Portability: You may have the right to obtain a copy of the Personal Data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit your Personal Data to another controller or business where the processing is carried out by automated means.
Right to Correction: You may have the right to correct inaccuracies in your Personal Data, taking into account the nature of the Personal Data and the purposes of the processing of your Personal Data.
Right to Deletion: You may have the right to delete Personal Data provided by or obtained about you.
Right to Opt-Out of Sale: You may have a right to opt-out of the sale of your Personal Information. We do not “sell” Personal Information under this definition.
Right to Opt-Out of Targeted Ads and Significant Profiling: You may have the right to opt out of the processing of your Personal Data by us for decisions that produce legal or similarly significant effects concerning you. We do not process Personal Information for such profiling or targeted advertising.
Authorized Agent: You may designate, in writing or through a power of attorney document, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent , we will require that the agent provide proof you have authorized them to act on your behalf and we may need you to verify your identity directly with us.
Right to Appeal: If we decline to take action regarding your request, you have the right to appeal. We will notify you providing our reasons and instructions for how you can appeal the decision. If the appeal is denied, we will provide a way for you contact the Attorney General to submit a complaint.

If any of the rights described in this section apply to you, you may exercise your rights by any of the following means:

Emailing us at [iflandglobal@sk.com]
Calling us at [+1 (844) 505-2902]

You must indicate that you are making a request pursuant to your “U.S. Resident Privacy Rights” and provide us with the following information: (1) first and last name; (2) email address; and (3) zip code. We will take steps to verify your request by matching the information provided by you with the information we have in our records. If we are unable to adequately verify a request, we will notify the requestor.

Rights of California Consumers

Under the California Consumer Privacy Act (“CPPA”) and other applicable laws, California residents have the right to receive certain disclosures regarding our processing and sharing of “Personal Information,” as defined under the CPPA. To the extent you are a resident of California, and we collect Personal Information subject to applicable California law, the following applies.

Your California Privacy Rights

Right to Access: With respect to the Personal Information we have collected about you in the prior 12 months, you have the right to request from us (up to twice per year and subject to certain exemptions): (i) categories of Personal Information about you we have collected or disclosed for a business purpose; (ii) the sources from which we have collected that Personal Information; (iii) our business or commercial purposes for collecting that Personal Information; (iv) the categories of third parties to whom we have disclosed that Personal Information; and (v) a copy of the specific pieces of your Personal Information we have collected.

Right to Correct: You have the right to request that we correct inaccuracies in your Personal Information.

Right to Delete: Subject to certain conditions and exceptions, you may have the right to request deletion of Personal Information that we have collected about you. California consumers who are registered users of the Services and under 18 years of age may request the removal of content or information they posted on the site. We will remove such content or information when we are required to do so by law. To request the removal of content or information you posted on the Services, you may contact us as described below. Please note that even if we remove the content or information that you posted, we cannot prevent further use or disclosure of that content or information by others once you have shared it publicly.

Right to Opt-Out of Sale/Sharing: Under the CPPA, a “sale” includes disclosing or making available Personal Information to a third party in exchange for monetary or other valuable consideration. We do not “sell” Personal Information under this definition. We also do not “share” personal information as defined under the CPPA. Additionally, we do not have actual knowledge that we “sell” or “share” Personal Information about users under 13 years old.
Right to Non-Discrimination: We will not discriminate against you for exercising any of the rights described in this section.
Authorized Agent: You may designate someone as an authorized agent to submit requests and act on your behalf. To do so, you must provide us with written permission to allow the authorized agent to act on your behalf.

If any of the rights described in this section apply to you, you may exercise your rights by any of the following means:

Emailing us at [iflandglobal@sk.com]
Calling us at [+1 (844) 505-2902]

You must indicate that you are making a request pursuant to your “California Privacy Rights” and provide us with the following information: (1) first and last name; (2) email address; and (3) zip code. We will take steps to verify your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information in order to verify your request or, where necessary, to process your request. If we are unable to adequately verify a request, we will notify the requestor.

Processing of Personal Information

The chart below describes the categories of Personal Information and sensitive Personal Information (denoted by a *) we collect (and have collected in the past 12 months), as enumerated in the CCPA, as well as the categories of sources from which the Personal Information is collected, our purposes for processing each category, whether we have disclosed Personal Information for a business purpose in the last 12 months, and the categories of recipients.

Categories Collected in the Last 12 Months	Categories of Sources	Purposes for Processing	“Sold” or “Shared”	Disclosed for a Business Purpose	Categories of Third Parties Who Receive This Personal Information
Identifiers: Such as name, email address,, phone number, social media account information (email, ID and username), T ID, IP address and online identifiers.	From you; Automatically	Providing our Services and supporting our general operations Marketing Responding to inquiries Personalization Improving our Services Protecting our rights and responding to legal request/obligations	No	Yes	Vendors Affiliates, Subsidiaries, and Business Partners Public Authority/Agency Third-Party Analytics Providers
Account Access Credentials*: Such as your account log in for the Services	From you	Providing our Services and supporting our general operations Responding to inquiries Improving our Services Protecting our rights and responding to legal request/obligations	No	Yes	N/A
Commercial information: Such as your subscription information and usage records.	From you	Providing our Services and supporting our general operations Marketing Responding to inquiries Personalization Improving our Services Protecting our rights and responding to legal request/obligations	No	Yes	Vendors Affiliates, Subsidiaries, and Business Partners Third-Party Analytics Providers Public Authority/Agency
Payment information such as payment amount, payment transaction ID, and receipt information (market receipt token, purchase date, purchase status, receipt verification completion date).	From you	Providing our Services and supporting our general operations	No	Yes	Vendors
Internet or other electronic network activity information: Including, but not limited to, IP address, platform, OS version, name of device model, unique ID, firmware version, device token information when installing mobile app, mobile carrier information, app version) and other usage data related to your use of any of our Services.	From you; Automatically	Providing our Services Marketing Responding to inquiries Personalization Improving our Services In support of our general business operations Protecting our rights and responding to legal request/obligations	No	Yes	Vendors Affiliates, Subsidiaries, and Business Partners Third-Party Analytics Providers Public Authority/Agency
Audio, electronic, visual, thermal, olfactory or similar information: Including photographs, video recordings, voice recordings
Profiles and inferences: Including inferences drawn from any of the information identified above to create a profile reflecting a consumer’s preferences, characteristics, behavior or attitudes.	From you	Providing our Services Responding to inquiries Personalization Improving our Services In support of our general business operations Protecting our rights and responding to legal request/obligations	No	Yes	Vendors Affiliates, Subsidiaries, and Business Partners Third-Party Analytics Providers Public Authority/Agency
Protected classifications*: We may collect information about your foreign nationality status.	From you	Providing our Services and support of our general operations Protecting our rights and responding to legal request/obligations	No	Yes	Vendors Affiliates, Subsidiaries, and Business Partners Public Authority/Agency

The specific business or commercial purposes for which we collect and disclose your Personal Information and the categories of sources from which we collect your Personal Information are described in the sections above, Purposes of collection and usage, scope and holding period, How we collect data and obtain consent, Outsourcing of data processing and Transfer to third parties. We only use and disclose sensitive personal information for the purposes specified in the CCPA.

For more information about our privacy practices, you may contact us as set forth in the ‘Contact Us’ section below.

9. Information Regarding Children

Our Services are not designed for children. If we discover that a child under 13 has provided us with Personal Information, we will delete such information from our systems. We do not knowingly collect or sell Personal Information of consumers under 13 years of age as of the date of this Policy.

10. Security

Notwithstanding our reasonable and best efforts, no data security measures can guarantee security of your Personal Information.

You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

11. Changes to this Policy

This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Sites and Services.

12. Contact Us

If you have any questions about this Policy or our privacy practices, you may contact us at [iflandglobal@sk.com] or call us at [+1 (844) 505-2902].

Privacy_USA