Privacy Policy

Chapter 1. Purpose of Collection and Use of Personal Information

The Company uses collected personal information for the following purposes:

1. Contract fulfillment and billing for service provision

   Provision of AI educational content, learning data analysis, identity verification, payment processing

2. Member management

   Identity verification for membership services, personal identification, prevention of unauthorized use, confirmation of registration intent, dispute resolution, complaint handling, delivery of notices

3. Marketing and advertising

   Development of new services/products, analysis of access frequency, statistics on service usage, delivery of promotional information

4. AI service quality improvement

   Improvement of conversational AI engine, optimization of learning experience, provision of personalized learning content

Chapter 2. Items and Methods of Personal Information Collection

[ Items Collected ]

1. Information collected during initial registration:
   • Required: Email address, password, name (nickname)
   • Optional: Profile image, contact information
2. Information collected during social login:
   • Required: Name (nickname), social email address, social unique key
   • Optional: Profile information (profile picture)
3. Information collected during AI learning service usage:
   • Learning progress data, conversation history, voice data (when using voice recognition)
   • Learning performance and analytics data
4. Automatically generated information during service use:
   • Device information, IP address, cookies, service usage records, access logs

[ Collection Methods ]

The Company collects personal information through website and app registration, service usage, support boards, and event participation.

Chapter 3. Retention and Use Period of Personal Information

Personal information is processed and retained only within the agreed retention period at the time of collection. However, the following information is retained for the specified periods for the reasons stated below.

1. Retention required by relevant laws

• Records on contracts or withdrawal of subscription

  Retention period: 5 years

• Records on payment and supply of goods

  Retention period: 5 years

• Records on consumer complaints or dispute resolution

  Retention period: 3 years

• Records on website visits (service usage records, access logs, IP information)

  Retention period: 3 months

2. Retention by Company's internal policy

• Information collected during registration and service use

  Reason: Prevention of damage from abnormal account termination

  Retention period: 7 days after withdrawal request

• Information of fraudulent users

  Reason: Prevention of fraudulent use

  Retention period: 1 year after account termination

Chapter 4. Destruction Procedures and Methods of Personal Information

The Company destroys personal information without delay when the purpose of collection and use has been achieved or the retention period has expired.

1. Destruction Procedure

Information entered during registration is stored for a certain period according to internal policies and relevant laws after the purpose has been achieved, then destroyed.

2. Destruction Method

Personal information printed on paper is shredded or incinerated, and personal information stored in electronic files is deleted using technical methods that prevent recovery.

Chapter 5. Provision and Sharing of Personal Information

In principle, the Company uses members' personal information only for the purposes of collection and use and does not disclose it to third parties. However, exceptions are made in the following cases:

1. When the user has given prior consent
2. When required by law or when there is a request from an investigative agency according to legal procedures
3. When necessary for service provision, personal information may be provided to third parties through legitimate procedures such as obtaining user consent

Chapter 6. Entrustment of Personal Information

The Company may entrust personal information processing for service improvement and stipulates necessary matters for safe management of personal information in accordance with relevant laws. Changes in entrusted processors and entrusted tasks will be announced through this Privacy Policy.

Currently, there are no companies entrusted with personal information processing. We will notify you through this policy when entrustment occurs in the future.

Chapter 7. Automatic Collection of Personal Information

To provide personalized and customized services to each member, the Company uses 'cookies' and Google Analytics to store and retrieve member information.

1. What are Cookies?

Cookies are small data packets sent by the server operating the website to the browser and stored on the member's computer hard disk.

2. Purpose of Using Cookies

To analyze access frequency and visit times of members and non-members, understand user preferences and interests, and use them for service provision.

3. Google Analytics

Google Analytics is a web analytics service provided by Google Inc. It is used to improve the website by analyzing interactions between users and the website.

4. How to Refuse Cookies and Log Analysis

Members have the option to accept or reject cookies. You can allow all cookies, verify each time a cookie is stored, or refuse all cookies through browser settings.

• Chrome: More > Settings > Privacy and Security > Cookies
• Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptout

※ Some services may be limited if you refuse cookie installation.

Chapter 8. Security Measures for Personal Information

The Company takes the following technical, managerial, and physical measures to ensure security in accordance with Article 29 of the Personal Information Protection Act:

1. Minimization and training of personnel handling personal information

   We designate and minimize personnel who handle personal information and implement measures to manage personal information.

2. Establishment and implementation of internal management plans

   We have established and implemented personal information protection guidelines for safe processing of personal information.

3. Technical measures against hacking

   We install security programs and perform regular updates and checks to prevent leakage and damage of personal information due to hacking or computer viruses.

4. Encryption of personal information

   Users' personal information and passwords are encrypted during storage and management, and important data is protected with additional security features.

5. Storage and protection of access records

   We maintain and manage access records to personal information processing systems for at least 1 year and use security features to prevent tampering, theft, or loss.

6. Access restrictions to personal information

   We take necessary measures to control access to personal information through granting, changing, and canceling access rights to personal information processing systems.

Chapter 9. User Rights and How to Exercise Them

1. Users can view or modify their registered personal information at any time and request account termination (withdrawal).
2. For social account linkages, you can unlink social accounts in the account settings.
3. Users can exercise their rights to view, modify, delete, and suspend processing of personal information. Contact information is as follows:

   Email: support@tokki-ai.com

   Address: 20, Pangyoro 289beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Chapter 10. Personal Information Protection Officer

The Company has appointed a Personal Information Protection Officer to protect members' personal information and handle complaints related to personal information. For inquiries regarding personal information, please contact the Personal Information Protection Officer below.

Chapter 11. Notification

When there are additions, deletions, or modifications to the content due to changes in laws, policies, or security technology, we will notify you through the notice section of the Company's website at least 7 days before the effective date of the changes. However, if the changes include content unfavorable to members, we will notify you at least 30 days before the effective date.