Privacy Policy


Rich & Company values ​​users’ personal information and abides by relevant laws and regulations that information and communication service providers must comply with. The processing of this personal information applies to Time Mango (hereinafter referred to as the service), including the following.


 Article 1 (Data and collection methods of personal information collected)

1.     Data to collect personal information

The company collects the following personal information to provide services.

a.      After registering as a member, you can easily log in with social media. [For example, login with Google account]

b.     When using the service, we will collect GPS intelligence to provide accurate weather information

c.      When using the service, we will collect IP connection information for user management and sanctions

d.     When using the service, we will collect terminal type, operating system, service deployment version, account information, email address, etc. to correct some technical errors

2.     How to collect personal information

The company collects personal information in the following ways:

a.      Mobile apps, emails, events

b.     Collect information from partner companies through partnerships and cooperation

c.      Collect relevant information when creating an account


Article 2 (Purpose of Collection and Use of Personal Information)

The company only collects the minimum personal information used to provide services for the following purposes and uses the collected information for other purposes. We will not arbitrarily disclose it without the user's consent and provide it to third parties.

1.     Perform contracts related to the provision of services and performance of service functions

2.     Member management: used to provide member services related to identity verification, personal identity confirmation, confirmation of intent to join, prevention of violations of the terms of use and prevention of unauthorized use of bad members, handling of complaints, delivery of notifications, etc.

3.     Develop new services and use marketing advertising: develop new services and customized services, provide services based on statistical characteristics and advertising locations, service verification, events, provide advertising information and participate in providing opportunities, understand connection frequency, membership service usage statistics

4.     Collection and utilization of cause investigation and handling in the event of an accident


Article 3 (Restrictions on Disclosure and Provision of Personal Information to Third Parties)

In principle, the company uses the user's personal information within the scope notified in "Article 2 (Purpose of Collection and Use of Personal Information)” and uses the user's personal information beyond the same scope without the user's prior consent. We will not disclose the personal information of users to the outside world. However, the following cases are excluded.

1.     When the user agrees in advance

2.     A request by the investigative agency to investigate under laws and regulations or the procedures and methods prescribed by laws and regulations.

3.     Other procedures required by relevant laws and regulations

However, in principle, if relevant laws provide information or notify all parties of exceptions at the request of the investigating agency. Even if we are forced to issue a notice due to legal reasons, we will do our best to protect and do our best to maintain the purpose of using.


Article 4 (Entrusted processing of personal information)

1.     The company can outsource the processing of personal information to others in order to achieve a smooth and complete service. In this case, the company will notify users of all the following matters in advance and obtain their consent. The same applies when changing any of the following data.

a.      The person who accepts the processing request of personal information

b.     Outsource business content to personal information processing


2.     The company fulfills the contract to provide information and communication services, and when necessary, clarifies each data in Lane 1 according to the personal information processing policy to improve the convenience of users. In this way, you can outsource the processing of personal information to another person without performing notification procedures and consent procedures.

3.     The company outsources the following business-related to personal information processing and takes necessary measures to ensure the safe management of personal information in outsourcing contracts under relevant laws and regulations. The company will consider the trustee's ability to protect personal information when signing a consignment contract, and regularly confirm whether it will fulfill the trustee's obligations, such as safety management and destruction of personal information. In addition, the information to be outsourced is limited to the minimum information required to provide a smooth service.


[When personal information processing is outsourced to foreign manufacturers for use]

1.              Contractor: Amazon, purpose: save member data, country/region: South Korea, method: save the member information entered by the user when registering in AWS, save data: nickname/email/login link, Google ID information retention period: Until the membership is canceled, or the service is terminated.


Article 5 (Right of consent in case of refusal and right of the adverse notice)

Members have the right to refuse to agree to the collection and use of personal information. However, if you refuse to agree to the collection and use of the minimum personal information necessary for the conclusion and performance of the contract, there are disadvantages such as inability to use the service or delay in processing operations.


In addition, if you refuse to agree to the collection/use and/or selective collection/use of personal information for marketing activities and public relations, you may not be able to obtain information about activities, provide gifts and promotional materials, and provide collaborative services, such as The disadvantages of using discount applications and not being able to earn points.


In addition to the terms of the agreement, if the member agrees otherwise, we can collect and use personal information, and if the member agrees, we can provide personal information to a third party.


Article 6 (Retention and Use Period of Personal Information)

1.     In principle, the company retains and uses the user's personal information within the time promised and announced, and if the purpose of collecting and using personal information is achieved, or if the user is required to destroy the personal information, it will immediately destroy it without hesitation. However, due to the following reasons, the following information will be retained for the specified time.

a.      Keep the information under the company's internal policies

       If an investigation/investigation is conducted due to violation of relevant laws and regulations until the investigation/investigation is completed.

       The credit relationship related to service use continues until settlement

       For information based on unauthorized use, up to one year from the membership withdrawal

b.     Retention of information by relevant laws and regulations




Retention Period

Communication Secret Protection Act

Provided by court order according to the request of the investigating agency

Service access records, IP, etc.

3 months

Consumer protection laws in e-commerce, etc.

Proof of transaction, consumer protection

Keep contract or purchase withdrawal records

5 years

Consumer protection laws in e-commerce, etc.

Proof of transaction, consumer protection

Keep records about payments and supplies, etc.

5 years

Consumer protection laws in e-commerce, etc.

Consumer processing, contact certification, consumer protection

Keep records of consumer complaints or dispute resolution

3 years

Consumer protection laws in e-commerce, etc.

Protect consumers

Logo/Advertising Record

6 months

Location information protection and use

Confirm collection, use, and provision of location information

Keep records of personal location information

6 months


2.     Starting from October 12, 2020, for users who have not used the company’s services for about a year, we will notify users in advance under Article 29 of the Law on Promoting the Use of Information and Communication Networks and Information Protection. Destroy personal information, store and manage it separately. If requested by the user, the above deadline can be set separately. However, if it is necessary to store the user’s personal information under the “Communication Secrets Protection Act” and the “Consumer Protection Act” such as e-commerce and other relevant laws and regulations, the user’s personal information will be stored for a fixed period specified by the relevant laws and regulations.

3.     When the company is destroyed or otherwise disposed of within 30 days before the expiration date of the data (2) and the personal information data, we will notify the user in advance by email or other means. For this, the user must contact the company provides correct contact information.


Article 7 (Procedures and Methods for Destroying Personal Information)

In principle, when the purpose of processing personal information is achieved, the company will immediately destroy personal information. The procedures and methods of destruction are as follows.


1.     Discard procedure

·      After the purpose is achieved, the user's personal information will be transferred to another database (if it is paper, it will be stored in a separate file box) and will remain unchanged under internal policies and other relevant laws and regulations (see retention and use period). After being stored for a while, it will be destroyed. Unless required by law, personal information will not be used for other purposes for retention.

2.     How to discard

·      Information in electronic file format is deleted using technical methods that cannot be copied and recorded.

·      The personal information printed on the paper will be shredded or incinerated and destroyed by the shredder.


Article 8 (The rights and obligations of members and legal representatives and how to exercise them)

You or your legal representative can exercise any rights related to the protection of your personal information or children under the age of 14 in the company at any time. If the user or legal representative does not agree to the processing of the company's personal information, he/she can request withdrawal of consent or withdrawal of membership. However, it may be difficult to use some or all of the services in this case.

1.              Click on "Personal Information" (or "Change Member Information", etc.) to withdraw from the membership, please go to the App and click withdraw from the membership.

2.              If you contact the person in charge of management via email, we will take immediate action.

3.              If the user requests to correct an error in the personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has been provided to a third party, the result of the correction will be immediately notified to the third party and the correction will be made.

4.              The company will process the canceled or deleted personal information at the request of the user or legal representative under the instructions in "Article 6 Retention and Use Period of Personal Information" to prevent it from being viewed or used for other purposes.


Article 9 (Regarding the installation/operation of the automatic personal information collection device and its rejection)

[Online customized advertising service]

1.     Collect advertising identifiers when using mobile apps

The company will collect your ADID/IDFA. ADID / IDFA will identify users through applications, provide users with customized services, measure them, and provide customized advertisements.

•How to refuse

Example) Android: Settings -> Google (Google Settings) -> Advertising -> Deselect advertising optimization (custom)

iOS: Settings→Personal Information Protection→Ads→Ad Tracking Limit

2.     Online customized advertising services

The company allows the collection of the following online customized advertisers and advertising identifiers and behavioral information.

a.      Advertisers who collect and process behavioral information:

AdColony, AdCrony, AdExchange, AdFit, AdMob, AdPie, AdView, Appier, AppLovin, BatMobi, Cauly, Dawin, DU, Facebook, Facebook(Open Bidding), Five, Fyber, IronSource, MobFox, Mobon, Mobpower, Mobvista, Mopup, PubNative, Smaato, TAM, TNK, UnityAds, Vungle, YeahMobi, YouAppi, ZPLAY Ads, etc...

b.     Behavioral information collection method: When users execute our application, it will be automatically collected and transmitted


Article 10 (Technical/Administrative Protection Measures for Personal Information)

In order to ensure security, the company is taking the following technical/administrative protection measures to ensure that personal information will not be lost, stolen, leaked, altered, or damaged when processing users' personal information.

1.              Encryption of personal information

User passwords are stored and managed through one-way encryption, and only those who know the password can confirm and change personal information. Personal information (for example, resident registration number, alien registration number, bank account number, and credit card number) is encrypted and stored, and managed through a secure encryption algorithm.

2.              Countermeasures to prevent hacking, etc.

The company runs an intrusion detection and intrusion prevention system 24 hours a day to prevent the disclosure of users' personal information due to intrusion into company information and communication networks (such as hackers). In order to deal with emergencies, all intrusion detection systems and intrusion prevention systems operate in redundant configurations, and sensitive personal information can be safely transmitted over the network through encrypted communications.

3.              Minimize and train personal information processing personnel

The company limits the company's personal information processing personnel to a minimum and recognizes the importance of protecting personal information through administrative measures such as training personal information processing personnel.

4.              Operation of the department responsible for the protection of personal information

The company has a department dedicated to protecting personal information to effectively protect personal information and strives to quickly correct any problems by checking the compliance of personal information processing policies and personal information processing procedures.


Article 11 (Contact information of the person in charge of personal information management and the person in charge)

You can report all personal information protection-related complaints caused by using the company's services to the person in charge of personal information management or the competent department. The company will provide timely and adequate answers to members' reports.

[Personal Information Manager]

·      Name: Taeyong Choi

·      Affiliation: Rich & Company

·      ·Position: Personal Information Manager

·      ·Mail:

If you need to report or consult about other personal information infringements, please contact the following organizations.

·      ·Personal Information Dispute Mediation Committee ( without area code 118)

·      ·Personal information infringement reporting center ( without area code 118)

·      ·Cybercrime Investigation Team of the Supreme Prosecutor’s Office ( 02-3480-2000)

·      ·National Police Agency Cyber ​​Terror Response Center ( without area code 182)


Article 12 (Disputes and Litigation)

All disputes and litigation related to this agreement shall be settled by the Seoul Central District Court as the competent court under Korean law.


Article 13 (Others)

The company may provide users with links to other websites. However, this "Personal Information Processing Policy" does not apply to the collection of personal information by linked websites


Article 14 (Notification Obligation)

If there are any changes to the personal information processing policy, the company will notify you via in-app notification, website notification or email at least 7 days before the revised privacy policy takes effect.


Supplementary Provisions

The current personal information processing policy may be changed according to government policies or company needs. If any addition, deletion, or modification of the content is made, it will be notified in advance via the website or email 7 days before the implementation, and if it is difficult to notify in advance, it will be notified immediately. This policy will take effect from the date of notification. However, if important matters such as the purpose of collecting and using personal information and the purpose of providing it to a third party are added, deleted, or modified, it will be notified 30 days in advance and implemented after 30 days. In addition, if the customer is required to obtain the customer’s personal consent under relevant laws (such as the "Act to Promote the Use of Information and Communication Networks and Information Protection" (such as the collection and use of personal information and the provision of information to third parties), the company shall comply with the relevant laws and regulations and obtain the customer’s personal consent.

Privacy policy version number: v.1.0


Announcement date: October 12, 2020

Effective date: October 12, 2020