TimeFile Privacy Policy

TimeFile ("Company," "we," "us," or "our") is committed to protecting your personal information in accordance with applicable privacy laws, including the Personal Information Protection Act (PIPA) and the Act on Promotion of Information and Communications Network Utilization and Information Protection. This Privacy Policy explains how we collect, use, store, and protect your personal information.

Article 1 (Personal Information Collected)

We collect only the minimum personal information necessary to provide our services.

Category	Items Collected	Collection Method
Automatically Collected	IP address, access logs, cookies, browser type, operating system, access time, service usage records	Automatically generated during service use
Contact Form	Email address, Name (optional)	User input
File Upload	File metadata (filename, size, format)	Automatically generated during upload

Article 2 (Purpose of Processing Personal Information)

We process the collected personal information only for the following purposes:

Service Provision and Operation: Providing file upload, storage, and sharing features; content delivery; service usage record management
Customer Support: Responding to user inquiries and notifying processing results
Service Improvement: Analyzing service usage records, tracking access frequency, statistical analysis
Prevention of Illegal/Fraudulent Use: Preventing illegal content uploads, restricting service access, responding to legal disputes
Legal Compliance: Fulfilling obligations under applicable laws

Article 3 (Retention and Use Period of Personal Information)

In principle, we destroy personal information without delay once the purpose of collection and use has been achieved. However, if retention is required under applicable laws, we retain information for the following periods:

Item	Retention Period	Legal Basis
Access logs, IP addresses	3 months	Protection of Communications Secrets Act
Consumer complaints or dispute records	3 years	Act on Consumer Protection in Electronic Commerce
Records on display/advertising	6 months	Act on Consumer Protection in Electronic Commerce
Illegal content records	Until requested by law enforcement or 5 years	Criminal Procedure Act, Network Act

Article 4 (Destruction Procedure and Method of Personal Information)

We destroy personal information without delay when it becomes unnecessary due to expiration of the retention period or achievement of the processing purpose.

Destruction Procedure: Personal information subject to destruction is selected and destroyed with approval from our Privacy Officer.
Destruction Method:
- Electronic files: Permanently deleted using technical methods that prevent recovery
- Paper documents: Shredded or incinerated

Article 5 (Entrustment of Personal Information Processing)

We entrust personal information processing to the following companies for smooth service provision:

Trustee	Entrusted Tasks	Retention Period
Cloudflare, Inc.	Cloud storage (R2) service, CDN service	Until termination of entrustment contract
Vercel Inc.	Web hosting service	Until termination of entrustment contract

We will promptly disclose any changes to the entrusted tasks or trustees through this Privacy Policy.

Article 6 (International Transfer of Personal Information)

International Transfer Notice

We may store and process your personal information on servers located outside of your country for service provision.

Item	Details
Recipient	Cloudflare, Inc.
Recipient's Country	United States and Global Data Centers (Europe, Asia, etc.)
Transfer Timing and Method	Transfer via network during file upload
Personal Information Transferred	Uploaded files, IP addresses, access logs
Recipient's Purpose of Use	Cloud storage service provision, content delivery via CDN
Retention Period	Until file retention period expires or service contract terminates

Article 7 (Cookies and Automatic Data Collection)

We use cookies to provide personalized services by storing and retrieving usage information.

Purpose of Cookies: Analyzing access frequency and visit times to improve services
Cookie Management: You can refuse cookie storage through your browser settings. However, refusing cookies may cause difficulties in using some services.
- Chrome: Settings → Privacy and Security → Cookies and Other Site Data
- Safari: Preferences → Privacy → Cookies and Website Data
- Firefox: Settings → Privacy & Security → Cookies and Site Data
- Edge: Settings → Cookies and Site Permissions → Cookies and Site Data

Article 8 (Your Rights and How to Exercise Them)

As a data subject, you have the following rights:

Right to Access: You may request access to your personal information held by us.
Right to Rectification/Erasure: You may request correction or deletion of inaccurate personal information.
Right to Restrict Processing: You may request suspension of personal information processing.
Right to Withdraw Consent: You may withdraw consent for collection and use of personal information.

You can exercise these rights through our Contact page via written request or email. We will take action without delay.

If you request correction of errors in your personal information, we will not use or provide the relevant personal information until the correction is complete. If incorrect personal information has already been provided to a third party, we will promptly notify them of the correction.

Article 9 (Security Measures for Personal Information)

We implement the following measures to ensure the security of personal information:

Administrative Measures: Establishment and implementation of internal management plans for personal information protection; minimizing and training personnel handling personal information
Technical Measures: Encryption of personal information; installation and update of security programs; installation of access control systems
Physical Measures: Access control to computer rooms and data storage facilities

Article 10 (Privacy Officer)

We have designated a Privacy Officer to oversee personal information processing and to handle complaints and remedy damages related to personal information processing.

Privacy Officer

Department: TimeFile Operations Team
Contact: Through the Contact page

You may contact our Privacy Officer regarding any inquiries, complaints, or damage relief related to personal information protection that arise while using our services. We will respond to and process your inquiries without delay.

Article 11 (Remedies for Infringement of Rights)

You may apply for dispute resolution or consultation to the following organizations for relief from personal information infringement:

Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
Supreme Prosecutors' Office Cyber Investigation Division: 1301 (www.spo.go.kr)
National Police Agency Cyber Bureau: 182 (ecrm.cyber.go.kr)

Article 12 (Changes to This Privacy Policy)

This Privacy Policy takes effect from the effective date. If there are additions, deletions, or corrections due to changes in laws or policies, we will announce them through the Service at least 7 days before the changes take effect. However, for significant changes to user rights, we will provide at least 30 days' notice.

Supplementary Provisions

This Privacy Policy takes effect on January 1, 2025.
Previous privacy policies are superseded by this policy.

For inquiries regarding this Privacy Policy, please contact us through the Contact page.