Information Necessary for Providing the Service

The Company collects the following personal information in order to provide the Service. Failure to provide such information may make it difficult to provide the Service.

• Contact, Account, and Profile Information

  User ID (email address), password, profile image (optional), country/language settings, date of birth (for purposes of verifying adult status), content preferences (such as genre), and similar information.

• Information for Use of Specific Services

  If a user uses Subscription Support services, the Company additionally collects information regarding the subscribed Creator Member's account, subscription history, and the amount subscribed or supported.

  For Creator Members, the following additional information may be collected: self-introduction and SNS account links (optional), metadata related to creative activities (such as tags and upload history; optional).

• Identity Verification Information

  Where a user submits a copy of identification in order to comply with applicable laws or Company policy, the Company may scan, use, and retain information contained in such identification for identity verification and security purposes.

Information Collected During Service Use

While a user uses the Service, the Company may collect the following personal information:

Text posted by the user on the hidnscroll platform (including but not limited to comments), images, uploaded files, purchase history and refund history of paid services such as Subscription Support, location information generated through the user's network connection, log data such as login records, access date and time, language used, device information (OS, browser type and version, screen size, device ID, mobile phone type, device model name, etc.), IP address, behavioral information collected through cookies or similar technologies, Service usage records, records of improper use of the Service, functions used and application status at the time an error occurs, advertising identifiers, information provided when participating in events (such as name, email address, phone number), and information collected in the course of customer service support.

Information Collected When Using Payment Services

When a user uses the Company's paid services, the Company collects the following personal information:

• Information for Payment

  Depending on the payment method selected, information related to the payment method (such as credit card information), information necessary to complete payment processing (credit card details such as card number are processed through a third-party payment processor), phone number, remittance information, bank account information (bank name, account number, account holder name), authorization number, and similar information.

• Information for Refund

  If a user requests a refund, the Company may collect the user's name, bank account number, bank name, resident registration number (where necessary), account holder name, and similar information.

Information Collected Upon Creator Member Registration and Contract Execution

When a user registers as a Creator Member and enters into a contract, the Company collects the following personal information:

• Information Collected at the Time of Creator Member Registration Application

  Name (or corporate name in the case of a corporation), phone number, date of birth (or corporate registration number or equivalent information), email address, gender, address, career information (such as titles of previously serialized comics, previously used comic platforms and duration of use), country of origin, contents of self-introduction, and similar information.

• Information Collected at the Time of Creator Member Contract Execution

  Name, address, phone number, email address, information regarding comics serialized on hidnscroll, Subscription Support information related to such comics and revenue distribution information, information necessary for tax settlement including tax withholding (country of residence, tax identification number including resident registration number, copy of identification such as resident registration card, driver's license, passport, etc.), name of bank, account number, and account holder name.

Information Collected Directly from Users

Certain personal information is collected directly from users during membership registration, modification of membership information, and use of the Service. Personal information provided during customer service consultations may also be collected.

Information Collected from Third Parties

Certain personal information may be provided by external service providers through third-party affiliated services such as SNS account integration. In such cases, the Company manages and confirms that the third party providing personal information to the Company has satisfied legal requirements such as obtaining user consent.

Information Automatically Collected During Service Use

The Company may collect information automatically generated or collected during users' use of the Service. Such information may or may not constitute personal information depending on its association with a specific user.

Membership Management

The Company may use collected personal information for management of membership services ("Membership") for the following purposes:

• Member Identification, Identity Verification, and Verification of Adult Status

  Identifying members, verifying identity, verifying age (verification of adult status), confirming adult status in connection with access to adult content, confirming intent to register or withdraw membership.

• Provision of Services and Settlement

  Providing hidnscroll and other Company services, settlement and billing for paid services, payment of earnings, processing refunds.

• Prevention of Improper Use and Service Quality Improvement; Provision of Customized Services and Establishment of a Safe Usage Environment

  Preventing re-registration for improper purposes, limiting number of registrations, demographic analysis, analysis of Service usage records, development of new services and improvement of existing services, improvement of Service quality, provision of customized services based on user characteristics, establishment of a safe internet environment.

• Blocking and Sanctioning Interference with Service Operations; Handling Complaints and Responding to Disputes

  Preventing and sanctioning acts that interfere with normal Service operations, restricting use by members who violate laws or Terms of Service, handling user inquiries and complaints, delivering notices, preserving records for dispute resolution.

• Delivery of Event Prizes

  Delivering prizes and gifts in connection with events.

Provision of Services, Fee Collection, and Revenue Settlement

The Company may use collected personal information for the following purposes:

• Providing paid services such as Subscription Support, identity verification, purchase and payment processing, billing and collection, calculation and payment of earnings, handling related tax matters.

Service Quality Improvement, Marketing, and Advertising

The Company may use collected personal information for the following purposes:

• Analysis of Service Satisfaction and Development of Customized Services

  Collecting and analyzing Service usage statistics to assess user satisfaction, developing new services, and providing personalized services.

• Marketing Based on Analysis of User Interests and Preferences

  Estimating members' interests, preferences, tendencies, and learning status to recommend customized content and provide marketing information such as events and promotions.

• Statistical Use for Improvement of Service Environment

  Producing statistics regarding Service usage records and access frequency to improve Service environment and verify Service effectiveness.

• Use of Pseudonymized Information for Statistics, Research, and Public Interest Purposes

  Using or providing pseudonymized information for preparation of statistics, research, and preservation of public-interest records.

However, without separate user consent, the Company does not use personal information for development, improvement, or training of general-purpose artificial intelligence (AI) or machine learning models.

Processing Without Consent Within a Reasonably Related Scope (Applicable Only to Users Residing in Korea)

Within a scope reasonably related to the original purpose of collection, the Company may use or provide personal information without consent after considering:

• Whether it is reasonably related to the original purpose of collection;
• Whether additional use or provision is reasonably foreseeable in light of the circumstances of collection or processing practices;
• Whether it unfairly infringes upon the interests of the data subject;
• Whether necessary security measures such as pseudonymization or encryption have been implemented.

Sharing Based on User Consent

Where a user has expressly consented, the Company may share personal information with third parties within the scope disclosed at the time of consent. In addition, where permitted by applicable law, the Company may process certain information such as email addresses in a non-identifiable form and share such information with social media platforms for purposes such as lead generation, increasing traffic to the platform, and promotion of products and services.

For the avoidance of doubt, the Company does not sell users' personal information to third parties.

Provision of Personal Information to Third Parties (Users Residing in Korea)

For users residing in Korea, the current details of third-party provision of personal information are as follows:

Entrustment to Service Providers (Outsourcing of Processing)

The Company may entrust personal information to external service providers (including their subcontractors) for purposes of Service operation and compliance with applicable laws. Such service providers include those assisting with:

• Identity verification or identification document authentication
• Fraud prevention, security investigation, and risk assessment
• Product development, maintenance, and debugging
• Provision of services through third-party platforms and software tools (including API integrations)
• Provision of Service, advertising, and payment services
• Handling of complaints
• Data storage and analysis
• Transmission of notifications via text message or email
• Provision of customer support services such as surveys

Such service providers are contractually obligated to protect users' personal information and may access such information only within the scope necessary to perform the entrusted tasks.

Outsourcing of Personal Information Processing (Users Residing in Korea)

Cross-Border Transfer of Personal Information (Users Residing in Korea)

For purposes of providing the Service, the Company transfers (including provision, access, entrustment, and storage) personal information to countries outside of Korea as follows:

Users residing in Korea may refuse the transfer of personal information outside of Korea by contacting the Company's Data Protection Officer at support@hidnscroll.com. In such case, the Company shall exclude such user's personal information from overseas transfer. However, use of services that necessarily require overseas transfer of personal information may be restricted.

Compliance with Law and Legal Requests

Within the scope permitted or required by applicable law, the Company may provide personal information to courts, investigative agencies, government agencies, tax authorities, or other public institutions and legally authorized third parties for purposes including responding to valid legal requests (such as subpoenas or court orders), responding to claims asserted against the Company, responding to legitimate legal requests related to criminal investigations, investigating suspected illegal conduct, or addressing potential legal or regulatory liability.

To the extent permitted by law, the Company may notify users of such disclosure. However, notification may be withheld where prohibited by law, where notification could cause harm to a specific individual or group, or where notification could create a risk of obstruction of justice or other legitimate grounds.

Business Transfers

In the event the Company undergoes a corporate transaction such as merger, acquisition, or transfer of business, users' personal information may be transferred or shared with the minimum necessary third parties to achieve such purpose. In such case, the Company shall provide prior notice to users, and transferred personal information shall thereafter be subject to the privacy policy of the third party.

Use of Cookies

The Company may use cookies to automatically collect necessary information such as access logs and device information for providing the Service. Cookies are small text files stored on a user's computer hard drive by a web server (HTTP) when visiting a website.

Purpose of Using Cookies

The Company uses cookies to provide personalized services. When a user visits the website, the server reads cookies stored on the user's device to maintain prior settings or customized services.

Cookies help users access and use the website more conveniently based on previously established preferences. They are also used to analyze website visit history and usage patterns to provide personalized advertisements and marketing information.

Cookie Settings and Refusal

Users have the right to choose whether to allow cookies. Through browser settings, users may allow all cookies, confirm each time a cookie is saved, or refuse all cookies. However, refusal of cookies may restrict certain aspects of Service use.

Right to Access, Correct, Delete, and Request Suspension of Processing

Users may review and modify their personal information at any time within the Service and may request access to, correction of, deletion of, or suspension of processing of their personal information.

To exercise such rights through the Data Protection Officer, please contact support@hidnscroll.com.

Withdrawal of Consent and Account Termination

Users may withdraw consent to processing of personal information or request termination of membership. Account modification or termination may be requested through the Company's mobile application, website, or by email to support@hidnscroll.com.

The Company shall process such requests without delay and notify users of the result. Identity verification may be required to confirm the authenticity of the request.

Retention Period of Personal Information

In principle, the Company processes personal information until the retention period consented to by the user expires or until the purpose of collection is achieved, after which such information is destroyed without delay. However, where retention is required by applicable law, the Company retains personal information for the legally required period.

The retention period is specifically as follows:

• During the period in which the contractual relationship between the user and the Company is maintained (e.g., while the user maintains a membership account or uses the Service) and for a reasonable period thereafter to resolve potential disputes.
• Where the Company is subject to legal obligations (e.g., laws requiring retention of transaction records for a specified period), for such required period.
• Where permitted by law (e.g., statute of limitations, litigation, administrative investigations), for such period.

Destruction of Personal Information

When the purpose of collection has been achieved, and absent a legal obligation to retain, the Company shall immediately destroy the personal information.

Personal information stored in electronic files shall be deleted using technical methods that prevent recovery or restoration. Personal information stored in paper form shall be shredded or incinerated.

Security Measures

The Company implements technical and administrative safeguards required by applicable law to prevent loss, theft, leakage, alteration, or damage of personal information.

Such measures include restricting access rights to personal information processing systems, maintaining access logs, and conducting regular privacy and security training for employees handling personal information.

Residents of certain U.S. states (including but not limited to California, Colorado, Connecticut, Utah, Vermont, and Virginia) may have rights under applicable state laws regarding notice of collection, use, and sharing of personal information, and rights to access, correct, delete, or opt out of certain sharing of personal information.

Users may exercise the rights listed below through the Company's mobile application, website, or by email to support@hidnscroll.com.

The Company may verify the user's identity before responding to certain requests. Generally, identity is verified by confirming the user's email address, though additional methods may be used if appropriate. If identity cannot be verified, the request may be denied.

Users may designate an authorized agent to submit requests on their behalf, subject to verification of authorization.