Privacy Policy
TickTockBoom (hereinafter referred to as the 'Company') is committed to protecting the personal information and rights of users of the services operated by the Company in accordance with relevant privacy laws in the United States, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) where applicable. This privacy policy is designed to help you understand how we collect, use, and safeguard your information.
The Company may revise this privacy policy as necessary to improve its privacy practices. Please check back periodically to stay informed about any changes.
Section 1: Purpose of Collecting and Using Personal Information
① The Company collects and uses personal information for the following purposes:
- To verify identity, prevent unauthorized use of services, provide notifications, handle complaints, and maintain records for dispute resolution.
Section 2: Retention and Use Period of Personal Information
① The Company processes and retains personal information within the period agreed upon when collecting personal information or as required by law.
- The retention and use period: Until membership withdrawal or consent withdrawal.
- If required by law to retain user information, the information will be retained according to the applicable law.
- In accordance with relevant privacy laws, the Company will take necessary measures such as separate storage or destruction to protect personal information of users who have not logged in for a year.
Section 3: Outsourcing of Personal Information Processing
① The Company outsources personal information processing as follows for smooth service execution.
Outsourced tasks: Application maintenance and management
Outsourced company: None
Contact information of the outsourced company: None
② The Company outsources personal information processing for marketing purposes only to those who have consented to the introduction of financial products.
Outsourced tasks: None
Outsourced company: None
Contact information of the outsourced company: None
③ When signing an outsourcing contract, the Company ensures that the contract specifies obligations to protect personal information, including prohibiting processing beyond the scope of the task, implementing technical and managerial protection measures, restricting re-outsourcing, managing and supervising the outsourced company, and liability for damages.
④ If the outsourced tasks or companies change, the Company will disclose the changes through this privacy policy without delay.
Section 4: Rights and How to Exercise Them
① Users can exercise their rights to access, correct, delete, and request the suspension of processing of their personal information at any time.
② Users can exercise their rights by submitting a written request, email, etc. to the Company, and the Company will take action without delay.
③ Users can exercise their rights through their legal representative or an authorized agent. In such cases, a power of attorney must be submitted.
④ Requests to access and suspend the processing of personal information may be restricted under relevant laws.
⑤ Requests to correct or delete personal information cannot be made if the information is required to be collected by other laws.
⑥ The Company verifies the identity of the person making the request for access, correction, deletion, or suspension of processing to ensure that the request is made by the individual or an authorized representative.
Section 6: Procedure and Method of Destroying Personal Information
① The Company destroys personal information without delay when the retention period has expired, the purpose of processing has been achieved, or the user withdraws membership. However, if retention is required by other laws, this may not apply.
-
Destruction procedure:
Unnecessary personal information and personal information files are safely destroyed under the responsibility of the personal information protection officer in accordance with relevant laws and internal policies.
-
Destruction period:
Personal information is destroyed within 5 days from the end of the retention period, and within 5 days from the date it is recognized that processing is no longer necessary if the information has become unnecessary without justifiable reasons.
-
Destruction method:
a. Information in electronic form is destroyed using technical methods that prevent the recovery of records.
b. Personal information printed on paper is destroyed by shredding or incinerating.
Section 7: Measures to Ensure the Security of Personal Information
The Company takes the following technical, managerial, and physical measures to ensure the security of personal information in accordance with relevant privacy laws.
-
Regular self-audit:
The Company conducts regular (quarterly) self-audits to ensure the stability of handling personal information.
-
Minimization and training of personnel handling personal
information:
The Company implements measures to manage personal information by designating and minimizing the number of employees handling personal information.
-
Establishment and implementation of an internal management plan:
The Company establishes and implements an internal management plan for the safe processing of personal information.
-
Encryption of personal information:
User personal information and passwords are stored and managed in encrypted form, ensuring that only the user knows them.
-
Access restriction to personal information:
The Company takes necessary measures to control access to personal information through the granting, changing, and cancellation of access rights to the database system that processes personal information and uses intrusion prevention systems to control unauthorized access from outside.
Section 8: Remedies for Infringement of Rights
If you are not satisfied with the Company's handling of your personal information complaints, or if you need more detailed assistance, please contact the following organizations:
-
Federal Trade Commission (FTC)
Tasks: Reporting identity theft, fraud, and privacy violations
Website: www.ftc.gov
Phone: 1-877-382-4357
Address: 600 Pennsylvania Avenue, NW, Washington, DC 20580
-
Consumer Financial Protection Bureau (CFPB)
Tasks: Assisting with financial product disputes and privacy issues
Website: www.consumerfinance.gov
Phone: 1-855-411-2372
Address: 1700 G Street NW, Washington, DC 20552
- Department of Justice (DOJ) Cybersecurity Unit: +1-202-514-1026 (www.justice.gov/criminal-ccips)
- Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3): (https://www.ic3.gov/)
Section 9: Personal Information Protection Officer
① The Company has designated the following person as the Personal Information Protection Officer to oversee the management of personal information and handle complaints and damage relief from information subjects.
-
Personal Information Protection Officer:
Department: None Name: TickTockBoom Email: charactertimer@gmail.com
-
Personal Information Management Department:
Department: None Name: TickTockBoom Email: charactertimer@gmail.com
② You can direct all inquiries regarding personal information protection, complaint handling, and damage relief that occur while using the Company's services to the Personal Information Protection Officer and the responsible department. The Company will respond to and process inquiries without delay.
Section 10: Changes to the Privacy Policy
This privacy policy is effective from June 28, 2023. Any changes, additions, deletions, or corrections in accordance with laws and policies will be notified through announcements at least 7 days prior to the implementation of the changes.