CashLearning Privacy Policy
CashLearning ("Company") establishes and discloses the following Privacy Policy to protect users' personal information in accordance with applicable laws including the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection.
Article 1. Purpose of Processing Personal Information
The Company processes personal information for the following purposes. Personal information processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be implemented.
- Member Registration and Management
- Identity verification, personal identification, and prevention of fraudulent use for membership services
- Confirmation of registration intent, service provision, and contract performance
- Service Provision
- Provision of learning content, management of learning records, accumulation and management of reward points
- Provision of customized services
- Advertising Service Provision
- Provision of personalized advertisements through Google AdMob
- Ad exposure and performance analysis
- Gift Card Exchange Processing
- Identity verification, gift card delivery
- Service Improvement
- Analysis of service usage statistics, development of new services, improvement of service quality
- Marketing Use (with optional consent)
- Event information, new service announcements, personalized advertising
Article 2. Processing and Retention Period of Personal Information
The Company processes and retains personal information within the retention period required by law or agreed upon when collecting personal information from data subjects.
| Category |
Retention Period |
Legal Basis |
| Member Information |
Until membership withdrawal |
User consent |
| Service Usage Records |
3 years |
Protection of Communications Secrets Act |
| Records of contracts or subscription withdrawal |
5 years |
Electronic Commerce Act |
| Records of payment and supply of goods |
5 years |
Electronic Commerce Act |
| Records of consumer complaints or dispute resolution |
3 years |
Electronic Commerce Act |
| Records of personal information collection/use consent |
5 years |
Personal Information Protection Act |
Article 3. Items of Personal Information Processed
The Company processes the following personal information items:
1. Required Items
- Social Login Information: Unique identifier (ID), email address, name or nickname
- Device Information: Device identifier (Device ID), device model, OS version
- Service Usage Records: Learning records, quiz attempt records, point accumulation/usage history, access logs, app usage records
2. Additional Items Collected When Applying for Gift Card Exchange
- Items Collected: Receiving phone number
- Purpose of Collection: Gift card delivery
- Retention Period: 3 months after exchange processing is completed
- Security Measures: Phone number is used only for delivery purposes and immediately destroyed after the retention period expires
3. Optional Items
- Marketing information reception consent status
- Profile image
4. Automatically Collected Items
- IP address, service usage records, visit records, app version information
- Advertising identifier (ADID/IDFA)
Article 4. Provision of Personal Information to Third Parties
The Company, in principle, processes users' personal information within the scope specified in Article 1 (Purpose of Processing Personal Information) and does not process beyond the original scope or provide it to third parties without the consent of the data subject.
However, personal information may be provided to third parties in the following cases:
- When the user has given prior consent
- When required by law or when there is a request from an investigative agency in accordance with procedures and methods prescribed by law for investigation purposes
Article 5. Overseas Transfer of Personal Information
The Company provides personal information to overseas third parties as follows for service provision:
Google LLC (Firebase, AdMob)
- Purpose of Transfer: App analytics (Firebase Analytics), advertising service provision (AdMob)
- Items Transferred: Device identifier, advertising ID, app usage records, IP address
- Country of Transfer: United States
- Transfer Method: Transmission via network during service use
- Retention Period: According to Google's Privacy Policy
Users may refuse the overseas transfer of personal information. If refused, service use may be restricted.
Article 6. Entrustment of Personal Information Processing
The Company entrusts personal information processing as follows for smooth service provision:
- Trustee: Google LLC
- Entrusted Tasks: Cloud service provision (Firebase), app analytics, advertising services
- Personal Information Items: Device identifier, service usage records, advertising ID
The Company stipulates necessary matters to ensure safe management of personal information in accordance with relevant laws when entering entrustment contracts.
Article 7. Rights and Obligations of Data Subjects and Legal Representatives
Users may exercise the following personal information protection rights against the Company at any time:
- Request to access personal information
- Request for correction if there are errors
- Request for deletion
- Request to stop processing
Rights can be exercised directly through the "Settings > My Information Management" menu in the app or by contacting customer service.
For children under 14 years of age, a legal representative may request access, correction/deletion, or suspension of processing of the child's personal information.
If a user requests correction or deletion of errors in personal information, the Company will not use or provide the personal information until the correction or deletion is completed.
Article 8. Destruction of Personal Information
The Company destroys personal information without delay when it becomes unnecessary, such as when the retention period has expired or the processing purpose has been achieved.
If personal information must continue to be preserved under other laws despite the expiration of the retention period agreed upon by the user or the achievement of the processing purpose, the personal information is transferred to a separate database (DB) or stored in a different location.
- Destruction Procedure: The Company selects personal information for which destruction reasons have occurred and destroys it with the approval of the Personal Information Protection Officer.
- Destruction Method: Electronic file format information is destroyed using technical methods that prevent reproduction of records. Personal information printed on paper is destroyed by shredding or incineration.
Article 9. Measures to Ensure Security of Personal Information
The Company takes the following measures to ensure the security of personal information:
1. Technical Measures
- Encryption of personal information: Users' personal information is encrypted for storage and management.
- Technical countermeasures against hacking: Security programs are installed and regularly updated and inspected.
- Access control system installation: Systems are installed and operated to control access to personal information.
2. Administrative Measures
- Minimization of personal information handlers: The number of employees handling personal information is minimized.
- Regular security training: Regular security training is conducted for personal information handlers.
- Internal management plan establishment and implementation: An internal management plan is established and implemented for safe processing of personal information.
Article 10. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices
The Company uses the following automatic personal information collection technologies for service provision:
- Firebase Analytics: App usage statistics analysis
- Google AdMob: Personalized advertising provision (using advertising ID)
Users can refuse advertising ID collection in their device settings:
- Android: Settings > Google > Ads > "Delete advertising ID" or "Opt out of Ads Personalization"
- iOS: Settings > Privacy > Tracking > Disable "Allow Apps to Request to Track"
Even if advertising ID collection is refused, the service can still be used, but general advertisements may be displayed instead of personalized advertisements.
Article 11. Personal Information Protection Officer
The Company has designated a Personal Information Protection Officer to oversee personal information processing and handle user complaints and damage relief related to personal information processing:
Personal Information Protection Officer
- Name: Privacy Protection Manager
- Contact: cashlearning1997@gmail.com
Article 12. Request for Access to Personal Information
Users may request access to personal information pursuant to Article 35 of the Personal Information Protection Act through the following contact:
Email: cashlearning1997@gmail.com
Additionally, users may apply for dispute resolution or consultation with the following organizations for relief from personal information infringement:
- Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
- Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
- Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
- National Police Agency: 182 (ecrm.cyber.go.kr)
Article 13. Changes to Privacy Policy
This Privacy Policy is effective from the effective date, and when there are additions, deletions, or corrections of changes according to laws and policies, they will be announced through in-app notices at least 7 days before the implementation of changes.
This Privacy Policy is effective from March 22, 2026.