D-box Inc. places importance on the personal information of its customers (hereinafter referred to as "company") and adheres to relevant laws and regulations, such as the Act on the Promotion of the Use of Information and Information Protection and the Personal Information Protection Act.
The Company has developed this Personal Information Processing Policy to inform you of the use and method of personal information provided by Customer and the steps taken to protect personal information.
The steps for this personal information handling policy are as follows:
1. Items and methods for collecting personal information
The company collect only the essential personal information needed to provision gaming services from users.
You can collect some selective information after you agree to the agreement.
(a) Personal Information Items to be collected
1) When users use mobile gaming, the information shown below is collected.
A)Game services through Google, Facebook, Twitter and Apple Gaming Center accounts.
--Required: The user identifier provided by the email address, nickname, Google, or Facebook.
※When using game service through Google, Facebook, Twitter, Apple Game Center account, the items collected may vary depending on the information criteria set by individuals.
2) When users participate in a company event, they can collect additional personal information such as in the diagram below.
(If you are participating in an event) Member number (ID), nickname, email address.
(When winning the event) Cell phone number and address for gift delivery.
제(tax public billing)Name, address, residential registration number, postal code, etc.
However, in this case, you will be given a separate agreement.
3) The following information is automatically generated and collected during the service utilization and business processing process:
- Game use records, access records, cookie information, IP information, authentication records, settlement records, use stop records, mobile device information (mobile communication company information, terminal information (MCC), ad identifier information (ADIDFA).
4) Additional information can be collected as shown in the diagram below when users use paid services.
- Payment through Open Market: Open Market ID, Open Market nickname, Payment Approval Number.
- ARS Payment: Mobile Communications information, mobile phone number, payment approval number.
5) In the event of 1:1 consultation through the Customer Center, additional information such as:
-Email address, nickname, membership number (ID), mobile device information (equipment name, OS version)
(b) Method of collecting personal information
1) Companies can collect personal information in the following ways:
A)Inquiry through customer center 1:1 consultation, prize event application, cash purchase
B) Mobile game certification or commercial event.
2. Purpose of Use of Personal Information
The purpose of the company's use of personal information is as follows.
A. Purpose of use of information collected when using mobile games.
- Fulfillment of the game service offering agreement and settlement of fees, creation of statistical data for customer management and prevention of unauthorized use, and utilization of marketing or advertising for new service development.
(b) Purpose of utilization of automatically generated and collected information
Statistics, conflicts or use of services, such as development or specialization of new services, provision of services according to demographic characteristics, advertising placement, and frequency of connection.
Complaints about complaints and restrictions on the use of bad users.
(c) The purpose of using the information to be collected when using the fee-based service.
Identity Confirmation and Payment Information
(b) Purpose of utilization of information on statutory agents
-Whether or not the legal representative agrees to collect personal information for children under 14, and whether or not the legal representative agrees to settle accounts for minors under 20,
3. Providing or sharing personal information to third parties
The company does not share or provide personal information of users with any authority, organization or business partner without prior consent (hereinafter referred to as "third party"). Exceptions are provided, however, if you agree in advance or if you are obliged to submit it to a state agency or an investigative agency in accordance with relevant laws such as the Act on the Promotion of Use of Information and Information Networks.
If the company decides that it needs to provide the user's personal information to a third party for better service delivery, it will provide the information after it has been provided and managed by the user's agreement.
4. Retention and Use of Personal Information
The Company holds or uses the user's personal information during the agreed period, and in principle, the purpose of collection and use of the personal information is achieved or destroyed without delay upon expiration of the holding period. However, if the consent to collect and use is withdrawn, or the use of personal information is stolen, the information can be temporarily retained for up to 14 days for internal settlement processing or da
In addition, after the last connection, for one year, long-term, unattended personal information without access history can be stored separately or destroyed in a secure manner. In such a case, the user is notified of the expiration date of personal information and the item of personal information to be taken 30 days before the expiration date, and if the user continues to use the game service, the user is requested to log in again.
If you need to store your personal information, save it for the period specified in the following items:
(a) Cases where there is a need for maintenance under the relevant laws and regulations
1) Records relating to labeling and advertising
Preservation basis: Act on the Protection of Consumers in e-commerce, etc.
- Retention period: 6 months
2) Records relating to contracts or cancellation of contracts
Preservation basis: Act on the Protection of Consumers in e-commerce, etc.
- Retention period: 5 years
3) Records relating to payment and supply of goods
Preservation basis: Act on the Protection of Consumers in e-commerce, etc.
- Retention period: 5 years
4) Records concerning consumer complaints or dispute settlement
Preservation basis: Act on the Protection of Consumers in e-commerce, etc.
- Storage period: 3 years
5) Login and other service usage records
Preservation basis: Communications confidentiality law.
-Duration: 3 months
(b) Cases where it is necessary to protect a judicial institution's investigation request and other users (user's object that has caused controversy over unhealthy use of services or services)
- Retention period: 1 year
Personal information collected for events and marketing purposes.
Purpose of preservation: Selection of event winners and progress of events.
-Duration: Up to 3 months (each event is different and prioritizes the duration listed on the individual event page)
(a) Copy information of identification card for the purpose of membership card
Storage period: None (Drop immediately after confirmation)
If you need to retain them despite the above retention period, obtain the user's consent.
5. Procedures and procedures for destroying personal information
The company discards personal information that has been collected and used without delay, and the disposal procedures and methods are as follows:
A. Disposal Procedures
- After the achievement of the Purpose of Utilization, the company's internal policies and the reasons for information protection in the relevant laws and regulations (see the retention period and utilization period of personal information) are destroyed after preservation for a certain period.
A. Method of Disposal
- In the case of output form, the crusher is crushed or incinerated, and in the case of electronic file form, the electronic file form is completely deleted by a technical method which cannot be reproduced.
6. The rights of users and legal representatives and how to exercise them
(1) Users and legal representatives may query or modify their registered personal information or the child's personal information of the child who is 14 years old at any time, and may request the cancellation of membership.
(2) Children under the age of 14, under the age of 14, must be fully aware of the purpose of collecting and using personal information and obtain the consent of legal representatives (parents) before sending personal information online under the law to others.
(3) Youth under 18 years of age under the Act on the Promotion of the Game Industry shall be required to obtain the consent of legal representatives (parents) upon membership.
(4) When a user requests correction of personal information errors, the user will not use or provide the personal information until the correction is completed. Also, if you have already provided the wrong personal information to a third party, we will notify the third party of the result of the correction without delay to correct it.
(5) The company processes personal information cancelled or deleted at the request of the user or legal representative, as specified in the "Personal Retention and Term of Use" to prevent it from being viewed or used for any other purpose.
7. Technical/management protection measures for personal information
To ensure that personal information is not lost, stolen, leaked, forged or damaged, companies are taking the following technical/management measures to ensure security:
(1) Encryption of Confidential Number
- The company does not collect passwords for platform members in service delivery tie-ups.
(2) Countermeasures such as hacking
In order to prevent personal information from being leaked by hacking etc., devices are installed and operated to prevent external attacks and hacking, and servers with user personal information are not directly connected to external Internet lines and maintain the highest level of security. In addition, we are prepared to back up our systems and data in case of an emergency, and we are using vaccine programs to prevent computer viruses from happening. The vaccine program is updated periodically to prevent personal information from being compromised as soon as a vaccine is detected if a virus suddenly appears.
(3) Restriction and Education of Officials in Process
- Personal information processing staff are minimized and are emphatically empowered to comply with this policy through occasional education to their staff.
(4) Operation of the Organization specializing in the protection of personal information
- We will review the implementation of this policy and compliance with the personnel in charge of internal personal information protection and immediately take corrective action if any problems are found. However, the company will not be responsible for any issues arising from the leakage of personal information such as user's own carelessness or Internet issues, such as platform IDs (IDs), passwords, nicknames, or e-mails related to services.
8. ETC
The company's personal information processing policy can be changed by changing laws and guidelines or changing company's internal policy, and the company is required to announce the addition, deletion or modification of the personal information processing policy at least seven days in advance.
Personal Information Processing Policy Publication Date: 2019-09-11