WONCOMZ Co. Ltd. (hereinafter referred to as the "Company") values users' personal information and complies with the Act on Promotion of Information Network Utilization and Information Protection and the Act on Protection of All Personal Information.
If the company collects and uses the user's personal information, it must notify the user in advance and go through the consent process. If the user does not agree, it will not collect, use, or provide the user's personal information. However, the use of all or part of the service may be restricted if the consent is rejected.
The company will inform the users of the purpose and usage of personal information provided by the users and how and what the company always strives to protect the users' personal information through personal information collection/use guidance.
1. Personal information items to collect and how to collect
2. Purpose of personal information collection and purpose of use
3. Age of personal information retention and utilization
4. Procedures and methods for destroying personal information
5. Providing Personal Information
6. Consignment of collected personal information
7. Rights of minor users and legal representatives
8. Matters concerning the installation, operation, and refusal of the automatic collection of personal information.
9. Technical and administrative measures to protect personal information
10. Response to inquiries about personal information
11. Attachment
1. Personal information items to collect and how to collect them
The company collects only the necessary information for providing basic services, such as membership, smooth response to inquiries from users, and provision of various services, and information necessary for providing more faithful services.
(1) Items of personal information collected
① The company collects the following personal information when using the game service on the platform below or the first member sign up for membership, smooth user consultation, and various services. (However, some games offer only login services and collect personal information • not save)
Company games: required (ID, nickname, password), selection (mobile phone number)
Facebook account game: required (identifier information, ID, profile picture, Facebook friend list), selection (phone number)
Apple Game Center Account: Game Center ID, Profile, Nickname
Google Account Game: Prerequisite (member number, Google ID, profile picture, nickname), Selections (Phone number)
Naver Account Game: Required (ID, profile picture, mobile phone number)
The member may choose whether to provide the selection among the above personal information. However, some services may have limited access to some or all services depending on whether the selection is entered or not.
② The following information can be automatically generated and collected during service use or business processing.
- game service usage record, connection record and date of connection, download record, payment record, fraudulent usage record, suspension record, IP address, Cookie
- User's mobile phone terminal information (model name, OS version, device reason number, etc.); mobile carrier information; device identification number (UUID), international mobile device identification code (IMEI), Google ad ID (Android OS only), terminal language and national information, mobile phone number
③ The company does not collect payment information when using payment methods provided by each mobile carrier or open market operator according to the user's device type. However, in some cases, the following information can be requested in order to resolve related complaints such as payment, delivery, and account recovery.
Relevant Service |
Needed Reasons |
Required |
|
Payment for Paid Service |
Payment unique number |
payment amount, payment method using payment agency |
|
Mobile phone payment subscriber name |
payment approval number, mobile carrier, device ID |
||
Credit card payment |
card company name payment details |
||
Delivery Service |
Delivery Service Event |
Address, Contact |
4 In the course of using the free/fee service, if necessary for payment, etc. (recovery, refund, etc.)
Email address, purchase details, real name and family relationship verification for checking payment facts by others, not by oneself.
(2) Personal Information Collection Method
Collected through consent procedure when joining the company's services
Collect through a separate consent process for promotion and event progress.
Automatically collect through platforms affiliated with the company and related to service delivery
Collect after voluntary provision or request by the user when responding to a user during payment and use
2. Purpose of personal information collection and utilization.
(1) The company uses the collected information of the users for the following purposes.
Securing a smooth communication path for conveying notices and handling complaints
Providing user services such as inquiry processing and payment refund for paid information use
Information on new services and new product events, etc.
Other content provision and authentication services (such as ID/password finding) modified, it can be requested by the company in writing, 1:1 customer consultation, telephone, or email.
(2) Purpose of collection and utilization of personal information and information automatically generated and collected
Development and specialization of new services or products, provision and advertisement of services according to demographic characteristics, identification of access frequency, statistics on users' use of services, preservation of records for dispute settlement, handling complaints, etc., restrictions on the use of defective users, etc.
(3) Purpose of collecting and using information collected when using paid services
identification and payment of charges
(4) Purpose of collecting and using personal information of legal representatives
Confirmation of consent from legal representatives for the collection of personal information of children under the age of 14, confirmation of consent from legal representatives when paying for minors, and handling complaints from users, etc.
3. Age of personal information retention and utilization
(1) The company will keep and use the user's personal information only during the period during which the service is provided from the date of user registration.
The user may request the company to withdraw from membership by means of membership withdrawal function or 1:1 customer consultation, telephone, or e-mail. The user may withdraw after performing the procedure for identification. In addition, if personal information needs to be changed or modified, it can be requested by the company in writing, 1:1 customer consultation, telephone, or email.
If the user withdraws from the service provided by the company, withdraws consent for the collection and use of personal information, and if the purpose of collection and use is achieved, and if the retention period is terminated, the company immediately destroys the personal information.
However, if a member withdraws or the user withdraws his/her consent to the collection and use of personal information, he/she holds personal information for seven days (seven days) from the date of withdrawal or withdrawal, and if this period elapses, the user's personal information will be completely deleted.
(2) The company may terminate the contract and take necessary measures, such as destruction of personal information, in order to protect the personal information of users who have not used the service for one consecutive year in accordance with the relevant Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and the Enforcement Decree of the same Act. In this case, the user is notified of the fact that necessary measures are taken 30 days before the date of action, the expiration date of the personal information retention period, and the items of personal information.
(3) Notwithstanding the preceding paragraph, the company shall keep user information for a certain period of time as prescribed by the relevant statutes, if it is necessary to preserve it under the provisions of the Commercial Act or other statutes, or if there is a reason for the protection of information under the relevant statutes. In this case, the company uses the information stored only for the purpose of storage, and the retention period is as follows.
1 Personal information regarding the use of the service
Preservation Basis: Communication Secrets Protection Act Retention Period:3 Months
2 Records on display/advertisement
Preservation Basis: Duration of the Consumer Protection Act in Electronic Commerce, etc.:6 Months
3 Records of contract or withdrawal, etc.
Preservation Basis: Duration of the Consumer Protection Act in Electronic Commerce, etc.:5 years
4 Records of payment and supply of goods, etc.
Preservation Basis: Duration of the Consumer Protection Act on Electronic Commerce, etc.:5 years
5 Records on consumer inquiries, claims, or dispute handling
Preservation Basis: Duration of the Consumer Protection Act in Electronic Commerce, etc.:3 years
6 Books and evidentiary documents relating to all transactions prescribed by the Tax Act: 5 years
Reasons for Conservation: Framework Act on National Taxes
4. Procedures and methods for destruction of personal information
As a rule, the company destroys the information immediately after achieving the purpose of collecting and using personal information.
(1) Order of destruction
The information entered by the user for user registration, etc. is destroyed after the purpose of personal information collection and use is achieved and preserved for a certain period according to the internal policy and the reasons for information protection under the statutes. (See "Term of Retention and Use of Personal Information" in 3).
(2) Method of destruction
1 Personal information preserved in electronic file form is deleted using a technical method that cannot be replayed.
2 The personal information printed on the paper is shredded or incinerated.
5. Providing Personal Information
(1) The company shall use the user's personal information within the prescribed limits and shall not use it beyond or provide it to a third party without prior consent of the user. However, in the following cases, personal information may be used beyond the prescribed scope or personal information may be provided to a third party.
① When the company provides personal information to a third party, it notifies the users of the personal information provided in advance, the purpose of the personal information used by the person receiving the personal information, the items provided, and the period of personal information held and used by the person receiving the personal information, and obtains the user's consent.
② Personal information necessary for the performance of a contract concerning the provision of services, and it is remarkably difficult to obtain prior consent for economic or technical reasons;
③ Where an obligation to disclose information arises under the Act and subordinate statute, where there is a request from the investigative agency in accordance with the procedures and methods prescribed in the Act for investigation purposes;
(2) The company may provide the personal information of the users to the paid item (game, etc.) providers (e.g. game developers, etc.) only to the extent necessary to solve all problems caused by users purchasing paid items (game, etc.) from Platform, and the users agree to such provision.
(3) In the following cases, the company may provide personal information without the user's consent in accordance with the relevant laws:
① If necessary for the settlement of charges according to the service provision
② In the case of processing and providing certain individuals in an unrecognizable form, as necessary for statistical preparation, academic research, or market research;
③ Where there are special provisions in the Act on the Use and Protection of Credit Information, Framework Act on Telecommunications, Telecommunications Business Act, Local Tax Act, Consumer Protection Act, Bank of Korea Act, and Criminal Procedure Act for real-name financial transactions and confidentiality
6. Rights of minor users and legal representatives
A minor user or legal representative (referring to a minor's parental authority or guardian, etc. as a person whose agency authority takes effect under the provisions of the Act without being entrusted by himself/herself) may, at any time, inquire, modify or delete the personal information of a child under the age of 14, apply for withdrawal, or withdraw consent to the collection of personal information.
If a minor user or legal representative files an application for correction of personal information, the company shall not use or provide such personal information until the correction is completed. In addition, if the personal information before the correction has already been provided to a third party, the correction will be notified to the third party without delay so that the correction can be carried out.
The company will process personal information deleted at the request of a minor user or legal representative as prescribed in 3, Retention and Use Period of Personal Information, and prevent access or use for other purposes.
7. Matters concerning the installation, operation, and refusal of the automatic collection of personal information;
The company uses 'Cookie' to store and retrieve users' information to provide customized services. Cookies are stored on the user's mobile device/PC as a very small text file that the server used to operate the service sends to the user's mobile device/PC. When the user uses the service, the server reads the contents of the cookies stored on the user's mobile device to check the user's information and provide customized services.
The company uses cookies for customized services such as linking the user's profile information, and the user has the option of installing cookies. Users can set whether to allow cookies in the settings of their mobile device/PC, and they can also delete cookies. However, if the cookie is not allowed, it may be difficult to use the service that requires login.
8. Technical and administrative measures to protect personal information
To ensure safety, the company is taking the following technical and administrative measures to prevent personal information from being lost, stolen, leaked, altered or damaged.
(1) Encrypting personal information
The user's personal information is protected by password, and important data is protected by security functions such as encrypting or using file lock function.
(2) Technical measures against illegal intrusion, etc.
The company always monitors users' personal information to prevent leakage or damage by hacking or computer viruses. We regularly manage our vaccine programs to prevent personal information from being compromised.
(3) Restricting access to personal information processing systems
The company is taking necessary measures for a systematically organized database system to handle personal information.
(4) Handling personal information and educating employees
Personal information-related handling staff provides regular training to the staff on acquisition of new security technologies and the obligation to protect personal information.
(5) Managing personal IDs and passwords
In principle, only the user can use the ID and password used by the user. The company shall not be responsible for any problems caused by personal information leakage, such as IDs and passwords, due to personal carelessness of the users or for the basic Internet. Please be aware of password security, change your password frequently, and pay close attention to your personal information when logging in from the public IP.
9. Response to inquiries about personal information
The company designates a person in charge of personal information management to protect the users' personal information and to deal with their personal information grievances.
The user may inquire to the personal information management manager or the department in charge of personal information protection that occurs when using the company's services. The company will promptly respond to the user's inquiries.
Personal Information Protection Officer
Name: Jae Woong Jung
Department / Position: Game Business Group / PD
May Day: cs@woncomz.com
Personal Information Protection Officer
Name: Jae Min Kim
Department / Position: Business Team / Team Leader
May Day: cs@woncomz.com
10. Attachment
This Privacy Policy will be implemented from June 1, 2023.