The "company" informs through this Privacy Policy how the personal information provided by users is used for what purposes and in what ways.

Banjiha Games Co., Ltd. (hereinafter referred to as the "Company") actively protects user's personal information and strives to protect the rights and interests of users by complying with the "Act on Promotion of Information and Communications Network Utilization and Information Protection," the "Personal Information Protection Act," and related regulations established by relevant agencies.

Article 1. Items and Purposes of Collecting and Using Personal Information, and Collection Methods

  1. When registering for the service, the Company collects the following personal information for the provision of various services:

  2. The following information may be generated and collected during the use of the service:

  3. When linking a Google account, the following information may be generated and collected:

  4. In cases where it is unavoidably necessary for payment, such as during free or paid service usage, the following information may be requested during the consultation process:

  5. The Company collects personal information through the following methods:

  6. The purposes of using the personal information collected by the Company are as follows:

    Article 2: Provision of Personal Information to Third Parties

    The Company does not provide or disclose personal information to third parties without the user's consent. However, exceptions are made in the following cases:

    1. When the user has given prior consent to disclosure or provision.
    2. When required by law, or when requested by a court, investigative agency, or other administrative agency through lawful procedures.

    Article 3: Outsourcing of Personal Information Processing

    The Company may outsource the processing of personal information for service improvement as follows, and it establishes necessary provisions to ensure the safe management of personal information in accordance with relevant laws and regulations.

    The personal information outsourcing institutions and the content of the outsourcing tasks of the Company are as follows:

    ① AWS: Operation of cloud servers and management of user databases.

    Article 4: Retention and Use Period of Personal Information

    The Company retains and uses the user's personal information during the period of notification and consent acquisition, and as a principle, it promptly destroys it when the purpose of collecting and using personal information is achieved, the retention period expires, or when the user withdraws their consent for collection and use.

    Long-term non-users who have had no usage records for one year after their last login may have their contracts terminated and necessary measures may be taken to protect personal information, in accordance with relevant laws and regulations.

    In the event of damage caused by personal information theft, the Company may temporarily retain the personal information collected at the time of registration, such as the member's name and contact information, for a maximum of 14 days from the date of termination. IDs are held for 30 days due to linkage with other services and are then completely deleted in an irreversible manner. However, exceptions are made for the following cases, and the information is retained for the periods specified by the retention basis and laws.

    ① Information collected for events and service marketing

    ② Cases where retention is required under relevant laws

    _ Login information: 1 year

    _ Service usage-related information (website visit records): 3 months

    _ Records related to contracts or withdrawal of subscription, etc.: 5 years

    Article 5: Procedure and Method of Personal Information Destruction

    The user's personal information is promptly destroyed when the purpose of collection and use is achieved. The destruction process and method are as follows:

    ① Destruction Process

    Information entered by the user for membership registration, etc., is retained during the retention period specified by internal policies and other relevant laws and is then destroyed.

    ② Destruction Method

    Article 6: Rights of Members and Legal Representatives and How to Exercise Them

    1. Members may exercise the following rights related to personal information protection at any time against the Company:

    Article 7: Technical/Managerial/Physical Measures for Protecting Personal Information

    The Company takes technical and managerial measures to ensure the safety of personal information so that personal information is not lost, stolen, leaked, altered, or damaged in the process of processing personal information. However, the Company shall not be held responsible for any problems caused by the user's negligence, such as device loss, despite the Company's obligations to protect personal information.

    ① Technical Measures

    1. The Company encrypts the items specified by related laws and regulations for storage and retains them. Confirmation and changes to personal information can only be made through the user's request.
    2. The Company ensures the secure transmission of personal information over the network through encrypted communication.
    3. To prevent the leakage and alteration of personal information due to hacking or computer viruses, the Company installs security programs and conducts regular updates and checks. It also monitors and blocks unauthorized access both technically and physically by installing systems in areas where access is controlled from both inside and outside.
    4. The Company periodically backs up personal information in case of emergencies and takes measures to prevent damage caused by computer viruses using antivirus programs.
    5. The Company grants, changes, revokes access rights to personal information processing systems and takes necessary measures to control access to personal information. It also controls unauthorized access from both inside and outside by using intrusion prevention systems.

    ② Managerial Measures

    The Company limits access to personal information to the minimum number of people necessary, and those who correspond to the minimum number are as follows:

    ③ Physical Measures

    1. Access Control for Unauthorized Persons

    The Company separately establishes procedures for access control for the physical storage location of personal information systems and operates them.

    1. Use of Locking Devices for Document Security

    The Company stores documents containing personal information and auxiliary storage media in secure locations with locking devices.

    If you require reporting or counseling regarding personal information infringement, please contact the following agencies:

    Article 8: Personal Information Protection Officer

    ① The company assumes overall responsibility for personal information processing tasks, and designates a Personal Information Protection Officer as below to handle complaints and damage relief of information subjects related to personal information processing.

    Personal Information Protection Officer Personal Information Complaint Handling Department
    Name : YunJi Jeung
    Position : Co-CEO
    e-mail : [email protected] Affiliation: Customer Service Team
    e-mail : [email protected]

    Date of Announcement: October 7, 2022

    Effective Date: October 7, 2022