Article. 1 (The Elements of Personal Information we may collect and the collecting method)
1. In the first stage of joining the game service, the company may collect your personal information as below to provide various services. - The unique serial number for user identification afforded by the User’s Platform Operator, User’s first and last name or the nickname, user’s mobile ID Number (including the mobile device ID or UUID), etc.
2. Upon using the service, following information may be produced and collected.
- User Status Information, Date and Time of User’s Visit to the company, Record of Service Use, Record of Abnormal behaviors, physical location of user’s device, IP information, cookie information and etc.
3. We are collecting personal information as below for customer service.
- Email address, nickname, another name which the user has agreeded to show.
4. In case that the company requires the following; Information of user’s credit card, mobile network operator, purchase record, coupon code, and other purchase related information may be collected. When the company is requested for recovery or refund of purchased items and paying services, the company can collect user’s mail address, the historical data collection. When the company need to see the proof of a user declaring that any purchase was made by another person without one’s will, the company can ask for and collect additional personal information including the actual name of the user and Family Relation Certificate.
5. The company does not collect any sensitive and private information (Race, Personal Belief, Philosophy, Political Tendency, Criminal Record, Medical Record, etc.)
6. The company collects user’s personal information in the following ways.
- Collect via Platform Operator in a partnership with the company for the service.
- Collect via voluntary submission from the user who is using the service.
- Collect via the information that is already provided by the user for service utility.
Article. 2 (Collecting Personal Information and the Use)
1. Basic function to encounter the service.
- We collect and save the mobile ID Number (including the mobile device ID or UUID) by checking the Unique Identification Number of user’s account for the purpose of verifying the user’s account.
2. Fulfillment of contract as a game service provider and balancing the Charging and Setting.
- We provide free/premium contents, purchased goods, self-authentication system, age authentication, finalization of what is bought and paid accordingly, balanced charges and collection of the uncollected charges.
3. User Management
- We require Self-Verification upon using the service, User-Verification before the access to the account of the game service, Individual Identification, Prevention of Mod-program and Abusing any content of the game, Approval of Joining the game service, Limits to creating multiple accounts, Preservation of records of Personal information for further authentication and dispute conciliation, handling of complaints and civil affairs, and conveyance of notification.
4. Development of New Service and Marketing/ Advertisement.
- We may refer to user’s personal information not only to develop new contents but also provide customized services. Our service bases on the statistic in-game data which can be used for advertising purposes. Also, the validation of service is confirmed before the release. The personal information can be a source to be referenced to use in creating any events or advertisements for users to participate. Access frequency of users and other types of similar information can be used as statistical information to research the state of service use.
Article. 3 (Sharing of User’s Information)
1. We use personal information of users in the boundary of ‘Collecting Personal Information and the Use’ and there would be no situation where we over-use such information without the consent of users or reveal it to 3rd person. However, exceptions may be aroused as
- We gain user’s consent.
- We process the personal information as illegible to protect the privacy of individuals for the purpose of statistical data use.
- We meet the situation where we have to accept the request of investigating agencies to follow certain procedures.
2. Despite Article 1, the company share personal information with our affiliates. International transfers with our affiliates outside the EEA, are governed by EU Commission-approved Standard Contractual Clauses for Controllers and, where relevant, for Processors.
3. In the case that is inevitable for affiliate companies to provide user’s information to the limited extent, we share or provide such information after having the consent from users about to whom and what information we are sharing with in what purpose and for the purpose of providing various kind of service.
Article. 4 (Charges of Personal Information and Transfer to Other Countries)
1. In principle, the Company does not entrust other companies for handling of personal information of users.
2. Despite Article 1, the company can entrust other companies for better managing and handling some of the personal information much smoother as follows. Also, it can be safely managed in accordance with the privacy laws.
- Contractor: Payment Market, Payment Agency (Thailand / Vietnam only)
- Business contents: Payment agent and identity verification
- Period: Till the moment of the termination of service or termination of consignment contract
3. The Company will not transfer the personal information of users to outside the country without the consent of the user.
Article. 5 (Period of possessing and using personal information)
In principle, the personal information of the user is destroyed without delay when the purpose of collecting and using the personal information is achieved. However, the following information will be kept for the period specified below for the following reasons.
1. In order to prevent fraudulent use in accordance with the internal policy of the company, the personal information will be kept for one year after the contract termination. After this period, the user's personal information will be completely deleted.
2. In the case of investigations or investigations related to the violation of related laws and regulations, the information of the users will be preserved until the end of investigation.
3. If there is a claim-obligation relationship between the company and the user, the personal information of the user is retained until the settlement of the relationship is resolved or complete.
4. When it is necessary to preserve the information according to the related laws and regulations such as commercial law, consumer protection law in e-commerce, etc, the company keeps user information for a certain period determined by related laws and regulations. In this case, the company will only use the information it keeps for the purpose of storing it, and the period of preservation is as follows.
- Records on contract or withdrawal of subscription (Reason for preservation: Consumer Protection Act on Electronic Commerce, etc., Preservation period: 5 years)
- Records on provision of goods and any information about the payments (Reason for Preservation: Consumer Protection Act on Electronic Commerce, etc. Preservation period: 5 years)
- Records on complaints or disputes with consumers (Reason for Preservation: Consumer Protection Act on Electronic Commerce, etc. Preservation period: 3 years)
- Date and time of telecommunication, open•end time, user id, frequency of use, location tracking records for the origin from the base station (Reason for Preservation: Communication Confidentiality Protection Act, Preservation period: 1 year)
- Record of identification (Reason for Preservation: Act on the Promotion of Information and Communications Network Utilization and Information Protection, etc. Preservation period: 6 months)
- Records on displaying and advertising (Reason for Preservation: Consumer Protection Act on Electronic Commerce, etc. Preservation period: 6 months)
- Records on the visiting the company (Reason for Preservation: Communication Confidentiality Protection Act, preservation period: 3 months)
Article. 6 (Procedures and Methods of Destroying Personal Information)
In principle, the personal information of a user is destroyed without delay when the purpose of collecting and using the personal information is achieved. The procedure and method are as follows.
1. Destruction procedure
- The information entered by the user to join the service is transferred to a separate DB after the purpose is accomplished and stored for a certain period of time according to the internal policy and other related laws and regulations (see the period of possession and use).
- Personal information will not be used for any other purpose other than that held by law.
2. Destruction method of Personal information
- Paperwork is destroyed by crusher or by incineration.
- Any form of electronic file is deleted using a technical method that cannot play the record.
Article. 7 (Rights of Users and Legal Guardians, and How to Act)
1. Users and legal guardians can view or modify personal information of users who are registered at any time, or users who are under 14 years old, through platform operators or the open market operators, to request termination of services through logging- out and deleting process of applications.
2. In order for the user to check his / her personal information that is not owned by the company, the company shall compare the subscription history that the company has to the other personal information that user’s platform operator or the open market operator providing the service. match them so that the company can verify the user’s identification.
3. The Company shall not use or provide personal information until the correction is completed if the user requests for correction of errors in the personal information. In addition, if wrong personal information has already been provided to a third party, the Company will promptly notify the third party of the result of the correction and allow the correction to be made.
4. The Company treats personal information that has been revoked or deleted at the request of the user or legal guardian as specified in Article 5, "Period of possessing and using personal information", and is prohibited from being viewed or used for other purposes.
5. Your California Privacy Rights
California Civil Code Section 1798 allows California residents to have the right to request (a) information identifying any third party to whom the company may have disclosed (within the previous calendar year) his/her personal information for that third party’s direct marketing purposes; and (b) a description of the categories of personal information disclosed. If you are a California resident and wish to obtain such information, please send a request email toCS@hivecreative.co.jp.
6. Privacy Rights for California Minors
California residents under the age of 18 having a registered account, have the right to request removal of any content or information that he or she posted anywhere within our Services, such as public forum or message boards in our Websites or Applications. To request removal of such information, you can contact the company at CS@hivecreative.co.jpstating that you reside in California. Please be aware that the removal of your information or content may not be complete or comprehensive, and residual copies of such removed information or content may remain on our servers. In addition, we are not obligated to remove any posted content or information that has been copied or reposted by a third party, that has been rendered anonymous, or that we are required to keep by law.
Article. 8 (Technical and administrative protection measures of personal information)
The Company takes the following technical and administrative measures to ensure the safety of personal information in order to prevent personal information from being lost, stolen, leaked, altered or damaged. However, the Company cannot guarantee 100% protection for the loss or corruption of the above personal information due to the process of transmission of the user's personal information or the attack by Hackers and other 3rd entity.
1. Measures against hacking
- The company is doing its best to prevent personal information from being leaked or damaged by hacking or computer virus. In order to prevent damage to personal information, we backup the data from time to time to prevent personal information or data from being leaked or damaged, and we can securely transmit personal information over the network through encrypted communication. We use intrusion prevention system to control unauthorized access from the outside, and try to have all possible technical devices to ensure security in other systems.
2. Minimization of the staff handling such information and the training.
3. Establishment and enforcement of internal management plan
- The Company has established and implemented an internal management plan for the safe management of personal information.
4. Operation of personal information protection organization
Article. 9 (Chief Manager of Personal Information)
In order to protect your personal information and to handle relevant complaints, and for the purpose of the GDPR, the Company has designated a Chief Manager of Personal Information as described below.
[Chief Manager of Personal information]
Position: Director of Business
Name: Yang-il Kim
Article. 10 (Obligation of Notification)