Playio Privacy Policy (ver 1.2)

Last updated: 2023.10.05

 

This policy describes how Playio ("Playio" or "the Company") collects, uses, discloses, or processes the personal information of users ("users" or "you"). Personal information refers to any information that can directly or indirectly identify you and may vary slightly depending on the applicable laws in your location. This policy also covers other information obtained from users who utilize Playio's website, mobile apps, products, and services ("the Services"). Examples of personal information include your name, email address, gender, age, and other relevant information about you.

 

This policy becomes effective when you click the "ACCEPT & CONTINUE" button during the Playio account creation process, signifying that you have read and understood the contents of this policy. If you do not agree to this policy or if you are under the age of 12, certain benefits of using the Services may be restricted.

 

Playio ("the Company") strictly adheres to domestic privacy laws, such as the Personal Information Protection Act, from the planning to the completion of the service. Additionally, the Company complies with international standards, such as the OECD Privacy Guidelines, to provide the Services.

 

The Significance of a Privacy Policy:

This Privacy Policy holds the following important meanings:

  • Playio transparently provides information on what information is collected, how the collected information is used, with whom it may be shared ('outsourced or provided'), and when and how the information is deleted upon achieving its purpose.
  • As data subjects, users are informed of their rights regarding their personal information and how to exercise those rights through the appropriate methods and procedures.
  • In the event of a personal data breach, users are informed of whom to contact and what assistance is available to prevent further damage and recover from any existing harm.
  • It establishes the rights and obligations between Playio and users regarding personal information, serving as a means to protect users 'right to self-determination of personal information.'

 

Please regularly visit this page to review the latest version of the Privacy Policy. We reserve the right to modify or amend the Privacy Policy, and if we do, we will update the "Last Updated" date and notify users of any changes through the mobile app. If you do not agree to the modified Privacy Policy, please refrain from using our services.

 

The Types of Personal Information Collected and the Methods of Collection

To ensure smooth operation services, our Company collects the following personal information:

 

Users have the right to refuse the collection and provision of the personal information listed below. However, depending on the nature of the refusal, it may be difficult for us to provide certain aspects or the entirety of the service. When users utilize the Playio service, we also collect information regarding how users interact with games that have advertisements posted on our platform. The types of information we collect are as follows:

i) Unlocked achievements

ii) In-game purchases,

iii) Other apps on your device

iv) Your game time

v) Units obtained by you in Playio

vi) Your game experience (referred to collectively as "User Game Profile").

User Game Profiles are displayed to other users through social networking chat features.

 

Commonly Collected Items:

  • Account Information: Email (Google ID information and Facebook ID information), encrypted password, mobile phone number
  • Service Usage Records: User activity logs, IP information, cookies, advertising identifiers
  • Residence country, preferred language
  • User Nickname, feedback, inquiry information
  • Friend information

 

Additional Description of Collected Items:

  • IP Address: An IP address is an online address assigned by an internet service provider to the user's device, such as a mobile phone, when connecting to the internet. Whether an IP address is considered personal information may vary depending on different countries' perspectives.
  • Service Usage Records: This includes the Playio access date and time, a list of services used, and all normal or abnormal logs generated during the process of using the services. It also encompasses activities such as inviting friends, purchasing items from the store, inquiry and consultation history, and community usage history.

 

Automatically Generated Information:

During the user's use of the service, the following information may be automatically generated and collected. The information collected as described above may or may not qualify as personal information depending on its association with identifiable individuals.

  • Total usage information, session ID, mobile app access time and date, device information, geographic location information, IP address, cookies, visit timestamp, service usage history, records of sanctions due to improper service usage, device model name, device operating system information, device unique identifier, device firmware version, carrier information, network-based location information, device unique token value.

 

We use your data for the following purposes:

  • Account creation
  • To provide, maintain, perform, and improve the Services;
  • To ship items that you have ordered from our online shop;
  • Enabling you to redeem rewards earned on our platform;
  • To perform internal operations, including, conducting data analysis, testing, and research and troubleshooting software bugs and operational problems;
  • To monitor and analyze usage and activity trends;
  • Personalization of ads to provide you with better recommendations of advertised games in your country and to help you earn rewards; and
  • For legitimate interests under section 6(1)(f) of the General Data Protection Regulation (GDPR), including fraud prevention purposes, protection against abuse of our Services, and to guarantee that the use of our Services is in accordance with Playio’s Terms of Service.
  • To communicate with you about our products, services, promotions, and news (we will only send you these materials if we have your consent. You can unsubscribe at any time)

Additionally, personal data may be used and disclosed to the extent Playio may deem reasonably necessary to enforce the terms of any agreement between you and Playio or to protect the rights, property, or safety of any person or entity, or if required by law, specifically in response to a demand from government authorities.

 

We will also use your information to create de-identified statistical and analytical data

The Company collects the above automatically generated information through the following methods:

  • Collection through User Input: We collect information through user input, including during the process of registration, user profile modification, profile information registration and modification, usage of our website and mobile app services, filling out physical forms, fax, phone calls, text messages, customer service inquiries, emails, event participation, and posting on Community bulletin boards.
  • Collection with User Consent: We may collect information through user consent, which includes the use of data generation tools, the information provided by collaborative/partner/agency companies, and the utilization of platform APIs to ensure the smooth provision of services.

 

Under the "Collection with User Consent" section, depending on the functionality that users wish to utilize for normal service provision, with the user's consent, the following information may be accessed or collected through Google API, and Facebook API, either in whole or in part:

  • Common: Login information, User Profile
  • Application installation: Product model, operating system and version, device settings information

 

However, if a user utilizes a third-party service account, rather than a direct account provided by our Company, and integrates/links it with our service, the login identification information, profile information, friend status, and other account-related information will not be processed by our Company. Instead, such information will be handled by the respective third-party service provider.

 

Furthermore, our Company may use cookies (or similar technologies) when users utilize the service. Cookies are small data files that are downloaded and stored on the user's device. They are used by the company to provide and enhance the functionality of the service in a secure and seamless manner. They also help the Company obtain and identify information regarding the user's preferred usage patterns and settings.

Other:

As of the last modification date of this Privacy Policy, personal information classified as unique identifiers under Article 24, Paragraph 1 of the "Personal Information Protection Act" and Article 19 of the regulatory "Enforcement Decree of the Personal Information Protection Act," such as resident registration numbers (foreigner registration numbers), passport numbers, and driver's license numbers, will be encrypted and securely managed. They will not be used for purposes other than those notified in advance or purposes mandated by law.

 

The company may selectively request the input of personal information for statistical analysis or the provision of prizes during surveys, events, and other occasions. Even if the user agrees to receive advertising emails within DMs, newsletters, and notifications sent by the Company, the Company may selectively request the input of personal information. Such information will also be managed in accordance with this Privacy Policy.

 

For dispute prevention among users and members, proper information provision, and prevention of various potential side effects, the Company may request real-name authentication from users.

 

Regarding user interactions, information exchanges, and shared usage with other users on the service, the Company processes content and information created by users on the service, as well as other content and information provided by users and usage history within the service. This includes the user's service usage history, purchase history, connections with other users, and malfunction information.

 

The purpose of using the collected personal information:

  • App/Web Service Provision and Registration:
  • Verification and identification of members for membership service operation
  • Authentication of users' identities
  • Prevention of fraudulent and unauthorized use by malicious members
  • Confirmation of user registration, maintenance, and withdrawal intentions
  • Verification of service usage history

 

Service Maintenance, Execution, and Improvement:

  • Delivery and provision of items ordered from the company's online store
  • Redemption of rewards obtained from the company's platform
  • Performance of internal operations, including software bug and operational issue resolution, data analysis, testing, and research
  • Monitoring and analysis of user usage and activity trends

 

Communication with Users:

  • Communication with users regarding the company's products, services, promotions, and news

 

Compliance with Legal Obligations:

  • Fulfillment of legal obligations, investigation of violations of relevant laws and terms and conditions

 

Protection of Rights and Safety:

  • Use or disclosure of personal information to the extent deemed necessary by the company to fulfill the contractual conditions between Playio and users, protect the rights, property, or safety of individuals or organizations, respond to government requests, or comply with legal requirements.

 

Playio may use the collected personal information in an anonymized form to generate statistics, conduct scientific research, and preserve records for the public interest. In this case, the anonymized information is stored and managed separately from additional information to ensure non-identifiability and appropriate technical and managerial safeguards are implemented.

 

We use this information exclusively for the purpose of fraud prevention and to ensure that prizes are not earned through bots, automated processes, or fraudulent use of software. Upon redeeming a reward from our Shop, you will be prompted to provide a phone number, which is linked to your user account to ensure the uniqueness of your user registration within the mobile application. If you do not want to redeem a reward from our Shop, you can use all other features of the mobile application without providing your phone number.

 

Handling Complaints:

  • Operation of the customer service center, handling complaints, processing inquiries, delivering notices
  • Record retention for dispute resolution

 

Marketing and Advertising:

  • Development of new services (products) and improvement/update of existing services (products)
  • Information on new services and improvements to existing services
  • Sending newsletters, advertising materials such as events, providing personalized services and advertisements based on demographic characteristics
  • Gathering statistics on members' frequency of access and service usage
  • Notifications for coupons, events, and gifts.

Processing and Retention Period of Personal Information

The Company processes and retains personal information collected from members for the duration of their membership. Once the purpose of processing personal information is achieved, it is promptly destroyed. However, in cases where prior consent has been obtained from members or in other exceptional circumstances as described below, the company may retain personal information for a certain period of time according to the relevant items.

 

In cases applicable to the Act on Consumer Protection in Electronic Commerce, etc.:

  • Records related to contracts or withdrawal of offers: 5 years
  • Records related to consumer complaints or dispute resolutions: 3 years

In cases applicable to the Electronic Financial Transactions Act:

  • Records related to electronic financial transactions: 5 years

In cases applicable to the Act on Protection of Communications Secrets:

  • Login records: 3 months

In the case of termination of the service agreement:

For the purpose of preventing service confusion, cooperating with investigative agencies, preventing unauthorized use and re-registration of problematic members, and resolving disputes, the following information is retained:

  • Name, username, contact information, records of unauthorized use (service records, logs, cookies, access information): 3 months
  • Personal information is retained during the 7-day withdrawal grace period.
  • Personal information is retained for 3 months from the date of withdrawal before being disposed of.

In the case of an account being converted to a dormant status:

  • If a Playio account remains inactive for a period of 6 months or more, it will be converted to a dormant account according to the terms and conditions. During this time, personal information will be retained.
  • If the account remains unused for a period of 12 months or more, it will be processed for account deletion and personal information will be disposed of accordingly.

If customer consent is obtained:

  • The personal information will be retained until the agreed-upon period of consent.

In the case of ongoing investigations or inquiries due to a violation of relevant laws and regulations

  • The information will be retained until the conclusion of such investigations or inquiries.

If there are any outstanding rights or obligations related to the company's services

  • The information will be retained until the point of settlement of those rights or obligations.


 

Disclosure of Personal Information to Third Parties

The Company collects, processes, and provides users' personal information within the scope described in this privacy policy and does not exceed or provide it to third parties without the user's prior consent. However, the Company may provide personal information in the following cases:

  1. User Consent for External Affiliates: If the user directly consents to the provision of personal information for the use of services provided by external affiliates.
  2. Legal Obligations: If there is an obligation to submit personal information to Playio under the law.
  3. Urgent Life or Safety Circumstances: If it is necessary to provide personal information to alleviate urgent risks to the life or safety of the user.

However, in cases where the customer's consent is obtained, special provisions of the law apply, or other circumstances as listed below, the Company may provide information to third parties.

 

  • Affiliate Service Providers: The Company has entered into contracts with various affiliate service providers to facilitate the provision of the Services. All management service providers utilized by the Company must maintain the same level of personal information protection as the Company and comply with the standards outlined in this policy. These service providers are not allowed to use your information beyond the scope of the contract with the Company.

 

[Affiliate Service Providers]

 

Company Information

Purpose of Use

Information Content

Data Retention Period

2Byte

Information for Customer Service Inquiries Processing

Member Nickname, Device Information, Inquiry Details, Android Version Information, Playio Service Usage History

Upon withdrawal of membership or termination of the outsourcing agreement

ADforus

User Identifier, Name, Email, Phone Number

NASMEDIA

User Identifier, Name, Email, Phone Number

 

  • Third-party Advertisers: We have entered into advertising agreements with various mobile game studios to facilitate the provision of our services and suggest content that may be of interest to you. We do not share your personal information with these mobile game studios. Instead, we use service providers to measure the results of advertising campaigns with mobile game studios. All information related to these campaigns is collected, used, processed, and deleted in accordance with the agreements between the service providers and us. If you choose to download games and provide personal information to mobile game studios, we do not control their information processing methods. We recommend reviewing the privacy policies of those mobile game studios before transmitting any personal information.
  • Statistical Analysis: We may share anonymized user analytics, app reviews, and anonymized information statistics with third parties for purposes including but not limited to statistics, machine learning, advertising, or marketing.
  • Transactions: In the event of a merger, asset transfer, fundraising, acquisition, or other related situations or negotiations, personal information may be disclosed or transferred as part of our business assets. However, under no circumstances will your information be used for purposes other than those you have consented to with us.

 

Disposal Procedures/ Methods of Personal Information

 

The company adheres to the principle of promptly disposing of information once the purpose of collection and use has been achieved, the retention period, or reasons for holding the information have expired. However, in accordance with relevant laws and regulations, personal information that needs to be retained will be stored and managed separately from other personal information or personal information files. The separately stored personal information will not be used or provided for purposes other than the specific retention basis for each personal information. The reasons for retention are as follows:

  • Legal or statutory obligations: If the company is required to retain personal information for a certain period to fulfill civil, criminal, or statutory responsibilities or as evidence in legal proceedings, the information may be retained.
  • Compliance with laws: If there are specific legal requirements under the Commercial Act, personal information may be retained for a certain period.
  • Legitimate reasons: If there are other legitimate reasons similar to the above, the personal information may be retained.

 

Afterward, the personal information will be transferred to a separate database (or stored in a separate physical file) and kept for a certain period in accordance with the information protection reasons specified in the privacy policy, internal policies, and other relevant laws and regulations. Subsequently, the information will be securely disposed of.

 

Methods of Disposal

Personal information recorded and stored in electronic file format will be irreversibly destroyed to prevent any possibility of data recovery. Personal information recorded and stored in paper documents will be shredded or incinerated to ensure complete destruction. Additionally, in accordance with our terms of service, if a user does not use the service for a period of one year or longer, their inactive account may be terminated, and their personal information may be disposed of.

 

Please note that the specific methods of disposal may vary depending on the nature of the personal information and applicable laws and regulations. The company will ensure that all disposal methods are conducted in a manner that protects the confidentiality and integrity of personal information.

 

User Rights and Methods of Exercise

 

Members have the following rights related to the protection of personal information, which they can exercise at any time with the company:

  • Right to request access to personal information.
  • Right to request correction if there are errors or inaccuracies.
  • Right to request deletion of personal information (except in cases where the collection of such information is specified as a collection target in this privacy policy or other applicable laws).
  • Right to request withdrawal of consent or cessation of personal information processing (however, it may result in the inability to access certain services or the termination of membership).

Registered personal information can be accessed and corrected through the verification process conducted by the company or through the process of verifying the legal guardian, as determined by the company's procedures. To terminate your account, you can click on the "Account Withdrawal" menu after logging into the application. If you find it difficult to use the methods specified by the company, you can contact the customer center or the Data Privacy Officer through written correspondence or electronic documents such as email, and we will promptly process your request.

 

If a user withdraws their consent for the use of the service, they may no longer be able to continue using the service or receive the benefits obtained through it. Additionally, users can request the deletion of their account. Deleting the account will result in the removal of all acquired goods (gems, coins, hearts) and purchased items. Please note that community posts and comments will not be deleted.

 

Furthermore, if a user requests the correction of personal information due to an error, we will not use or provide the personal information until the correction is completed. If incorrect personal information has been provided to third parties, we will promptly notify them of the correction to ensure that it is updated.

 

Personal information that has been terminated or deleted at the request of the user or legal guardian will be processed in accordance with the provisions of this privacy policy and will not be accessed or used for any other purpose.

 

Personal Information Security 

 

The company has implemented the following measures to ensure the technical and administrative protection of user's personal information, in order to prevent its loss, theft, leakage, alteration, or damage:

 

Access control and authorization management:

The company ensures access to personal information is limited to the minimum necessary scope required for job performance. Each staff member is provided with a unique account, and access privileges are granted based on their respective roles and responsibilities. In case of personnel changes or reassignments, access rights to personal information are modified or revoked accordingly.

 

Furthermore, when data privacy officers or handlers access personal information from external locations, secure connection methods, such as secure VPNs (Virtual Private Networks), are utilized to ensure secure access. Measures are in place to prevent unauthorized individuals from accessing personal information by implementing appropriate security measures on systems and personal computers used for personal information retrieval and processing.

 

Encryption of personal information:

The company ensures that all personal information transmitted or received through information and communication networks or auxiliary storage media is encrypted. Whenever possible, personal information is not stored on work PCs. However, if there are unavoidable reasons for storing personal information, the data is securely stored and processed through encryption. Additionally, in accordance with the Personal Information Protection Act, unique identification numbers (such as date of birth, gender, and foreign registration number), passwords, and sensitive personal information are stored and retained using secure algorithms for encryption.

 

Storage and Prevention of Tampering with Access Logs, and Physical Measures

The company retains the records of personal information processing by personal information handlers for a minimum of 3 months. These records are securely stored to prevent tampering, theft, loss, or deletion.

 

Additionally, the physical storage locations, such as servers, where personal information is stored, are designated as restricted access areas. They are operated in a manner that prevents unauthorized entry. Documents, electronic files, and auxiliary storage media containing personal information are stored in secure locations protected by locking mechanisms or similar security measures.

 

Data Privacy Officer Information

 

The company has designated a Personal Information Protection Manager to protect customers' personal information and handle complaints and grievances related to personal information. If you have any inquiries or requests regarding personal information, such as access or correction, please contact the designated Personal Information Protection Manager through our online customer service or using the contact information provided below.

 

Data Privacy Officer

GNA Company Corp.

8, Bangbae-ro 27-gil, Seocho-gu, Seoul, Korea, 06572

or via email at [email protected]

 

Application of Privacy Policy

 

This Privacy Policy applies to Playio, which is one of the services provided by the company, as well as its related services (including web and app). Separate privacy policies may apply to services provided under different brands.

Additionally, if personal information is collected through services of other companies linked to Playio or Playio-related services, the privacy policy of that specific service will be followed.

 

Playio only requests permissions that are absolutely necessary.

 

[Required access rights]

  • Show above other apps: This permission is needed to display rewards earned during gameplay.
  • Allow access to usage information: This permission is required to provide rewards by checking the usage time of the game app.

[Optional access rights]

  • Contact: This permission allows access to display a list of friends to invite.
  • Camera: This permission is needed to take photos for community and customer center attachments.
  • Files and Media: This permission allows access to attach photos to the Community and Customer Center.

[Data Access]

  • Playio uses data from installed apps for quick game access and synchronization of game lists through the “Continue Playing” feature, and this data is securely transmitted outside the device.

*You can use Playio even if you do not grant optional access rights, but some functions may be restricted.

 

Privacy Policy Revision 

The Company may revise the Privacy Policy at any time. However, in order to ensure the rights of the members, if there are any additions, deletions, or modifications to the content of the Privacy Policy, the company will make efforts to provide prior notice at least 7 days in advance. In the event of significant changes to the collection of personal information or the purposes of use, which affect the rights of the members, the company will provide a minimum of 30 days prior notice.

 

The revised policy will be effective from the time it is posted or separately notified. Therefore, please regularly check the latest version of this policy when using our services.

 

(Effective Date) These terms and conditions will be effective from November 13, 2020.

(Effective Date) These terms and conditions will be effective from July 9, 2021.

(Effective Date) These terms and conditions will be effective from June 15, 2023.

(Effective Date) These terms and conditions will be effective from October 5, 2023.

 

ⓒ Copyright GNA Company Corp. All Rights Reserved.

GNA Company | CEO Jason Choi | 8, Bangbae-ro 27-gil, Seocho-gu, Seoul, Republic of Korea | Company Registration Number: 692-87-01978