Playio is a play-and-earn mobile application owned by GNA Company Corp. At GNA Company Corp, we understand that your personal data matters and we are committed to protecting your privacy. We take the responsibility of handling your data seriously, and we are dedicated to ensuring that your information is safe and secure. This privacy policy is designed to provide transparency to you (“you”, “User,” or “Users,”) with details of how we (“we”, “us”, “our” or “Playio”) collect, use, and protect your personal data when you use our mobile app, website, products, and services (the “Services”).

Any data that we collect is used to primarily provide the Services, which are focused on providing you with the best options for rewards or game recommendations.

This Privacy Policy becomes effective when you click the 'ACCEPT' button during the Playio account creation process, indicating that you have read and understood the terms of this policy. If you are under 18 or do not agree with these terms, you are not permitted to register for a Playio user account.

Please note that it is important to check this page periodically to stay up-to-date with the most current version of the Privacy Policy. We reserve the right to modify or change the policy at any time, and if we do so, we will update the 'Last Updated' date and notify users of any changes through the mobile app. If you find the modified Privacy Policy unacceptable, please refrain from using the Services.

We collect the following types of information when you use the Services:

• Account information: We collect the information you provide when you are creating or modifying your account. This includes your name, age, gender, date of birth, email address, phone number, and social media profile. We will also collect your IP address and Google Advertising ID (together, “the ID”).
• Third-party services: If you sign up using third-party services, such as Google or Facebook, we will import your first and last name from the said services.
• Your actions & interactions: When you use our Services, we may collect information about how you interact with the games that are advertised on our platform. This may include data related to i) achievements, ii) in-game purchases, iii) other apps on your device, iv) the time you spend playing games, v) the Gems you’ve earned in Playio, and vi) the game experience earned (collectively “Gamer Profile”). By using our Services, you acknowledge and agree that your Gamer Profile information, as defined in our Privacy Policy, may be visible to other users via the social networking features within the app
• Automatically collected information: In order to provide our services, we collect certain information that is required for their functioning. This information is automatically collected and cannot be disabled by users, including those who access Playio as a guest. The types of information that are automatically collected include aggregated usage data, session ID, the date and time of access to the mobile app, as well as device information and geolocation data.

We will only collect, use, and process your personal data for the specific purposes described in this Privacy Policy, and will not use your information for any other purposes.

• Account creation
• Providing, maintaining, and improving the Services
• Processing and shipping the items you have purchased on Playio Shop
• Enabling you to redeem rewards through our application
• Performing internal operations, such as conducting data analysis, testing, research, and troubleshooting software bugs and operational problems
• Monitoring and analyzing usage trends
• Personalizing ads to provide you with better recommendations of advertised games and to help you earn rewards
• For legitimate interests under section 6(1)(f) of the General Data Protection Regulation (GDPR), including fraud prevention purposes, protection against abuse of our Services, and to guarantee that the use of our Services is in accordance with Playio’s Terms of Service.
• Communicating with you about our products, services, promotions, and news (We only send these materials if we have your consent and you can unsubscribe at any time.)

We may use and disclose your personal data to the extent necessary to enforce the terms of any agreement between you and Playio or to protect the rights, property, or safety of any person or entity. Additionally, we may be required by law to disclose personal data, specifically in response to a demand from government authorities.

To protect your privacy and security, Playio employs secure methods to delete personal information. Any physical records of personal information are securely shredded, and electronic files are deleted using methods that render them unrecoverable. In addition, our Terms of Service state that if you do not use the Service for at least one year, your inactive account may be terminated and your personal data destroyed to further ensure your privacy and security.

We will only retain personal information for as long as it is necessary to provide you with the Services, or as required by law. When you delete your account, all personal information will be deleted, except as required by law. To ensure that we maintain accurate records, we may retain personal data for an additional twelve (12) months after deletion for administrative or accounting purposes.

Under certain circumstances, we may anonymize your personal data so that it cannot be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice or consent.

At Playio, we take the privacy and safety of children seriously. Our Services are designed to comply with specific requirements relating to children's privacy, including the Children's Online Privacy Protection Act (COPPA) applicable in the United States. COPPA requires website operators or online services to obtain verifiable parental consent before collecting personal information from children under the age of 13.

To ensure compliance with COPPA, we restrict the use of our Services to individuals aged 13 and above. We do not knowingly collect or retain personal information from children under 13 without verified parental consent. If we become aware that we have collected personal information from a child under 13 without parental consent, we will promptly delete that information.

If you believe that we have collected or received personal information from or about a child under 13, please contact us at [email protected] We take such reports seriously and will promptly investigate and take appropriate action to ensure that our Services remain compliant with COPPA and other applicable laws and regulations related to children's privacy.

Ensuring that the personal information we hold about you is accurate and up-to-date is important to us. Please inform us promptly if your personal information changes. Under applicable law, you have the right to access and correct the personal information that we hold about you.

If you wish to make a request to access or delete your personal information, please email us at [email protected] (see below for a description of the specific rights with respect to accessing and deleting information that is provided to California, European, Japanese, and Korean residents). Upon receipt of your request, we will make every effort to provide you with this information in an electronically readable format within a reasonable time. However, we may not be able to accommodate your request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

To ensure the security of your personal information, we may ask you to provide specific information to verify your identity and confirm your right to access or modify your personal information. However, there may be instances where we are not able to provide you with access to all or some of your personal information as required by applicable laws or if we have deleted or anonymized your personal information in accordance with our record retention policies. In such cases, we will inform you of the reasons for our inability to comply with your request, subject to any legal or regulatory restrictions.

We will provide access to your personal information when requested; however, there are exceptions set out in applicable privacy legislation. Some examples of such exceptions include:

• Information that is protected by solicitor-client privilege.
• Information that is part of a formal dispute resolution process.
• Information that pertains to another individual and would reveal their personal information or confidential commercial information.
• Information that is prohibitively expensive to provide.

If you are would like to correct the information provided or concerned about our responses, please refer to "Contact Information and Challenging Compliance" below on how to contact us.

If you wish to withdraw your consent to the collection of your personal information, please send a written request to [email protected] We will stop processing your personal information within a reasonable time upon receiving notice of the revocation of your consent. However, please be aware that withdrawing your consent may result in the loss of access to the Services and benefits you have earned. You may also request we delete your account. However, any in-app information (such as Gems, Hearts, and Coins) will be lost. We will send you an email asking for confirmation before deleting your account, as described in the Data Retention section above.

You will receive promotional messages from us only if you have given us consent to do so. You have the option to unsubscribe from receiving promotional messages by following the instructions provided in those messages. However, even if you opt out of receiving promotional messages, we may still send you non-promotional communications, such as those related to your account, the Services you have requested, or our ongoing business relations.

We will not sell, rent, share, or disclose to outside parties the information we collect, save and except for that we may share the collected information with other parties as follows:

• Affiliated Service Providers: We have agreements with various affiliated service providers to facilitate the rendering of our Services. All administrative service providers that we use are required by contract to have the same level of privacy protection as we have and will follow the standards of this policy. These providers will never be permitted to use your data beyond the scope of our engagement with them.
• Third-party advertisers. We have advertisement agreements with various mobile game studios to facilitate the rendering of our Services and provide you with offers we feel you may be interested in. We do not share your personal information with these mobile game studios but rather use a service provider to measure the outcomes of the advertising campaign with the mobile gaming studio. All data associated with the campaign is collected, processed, and then deleted by our service provider in accordance with our agreement with them. If you choose to download a game and provide your personal information to the mobile gaming studio, please know that we do not control their data processing practices and recommend that you review their privacy policies before sending personal information to them.
• Statistical Analysis: We may share anonymized User ratings and reviews of apps and aggregated anonymized information with third parties, including but not limited to, statistical, machine learning, advertising, or marketing purposes.
• Transactions: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition, or in any other situation where personal information may be disclosed or transferred as one of our business assets. However, under no circumstances will such transactions result in your information being used for other purposes than those for which you gave us your consent.

For additional information regarding the type of third-party services that are used, please review the categories of personal information that we may share with third-party service providers and our business and commercial uses of such personal information on the Playio Privacy Center at https://www.Playio.co/privacy-center

The General Data Protection Regulation (GDPR) 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). There are three major laws regulating data protection and information privacy in Switzerland: Article 13 of the Swiss Constitution, the Federal Act on Data Protection (DPA), and the General Data Protection Regulation (GDPR). The following section provides additional information regarding the lawful basis and purpose for data processing and specific rights regarding your personal data.

As a resident of the EEA, SUI & UK, you should know that the purposes of our data processing activities are being conducted on the following so-called “legal grounds:”

• where it is necessary for us to fulfill a contract between you and us (processing information for purposes of creating your account);
• where it is necessary based on our legitimate interests to process your data (for purposes of fraud prevention, to recommend specific games or to improve the Services we provide to you); or
• where it is necessary to comply with our legal obligations such as for accounting or tax purposes.

As a resident of the EEA, SUI & UK, you also have certain specific rights regarding your personal data. You are free to exercise any of these rights by contacting us or as specified herein:

• Access: You have the right to request a copy of the personal data that we process about you. However, there are exceptions to this right, so access may be denied if, for example, making the information available to you would adversely affect the rights and freedoms of another person, or if we are legally prevented from disclosing such information.
• Accuracy: We aim to keep your personal data accurate and complete. We encourage you to keep us informed about changes that you would like reflected in our records.
• Objecting: In certain circumstances, you have the right to object to the processing of your personal data. You may ask us to block, erase or limit the use or other processing of your personal data.
• Data Portability: You have the right to request that some of your personal data be provided to you, or to another provider should you wish to stop using our Services in favor of another, in a machine-readable format.
• Erasure: You have the right to erase or request that we erase your personal data when it is no longer necessary for the purposes for which it was collected or if you think it has been used unlawfully.
• Complaints: You have the right to complain to the applicable data protection authority, or to seek a remedy in court.

The California Consumer Privacy Act (CCPA) gives Californian consumers the right to know, delete, and opt out of the sale of their personal information. As a consumer, you have the right to request, free of charge and twice a year, information about parties to whom we have disclosed or sold your personal information in the previous year, and a description of the categories of personal information shared. Additionally, upon request, we shall provide you with information relating to your personal information and our processing of it in an easily accessible form. To make such a request, please email [email protected] with the subject line "Personal Information Privacy Request," your name, address, and email address, as well as the Service you are inquiring about.

You may also request to have your personal data deleted from our platform. If we receive a deletion request, we will ask whether you want your personal information to be removed entirely or if you want to be kept on a list of individuals who do not want to be contacted in the future (for a specified period or otherwise). Please note that we cannot keep a record of deleted personal information, so you may be contacted again by us if we come into possession of your personal information at a later date. We will honor requests to know and requests to delete within 45 days, and if we require more time to respond, we will notify you.

The CCPA enables California users to appoint an authorized agent to act on their behalf to submit disclosure or deletion requests under the CCPA. The authorized agent must be registered with the California Secretary of State. To honor a request from an authorized agent, we require written authorization from the user, and we will verify the identity of the user and the agent's proof of authorization.

Below is a chart of the personal information categories, sources, and business and commercial uses as defined by CCPA Sec. 1798.140(o) that we may collect, use, and disclose:

CATEGORY	NAME/DESCRIPTION	1. SOURCES	2. BUSINESS USE	3. COMMERCIAL USE
A	Identifiers - name, email, postal and IP address, unique personal identifier, online identifier, Internet Protocol address, account name, phone number	User provided on registration and upon redeeming points using online shop, customer service inquiries and claim forms; related and 3rd party sources to verify user supplied information, selfie in video format	Operational purposes including customer service; fraud & security incidence detection; website improvement; award prize winners	None
B	Protected classification characteristics under California or federal law	Age and Gender	Recommend suitable Games	None
C	Internet or similar network activity -browsing and search history, information on a consumer’s interaction with a website, application, or advertisement	System collected activity logs and cookies	To determine performance of media content and analytics purposes	None
D	Geolocation data	Country Identified using IP Address	Recommend Games for Country	None
E	Inferences drawn from other personal information	Profile reflecting a person's preferences	Recommend Games based on preference	None

Playio has collected, will collect, and has disclosed the personal information described in the categories above during the last year for business purposes. If you choose to exercise your rights under the CCPA, we will not discriminate against you in any way.

Browsers “Do Not Track” Signals. Most browsers have a "do-not-track" setting that allows users to indicate that they do not want their online behavior and personal information to be tracked and used for interest-based advertising by notifying other websites. As required by CalOPPA, we are required to inform you that, as in case of the most websites, we do not alter our behavior or honor requests when a user activates the "do-not-track" setting on their browser while using one of our Websites.

We may transfer your personal information overseas as described below. Your personal information will be transferred overseas in accordance with the Korean PIPA and Network Act privacy requirements via an information communication network and will be retained and used until the relevant purpose is achieved.

COMPANY NAME	COUNTRY	CONTACT OF EMPLOYEE OR DEPARTMENT RESPONSIBLE FOR MANAGING PERSONAL INFORMATION AND LINK TO PRIVACY POLICY	DATE AND TIME OF TRANSFER	PURPOSE OF TRANSFER	PERSONAL INFORMATION ITEMS TO BE TRANSFERRED
Amazon Web Services, Inc.	U.S.A	Amazon.com	Upon accessing and using Playio services	Hosting and data security and management services for the personal data that we store. Also used for analytics to monitor and track the reliability of the Services	mobile application account data such as name, email, mailing address, age, gender, language, social media profiles, application installed, time spent using an application, IP address, Google Ad ID, OS version, device model
Adbrix	South Korea	Igaworks.com	Upon accessing and engaging with an ad and using Playio services	Advertising, rewards, and fraud detection	Mobile application Google Ad ID, IP address, age, device model, OS version
Adjust	U.S.A	EmailAdjust.com	Upon accessing and engaging with an ad and using Playio services	Advertising, rewards, and fraud detection	Mobile application Google Ad ID, IP address, age, device model, OS version
AppsFlyer	U.S.A	Appsflyer.comEmail	Upon accessing and engaging with an ad and using Playio services	Advertising, rewards, and fraud detection	Mobile application Google Ad ID, IP address, age, device model, OS version
Singular	U.S.A	Singular.netEmail	Upon accessing and engaging with an ad and using Playio services	Advertising, rewards, and fraud detection	Mobile application Google Ad ID, IP address, age, device model, OS version
Facebook	U.S.A	Facebook.com	Upon accessing and using Playio services	Used for business analytics to better understand how users interact with Playio Services	Google Advertising ID
Google	U.S.A	Google.com	Upon accessing and using Playio services	Used for business analytics to better understand how users interact with Playio Services	Google Advertising ID

The protection of your personal information is a top priority for us at Playio. We have implemented physical, electronic, and administrative measures to safeguard your personal information from accidental loss and unauthorized access, use, alteration, or disclosure. All information you provide to us is stored on our secure servers located on Amazon AWS in the United States and is protected by firewalls.

However, it is important to note that the transmission of information over the internet is not entirely secure and may be subject to interception or hacking. While we strive to protect your personal information, we cannot guarantee the security of information transmitted to or from our Services, and any transmission is at your own risk. We recommend that you take steps to protect your own information, such as using strong passwords and keeping them confidential.

Our Services may contain links to external websites or apps (such as Google Play Store), including third-party content that we do not control. These third-party websites or apps may have different privacy and data collection practices from ours. We are not responsible for the privacy policies or practices of any third-party websites or apps that may be linked to or from our Services.

We encourage you to read the privacy statements of each and every website or app you visit, especially those that collect personal information before you provide any personal information. We do not endorse, and we are not responsible for, the privacy practices or the content of such websites or apps, nor do we guarantee the accuracy, completeness, or usefulness of any information contained on such websites or apps.

We are based in Korea and the information that we process is protected by Korean privacy laws. The information that we collect may be transferred, stored, or used in other jurisdictions, such as the United States, where some of our service providers may be located. While we protect your information by choosing appropriate service providers and having contractual safeguards in place with those vendors, the privacy laws in such jurisdictions may not be as protective as in, for example, Korea or the EEA, SUI & UK, and may be subject to access by foreign governments, with or without your knowledge.

The information collected in the EEA, SUI & UK is transferred and stored behind firewalls on our secure servers that are located on Amazon AWS in the United States in accordance with the GDPR adequacy standards. Any other transfers to third countries will be done using mechanisms such as the “model clauses”.

As a user of our Services, you agree to comply with our Terms of Service, which include this Privacy Policy. You can find our Terms of Service at the bottom of most pages on the Playio website. Please read these documents carefully to understand our practices, policies, and terms and conditions that govern your use of the Services.

We have procedures in place to receive and respond to complaints or inquiries about our handling of personal information, our compliance with this policy, and applicable privacy laws. To discuss our compliance with this policy, please contact us at:
GNA Company Corp.
8, Bangbae-ro 27-gil, Seocho-gu, Seoul, Korea, 06572
or via email at [email protected]