Updated 2023. 02. 28
Any data that we collect is used to primarily provide the Services, which are focused on providing you with the best options for rewards or game recommendations.
What Information We Collect
We collect the following types of information when you use the Services:
- Account information: We collect the information you provide when you are creating or modifying your account. This includes your name, age, gender, date of birth, email address, phone number, and social media profile. We will also collect your IP address and Google Advertising ID (together, “the ID”).
- Third-party services: If you sign up using third-party services, such as Google or Facebook, we will import your first and last name from the said services.
- Automatically collected information: In order to provide our services, we collect certain information that is required for their functioning. This information is automatically collected and cannot be disabled by users, including those who access Playio as a guest. The types of information that are automatically collected include aggregated usage data, session ID, the date and time of access to the mobile app, as well as device information and geolocation data.
Purposes of Collecting Your Information
- Account creation
- Providing, maintaining, and improving the Services
- Processing and shipping the items you have purchased on Playio Shop
- Enabling you to redeem rewards through our application
- Performing internal operations, such as conducting data analysis, testing, research, and troubleshooting software bugs and operational problems
- Monitoring and analyzing usage trends
- Personalizing ads to provide you with better recommendations of advertised games and to help you earn rewards
- For legitimate interests under section 6(1)(f) of the General Data Protection Regulation (GDPR), including fraud prevention purposes, protection against abuse of our Services, and to guarantee that the use of our Services is in accordance with Playio’s Terms of Service.
- Communicating with you about our products, services, promotions, and news (We only send these materials if we have your consent and you can unsubscribe at any time.)
We may use and disclose your personal data to the extent necessary to enforce the terms of any agreement between you and Playio or to protect the rights, property, or safety of any person or entity. Additionally, we may be required by law to disclose personal data, specifically in response to a demand from government authorities.
Deleting Collected Information
To protect your privacy and security, Playio employs secure methods to delete personal information. Any physical records of personal information are securely shredded, and electronic files are deleted using methods that render them unrecoverable. In addition, our Terms of Service state that if you do not use the Service for at least one year, your inactive account may be terminated and your personal data destroyed to further ensure your privacy and security.
We will only retain personal information for as long as it is necessary to provide you with the Services, or as required by law. When you delete your account, all personal information will be deleted, except as required by law. To ensure that we maintain accurate records, we may retain personal data for an additional twelve (12) months after deletion for administrative or accounting purposes.
Under certain circumstances, we may anonymize your personal data so that it cannot be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice or consent.
Protecting Children’s Privacy
At Playio, we take the privacy and safety of children seriously. Our Services are designed to comply with specific requirements relating to children's privacy, including the Children's Online Privacy Protection Act (COPPA) applicable in the United States. COPPA requires website operators or online services to obtain verifiable parental consent before collecting personal information from children under the age of 13.
To ensure compliance with COPPA, we restrict the use of our Services to individuals aged 13 and above. We do not knowingly collect or retain personal information from children under 13 without verified parental consent. If we become aware that we have collected personal information from a child under 13 without parental consent, we will promptly delete that information.
If you believe that we have collected or received personal information from or about a child under 13, please contact us at [email protected]
We take such reports seriously and will promptly investigate and take appropriate action to ensure that our Services remain compliant with COPPA and other applicable laws and regulations related to children's privacy.
Right of Access
Ensuring that the personal information we hold about you is accurate and up-to-date is important to us. Please inform us promptly if your personal information changes. Under applicable law, you have the right to access and correct the personal information that we hold about you.
If you wish to make a request to access or delete your personal information, please email us at [email protected]
(see below for a description of the specific rights with respect to accessing and deleting information that is provided to California, European, Japanese, and Korean residents). Upon receipt of your request, we will make every effort to provide you with this information in an electronically readable format within a reasonable time. However, we may not be able to accommodate your request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
To ensure the security of your personal information, we may ask you to provide specific information to verify your identity and confirm your right to access or modify your personal information. However, there may be instances where we are not able to provide you with access to all or some of your personal information as required by applicable laws or if we have deleted or anonymized your personal information in accordance with our record retention policies. In such cases, we will inform you of the reasons for our inability to comply with your request, subject to any legal or regulatory restrictions.
We will provide access to your personal information when requested; however, there are exceptions set out in applicable privacy legislation. Some examples of such exceptions include:
- Information that is protected by solicitor-client privilege.
- Information that is part of a formal dispute resolution process.
- Information that pertains to another individual and would reveal their personal information or confidential commercial information.
- Information that is prohibitively expensive to provide.
If you are would like to correct the information provided or concerned about our responses, please refer to "Contact Information and Challenging Compliance" below on how to contact us.
Withdrawal of Consent to Collect Personal Information
If you wish to withdraw your consent to the collection of your personal information, please send a written request to [email protected]
We will stop processing your personal information within a reasonable time upon receiving notice of the revocation of your consent. However, please be aware that withdrawing your consent may result in the loss of access to the Services and benefits you have earned. You may also request we delete your account. However, any in-app information (such as Gems, Hearts, and Coins) will be lost. We will send you an email asking for confirmation before deleting your account, as described in the Data Retention section above.
You will receive promotional messages from us only if you have given us consent to do so. You have the option to unsubscribe from receiving promotional messages by following the instructions provided in those messages. However, even if you opt out of receiving promotional messages, we may still send you non-promotional communications, such as those related to your account, the Services you have requested, or our ongoing business relations.
Specific Rights for Residents of the European Economic Area and the United Kingdom (“EEA, SUI & UK”)
We will not sell, rent, share, or disclose to outside parties the information we collect, save and except for that we may share the collected information with other parties as follows:
- Affiliated Service Providers: We have agreements with various affiliated service providers to facilitate the rendering of our Services. All administrative service providers that we use are required by contract to have the same level of privacy protection as we have and will follow the standards of this policy. These providers will never be permitted to use your data beyond the scope of our engagement with them.
- Third-party advertisers. We have advertisement agreements with various mobile game studios to facilitate the rendering of our Services and provide you with offers we feel you may be interested in. We do not share your personal information with these mobile game studios but rather use a service provider to measure the outcomes of the advertising campaign with the mobile gaming studio. All data associated with the campaign is collected, processed, and then deleted by our service provider in accordance with our agreement with them. If you choose to download a game and provide your personal information to the mobile gaming studio, please know that we do not control their data processing practices and recommend that you review their privacy policies before sending personal information to them.
- Statistical Analysis: We may share anonymized User ratings and reviews of apps and aggregated anonymized information with third parties, including but not limited to, statistical, machine learning, advertising, or marketing purposes.
- Transactions: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition, or in any other situation where personal information may be disclosed or transferred as one of our business assets. However, under no circumstances will such transactions result in your information being used for other purposes than those for which you gave us your consent.
For additional information regarding the type of third-party services that are used, please review the categories of personal information that we may share with third-party service providers and our business and commercial uses of such personal information on the Playio Privacy Center at https://www.Playio.co/privacy-center
The General Data Protection Regulation (GDPR) 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). There are three major laws regulating data protection and information privacy in Switzerland: Article 13 of the Swiss Constitution, the Federal Act on Data Protection (DPA), and the General Data Protection Regulation (GDPR). The following section provides additional information regarding the lawful basis and purpose for data processing and specific rights regarding your personal data.
As a resident of the EEA, SUI & UK, you should know that the purposes of our data processing activities are being conducted on the following so-called “legal grounds:”
- where it is necessary for us to fulfill a contract between you and us (processing information for purposes of creating your account);
- where it is necessary based on our legitimate interests to process your data (for purposes of fraud prevention, to recommend specific games or to improve the Services we provide to you); or
- where it is necessary to comply with our legal obligations such as for accounting or tax purposes.
As a resident of the EEA, SUI & UK, you also have certain specific rights regarding your personal data. You are free to exercise any of these rights by contacting us or as specified herein:
- Access: You have the right to request a copy of the personal data that we process about you. However, there are exceptions to this right, so access may be denied if, for example, making the information available to you would adversely affect the rights and freedoms of another person, or if we are legally prevented from disclosing such information.
- Accuracy: We aim to keep your personal data accurate and complete. We encourage you to keep us informed about changes that you would like reflected in our records.
- Objecting: In certain circumstances, you have the right to object to the processing of your personal data. You may ask us to block, erase or limit the use or other processing of your personal data.
- Data Portability: You have the right to request that some of your personal data be provided to you, or to another provider should you wish to stop using our Services in favor of another, in a machine-readable format.
- Erasure: You have the right to erase or request that we erase your personal data when it is no longer necessary for the purposes for which it was collected or if you think it has been used unlawfully.
- Complaints: You have the right to complain to the applicable data protection authority, or to seek a remedy in court.
Specific Rights for Residents in California, USA
The California Consumer Privacy Act (CCPA) gives Californian consumers the right to know, delete, and opt out of the sale of their personal information. As a consumer, you have the right to request, free of charge and twice a year, information about parties to whom we have disclosed or sold your personal information in the previous year, and a description of the categories of personal information shared. Additionally, upon request, we shall provide you with information relating to your personal information and our processing of it in an easily accessible form. To make such a request, please email [email protected]
with the subject line "Personal Information Privacy Request," your name, address, and email address, as well as the Service you are inquiring about.
You may also request to have your personal data deleted from our platform. If we receive a deletion request, we will ask whether you want your personal information to be removed entirely or if you want to be kept on a list of individuals who do not want to be contacted in the future (for a specified period or otherwise). Please note that we cannot keep a record of deleted personal information, so you may be contacted again by us if we come into possession of your personal information at a later date. We will honor requests to know and requests to delete within 45 days, and if we require more time to respond, we will notify you.
The CCPA enables California users to appoint an authorized agent to act on their behalf to submit disclosure or deletion requests under the CCPA. The authorized agent must be registered with the California Secretary of State. To honor a request from an authorized agent, we require written authorization from the user, and we will verify the identity of the user and the agent's proof of authorization.
Below is a chart of the personal information categories, sources, and business and commercial uses as defined by CCPA Sec. 1798.140(o) that we may collect, use, and disclose:
|CATEGORY||NAME/DESCRIPTION||1. SOURCES||2. BUSINESS USE||3. COMMERCIAL USE|
|A||Identifiers - name, email, postal and IP address, unique personal identifier, online identifier, Internet Protocol address, account name, phone number||User provided on registration and upon redeeming points using online shop, customer service inquiries and claim forms; related and 3rd party sources to verify user supplied information, selfie in video format||Operational purposes including customer service; fraud & security incidence detection; website improvement; award prize winners||None|
|B||Protected classification characteristics under California or federal law||Age and Gender||Recommend suitable Games||None|
|C||Internet or similar network activity -browsing and search history, information on a consumer’s interaction with a website, application, or advertisement||System collected activity logs and cookies||To determine performance of media content and analytics purposes||None|
|D||Geolocation data||Country Identified using IP Address||Recommend Games for Country||None|
|E||Inferences drawn from other personal information||Profile reflecting a person's preferences||Recommend Games based on preference||None|
Playio has collected, will collect, and has disclosed the personal information described in the categories above during the last year for business purposes. If you choose to exercise your rights under the CCPA, we will not discriminate against you in any way.
California Online Privacy Protection Act
Browsers “Do Not Track” Signals. Most browsers have a "do-not-track" setting that allows users to indicate that they do not want their online behavior and personal information to be tracked and used for interest-based advertising by notifying other websites. As required by CalOPPA, we are required to inform you that, as in case of the most websites, we do not alter our behavior or honor requests when a user activates the "do-not-track" setting on their browser while using one of our Websites.
Oversea Transfer of Personal Information
We may transfer your personal information overseas as described below. Your personal information will be transferred overseas in accordance with the Korean PIPA and Network Act privacy requirements via an information communication network and will be retained and used until the relevant purpose is achieved.
|Amazon Web Services, Inc.||U.S.A||Amazon.com||Upon accessing and using Playio services||Hosting and data security and management services for the personal data that we store. Also used for analytics to monitor and track the reliability of the Services||mobile application account data such as name, email, mailing address, age, gender, language, social media profiles, application installed, time spent using an application, IP address, Google Ad ID, OS version, device model|
|Adbrix||South Korea||Igaworks.com||Upon accessing and engaging with an ad and using Playio services||Advertising, rewards, and fraud detection||Mobile application Google Ad ID, IP address, age, device model, OS version|
|Adjust||U.S.A||EmailAdjust.com||Upon accessing and engaging with an ad and using Playio services||Advertising, rewards, and fraud detection||Mobile application Google Ad ID, IP address, age, device model, OS version|
|AppsFlyer||U.S.A||Appsflyer.comEmail||Upon accessing and engaging with an ad and using Playio services||Advertising, rewards, and fraud detection||Mobile application Google Ad ID, IP address, age, device model, OS version|
|Singular||U.S.A||Singular.netEmail||Upon accessing and engaging with an ad and using Playio services||Advertising, rewards, and fraud detection||Mobile application Google Ad ID, IP address, age, device model, OS version|
|Facebook||U.S.A||Facebook.com||Upon accessing and using Playio services||Used for business analytics to better understand how users interact with Playio Services||Google Advertising ID|
|Google||U.S.A||Google.com||Upon accessing and using Playio services||Used for business analytics to better understand how users interact with Playio Services||Google Advertising ID|
The protection of your personal information is a top priority for us at Playio. We have implemented physical, electronic, and administrative measures to safeguard your personal information from accidental loss and unauthorized access, use, alteration, or disclosure. All information you provide to us is stored on our secure servers located on Amazon AWS in the United States and is protected by firewalls.
However, it is important to note that the transmission of information over the internet is not entirely secure and may be subject to interception or hacking. While we strive to protect your personal information, we cannot guarantee the security of information transmitted to or from our Services, and any transmission is at your own risk. We recommend that you take steps to protect your own information, such as using strong passwords and keeping them confidential.
Our Services may contain links to external websites or apps (such as Google Play Store), including third-party content that we do not control. These third-party websites or apps may have different privacy and data collection practices from ours. We are not responsible for the privacy policies or practices of any third-party websites or apps that may be linked to or from our Services.
We encourage you to read the privacy statements of each and every website or app you visit, especially those that collect personal information before you provide any personal information. We do not endorse, and we are not responsible for, the privacy practices or the content of such websites or apps, nor do we guarantee the accuracy, completeness, or usefulness of any information contained on such websites or apps.
We are based in Korea and the information that we process is protected by Korean privacy laws. The information that we collect may be transferred, stored, or used in other jurisdictions, such as the United States, where some of our service providers may be located. While we protect your information by choosing appropriate service providers and having contractual safeguards in place with those vendors, the privacy laws in such jurisdictions may not be as protective as in, for example, Korea or the EEA, SUI & UK, and may be subject to access by foreign governments, with or without your knowledge.
The information collected in the EEA, SUI & UK is transferred and stored behind firewalls on our secure servers that are located on Amazon AWS in the United States in accordance with the GDPR adequacy standards. Any other transfers to third countries will be done using mechanisms such as the “model clauses”.
Terms of Service
Contact Information and Challenging Compliance
We have procedures in place to receive and respond to complaints or inquiries about our handling of personal information, our compliance with this policy, and applicable privacy laws. To discuss our compliance with this policy, please contact us at:
GNA Company Corp.
8, Bangbae-ro 27-gil, Seocho-gu, Seoul, Korea, 06572
or via email at [email protected]