개인정보 보호 정책(privacy policy)
privacy policy
Hypercent Inc. (hereinafter referred to as the “Company”) attaches great importance to the protection of users’ personal information and follows the “Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.,” the “Personal Information Protection Act,” and the “Act on the Protection and Use of Location Information.” We comply with relevant laws and regulations, including guidelines established by related organizations.
Through this personal information processing policy, the "Company" would like to inform you of how personal information provided by users is protected and for what purposes and methods it is used.
Article 1 Items and collection methods of personal information collected/used
1) Items of personal information collected/used
1. Mobile device model name, OS information, OS version, device identification number (UUID, UDID), MAC address, subscription carrier information, IP address
2. GPS location information, base station location information, WIFI-AP information (limited to games using location-based services)
3. Encrypted personal identification information, duplicate subscription confirmation information, date of birth, gender information, domestic and foreign national information (limited to games equipped with an identity authentication service)
4. Payment information and credit card number
5. Phone numbers in your mobile phone address book (mobile phone number, landline phone number), name (nickname) in your address book (limited to cases where you have consented to the permission to use contact information)
(Limited to games equipped with social community functions, even in this case, third party phone numbers are not stored)
6. Game invitation ID (limited to games equipped with the game invitation function)
7. User's SNS and SNS friend ID, nickname, etc. (limited to cases where SNS linking function is used)
8. User’s e-mail address (E-mail address)
2) Method of collecting personal information: Provided by affiliates such as identity verification agencies, collected through mobile devices, email inquiries, or entered directly by customers. Users may refuse to provide personal information, but use of some or all of the services may not be possible.
Article 2 Purpose of collection and use of personal information
Regarding the personal information collected/provided, the company distinguishes between items that require the consent of the information subject and items that do not require consent when processing as follows, and the purpose of use for each item is as follows.
1) Items requiring user consent
1. User ID (e-mail address), SNS ID: Personal identification according to service use, management of bad users, handling of complaints, provision of events and other customer services, provision of information about other applications, delivery of notices
2. Password: Check access rights according to service use
3. Phone numbers included in the user's mobile phone address book, names in the address book, SNS friend information: Community services such as friend matching, game invitations, ranking information, information on other applications, gift functions, etc.
(Limited to games equipped with social community functions, even in this case, third party phone numbers are not stored)
4. Mobile phone number, KakaoTalk ID: Identification of person, provision of complaint handling and other customer services, delivery of notices, provision of paid payment service
5. GPS location information, base station information (cell-id), WIFI-AP (limited to content equipped with location-based services): Coordinate measurement to provide location-based services
6. Device identification number, MAC address: New service, event information information (push notification), personal identification and bad user management
7. Mobile device model name, OS information, OS version, subscription carrier information: Service quality improvement and statistical information processing
8. IP address: Detection of abnormal users and restriction of use, contract performance, dispute resolution, etc.
9. Credit card number: Paid payment service provided
10. Address, phone number: Prize delivery during event
11. User's e-mail address (E-mail address): Provision of events and other customer services, provision of information about other applications, notification of payment details for paid services
2) Items that do not require user consent
1. Access records (date and time of visit, etc.): improving service quality, contract fulfillment, and dispute resolution
2. Payment information: Customer service related to payment for use of paid services
3. Game invitation ID: Identifies the invited user and provides compensation when inviting a game
3) Items provided and used by affiliates
For content with a separate identity authentication service, encrypted personal identification information/duplicate subscription confirmation information/date of birth/gender information/national/foreigner information, etc. are provided by the identity verification agency at the time of identity verification, and are used for the following purposes.
1. Name/encrypted personal identification information/duplicate subscription confirmation information: Personal identification, duplicate subscription confirmation
2. Date of birth: Age verification
3. Gender information: Gender confirmation
4. Domestic/foreigner information: Confirmation of domestic/foreigner
Article 3 Retention and use period of personal information
Personal information collected with the user's consent is retained and used until reasons such as the user's withdrawal or contract termination occur, and if contract termination is requested, it is completely deleted in a non-recoverable manner and cannot be viewed or used in the future. It will be processed.
However, in order to recover and protect victims in the event of damage due to personal information theft, etc., the company may temporarily store the user ID for up to 14 days from the date of cancellation, and then completely delete it in a non-recoverable manner. Additionally, exceptions are made in the following cases.
1) When there is a need to preserve it in accordance with the provisions of laws such as the Commercial Act
1. Records regarding contracts or subscription withdrawal, etc.
Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc. Preservation period: 5 years
2. Records of payment and supply of goods, etc.
Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc. Preservation period: 5 years
3. Records of consumer complaints or dispute resolution
Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc. Preservation period: 3 years
4. Reason for preserving access logs, access IP information, and service use records: Communication Secrets Protection Act Preservation period: 3 months
2) When consent is obtained from individual users
Article 4 Sharing and provision of personal information
The company uses the user's personal information within the scope notified at the time of collection, and in principle does not disclose the user's personal information without the user's prior consent. However, exceptions are made in the following cases.
1) When the user consents to disclosure in advance
2) When there are sufficient grounds to believe that personal information must be disclosed in order to take legal action by causing mental or material damage to others by using the service, or when policies such as the Terms of Use are violated.
3) When the provision of data is forced by other relevant laws or when there is a request from a court, investigative agency, or other administrative agency through lawful transfer.
Article 5 Personal information destruction procedures and methods
Users' personal information is destroyed without delay once the purpose of collection and use is achieved, and the destruction procedures and methods are managed according to the standards below.
1) Destruction procedure
Information collected and used by the company, such as information entered by users for user registration, etc., or information provided by affiliates, is destroyed after being stored for a retention period in accordance with internal policies and other relevant laws after the purpose of use has been achieved.
2) Destruction method
1. Personal information printed on paper is destroyed by shredding or incineration.
2. Personal information records stored in electronic file format are deleted using technical methods that render them unrecoverable.
Article 6 Rights of users and legal representatives and methods of exercising them
1) Users may exercise the following rights related to personal information protection against the company at any time.
1. Request to view personal information
2. Request for correction if there is an error, etc.
3. Request for deletion
4. Request to suspend processing
2) When the company collects, uses, or provides personal information of children under the age of 14, it must obtain the consent of a legal representative.
3) You can exercise your rights under Paragraph 1 in writing, by phone, by email, by facsimile (FAX), etc. to the Company, and the Company will take action without delay.
4) If the information subject requests correction or deletion of errors in personal information, the company will not use or provide the personal information until correction or deletion is completed. However, if personal information required to provide services is deleted, you may not be able to use the relevant services.
5) The exercise of rights under paragraph 1 may be done through an agent, such as the information subject's legal representative or a person authorized to do so. In this case, you must submit a power of attorney in the format of Appendix 11 of the Enforcement Rules of the Personal Information Protection Act.
6) The information subject must not violate the personal information and privacy of the information subject or others processed by the company in violation of relevant laws such as the Personal Information Protection Act.
Article 7 Technical and administrative protection measures for personal information
When handling users' personal information, the company is taking the following technical and managerial measures to ensure that personal information is not lost, stolen, leaked, altered, or damaged and to ensure safety.
The company limits the handling of users' personal information to the person in charge, provides a separate password for this, and updates it regularly. It always emphasizes compliance with the company's personal information processing (handling) policy through regular training for the person in charge. .
We also check whether the company's personal information processing (handling) policy is implemented and whether the person in charge is complying with it through an in-house dedicated organization, and if a problem is discovered, we strive to immediately correct it.
You must be careful as your personal information may be leaked if you lose your mobile device. We recommend setting up and using security services such as the screen lock function or pattern function. The company is not responsible for any problems caused by leakage of important personal information due to the user's negligence, such as loss of device.
Article 8 Personal Information Manager
- Personal information manager
Name: Kim Joo-wan
Affiliation: Business
Position: CEO
E-Mail: ceo@hypercent.co.kr
Article 9 Opinion collection and complaint handling
The company has procedures and methods in place to collect opinions and handle complaints regarding personal information protection.
Users may express opinions or file complaints through the personal information manager. You can also apply for action through the government's Personal Information Infringement Reporting Center (118) or the Personal Information Dispute Mediation Committee of the Korea Information Security Agency.
Article 10 Others
This personal information processing policy may be changed due to changes in laws and guidelines or changes in the company's internal policies, and in case of revisions, the changes will be notified at least 7 days in advance on the initial screen of the service or any other method that users can check.
<Supplementary provisions>
This policy comes into effect from January 1, 2024.