Nishan Perera (hereinafter referred to as the "Company") collects the user's personal information as follows in order to providePrivacy (the "Service") to the user.
The Company places great importance on users' personal information and complies with the personal information protection regulations under the relevant laws and regulations that information and communication service providers must comply with, such as the Personal Information Protection Act. The Company informs users of the purpose and method of using the personal information provided by users and what measures are being taken to protect personal information through the Privacy Policy. The Company discloses the Privacy Policy in the 'In-Game Settings > Privacy Policy Menu' so that users can easily view it at any time.
If the Company revises the privacy policy as necessary, it will be notified in advance through 'email and in-game notice' 7 days before the effective date, and it will be implemented after 7 days have elapsed. However, if important matters such as the purpose of collection and use of personal information and the target of provision to third parties are revised, it will be notified 30 days in advance and will be implemented after 30 days have elapsed. The privacy policy is notified to users through 'in-game notices' and then the revised information is easily recognized by users.
The company collects only the information necessary to provide basic services during service use process, product payment process, and customer consultation process. (The user may refuse the collection and use of personal information, and if the user refuses to collect and use personal information, it may be difficult to use some or all of the relevant services.
The Company uses personal information only for the following purposes, such as managing service users, developing, providing and improving services, and establishing a safe Internet environment.
1. Personal information is used for user management, such as confirmation of intention to sign up for user, age verification, user identity verification, user identification, and confirmation of intention to withdraw membership.
2. In addition to providing existing services such as contents (including advertisements), personal information is used to discover new service elements and improve existing services, such as providing customized services based on demographic analysis, analysis of service visit and usage records, and the formation of relationships between users based on personal information and interests.
3. Personal information is used to protect users and operate the service, such as restricting the use of members who violate laws and the Terms of Service, preventing and sanctioning acts that interfere with the smooth operation of the service including illegal use, preventing account theft and illegal transactions, delivering notices such as amendments to the terms of service, preserving records for dispute settlement, and handling complaints.
4. Personal information is used to verify the identity of the paid service provider, purchase and pay fees, and deliver products and services.
5. If separate consent is obtained, personal information will be used for marketing and promotion purposes, such as providing event information and participation opportunities, providing customized advertisements, and providing advertising information.
6. Personal information is used to analyze service usage records and access frequency, statistics on service use, and provide customized services based on service analysis and statistics.
7. In terms of security, privacy, and safety, personal information is used to establish a service environment that users can use with confidence.
8. The collected personal information may be pseudonymized so that a specific individual cannot be identified, and processed for statistical preparation, scientific research, and preservation of records in the public interest. In this case, pseudonymous information is stored and managed separately from additional information so that it is not re-identified, and necessary technical and administrative protection measures are taken.
9. Administrative measuresEstablishment and implementation of internal management plans, regular employee training, etc. Technical measuresManagement of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, etc., installation of security programsPhysical measuresAccess control of computer rooms, data storage rooms, etc.
10. Provision (sharing) and consignment of personal information
a. In order to prevent leakage or damage of personal information caused by hacking or computer viruses, the Company installs security programs, periodically updates and inspects, installs systems in areas where access from the outside is restricted, and monitors and blocks them technically and physically.
b. Users' personal information is stored and managed with encrypted passwords, so only the user can know it, and important data is encrypted and uses separate security features such as encrypting files and transmitted data or using the file lock function.
c. Records of access to the personal information processing system are stored and managed for at least one year, and personal information is added or unique identification information or sensitive information is processed for more than 50,000 information subjects, it is stored and managed for at least two years. In addition, we use security functions to prevent forgery, theft, and loss of access records.
d. Access to unauthorized IPs makes it impossible to access the company's server if it is not the company's internal network. In addition, we are doing our best to secure the system, such as prohibiting access to unauthorized ports.
a. Measures are taken to manage personal information by designating employees who handle personal information and minimizing it to the number of people in charge.
b. Regular in-house training and outsourced training are conducted for employees who process personal information on the acquisition of new security technologies and obligations to protect personal information.
c. The Company takes necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and controls unauthorized access from the outside by using an intrusion prevention system.
d. The handover of duties of personal information processors is carried out thoroughly while security is maintained, and the responsibility for personal information accidents after joining and leaving the company is clarified.
e. Documents containing personal information and auxiliary storage media are stored in a secure place with a lock.
Information on the person in charge of personal information protection and the person in charge
mail:[email protected]
