Nishan Perera (hereinafter referred to as the "Company") collects the user's
personal information as follows in order to providePrivacy (the "Service") to the
user.
The Company places great importance on users' personal information and
complies with the personal information protection regulations under the relevant
laws and regulations that information and communication service providers must
comply with, such as the Personal Information Protection Act. The Company informs
users of the purpose and method of using the personal information provided by users
and what measures are being taken to protect personal information through the
Privacy Policy. The Company discloses the Privacy Policy in the 'In-Game Settings >
Privacy Policy Menu' so that users can easily view it at any time.
If the Company revises the privacy policy as necessary, it will be notified
in advance through 'email and in-game notice' 7 days before the effective date, and
it will be implemented after 7 days have elapsed. However, if important matters such
as the purpose of collection and use of personal information and the target of
provision to third parties are revised, it will be notified 30 days in advance and
will be implemented after 30 days have elapsed. The privacy policy is notified to
users through 'in-game notices' and then the revised information is easily
recognized by users.
The company collects only the information necessary to provide basic services during
service use process, product payment process, and customer consultation process.
(The user may refuse the collection and use of personal information, and if the user
refuses to collect and use personal information, it may be difficult to use some or
all of the relevant services.
The Company uses personal information only for the following purposes, such
as managing service users, developing, providing and improving services, and
establishing a safe Internet environment.
1. Personal information is used for user management, such as confirmation of
intention to sign up for user, age verification, user identity verification, user
identification, and confirmation of intention to withdraw membership.
2. In addition to providing existing services such as contents (including
advertisements), personal information is used to discover new service elements and
improve existing services, such as providing customized services based on
demographic analysis, analysis of service visit and usage records, and the formation
of relationships between users based on personal information and interests.
3. Personal information is used to protect users and operate the service,
such as restricting the use of members who violate laws and the Terms of Service,
preventing and sanctioning acts that interfere with the smooth operation of the
service including illegal use, preventing account theft and illegal transactions,
delivering notices such as amendments to the terms of service, preserving records
for dispute settlement, and handling complaints.
4. Personal information is used to verify the identity of the paid service
provider, purchase and pay fees, and deliver products and services.
5. If separate consent is obtained, personal information will be used for
marketing and promotion purposes, such as providing event information and
participation opportunities, providing customized advertisements, and providing
advertising information.
6. Personal information is used to analyze service usage records and access
frequency, statistics on service use, and provide customized services based on
service analysis and statistics.
7. In terms of security, privacy, and safety, personal information is used
to establish a service environment that users can use with confidence.
8. The collected personal information may be pseudonymized so that a
specific individual cannot be identified, and processed for statistical preparation,
scientific research, and preservation of records in the public interest. In this
case, pseudonymous information is stored and managed separately from additional
information so that it is not re-identified, and necessary technical and
administrative protection measures are taken.
9. Administrative measuresEstablishment and implementation of internal
management plans, regular employee training, etc. Technical measuresManagement of
access rights to personal information processing systems, installation of access
control systems, encryption of unique identification information, etc., installation
of security programsPhysical measuresAccess control of computer rooms, data storage
rooms, etc.
10. Provision (sharing) and consignment of personal information
a. In order to prevent leakage or damage of personal information caused by hacking
or computer viruses, the Company installs security programs, periodically updates
and inspects, installs systems in areas where access from the outside is restricted,
and monitors and blocks them technically and physically.
b. Users' personal information is stored and managed with encrypted
passwords, so only the user can know it, and important data is encrypted and uses
separate security features such as encrypting files and transmitted data or using
the file lock function.
c. Records of access to the personal information processing system are
stored and managed for at least one year, and personal information is added or
unique identification information or sensitive information is processed for more
than 50,000 information subjects, it is stored and managed for at least two years.
In addition, we use security functions to prevent forgery, theft, and loss of access
records.
d. Access to unauthorized IPs makes it impossible to access the company's
server if it is not the company's internal network. In addition, we are doing our
best to secure the system, such as prohibiting access to unauthorized ports.
a. Measures are taken to manage personal information by designating employees who
handle personal information and minimizing it to the number of people in charge.
b. Regular in-house training and outsourced training are conducted for
employees who process personal information on the acquisition of new security
technologies and obligations to protect personal information.
c. The Company takes necessary measures to control access to personal
information by granting, changing, and canceling access rights to the database
system that processes personal information, and controls unauthorized access from
the outside by using an intrusion prevention system.
d. The handover of duties of personal information processors is carried out
thoroughly while security is maintained, and the responsibility for personal
information accidents after joining and leaving the company is clarified.
e. Documents containing personal information and auxiliary storage media are
stored in a secure place with a lock.
Information on the person in charge of personal information protection and
the person in charge
mail:[email protected]
