Captains Inc. (hereinafter the “Company”) endeavors to protect the personal information of customers and the Company strictly complies with the regulations related to the protection of personal information pursuant to the relevant Acts that should be complied by the Information and Communications Service Provider, including [Acts related to Information and Communication Network Promotion and Information Protection], [Protection of Communications Privacy Act], [Telecommunications Business Act] and others.

The Company shall inform the customers of the Company’s privacy policy guideline so that customers would be able to know how the personal information provided by the customer is used, how it is protected and how it is managed, and the Company shall obtain an approval for this.

The Company has taken the measures to disclose the Privacy Policy Guideline on the first screen of the homepage so that customers would be able to view it at all times conveniently.

 

Article 1 General Provisions

Captains Inc. (hereinafter the “Company”) collects compulsory items necessary for providing services under the agreement of the customers. Personal information refers to information related to individuals and the information which is included in the relevant information that is able to identify the individual concerned.

② The Company is taking measures to protect the user’s personal information by complying with the “Acts related to Information and Communication Network Promotion and Information Protection” (hereinafter “Information and Communication Acts” and personal information protection regulations of the relevant Acts.

③ This Privacy Policy Guideline is subject to changes due to amendments of the relevant Act and Guidelines and the Company’s internal guideline. In such a case, the Company shall notify the reason for changes and its contents through notices in the game or its representative cafes and others.

 

Article 2 Personal Information Items collected and Collection Method

① Whereas the customer uses the mobile games of the Company, the Company collects personal information such as those stated below to provide smooth services and for data statistics and others.

  1. Personal Information Items collected

– Collected information via Captains Inc. platform games

Mobile phone number, email address, telecommunication company information, terminal information (model name, OS type and version, International Mobile Station Equipment Identity (IMEI), MAC address, and display resolution), game usage and connection records, connection location, verification records, payment records, game version

– Collected information via iOS platform games

Hardware type, OS version, device name, email address (when using Facebook or Google Plus account for login), region (based on IP address), unique user ID

– Collected information via Android platform games

Hardware type, MAC address, IMEI, OS version, device name, email address (when using Facebook or Google Plus account for login), region (based on IP address), unique user ID

– Collected information via games connected to Facebook, Game Center or Google Plus

Name, user’s unique number or username, region/city/state/country, sex, date of birth, email address, profile picture or URL, user’s unique number that is displayed to social network friends

– Collected information via games connected to KakaoTalk or Naver Line

Phone number, game service usage records, connection logs and verification date, payment records, game version, telecommunication company information, terminal information (model name, OS version, IMEI, MAC address, etc.), customer number, nickname, profile picture, friends list and friend’s profile picture

  1. Collection Method of Personal Information

– Upon the initial execution after purchasing the game, when connecting to the network, when purchasing cash, upon subscription, upon consultation through customer service, upon signing up for events

② In case children below the age of 14 uses the game or in case payment is made by a minor below the age of 20, the personal information of a legal representative is collected as below in order to check the agreement of the legal representative.

– Name, mobile number, electronic mail and others

③ The following information as shown below can be automatically created and collected in the process of using the service of business handling.

– Service usage records, connection logs, cookies, connection IP information, connected mobile numbers, transaction records and records of prohibited usage

④ In case the customer uses paid services, information such as the following can be additionally collected.

– When making credit card payment in the homepage: Information necessary for credit card payment such as the name of credit card company, card number, expiry date and others

– When making mobile phone/ARS payment: Information necessary for mobile phone payment such as telecommunication company, mobile phone number, phone number, payment approval number and others

– When making bank transfer: Information necessary for bank transfer transaction such as the name of bank, account number and others

– When using gift certificates: Information necessary for transaction using gift certificates such as gift certificate number and others

 

Article 3 Collection of Personal Information and Purpose of Usage

① The Company shall use and utilize the personal information collected within the notified scope for the following purposes and in principle, shall not exceed the said scope without written agreement of the user and shall not disclose the personal information externally. (However, in case the user has agreed to the disclosure of personal information in advance or in case it is in accordance with the regulations of the Acts or in case there is a request from the investigation institute in accordance with the procedures and methods stipulated by the Acts for the purpose of investigation, it shall be disclosed externally.)

  1. Execution of agreement related to providing services and settlement of payment following the providing of services

– Provide contents; provide certain customized services, official purchase verification, user verification, payment

  1. Member management

–  User verification following the usage of services, individual identification, prevent illegal use by delinquent users and prevention of unauthorized use, preservation of records for settling disputes, handling of complaints such as handling dissatisfaction, notice delivery, verification of future legal representative

  1. Utilization for marketing, advertisement and statistics

– Development of new services, providing service according to the statistical characteristics and publication of advertisements, verification of service effectiveness, providing event and promotional information and providing participation opportunities, analyze the connection frequency, statistics on the service usage of the users

– User can request the Company to cancel the subscription for the event or advertisement information sent by email or SMS.

  1. Collection of personal information of legal representative and the purpose of usage

– Check the verification of the legal representative agreement on the personal information collection of children below the age of 14; check the verification of the legal representative agreement upon payment by a minority below the age of 20

② The Company shall not collect sensitive information (race and nationality, philosophy and principles, native place and place of birth, political inclination and criminal records, health status and sexual life etc.) which may cause violation of the fundamental rights.

 

 

Article 4 Sharing and providing personal information collected

① The Company shall not use the personal information of users beyond the scope notified in [Collection of Personal Information and Purpose of Usage] or provide it to a third party such as others or other corporate/institutes etc. in any case whatsoever unless there is an agreement from the user or a request from the national institutes, investigation institute with justified authority in accordance with the regulations of the Acts.

② In case the personal information of the user is provided to a third party, agreement shall be obtained in advance after individual notification through electronic mail, telephone and others on the person receiving the personal information, the usage purpose of the personal information of the person receiving the personal information, items of personal information being provided, possession of personal information of the person receiving the personal information and the usage period. However, personal information can be provided without the agreement of the customers in the following cases:

  1. In case it is necessary for settling payment following the provision of service
  2. In case it is provided in a form whereby it is not possible to identify the individual for creating statistics, academic research or market research
  3. In case there is a special regulation in the Acts
  4. In case it is in accordance with the regulations of Acts related to the Telecommunications Basic Act, Telecommunications Business Act and others or in case there is a request from the investigation institute in accordance with the procedures and methods stipulated by the Acts
  5. In case it is necessary for sending event products which the user has applied for agreed to the utilization of personal information or post/parcel services or e-mail, SMS, MMS, Messenger and others

③ In the following cases, the Company can provide the personal information to a third party under the customer’s agreement.

  1. Customer’s name, telephone number, payment information and others can be provided to the payment company for the services that the user has used such as the contents provider, open market, telecommunication companies, credit card companies and others for settling payments of using paid contents and others.
  2. The personal information of customers who have participated in various events can be provided to the host of the relevant event.

 

Article 5 Commission of personal information

The Company directly manages member’s personal information in order to protect member’s valuable personal information. However, when member’s personal information needs to be shared with another specialized organization to provide specialized services to members, the Company can commission a specialized organization to handle member’s personal information after the same process as for providing member’s personal information to a third party.

 

Article 6 Possession of personal information and usage period

① The Company, in principle, shall destroy the relevant information without delay after it has collected the personal information and achieved the purpose of usage. However, in case personal information such as address has been provided upon signing up for the event, the relevant personal information shall be held for six months from the completion time of the relevant event for sending of event products and customer handling on the user who has signed up for the event.

② In case there is a need to preserve the information in accordance to the regulations of the relevant Acts, the Company shall store the personal information for a certain period of time as below set forth in the relevant Acts.

  1. Preservation item

– The Company shall preserve all the contents of Article 2 Clause 1 Item 1.

  1. Reason for possession of information in accordance to the relevant Acts

In case there is a need to keep the information in accordance with the regulations of the relevant Acts according to the law related to consumer production such as the Commercial Law and E-Commerce and others, the Company shall keep the user information for the period set forth by the relevant Acts. In such a case, the Company shall only use the stored information for the purpose of storage and the preserving period shall be as below.

– Records related to agreements or subscription withdrawal and others: 5 years

Reason for preservation: Laws related to the consumer production of E-Commerce transaction and others

– Records related to payment: 5 years

Reason for preservation: Laws related to the consumer production of E-Commerce transaction and others

– Records related to consumer dissatisfaction or handling disputes: 3 years

Reason for preservation: Laws related to the consumer production of E-Commerce transaction and others

– Records related to user verification: 6 months

Reason for preservation: Laws related to Information and Communication Network Promotion and Information Protection

– Records related to visits: 3 months

Reason for preservation: Protection of Communications Secrets Act

 

 

 

 

Article 7 Destruction Procedure and Method of Personal Information

① In case the possession period of the person information which has been notified to and agreed by the user exceeds or in case the purpose of collection usage has been achieved, the Company shall destroy the information without delay. The destruction procedure and method is as stated below.

  1. Destruction procedure

– Once the purpose of collection usage is achieved, the personal information provided by the user shall be destroyed with a method that makes it irrecoverable after storage for a certain period of time according to the reason of information protection in accordance to the internal guideline and other relevant Acts.

– The said personal information shall not be used for purposes other than in accordance with the Acts.

  1. Destruction method

– Personal information stored in electronic file format shall be deleted by using technical methods that cannot be reproduced.

– Personal information printed on paper shall be destroyed by using a pulverizer or by incineration.

 

Article 8 Rights of user and legal representative and its exercising method

① The user can withdraw the agreement on the collection of personal information by notifying the person in charge of personal information management via documents, telephone, electronic mail and others. In such a case, after checking the verification of the user, necessary measures such as destroying the personal information concerned and others shall be taken other than cases stipulated differently in the Acts. However, in case the personal information is destroyed, the information that has been created and accumulated as the user used the services of the Company can be destroyed together.

② In case the representative of the user visits and requests for the viewing or rectification, the Company shall check and verify the authenticity of the representative and can request for a proof of evidence that show the proxy relationship.

③ In case the Company has a justifiable reason to reject the viewing of all or part of the personal information concerned or the request for rectification, it shall be notified to the user without delay and its reasons must be explained.

④ The legal representative of children below the age of 14 can exercise the right stipulated in this article with regard to the person information on the children below the age of 14.

 

 

 

 

 

Article 9 Items related to the installation/operation and rejection of personal information automatic collection device

① The Company can install, apply the device that automatically collects the personal information such as “cookies” and others that frequently stores and discovers the information of customers. Cookies refer to an extremely small text file that is sent to the customer’s browser by the server which is used in the operation of the Company’s site and it is stored in the customer’s computer hard disk. The Company uses cookies and others for the following purposes.

② The usage purpose such as cookies is for target marketing and providing customized service through the analysis of connection frequency or visit times of members and non-members, analyzing and tracking the customer’s preference and interest fields, analyzing the degree of participation in various events and visit frequencies and others.

③ The customers have a right of option on the installation of cookies. Therefore, by setting the options in the customer’s web browser, customers are able to enable all cookies or set a verification stage every time a cookie is installed or reject the storage of all cookies.

④ As a method of rejecting the cooking setting, select the option in the web browser used by the customer to allow all cookies, set a verification stage every time a cookie is installed or reject the storage of all cookies.

 

Article 10 Technical Managerial Protection Measures for Privacy Protection

The Company seeks for technical managerial measures as stated below to prevent loss, theft, spill, falsification, damage of personal information in handling the personal information of users.

①Encryption of password

– The password of customer’s ID is encrypted, stored and managed and only the customer is able to know the password. The verification and change of personal information can only be executed by the customer who knows the password.

②Measures on hacking and others

-The best efforts are being put in to prevent leaks or damages of the customer’s personal information caused by hacking or computer virus and others.

– In preparation for damage of personal information, data is frequently being backed up and by using the latest vaccine program, leaks or damage of the customer’s personal information or data is being prevented and through encrypted communication and others, the personal information can be sent safely in the network.

– In preparation for illegal external intrusion, an intrusion prevention system is used to control unauthorized access from outside and efforts are being made to secure all technical devices to secure the security in terms of other system aspects.

 

③ Minimizing the handling employees and training

– The employee handling the Company’s personal information-related works are restricted to the person in charge and by assigning a separate password, it is regularly renewed. Through frequent training on the person in charge, the compliance of privacy policy guideline is emphasized all the time.

④Operation of Personal Information Protection Organization

– The Company is making the efforts to immediately correct and straighten out problems once they are discovered by checking the execution items of the privacy policy guidelines and the compliance of the person in charge through internal Personal Information Protection Organization and others.

– However, with regard to problems caused by the user’s negligence or leakage of personal information such as ID, password due to Internet issues, the Company shall not be liable in any way.

 

Article 11 Contact details of the Personal information Manager and Person in Charge

In order to protect the personal information of members and the dissatisfaction related to person information, the Company appoints a person in charge of personal information management. In case of inquiries related to the personal information, please contact the person in charge of personal information management. The inquired items shall be attended to promptly and sincerely.

 

[Personal Information Manager]

Department: Team Manager

Name: J.T. Kim

E-mail: Captain@captains.co.kr

Tel: +82 10 9368 1246

 

[Person in Charge of Personal Information Management]

Department: Team

Name: Keldric Baek

E-mail: keldric@captains.co.kr

Tel: +82 10 4785 9319

 

The user can report the complaints related to all personal information protection arising from using the Company’s services to the personal information manager or the person in charge of personal information management or can seek assistance through the Company’s customer service center.

The Company shall provide prompt and sufficient answers with regard to the issues reported by the member.

 

 

Article 12 Notification obligations following the amendment of policies

In case there is any addition, deletion, or amendments of the privacy policy due to the change of Acts policy or security technology, the Company shall notify members and announce the reason of changes and changed contents immediately via the official page (SNS).

 

Supplementary Provisions

This Privacy Policy Guideline shall come into effect from July 7th, 2017.