POMERIUM PTE. LTD. which distributes game services. (hereinafter referred to as the 'Company') & <NinenJoy Co., Ltd.>, which develops game services, considers the personal information of our customers very important, and complies with relevant laws and regulations including the “Law Regarding the Promotion of Information and Communication Network Use and Protection of Information” and “Personal Information Protection Act” and “Act on Protection and Use of Location Information”, etc.
① Member registration & management on website
We use our customers’ personal information to confirm the intention to sign up as a member, identify and verify customers for the provision of membership services, maintain and manage member qualifications, prevent illegal use of services, and provide various notices and notifications.
② Handling complaints
We process personal information to verify the identity of complainants and notify the handling result.
③ Provision of goods or services
We process personal information to provide our services and content, verify identity and age, and perform payment/settlement.
① The company processes and retains personal information under the period of retention and use of personal information stipulated by law or the period of retention and use of personal information agreed upon when collecting personal information from the data subject.
② The personal information processing and retention period of each law are as follows. We retain and use the relevant personal information for the above purposes from the date of agreement on collection and use.
Related laws
1) Records on collection/processing & use of credit information: 3 years
2) Records on consumer complaints or dispute handling: 3 years
3) Records on payment & supply of goods: 5 years
4) Records on a contract or subscription withdrawal: 5 years
5) Where receiving individual member’s consent
Exceptional reason: However, when there is a need to limit the time of provision of the “service” according to the relevant laws and regulations, the “Company” may limit or change the time of provision of the “service” without prior notice, and shall not take any responsibility for it.
1. Basically, the company does not provide customers' personal information to a third party. However, the following cases are exceptions.
① Where there is a prior consent
② Where it is necessary for the settlement of charges to provide service
③ Where an institution requests under the procedures and methods set forth in the relevant laws or laws for investigation purposes
④ Where it is necessary for statistical writing, academic research or market research, etc., and it is processed so that a specific individual cannot be identified
The company is conducting a separate notice and consent procedure for each game to entrust members' personal information to the consignment company to improve the service. Matters concerning the consignment of detailed personal information (Consignment company, consignment work, retention and use period of personal information) can be found in the individual personal information processing policy notified in each game.
The company is conducting separate notices and consent procedures for each game to transfer members' personal information abroad to provide smooth game services. Details on the cross-border transfer of personal information (a person receiving transfer, a country receiving transfer, transfer purposes, transfer items, transfer method, and retention and use period) can be found in the individual personal information processing policy notified in each game.
① The data subject can exercise his/her right to view, correct, delete, or suspend the processing of personal information at any time to the company.
② Customers can exercise their rights under paragraph 1 to the company in writing, e-mail, and fax in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the company shall take action without delay.
③ Customers can exercise their rights under paragraph 1 through a representative, such as a legal representative of the data subject or a person who is entrusted. In this case, customers must submit a power of attorney under the annexed paper form No. 11 in the "Public Notice on Personal Information Processing Methods (No. 2020-7)"
④ The rights of the data subject about requests for viewing personal information and suspending personal information processing may be limited under Article 35 (4) and Article 37 (2) of the 「Personal Information Protection Act」.
⑤ Where personal information is specified as a collection target in other laws, customers cannot demand correction and deletion of their personal information.
⑥ The company shall confirm whether the person who requests viewing, correction or deletion, or suspension of processing according to the rights of the data subject, is the person himself/herself or a legitimate representative.
⑦ Users and legal representatives can view or modify their registered personal information or the personal information of children under the age of 14 at any time, and may request cancellation of membership.
⑧ When a user requests the correction of an error in his/her personal information, the company shall not use or provide the personal information until the correction is completed.
⑨ However, the company may refuse to view or correct all or part of personal information in the following cases.
- Where there is a risk of significantly harming the life, body, property, or interests of the person or a third party
- Where there is a possibility of significantly disrupting the company's business
- Where violating laws
① The company processes the following personal information items.
1. < Items to be managed >
Items: Email, mobile phone number, home address, password, login ID, date of birth, name, IP address, usage record
① The company shall destroy related personal information without delay when the personal information becomes unnecessary due to the reasons such as the expiration of the personal information retention period and the achievement of the purpose of processing.
② Where it is necessary to continue to preserve personal information according to other laws even though the period of personal information retention, which the data subject agrees to, is expired or the purpose of processing is achieved, the company shall move the personal information to a separate database (DB) or keep it another storage site.
③ The procedure and method of destroying personal information are as follows.
1. Destruction procedure
The company shall select the personal information with a reason of destruction, and destroy it after receiving the approval of the person in charge of personal information protection in the company.
2. Destruction method
The company shall delete the personal information stored in the form of electronic files using a technical method that cannot reproduce the record. It shall shred the personal information printed on paper with a shredder or destroy it by incineration.
The <Company> takes the following measures to ensure the safety of personal information.
1. Execution of regular self-inspection
To secure safety related to personal information processing, the company conducts regular self-inspection (once a quarter).
2. Minimization of employees handling personal information and training them
The company manages personal information by designating employees who can handle personal information.
3. Establishment and execution of an internal management plan
The company establishes and implements an internal management plan to safely handle personal information.
4. Technical measures against hacking, etc.
The company installs security programs, and periodically updates and checks to prevent leakage and damage due to hacking or computer viruses. And it also installs systems in an area where people can't access from the outside, and technically and physically monitors to block.
5. Encryption of personal information
The user's personal information is stored and managed with the password encrypted so that only the user can know it. The company applies separate security functions such as encrypting files and transmission data and using file lock functions for important data.
6. Storage of access records and prevention of forgery
The company keeps the records of access to the personal information processing system for more than 6 months and uses security functions so that the access records are not forged, stolen, or lost.
7. Restriction of access to personal information
The company takes necessary measures to control access to personal information by giving, changing, and erasing access rights to the database system that processes personal information. And it also uses a firewall system to control unauthorized access from the outside.
8. Use of lock for document security
The company keeps documents and assistant storage media containing personal information in a safe place with locks.
9. Access control for unauthorized persons
10. The company limits access to users' personal information to a minimum number of people. Those who correspond to the minimum number of people are as follows.
① Those who directly conduct marketing work for users
② Those who are in charge of personal information management, such as the personal information complaint handling department and the person in charge
③ Those who are unavoidable to process personal information for other business purposes
11. The company shall not take responsibility for the leakage of personal information caused by individual users' mistakes or inherent risks of the Internet. Users must properly manage their accounts and password to protect their personal information and take responsibility for it. The company makes a separate physical storage location to keep personal information. And it establishes and operates the procedures to control access to personal information.
① The company uses 'cookies' that store and retrieve use information from time to time to provide personalized services to users.
② The company provides personalized services by analyzing the frequency or visit times of members and non-members who use cookies and identifying users' tastes and interests, traces, and visit counts.
③ Cookies are a small amount of information that the server (http) used to run the website sends to the user's computer browser. It may be stored on the hard disk of the user's PC.
A. Purpose of cookies: It is used to provide optimized information to users by identifying the types of visits and usage of each service and website visited by the user, popular search words, security access, etc.
B. Installation/operation & rejection of cookies: Users can refuse to save cookies by setting options in the Tools>Internet Options>Personal Information menu at the top of the web browser.
C. Where users refuse to save cookies, they may experience difficulties in using customized services.
① The company shall take responsibility for the overall processing of personal information. And it designates the person in charge of personal information protection as follows to handle complaints and damage relief of data subjects related to personal information processing.
▶ Person in charge of personal information protection
Email: pomerium2022@gmail.com
※ It is connected to the department in charge of personal information protection.
▶ Department in charge of personal information protection
Email: pomerium2022@gmail.com
② The data subject may ask about matters such as inquiries, handling complaints, and damage relief related to all personal information protection that occurs while using the company's service (or business) to the person and department in charge of personal information protection The company shall respond and handle inquiries from data subjects without delay.
A data subject may request access to his/her personal information to the following department in accordance with Article 35 of the Personal Information Protection Act.
The company will try to promptly process the data subject's request for access to personal information.
▶ Reception and processing department of requests for access to personal information
Email: pomerium2022@gmail.com
This privacy policy is effective from 31, 08, 2023.