Privacy Policy
개인정보 취급방침
이용자가 제공하는 개인정보가 어떠한 용도와 방식으로 이용되고 있으며, 개인정보보호를 위해 어떠한 조취가 취해지고 있는지 알려드립니다.
(주)무지개토끼 개인정보취급방침 |
제 1조 [목적]
제 1항 주식회사 무지개토끼(이하 ‘회사’라 함)는 이용자(이하 ‘회원’이라 함)에게 다양한 서비스를 제공하기 위하여 아래와 같이 회원의 개인정보를 수집하며, 회원의 소중한 개인정보를 보호하기 위하여 최선을 다하고 있습니다. 이에 회사는 정보통신망 이용촉진 및 정보보호 등에 관한 법률(이하 ‘정보통신망법’), 개인정보보호법, 통신비밀보호법, 전기통신사업법 등 정보통신서비스 제공자가 준수하여야 할 관계 법령상의 개인정보보호 관련 규정을 철저히 준수하여 회원의 개인정보 보호를 위한 조치를 취하고 있습니다.
제 2항 회사는 기본적 인권 침해의 우려가 있는 민감한 개인정보는 수집하지 않으며, 본 개인정보취급방침을 회사가 제공하는 공식 홈페이지(https://rainbowrabbit.co.kr/privacy-policy/, 이하 ‘공식 홈페이지’라 함) 또는 서비스의 첫 화면 또는 공지사항 등을 통하여 공개함으로써 회원이 언제나 용이하게 볼 수 있도록 하고 있습니다.
제 3항 회원의 개인정보는 수집, 이용 동의를 받은 범위 내에서 단말기 정보 등에 접근한다는 것을 고지, 승인 후 수집되며, 별도의 동의 없이는 결코 제 3자에게 제공되지 않습니다.
제 2조 [개인정보의 정의]
제 1항 ‘개인정보’라 함은 생존하는 개인에 관한 정보로서 성명, 주소 등에 의하여 당해 개인을 알아볼 수 있는 부호, 문자, 음성, 음향 및 영상 등의 정보(당해 정보만으로는 특정 개인을 알아볼 수 없는 경우에도 다른 정보와 용이하게 결합하여 알아볼 수 있는 것을 포함)를 말합니다. 단, 개인정보 중 주민등록번호는 정보통신망법 등에 관한 법률 제 23조의 제 2항에 의거하여 관련된 정보를 수집 또는 이용하지 않습니다.
제 3조 [개인정보 수집에 대한 동의]
제 1항 회사는 회원이 회원가입 시 서비스 이용약관 및 개인정보취급방침에 대한 동의 절차를 마련하여 제공하며, ‘동의’를 선택하면 개인정보 수집에 대한 동의를 한 것으로 간주합니다.
제 2항 회원의 회원가입 등의 절차에서 전자우편, SMS 등을 통하여 영리목적 광고의 수신과 관련하여 ‘수신동의’ 체크박스를 체크하면 영리 목적의 광고성 정보 수신에 동의한 것으로 간주합니다.
제 4조 [개인정보 수집 항목 및 수집 방법]
제 1항 회사는 회원가입, 각종 상담 및 신청, 데이터 통계 등을 위하여 원활한 서비스를 제공하고자 아래와 같은 개인정보를 수집하고 있습니다.
1. 수집하는 개인정보의 항목
(1) 무지개토끼 서비스 (공통 게임 서비스): ID 또는 이메일, ADID, 닉네임, 비밀번호, 이름, 휴대전화번호, 프로필 사진, 게임 서비스 이용기록, 접속 로그 및 인증일자, 결제기록, 게임버전, 통신사정보, 단말기정보(모델명, OS버전, 기기고유식별번호 등), 휴대전화 주소록(휴대전화번호, 일반전화번호, 이름, 닉네임), 게임 초대 아이디, 게임 접속 국가 정보 등
(2) 카카오플랫폼 연동 게임 서비스: 카카오 계정정보(이메일, 출생연도, 성별), ADID, 프로필 사진, 게임 서비스 이용기록, 접속 로그 및 인증일자, 결제기록, 게임버전, 통신사정보, 단말기정보(모델명, OS버전, 기기고유식별번호 등), 친구목록 등
(3) 밴드플랫폼 연동 게임 서비스: 밴드 회원번호, 밴드 닉네임, 밴드 프로필 사진, 가입 밴드 목록 및 멤버 정보, 게임 전용밴드 등
(4) 페이스북(Facebook) 로그인 연동 게임 서비스: 페이스북 회원을 판단하기 위한 식별자 정보, Android ID, ADID, 휴대전화번호, 프로필 사진, 게임 서비스 이용기록, 접속 로그 및 인증일자, 결제기록, 게임버전, 통신사정보, 단말기정보(모델명, OS버전, 기기고유식별번호 등), 친구목록 등
(5) 구글플러스(Google+) 로그인 연동 게임 서비스: 구글 프로젝트 회원번호, Android ID, ADID, 휴대전화번호, 프로필 사진, 게임 서비스 이용기록, 접속 로그 및 인증일자, 결제기록, 게임버전, 통신사정보, 단말기정보(모델명, OS버전, 기기고유식별번호 등) 등
(6) 위치기반 연동 서비스: GPS위치정보, 기지국위치정보, WIFI-AP정보 등
(7) 본인인증 탑재 서비스: 암호화된 개인 식별정보, 중복가입 확인정보, 생년월일, 성별, 내/외국인 정보 등
(8) 유료 서비스 이용: 은행계좌정보, 신용카드정보, 휴대폰번호, 이메일주소, 상품권 번호 등 상품권을 이용한 거래 관련 정보 등
(9) 이벤트 및 프로모션 참가 또는 선택형 서비스 제공: 이름, 주소, 전화번호, 휴대폰번호, 이메일주소, 신분증사본, 은행계좌정보 등
제 2항 회사는 다음과 같은 방법으로 개인정보를 수집합니다.
1. 개인정보 수집방법: 홈페이지, 서면양식, 팩스, 전화, 상담게시판, 캐시 결제 및 유료 서비스 구매, 모바일 게임 인증, 이메일, 이벤트 응모, 배송요청, 협력회사로부터의 제공, 생성정보 수집 툴을 통한 수집
제 5조 [개인정보의 수집 및 이용목적]
제 1항 회사는 수집한 개인정보를 다음의 목적을 위하여 활용합니다.
1. 서비스 제공에 관한 계약 이행 및 서비스 제공에 따른 요금정산을 위한 활용
– 콘텐츠 제공, 캐시 및 유료서비스 제공에 대한 과금, 기타 각종 구매 및 요금결제, 물품 배송 또는 청구서 등 발송, 본인인증, 요금 추심
2. 회원 관리를 위한 활용
– 회원제 서비스 이용에 따른 본인확인, 불량회원의 부정 이용 방지와 비인가 사용방지, 가입 의사 확인, 연령확인, 불만처리 등의 민원처리, 분쟁 조정을 위한 기록보존, 고지사항 전달
3. 신규 서비스 개발 및 맞춤 서비스 제공 또는 마케팅과 광고에 활용
– 신규 서비스(제품) 개발 및 특화, 이벤트 등 광고성 정보 제공 및 참여기회 제공, 인구통계학적 특성에 따른 서비스 제공 및 광고 게재, 접속 빈도 파악 또는 회원의 서비스 이용에 대한 통계
제 2항 회사는 회원 별 맞춤 서비스, 기타 다양한 서비스 제공 등의 사업적인 이유로 회원의 개인정보를 파트너 업체에 제공하거나 또는 공유할 수 있습니다. 단, 개인정보를 제공하거나 정보를 공유할 경우에는 정보 제공 이전에 제휴사명, 제휴목적, 제공 또는 공유되는 개인정보의 범위, 그리고 언제까지 어떻게 보호, 관리되는지에 대해 고지하여 별도의 동의를 구하는 절차를 거치게 되며, 회원이 동의하지 않는 경우에는 제휴사에 제공하거나 공유하지 않습니다.
제 6조 [개인정보의 취급위탁]
제 1항 회사는 원칙적으로 회원의 사전 동의 없이 동 범위를 초과하여 이용하거나 회원의 개인정보를 외부에 공개하지 않습니다. 단, 회원이 사전에 개인정보 공개에 대하여 동의한 경우와 법령의 규정에 의거하거나, 수사 목적으로 법령에 정해진 절차와 방법에 따라 수사기관의 요구가 있는 경우에는 외부에 공개 됩니다.
수탁업체 | 위탁 업무 내용 | 개인정보 보유 및 이용기간 |
Com2us | 가입 시 계정 연동 (회원 ID, 닉네임, ADID, 디바이스 정보 등) | 회원탈퇴 시 혹은 위탁 계약 종료 시까지 |
스마트콘 | 현물 상품 지급을 위한 정보 (회원 닉네임, 연락처, 현물 상품 정보 등) | 회원탈퇴 시 혹은 위탁 계약 종료 시까지 |
제 2항 회사는 익명화된 이용자 평가와 앱 리뷰 및 익명화된 정보 통계를 제 3자와 공유할 수 있으며, 통계, 머신러닝, 광고 또는 마케팅 목적을 포함하되 이에 국한되지 않는 목적으로 공유합니다.
제 3항 회사는 회사의 합병, 자산양도, 자금 조달 또는 인수 기타 상황과 관련하여 또는 그 협의 과정에서, 당사 영업 자산의 일종으로 개인정보가 공개되거나 이전될 수 있습니다. 그러나 어떤 경우에도 이러한 거래로 인해 귀하의 정보가 귀하가 당사에게 동의한 목적 외에 다른 용도로 사용되지는 않습니다.
제 7조 [개인정보의 보유 및 이용기간]
제 1항 회사는 원칙적으로 회원이 회원가입 후 탈퇴하기 전까지 회원의 개인정보를 보관하며, 회원이 회원탈퇴를 하거나 개인정보 수집 및 이용목적이 달성된 후에는 해당 정보를 지체 없이 파기합니다.
제 2항 회사는 약관 및 내부 정책에 따라 부정 이용의 방지와 소비자의 불만 및 분쟁해결 등을 위한 목적을 위하여 회원탈퇴 후 30일 동안 본 약관 제 4조에 해당하는 개인정보를 보유하고 있으며, 이 기간이 경과한 후에는 회원의 개인정보가 완전히 삭제됩니다. 단, 회사와 회원 사이 또는 회원간의 분쟁이 발생하여 이에 대한 분쟁 관련 상담 진행이 필요한 경우에는 관련 회원의 신분증 사본과 법정대리인의 신분증 사본 및 동의서 등을 분쟁 신청이 들어온 일시를 기준하여 3년간 보관합니다.
제 3항 회사는 상법 및 전자상거래 등에서의 소비자보호에 관한 법률 등 관계 법령의 규정에 의하여 보존할 필요가 있는 개인정보를 보관하며, 관계법령에서 정하고 있는 개인정보의 보관항목, 사유 및 기간은 아래와 같습니다.
1. 서비스 방문기록
(1) 보존사유: 통신비밀보호법
(2) 보존기간: 3개월
2. 계약 또는 청약철회 등에 관한 기록
(1) 보존사유: 전자상거래 등에서의 소비자보호에 관한 법률
(2) 보존기간: 5년
3. 본인확인에 관한 기록
(1) 보존사유: 정보통신망 이용촉진 및 정보보호 등에 관한 법률
(2) 보존기간: 6개월
4. 대금결제 및 재화 등의 공급에 관한 기록
(1) 보존사유: 전자상거래 등에서의 소비자보호에 관한 법률
(2) 보존기간: 5년
5. 소비자의 불만 또는 분쟁처리에 관한 기록
(1) 보존사유: 전자상거래 등에서의 소비자보호에 관한 법률
(2) 보존기간: 3년
제 8조 [개인정보의 파기절차 및 방법]
제 1항 회사는 원칙적으로 개인정보 수집 및 이용목적이 달성된 후에는 해당 정보를 지체 없이 파기합니다.
제 2항 수집된 개인정보의 파기절차는 회원이 일정기간 동안 서비스를 이용하지 않거나 회원탈퇴를 신청하는 경우, 소비자의 불만 및 분쟁해결 등을 위한 목적으로 30일간 개인정보를 보관한 후, 재상이 불가능한 방법으로 파기합니다.
제 3항 회사는 회원이 회원탈퇴를 신청하는 경우, 소비자의 불만 및 분쟁해결 등을 위한 목적으로 30일간 개인정보를 보관한 후, 수집 된 개인정보를 파기합니다.
제 4항 수집된 개인정보는 전자적 파일형태로 저장 된 경우 기록을 재생할 수 없는 기술적 방법을 사용하여 삭제하며, 종이에 출력된 개인정보는 분쇄기로 분쇄하거나 소각을 통하여 파기합니다.
제 9조 [회원 및 법정대리인의 권리와 그 행사 방법]
제 1항 회사는 만 14세 미만 아동의 개인정보보호에 대하여 아래와 같이 조치를 취합니다.
1. 회사는 만 14세 미만 아동(이하 ‘아동’)의 개인정보에 대한 수집, 이용, 제공 등의 동의가 필요한 경우, 아동의 동의 외 법정대리인의 동의를 받습니다. 이를 위해 회사는 법정대리인의 성명, 연락처 등 필요한 최소한의 정보를 요구할 수 있으며, 해당 정보는 법정대리인의 동의여부 확인 용도로만 이용됩니다.
2. 법정대리인의 동의서는 아동과 회사의 계약, 청약철회, 대금결제, 재화 공급 등이 발생할 시 소비자의 불만 및 분쟁해결 등을 위한 용도로 이용되며, 탈퇴한 아동의 법정대리인 동의서, 동의 철회 또는 유효기간이 만료된 법정대리인의 동의서는 이용목적 만료 30일 후 재생 불가능한 방법으로 파기됩니다. 다만, 관계법률에 의하여 보존이 필요한 경우 회사는 관계법령에서 정한 기간 동안 보관합니다.
3. 아동의 법정대리인은 아동 개인정보의 열람, 정정요구, 또는 개인정보의 수집 이용 및 제공에 대한 동의의 철회를 요청할 수 있으며, 이러한 요청이 있을 경우 회사는 필요한 조치를 지체 없이 취하도록 합니다.
제 2항 회사는 회원 자신의 개인정보 관리에 대하여 아래와 같이 조치를 취합니다.
1. 회원은 개인정보관리책임자에게 서면, 전화, 전자우편 등을 통하여 개인정보 수집에 대한 동의를 철회할 수 있으며, 그 경우 회사는 본인 여부를 확인한 후 법령에 다르게 규정하고 있는 경우를 제외하고는 당해 개인정보의 파기 등 필요한 조치를 취합니다. 단, 회원탈퇴로 인하여 개인정보가 파기되는 경우에는 해당 회원이 회사의 서비스를 이용하면서 생성, 축적한 관련 정보가 함께 파기될 수 있습니다.
2. 회원은 자신의 개인정보에 대한 열람 및 정정요구를 할 수 있으며, 그 경우 회사는 필요한 조치를 취합니다.
3. 회사는 회원의 대리인이 방문하여 열람 또는 정정요구를 하는 경우에는 회원의 진정한 대리인인지 여부를 확인하며, 이 경우 회사는 대리관계를 나타내는 증표를 제시하도록 요구할 수 있습니다.
4. 회사는 회원의 당해 개인정보의 전부 또는 일부에 대하여 열람 또는 정정요구를 거절할 정당한 이유가 있는 경우에 회원에게 이를 지체 없이 통지하고 그 이유를 설명합니다.
5. 회원가입 시 회원이 제공한 필수입력항목들의 변경은 회사가 제공하는 서비스에 오류 등을 발생시킬 수 있는 사항이기 때문에, 회사는 원활하고 안정적인 서비스 제공을 위하여 회원의 필수입력항목 변경에 대해서는 해당 회원에게 별도로 절차를 요청할 수 있습니다.
제 10조 [개인정보 자동수집 장치의 설치∙운영 및 그 거부에 관한 사항]
제 1조 회사는 회원에게 특화된 맞춤서비스 등을 제공하기 위하여 회원의 정보를 수시로 저장하고 찾아내는 ‘쿠키(Cookie, 접속정보파일)’를 운용합니다. 쿠키란 웹사이트를 운영하는 서버가 회원의 브라우저 또는 앱에 보내는 아주 작은 텍스트 파일로써 회원의 컴퓨터 또는 디바이스에 저장됩니다. 회사는 쿠키 운용과 관련하여 회원의 컴퓨터 및 휴대폰은 식별하지만 회원을 개인적으로 식별하지는 않습니다.
제 2조 회원은 ‘쿠키’에 대한 선택권을 가지고 있습니다. 회원은 웹 브라우저에서 [도구] > [인터넷옵션] > [보안] > [사용자정의수준]을 선택하거나, 모바일 기기 설정 또는 옵션에서 설정함으로써 모든 쿠키를 허용하거나, 쿠키가 저장될 때 마다 확인을 거치거나, 모든 쿠키의 저장을 거부할 수 있습니다. 단, 모든 쿠키의 저장을 거부하는 경우, 쿠키를 통하여 회사에서 제공하는 서비스를 이용할 수 없습니다.
제 11조 [개인정보 보호를 위한 기술적∙관리적 보호대책]
제 1항 회사는 회원의 개인정보를 취급함에 있어 개인정보가 분실, 도난, 누출, 변조 또는 훼손 등이 되지 않도록 안전성을 확보하기 위하여 다음과 같은 기술적∙관리적 보호대책을 강구하고 있습니다.
1. 회사는 개인정보처리시스템에 대한 접근권한을 서비스 제공을 위하여 필요한 개인정보관리책임자 또는 개인정보취급자에게만 부여합니다.
2. 회원의 비밀번호는 암호화 처리되어 운영자도 회원 개개인의 비밀번호를 알 수 없도록 되어 있습니다.
3. 회사는 해킹이나 컴퓨터 바이러스 등의 외부침입에 대비하여 회원의 개인정보가 유출되는 것을 막기 위하여 외부로부터 침입을 차단하는 장치를 이용하는 등 최선을 다 하고 있습니다.
4. 회사는 개인정보의 훼손에 대비하여 자료를 수시로 백업하고, 최신 백신프로그램을 이용하여 회원들의 개인정보나 자료가 누출되거나 손상되지 않도록 방지하고 있으며, 암호화 통신 등을 통하여 네트워크상에서 개인정보를 안전하게 전송할 수 있도록 하고 있는 등 기타 시스템적으로 보안성을 확보하기 위하여 가능한 모든 기술적 장치를 갖추려 노력하고 있습니다.
제 2항 회사는 개인정보취급자를 개인정보 관리책임자 및 최소한의 인원으로 제한하고 있으며, 그 최소한의 인원에 해당하는 대상은 다음과 같습니다.
1. 회원을 직접 상대로 하여 마케팅, 고객지원, 게임운영, 배송업무를 수행하는 자
2. 개인정보 관리책임자 등 개인정보 관리 업무를 수행하는 자
3. 기타 업무상 개인정보의 취급이 불가피한 자
제 3항 회사는 개인정보취급자를 대상으로 새로운 보안기술 습득 및 개인정보 보호의무 등에 관한 정기적인 사내교육을 실시하고 있습니다.
제 4항 개인정보취급자의 업무 인수인계는 보안이 유지된 상태에서 철저하게 이루어지고 있으며, 입/퇴사 시 개인정보 사고에 대한 책임을 명확화 하고 있습니다.
제 5항 회원 본인의 부주의나 PC/인터넷 상의 문제로 ID, 비밀번호, 주민등록번호 및 이메일 주소 등 개인 정보가 유출되어 발생한 문제에 대해서는 회사가 일체 책임지지 않습니다.
제 12조 [개인정보에 관한 민원서비스]
제 1항 회사는 회원의 개인정보를 보호하고 개인정보와 관련한 불만을 처리하기 위하여 아래와 같이 개인정보 관리책임자 및 개인정보 관리담당자를 지정하고 있습니다.
1. 개인정보 보호책임 및 담당자
(1) 이름: 김지민
(2) 소속/직위: 콘텐츠본부/이사
(3) 이메일: help@rainbowrabbit.co.kr
(4) 전화번호: 031-623-0221
제 2항 기타 개인정보 침해에 대한 신고나 상담이 필요하신 경우에는 아래 기관에 문의하시기 바랍니다.
1. 개인정보 침해신고 센터 (http://privacy.kisa.or.kr / 118)
2. 전자거래분쟁조정위원회 (http://www.ecmc.or.kr / 1661-5714)
3. 경찰청 사이버 안전국 (www.ctrc.go.kr / 02-392-0330)
4. 대검찰청 사이버 안전수사단 (http://www.spo.go.kr / 02-3480-3571)
제 13조 [고지의 의무]
제 1항 본 개인정보취급방침은 내용의 추가, 삭제 및 수정이 있을 시 변경되는 개인정보 취급방침을 시행하기 최소 7일 전에 공식 홈페이지 또는 서비스의 공지 등 기타의 방법을 통해 고지할 것입니다.
제 2항 개인정보의 수집 및 활용, 제 3자 제공 등과 같이 이용자 권리의 중요한 변경이 있을 경우에는 최소 30일 전에 고지합니다.
제 14조 [기타]
제 1항 회사는 회원에게 다른 회사의 웹사이트 또는 자료에 대한 링크를 제공할 수 있습니다. 이 경우 회사는 외부사이트 및 자료에 대한 아무런 통제권이 없으므로 그로부터 제공받는 서비스나 자료의 유용성, 진실성, 적법성에 대해 책임질 수 없으며 보증할 수 없습니다.
제 2항 회사가 포함하고 있는 링크를 클릭(Click)하여 타 사이트(Site)의 페이지로 옮겨갈 경우 해당 사이트의 개인정보취급방침은 회사와 무관하므로 새로 방문한 사이트의 정책을 확인하시기 바랍니다.
부칙 2023년 08월 01일
본 약관은 2023년 08월 01일부터 시행합니다.
Privacy Policy
We will inform the purpose and method of using personal information provided by end users and measures relating to the protection of personal data.
Rainbow Rabbit INC. Privacy Policy |
1 Introduction
1.1 Rainbow Rabbit INC. (hereinafter referred to as “Company”) collects members’ personal information as follows in order to provide various services to users (hereinafter referred to as “members”) and does its best to protect their valuable personal information. Accordingly, the Company takes measures to protect the personal information of its members by thoroughly complying with the Act on Promotion of Information and Communications Network Utilization and Information Protection, Privacy Act, Protection of Communications Secrets Act, Telecommunications Business Act. and other relevant laws and regulations that information and communication service providers must comply with.
1.2 The company does not collect sensitive personal information that may violate basic human rights, and it always makes it easy for members to see this privacy policy through the official homepage of the service provided by the company (https://rainbowrabbit.co.kr/privacy-policy/, hereinafter referred to as the ‘official homepage’).
1.3 Within the scope of the agreement of its collection and use, a Member’s personal information(device information, etc.) shall be accessed and collected only after his or her awareness and approval, and shall never be provided to a third party without separate consent.
2 Definition of Personal Information
2.1 Information about an identifiable individual that may include his or her name, address, email address, phone number, race, nationality, ethnicity, origin, or age, sex, identifying number, code, symbol, finger prints, blood type, inherited characteristics, including information on others’ opinion about the individual, and personal views except those about other individuals. However, we do not collect social security numbers according to the law.
3 Agreement to Collect and Use Personal Information
3.1 The Company shall provide services that require you to sign up for an Account. When you do, we’ll ask for personal information, like your name, email address, telephone number. If you choose ‘I agree’, you consent to the collection of personal information
3.2 If you check the ‘Receive’ in relation to the reception of for-profit advertisement through e-mail or SMS in the procedure such as signing up, you consent to receive commercial information for commercial purpose.
4 Information to be collected and method of collection
4.1 The company collects the following personal information to provide better services for membership registration, consultation and application, data statistics, etc. This information includes:
(1) Rainbow Rabbit Platform (Common Game Service): ID, email, ADID, nickname, password, name, mobile phone number, profile picture, game service access history, access log and authentication date, payment history, game version, Number, etc.), mobile phone address book (mobile phone number, general phone number, name, nickname), game invitation ID
(2) Kakao Platform Interconnection Service: Kakao mobile phone number, ADID, profile picture, game service access history, access log, payment history, game version, carrier information, device information (such as model name, OS version, serial numbers, etc) friends list.
(3) Band Platform Interconnection Service: Band membership number, nickname, profile picture, affiliated band lists, member information, exclusive band game.
(4) Facebook Login Interconnection Service: Facebook identifier information, Android ID, ADID, mobile phone number, profile picture, game service access history, access log, authentication date, a payment record, a game version, carrier information, and device information (model name, OS version, serial numbers, etc) and friends list.
(5) Google+ Login Interconnection Service: Google project membership numbers, Android ID, ADID, mobile phone numbers, profile picture, game service access history, access log, authentication date, a payment record, game version, carrier information, device information (model name, OS version, serial numbers, etc)
(6) Location-Based Service: GPS location information, base station location information, WIFI-AP information.
(7) Personal Authentication Service: encrypted personal identification information, duplicate registration confirmation information, date of birth, gender, internal / foreign information, (information for foreigners)
(8) Use of Charged Services: Transaction related information such as bank account information, credit card information, mobile phone number, email address, gift certificate number, etc.
(9) Participation in Events and Promotions or Optional Services: Name, address, phone number, mobile phone number, email address, identification card copy, bank account information
4.2 How We Collect Information About You
1. Collection Method of Personal Information: Collect personal information through collecting tool by cooperative companies including homepage, written form, fax, telephone, Q&A board, and payment service, mobile game authentication, e-mail, event application, delivery request,
5 How We Use the Information We Collect
5.1 We may use the information we collect in the following ways
1. To provide the products and services you purchase, respond to your questions, and carry out the transactions you have requested;
– Billing for cash and paid service, delivery, payment for other purchases, shipping of goods or invoices, and self-certification
2. Member management and identification
– To detect and deter unauthorized or fraudulent use of or abuse of the Service
3. Use of information with prior consent of the users (for example, utilization of marketing advertisement)
– To make statistics on member’s service usage, to provide services and place advertisements based on statistical characteristics
– To provide information on promotional events as well as opportunity to participate
– Improvement of existing services and development of new services
5.2 We may engage third party companies and individuals to perform services on our behalf (e.g., without limitation, software maintenance services, advertising serving technologies, e-mail service providers, delivery services, database management, web analytics and other services). These third parties may have access to your Personal Information. If they do, this access is provided so that they may perform these tasks on our behalf and they are not authorized by us to otherwise use or disclose your Personal Information, except to the extent required by law. In addition, if you choose to participate in certain of our programs or to receive certain content we make available, we may share your Personal Information with participating sponsors, content providers, and related vendors in connection with such programs and content. As described in this Privacy Policy, we will not share your Personal Information with other companies or individuals unless we have received your consent.
6 Agreement to Disclose Personal Information to Third-Party
6.1 In principle, the Company does not use it beyond this scope or disclose the member’s personal information to the outside without the member’s prior consent. However, if a member agrees to disclose personal information in advance, or if there is a request from the investigative agency according to the provisions of the law or the procedures and methods prescribed by the law for investigation purposes, it will be disclosed to the outside.
Consignee | Consigned Task(s) | Personal Information Retainment and Usage Period |
Com2us Co., Ltd. | Account linking (Member ID, nickname, ADID, device information, etc.) | Until withdrawal of membership or termination of consignment contract |
6.2 The Company may share anonymized user evaluations and app reviews and anonymized information statistics with third parties for purposes including, but not limited to, statistics, machine learning, advertising, or marketing purposes.
6.3 The Company may disclose or transfer personal information as its operating asset in the course of an asset transfer, financing, or acquisition of the Company. However, under no circumstances will these transactions result in your information being used for any purpose other than what you agree with us.
7 Use of Period and Retention of Personal Information
7.1 In principle, the Company keeps the personal information of the member until the member leaves the membership, and after the member withdraws the membership or the purpose of collecting and using the personal information is achieved, the information is deleted without delay.
7.2 In accordance with the terms and internal policies, the Company holds personal information in accordance with Article 4 of this Agreement for the purpose of prevention of fraudulent use and consumer complaints and settlement of disputes for 30 days after the withdrawal of membership, your personal information will then be permanently deleted. However, if there is a dispute between the company and the member or the member and the dispute related to the dispute arises, a copy of the identification card of the related member and a copy of the identification card of the legal representative and the consent form shall be kept for three years.
7.3 The Company keeps personal information that needs to be preserved in accordance with relevant laws and regulations such as the Commercial Act and the Consumer Protection Act in Electronic Commerce etc. The items, reasons and duration of the personal information in the related laws are as follows
1. Service Visit Record
(1) Reason for Preservation: Communications Privacy Act
(2) Retention Period: 3 months
2. Record of Contract or Withdrawal
(1) Reason for Preservation: Consumer Protection Act in Electronic Commerce etc.
(2) Retention Period: 5 Years
3. Record of identity verification
(1) Reason for Preservation: Act on Information Network Promotion and Information Protection, etc.
(2) Retention Period: 6 months
4. Record of Payment and Goods Supply
(1) Reason for Preservation: Consumer Protection Act in Electronic Commerce etc.
(2) Retention Period: 5 Years
5. Records of Consumer Complaints or Disputes
(1) Reason for Preservation: Consumer Protection Act in Electronic Commerce etc.
(2) Retention Period: 3 Years
8 Procedures and Methods of Destroying Personal Information
8.1 In principle, after the purpose of collection and use of personal information is accomplished, the Company will destroy the information without delay.
8.2 If the member does not use the service for a certain period of time or applies for membership withdrawal, the Company will keep the personal information for 30 days for the purpose of complaints and settlement of disputes. Then the personal information will be destroyed in a way that cannot be recycled.
8.3 When a member submits a membership withdrawal, the company keeps the personal information for 30 days for the purpose of complaints and dispute settlement of the consumer, and discards the collected personal information.
8.4 If the personal information is stored in the form of an electronic file, the collected personal information is deleted using a technical method that cannot reproduce the record. Personal information printed on paper is shredded or burned.
9 Protection of Personal Information of Children
9.1 The Company shall take the following measures regarding the protection of personal information of children under the age of 13
1. We do not knowingly collect personally identifiable information from children under 13 via our Service, and do not target our Service to children under 13. We encourage parents and guardians to take an active role in their children’s online activities and interests.
2. However, if the Company collects any personal information from children under 13 or equivalent minimum age as prescribed in the laws in relevant jurisdiction for the services for unavoidable reason, the Company will go through the additional procedure of the followings for protecting that personal information of children
– Obtain consent from the parents or guardian of children so as to collect personal information of children or directly send the information of products and services of the Company
– Give the parents or guardian of children a notice of Company’s policy of privacy protection for children including the items, purpose and sharing of personal information collected
– Grant to legal representatives of children a right to access to personal information of that children/correction or deletion of personal information/temporary suspension of treatment of personal information/ and request for withdrawal of their consent provided before
– Limit the amount of personal information exceeding those necessary for participation in online activities
9.2 The Company shall take the following measures regarding the management of personal information of members.
1. Members may withdraw their consent to the collection of personal information by writing, telephone, e-mail, etc. to the person in charge of personal information management. In such cases, except for the case where the company confirms the identity of the person, the Company takes necessary measures such as destruction of personal information concerned. However, if personal information is destroyed due to membership withdrawal, relevant information generated and accumulated by the member using the company’s services may be destroyed together.
2. Members may request to view and correct their personal information, and if so, the Company shall take necessary measures.
3. The Company shall confirm whether the Member’s agent is a true Representative of the Member when the Member’s visit is made and requests to be read or corrected. In this case, the Company may require the Company to present a certificate showing the proxy relationship.
4. The Company shall notify the member without delay and explain the reasons to refuse the request to read or correct the whole or part of the personal information of the member.
5. In order to provide a smooth and stable service, the Company shall notify the member concerned about the change of the essential input items of the member, because the change of the essential input items provided by the member at the time of membership is a matter that may cause errors in the service provided by the company. You can request the procedure separately.
10 Regarding the Installation and Operation of the Automatic Collection Device of Personal Information and its Rejection
10.1 In order to provide customized services to the members, the company operates a ‘cookie’ (cookie connection information file), which stores and retrieves information of members from time to time. Cookies are small text files that a server running a website sends to a member’s browser or app on a member’s computer or device. The Company identifies members’ computers and mobile phones in connection with the operation of cookies but does not personally identify members.
10.2 Members have the option of ‘cookies’. Members can accept all cookies by selecting [Tools]> [Internet Options]> [Security]> [User-defined level] in the web browser, or by setting them in the mobile device settings or options. Or, you can refuse to save all cookies. However, if you refuse to store all cookies, you will not be able to use the services provided by the company through cookies.
11 Technical and Administrative Protection Measures for Personal Information Protection
11.1 In dealing with the personal information of the member, the Company takes the following technical and managerial protection measures in order to ensure the safety so that personal information is not lost, stolen, leaked, altered or damaged.
1. The Company grants access to the personal information processing system only to the personal information manager or personal information handler required to provide the service.
2. The password of the member is encrypted so that the operator cannot know the password of each member.
3. The company is doing its best to prevent intruders from hacking or computer viruses and to prevent the leakage of personal information of members by using a device that prevents intruders from outside.
4. The company backs up the data from time to time in preparation for the compromise of personal information and uses the latest vaccine program to prevent personal information or data of members from being leaked or damaged and to securely transmit personal information on the network through encrypted communication etc. And other systematic security measures to ensure that all the technical equipment is trying to have.
11.2 The Company limits the person handling personal information to the person in charge of personal information management and the minimum number of persons.
1. Those who perform marketing, customer support, game operation, and delivery service directly to the members.
2. Person who performs personal information management duties such as personal information manager
3. Those who are inevitably required to handle personal information for business purposes
11.3 The Company conducts regular in-house training on the acquisition of new security technologies and personal information protection duties for personal information handlers.
11.4 The personal information handler’s takeover of the business is carried out thoroughly with security maintained and the responsibility for personal information accidents is clarified when entering / leaving.
11.5 The Company shall not be held responsible for any problems caused by leakage of personal information such as ID, password, resident registration number and e-mail address due to member’s negligence or PC / Internet problem.
12 Customer Service on Personal Information
12.1 In order to protect the personal information of the member and to handle complaints related to the personal information, the Company appoints the personal information protection appointee and personal information protection manager as follows.
1. Personal Information Protection Appointee & Manager
(1) Name: Jimin, Kim
(2) Department / Position: Digital Contests Biz Team
(3) E-mail: help@rainbowrabbit.co.kr
(4) Tel: 82316230221
12.2 If you need to report or consult about other privacy infringements, please contact the following organizations.
1. Personal Information Infringement Notification Center (http://privacy.kisa.or.kr / 118)
2. Electronic Transaction Dispute Resolution Committee (http://www.ecmc.or.kr / 1661-5714)
3. Cyber Security Bureau, National Police Agency (www.ctrc.go.kr / 02-392-0330)
4. Cyber Safety Division, Supreme Prosecutors’ Office (http://www.spo.go.kr / 02-3480-3571)
13 Obligation to Notify
13.1 This Privacy Policy will notify you through the website or other means at least 7 days prior to enforcement of the Privacy Policy, which will be updated as additions, deletions and modifications are made.
13.2 We will notify you at least 30 days in advance of any significant changes in your rights, such as collection and use of personal information, and provision of third parties.
14 Conforming to GDPR
14.1 The Company shall process Members’ personal data based on the GDPR. We process your personal data for the purposes stipulated in the preceding paragraph based on the following legal grounds.
14.2 The Company processes Members’ personal data for the following purposes.
1. To deliver content such as games, video, and music, and provide related services
2. To contact and communicate with Members to respond to their inquiries and complaints
3. To complete a transaction or service requested by Members
4. To notify Members about a change to this Privacy Policy or the Terms of Service, if necessary
5. To allow Members access to limited-entry areas of the Services
6. To resolve disputes with Members
14.3 The Company processes Members’ personal data to pursue the interests below.
1. To develop services, compile statistics, analysis, questionnaires, and other marketing activities intended to improve services
2. To fulfill marketing or promotional purposes
3. To ensure that the Services are relevant to Members’ needs
4. To create and publish content that is the most relevant to Members
5. To process strictly necessary cookies
14.4 The Company requires the Members’ consent while processing personal information for the following purposes.
1. To process cookies (excluding crucial ones) as well as Members’ personal data obtained through such cookies
2. To provide Members with special offers, updated information and other new services from the Company or other affiliated third parties, or to forward promotional materials if Members have requested this information or provided their consent for the Company to do so
3. To deliver newsletters or other information that Members request
15 Conforming to California Consumer Privacy Act (CCPA)
15.1 The Company may have collected the following categories of information from and about you in the preceding 12 months:
1. Identifiers, which may include name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers
2. Personal Information categories contained in customer records, which may include name, signature, address, telephone number, bank account number
3. Commercial information, which may include records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
4. Internet or other similar network activity, which may include browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement
5. Geolocation data; which may include physical location
6. Inferences drawn from other personal information, which may include a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes
16 Others
16.1 The Company may provide members with links to other companies’ websites or materials. In this case, the Company has no control over external sites and materials and cannot be held responsible for the usefulness, truthfulness, or legality of the services or materials provided.
16.2 If you click on a link that contains a company and move it to a page of another site, the privacy policy of the site is irrelevant to the company, so please check the policy of the new site.
This Agreement will be effective on 01 AUG, 2023.
Privacy Policy (GDPR)
We will inform the purpose and method of using personal information provided by end users and measures relating to the protection of personal data.
|
Rainbow Rabbit INC. GDPR Privacy Policy |
Rainbow
Rabbit, Inc. (collectively referred to as “Rainbow Rabbit”,
“company”, “we”, “our” or “us”) provide
this privacy policy to explain how we collect, use, and share information. For
the purposes of European data protection laws, Rainbow Rabbit is the data
controller of your personal information. This privacy policy
(“Policy”) covers Rainbow Rabbit’s handling of one types of
information:
Information
we receive about end users of third-party mobile applications
(“Apps”) that use our Software Development Kit (“SDK”),
Application Programming Interface (“API”), Demand Side Platform
(“DSP”) or other technologies (collectively, the “Rainbow Rabbit
Services”), users that use Rainbow Rabbit Services (Collectively
“User”, “you” or “your”), and information we
receive about Users while Users interact with platforms, applications, websites
or other services provided by Rainbow Rabbit’s business partners.
This
Policy is subject to any service agreement between Rainbow Rabbit and you. By
using the Rainbow Rabbit Service, you acknowledge that you have read, and
understood this Privacy Policy. Please review this Privacy Policy before using
the Rainbow Rabbit Service.
We
evaluate this Policy and procedures to implement improvements and refinements
from time to time. If we make material changes to this Policy we will notify
you by means of a prominent notice on Rainbow Rabbit Site prior to the change
becoming effective.
Privacy
Policy of the Rainbow Rabbit Services.
1
Introduction
1.1 This Policy applies to information collection and use by Rainbow
Rabbit while Users: (i) playing the game by the Rainbow Rabbit Services;(ii)
interact with the Rainbow Rabbit Services; or (iii) interact with platforms,
applications, websites or other services provided by Rainbow Rabbit’s business
partners.
(1) Adcolony https://www.adcolony.com/privacy-policy
(2) UnityAds https://unity.com/kr/legal/privacy-policy
(3) Facebook https://www.facebook.com/about/privacy
(4) Appsflyer https://www.appsflyer.com/kr/product/gdpr#our_commitment_to_you
(5) Admob https://policies.google.com/privacy?hl=en
1.2 Our technology enables our
partners to show Users more relevant advertising that is based on Users’
interests and behaviors. In order to provide Rainbow Rabbit Services, we may
collect and use certain information about User activity and preferences. We
understand how important it is to keep such User’s personal information
confidential and discrete, especially in today’s online world. To this end, we
have designed this Policy in a format that is easy to navigate and read so that
our privacy practices can be clearly understood.
1.3 The Rainbow Rabbit Services may
link to third party websites, Apps or other third party content. Please note
that we cannot control the treatment of a User’s information by such third
parties, and that the privacy practices of third parties likely differ from
those described in this Policy.
2 How
We Collect Users’ Information
2.1 Depending on the nature of a User’s interaction with the Rainbow
Rabbit Services, or any service provided by Rainbow Rabbit’s business partners,
we may collect information directly from such User or from our business
partners (e.g. mobile application developers, Ad Exchange platforms, and
advertisers). For example, when we partner with an Ad Exchange platform and the
Ad Exchange platform initiates an ad request to our DSP, it may share User’s
information with us. Where required, the publisher will obtain User consent for
and on our behalf for the processing of User personal information to display
advertising on a User’s device. A User can withdraw their consent at any time.
In addition, we may acquire information from other trusted sources to update or
supplement the information that the User voluntarily provides to us or that we
collect automatically or collect from our business partners (e.g. mobile
application developers, Ad Exchange platforms).
3 Information
We May Collect From Users
3.1 When you view ads served by Rainbow Rabbit Service or interact with
services provided by Rainbow Rabbit’s business partners, we and/or our business
partners may collect your information including the following: Device make,
device model, operating system (e.g.iOS), device type (e.g. smartphone, tablet,
etc.), device properties related to screen size, orientation and battery,
carrier, name and properties of mobile application through which a consumer
interacts with the Rainbow Rabbit Services or services provided by Rainbow
Rabbit’s business partners, country, time zone and locale settings (country and
preferred language), network connection type, IP address, Internet browser
user-agent used to access the Advertising Services, identifier for advertisers
(IDFA), network provider, SDK version, timestamp, API key (identifier for
application), application version, iOS Identifier for advertising, OS version
of device, time zone, network status such as WiFi, the geo-location of your
device (using GPS or other geo-location data) and the Identifier for
Advertising (IDFA) or the Google Advertising ID (AAID), GAID, etc.,
international mobile equipment identity (IMEI), Internet (IP) addresses or
geo-location data, the content type of the ad (what the ad is about, e.g.
games, finance, entertainment, news), the ad type (e.g. whether the ad is a
text, image, or video based ad), device event information such as crashes,
system activity, hardware settings, browser type, browser language, the date
and time of your request and referral URL.
4 How
We Use Users’ Personal Information
4.1 We use your personal information to display advertising on your
device, which may include interest-based advertising customized to individuals’
inferred interests, preferences, locations and other features. Where required,
the publisher will obtain User consent for and on our behalf for the processing
of User personal information to display advertising on a User’s device. A User
can withdraw their consent at any time.
4.2 Where necessary in our legitimate
interests we use your personal information: (i) to understand and analyze your
usage trends and preferences and improve our Rainbow Rabbit Service; or (ii)
for purpose of anti-fraud and traffic quality monitoring in order to perform
the contractual obligations to our business partners.
4.3 We may also use personal
information about Users to comply with applicable laws, regulations or codes of
practice, and to protect our legitimate interest and protect the rights or
property of us or any other third parties.
5 Disclosure of Users’ Personal
Information
5.1 We may
disclose the User’s personal information to our business partners, including
our advertisers, to report the measurement of Users’ interactions with the
Apps, and for anti-fraud and traffic quality monitoring in order to perform the
contractual obligations to our business partners (e.g. advertisers). These
business partners may use the Users’ personal information to show Users
relevant ads, measure Users’ ad/site interaction, identify Users’ interest
areas, better understand the site and app traffic usage or User behavior in
order to improve their services. Our business partners’ use of the information
that we disclose to them will be governed by their privacy policies.
5.2 We may also share aggregate or anonymous information with other
third parties in accordance with the terms of this Policy.
5.3 We may
share Users’ personal information as required or permitted by law to comply
with a subpoena or similar legal process or government request, or when we
believe in good faith that disclosure is legally required or otherwise
necessary to protect our rights and property, or the rights, property or safety
of others, including to advisers, law enforcement agencies, judicial and
regulatory authorities. We may also transfer Users’ personal information to a
third party that acquires all or part of our assets or shares, or that succeeds
us in carrying on all or a part of our business, whether by merger,
acquisition, reorganization or otherwise.
6 International
Transfers
6.1 When you are located in the European Economic Area (“EEA”), personal
information collected from you, including though our Rainbow Rabbit Service,
will be transferred to recipients in countries located outside the EEA
(including in China, US, India, Korea, Singapore, Australia, Japan, Canada,
France, Ireland, London, Germany, Brazil), which do not provide a similar or
adequate level of protection to that provided by countries in the EEA. Where
required by law, the publisher and/or advertiser will obtain your consent to
the transfer of your personal information to recipients, as described in this
Privacy Policy, which are located outside the EEA. You may withdraw your
consent at any time.
7 Your
Data Rights
7.1 If you are in the EEA, you have a right to (subject to a limited
number of exceptions): (i) request access to and rectification or erasure of your
personal information; (ii) obtain restriction of processing or to object to
processing of your personal information; and (iii) ask for a copy of your
personal information to be provided to them, or a third party, in a digital
format. You also have the right to lodge a complaint about the processing of
your personal information with your local data protection authority in the EEA.
To
exercise this right please contact help@rainbowrabbit.co.kr
8 Security
of Users’ Personal Information
8.1 The security of User’s information is our utmost priority, and we
take strict measures in order to protect our data from unauthorized access,
use, disclosure or destruction of data. We have implemented physical, technical
and administrative security measures for the Services that comply with
applicable laws and industry standards. For example, we use firewalls,
encryption technology and other automated software designed to protect against
fraud and identity theft; our data is only stored in centers that provide
high-level security for User’s information. Physical access is strictly
controlled both at the perimeter and at building ingress points by our staff
utilizing video surveillance and other electronic means.
8.2 We also protect User’s privacy by seeking to minimize the amount of
sensitive data and PRI that we store on our servers in the first place. We also
seek appropriate contractual protection from our partners regarding their
treatment of user data.
8.3 Rainbow Rabbit may retain the information relating to you collected
from our business partners as necessary for the provision of the services,
internal analytical purposes, or to comply with its legal obligations, resolve
disputes and enforce agreements (e.g. settlement). The criteria used to
determine the retention periods include: (i) how long the personal data is
needed to provide the services and operate the business; (ii) the type of
personal data collected; and (iii) whether we are subject to a legal, contractual
or similar obligation to retain the data (e.g., mandatory data retention laws,
government orders to preserve data relevant to an investigation, or data that
must be retained for the purposes of litigation or disputes).
9 Children
9.1 We ensure that we complies with the Children’s Online Privacy
Protection Act (COPPA), protecting children’s privacy online is very important
to us. Generally, our Services are not directed to children under 13 (or other
age as required by local law), and the Services do not knowingly collect
personal data from children, except as described in the following paragraph.
For games that are not directed at children
but nonetheless may appeal to them, we take additional steps to limit access to
these Services based on the player’s age. For these Services, when a player
indicates they are under 13 (or the applicable age in their territory), we will
limit their access to certain features, such as social media and chat features,
as well as certain types of notification alerts. We also limit the processing
of personal data to only what is necessary to support the internal operations
of our Services.
Please note that for some of our Services
we may use a higher age limit (such as 16) than described in the above two
paragraphs. We do this to provide a safe game experience for our players and to
protect Young Players.
If you are a parent or guardian and wish to
review personal data collected from your child, or have that information
modified or deleted, you may contact us as described above. If we become aware
that a child has provided us with personal data contrary to the above, we will
delete any personal data we have collected, unless we have a legal obligation
to keep it, and terminate the child’s account and/or revert them to the
underage experience, as applicable.
10 Marketing
10.1 We may contact you periodically by e-mail to provide information
regarding our products, services and content that may be of interest to you. If
applicable law requires that we receive your consent before we send you certain
types of marketing communications, we will only send you those types of
communications after receiving your consent.
10.2 If you decide at any time that you no longer wish to receive such
communications from us, you may follow the unsubscribe instructions provided in
any of the communications or request to be opted-out of receiving such
communications via email to help@rainbowrabbit.co.kr
10.3 If a
parent or guardian becomes aware that his or her child has provided us with
information without their consent, he or she should promptly contact us and we
take reasonable steps to ensure that such information is deleted from our
files.
Contact
Us
If you
have any question or comment about this Policy, please contact Rainbow Rabbit’s
Data Protection Officer at help@rainbowrabbit.co.kr
You can
also write to Rainbow Rabbit INC. at:
13595,
12F, 3, Hwangsaeul-ro 240beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do,
Republic of Korea
Please be
sure to include your personal name (and the full company name, if you are
inquiring on behalf of such company), address and email address in any
correspondence to us so that we can respond to your inquiry in a timely manner.