Mobile Integrated Privacy Policy
Mobile Integrated Privacy Policy
Mobile Integrated Privacy Policy
Big Picture Team Co., Ltd. (hereinafter referred to as "the Company") is committed to protecting the valuable personal information of users (hereinafter referred to as "Users") and complies with relevant privacy protection regulations under laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Telecommunications Privacy Protection Act, and the Telecommunications Business Act.
Through this Privacy Policy, the Company informs Users about the purposes for which their personal information is collected and used, and the efforts and measures the Company takes to protect their personal information.
The Company publicly posts this Privacy Policy on the main page of its website, allowing Users to check the contents at any time. Users are encouraged to check the policy frequently when visiting the website.
The Company’s Privacy Policy contains the following details:
Effective Date: Feb 1, 2025
1. Consent to the Collection and Use of Personal Information
The Company obtains consent from Users for the collection and use of personal information as specified in Section 2, "Personal Information Collection Items and Methods." The collected information may be provided to external companies for processing or other purposes, within a limited period.
2. Personal Information Collection Items and Methods
The Company collects only the necessary personal information for providing game services to Users. To improve the service, the Company may collect additional optional information after obtaining separate consent from Users.
a. Personal Information Items Collected
When Users access the mobile game service, the following information is collected:
Google (or Facebook) account use:
Mandatory items: Email address, nickname, user identification information provided by Google or Facebook.
Note: The information collected may differ based on the privacy settings configured by the user on their Google (or Facebook) account.
When Users participate in the Company’s events, additional personal information may be collected:
(For event participation): Member ID, nickname, email address.
(For prize delivery): Mobile phone number and address.
(For tax purposes): Name, address, resident registration number, postal code, etc.
In these cases, separate consent will be obtained from Users.
Information generated automatically during service usage or business processing:
Game usage records, access logs, cookie information, IP information, authentication records, payment records, usage suspension records, mobile device information (telecommunications company information, device information, country information (MCC)), advertising identifier information (ADID, IDFA).
When Users use paid services, additional information may be collected:
Payment via open markets: Open market ID, open market nickname, payment approval number.
Payment via ARS: Telecommunications company information, mobile phone number, payment approval number.
When contacting customer service for inquiries, the following information may be collected:
Email address, nickname, member ID, mobile device information (device name, OS version).
b. Methods of Personal Information Collection
The Company collects personal information through the following methods:
1:1 inquiries through customer service, prize draw entries, cash purchases.
Mobile game authentication or commercial event participation.
3. Purposes of Using Personal Information
The purposes of using the collected personal information are as follows:
a. Purpose of Using Information Collected during Mobile Game Use
Fulfillment of game service contracts, billing and customer management, prevention of fraudulent usage, development of statistical data for new services, marketing or advertising purposes.
b. Purpose of Using Automatically Generated/Collected Information
Development or specialization of new services, provision of services based on demographic characteristics, ad display, statistics on service usage such as access frequency, handling complaints or disputes, restriction of bad users, etc.
c. Purpose of Using Information Collected during Paid Services
Identity verification and payment confirmation.
d. Purpose of Using Legal Guardian Information
Verifying the consent of the legal guardian for the collection of personal information of children under 14 years old.
4. Provision or Sharing of Personal Information to Third Parties
The Company does not share or provide Users' personal information to third parties without prior consent, except in cases where the Company is obligated to submit the information to national agencies or investigative authorities according to relevant laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection.
If the Company determines that it needs to provide personal information to third parties for better service, it will inform the User of the third party, the items of personal information required, the reasons, and the duration of the provision, and obtain consent from the User before providing the information.
5. Retention and Use Period of Personal Information
The Company retains and uses personal information for the period agreed upon and destroys it without delay when the purpose of collection and use is achieved or the retention period expires. However, in cases of membership withdrawal or when protection of victims is necessary due to identity theft, personal information may be retained temporarily for up to 14 days for internal settlement or recovery purposes, or up to 30 days if linked with other services, after which it will be permanently destroyed.
Additionally, personal information of long-term inactive users who have not logged in for over a year will be safely stored or destroyed.
If retention is required, the following periods apply:
a. Legal Retention Periods
Records of advertising and marketing: 6 months.
Contract or cancellation records: 5 years.
Payment and supply records: 5 years.
Records of consumer complaints or dispute resolution: 3 years.
Login records: 3 months.
b. Retention for Legal or Investigative Reasons
Retention period: 1 year.
c. Retention for Event or Marketing Purposes
Retention period: up to 3 months.
6. Procedures and Methods for Destroying Personal Information
The Company destroys personal information once the collection and use purpose is fulfilled. The procedure is as follows:
a. Destruction Procedure
After the purpose is achieved, personal information is kept for a period as per the Company’s internal policies or legal requirements, then destroyed.
b. Destruction Method
For paper documents, they are shredded or incinerated. For electronic files, they are permanently deleted using methods that prevent recovery.
7. Rights of Users and Legal Guardians and How to Exercise Them
Users and legal guardians of children under 14 years old can access, correct, or withdraw consent to the collection and use of personal information at any time.
To withdraw consent, Users can delete their account via the in-game settings or contact customer service. Note that deleting the account may result in the deletion of all related information accumulated during game use.
8. Installation and Operation of Automatic Personal Information Collection Devices (Cookies)
The Company may use "cookies" to provide customized services and improve convenience. Users can set their browser to accept or reject cookies.
9. Consent and Withdrawal of Game App Access Permissions
The Company requires consent for specific access permissions related to the mobile game app, which can be revoked at any time. Users can also uninstall the app to withdraw permissions.
10. Service Usage Record Analysis
The Company may use advertising identifiers and analytical software to analyze service usage to provide more useful and suitable services. Users can opt out of the collection of this information.
11. Technical, Managerial, and Physical Protection Measures for Personal Information
The Company has established measures to protect personal information from loss, theft, leakage, modification, or damage, including encryption of sensitive data, secure transmission, and access controls.
12. Personal Information Protection Officer or Department
The Company has appointed a personal information protection officer and department to handle complaints or concerns related to personal information.
13. Notification Obligation
If there are any changes to the Privacy Policy, the Company will notify Users at least 7 days prior to the change, and 30 days for significant changes.
14. Others
The Company may provide links to external websites. However, it is not responsible for the content, legality, or validity of those sites.
Appendix
This policy is effective from Feb 1, 2025.