Privacy Policy

This privacy policy applies to internet-related services provided by Google Play Store developer semdu (hereinafter "Individual") through the application "Chally". In accordance with Article 30 of the "Personal Information Protection Act", we establish and disclose the following privacy policy to protect the personal information of data subjects and handle related grievances promptly and smoothly.

This privacy policy is effective from April 1, 2023.

Article 1 (Purpose of Processing Personal Information)

Google Play Store developer semdu (hereinafter "Individual") processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the "Personal Information Protection Act".

1. Verification of registration and withdrawal intentions, member identification, and member management

2. Storage and provision of challenges for each user

3. Maintenance and improvement of operating systems to prevent illegal activities and violations of community guidelines

Article 2 (Processing and Retention Period of Personal Information)

1. semdu will continuously manage and store members' personal information in accordance with the privacy policy and related laws while providing services. When the purpose of collecting and using personal information is achieved, such as withdrawal, the collected personal information will be immediately destroyed.

Article 3 (Items of Personal Information Being Processed)

1. semdu processes the following personal information items:

Personal Information Collected During Registration

• Required items: Nickname

• Optional items: Email, Password, SNS Identification ID, SSAID (Android ID) 

Note: Service usage records for service management purposes, such as service misuse records and log records (IP address, access time, SSAID), may be collected during the service use process.

Article 4 (Outsourcing of Personal Information Processing)

1. semdu outsources personal information processing tasks as follows for smooth personal information business processing:

• Commissioned Party (Processor): Amazon Web Services, Inc.

• Content of Commissioned Tasks: Service system provision, data management and storage

• Commission Period: Immediate destruction upon withdrawal

2. When concluding outsourcing contracts, semdu specifies matters such as prohibition of personal information processing outside the purpose of performing commissioned tasks, technical and administrative protection measures, restrictions on re-outsourcing, management and supervision of processors, and liability for damages in documents such as contracts in accordance with Article 26 of the "Personal Information Protection Act", and supervises whether the processor safely processes personal information.

3. If the content of commissioned tasks or the processor changes, we will promptly disclose it through this privacy policy.

Article 5 (Procedures and Methods for Destruction of Personal Information)

1. semdu destroys the relevant personal information without delay when it becomes unnecessary, such as the expiration of the personal information retention period or achievement of the processing purpose.

2. If personal information must continue to be preserved in accordance with other laws despite the expiration of the agreed retention period or achievement of the processing purpose, the personal information will be moved to a separate database (DB) or stored in a different location.

3. The procedures and methods for destroying personal information are as follows:

• Destruction procedure: semdu selects personal information for which destruction reasons have occurred and destroys it with the approval of semdu's personal information protection officer. 

4. Log records: All records are completely deleted on a 3-year cycle 

Article 6 (Rights and Obligations of Data Subjects and Legal Representatives and Their Exercise)

1. Data subjects may exercise rights such as viewing, correcting, deleting, or suspending the processing of personal information against semdu at any time.

2. The exercise of rights under Paragraph 1 may be made to semdu in writing, email, fax, etc., in accordance with Article 41(1) of the Enforcement Decree of the "Personal Information Protection Act", and semdu will take action without delay.

3. The exercise of rights under Paragraph 1 may be done through a legal representative or delegate of the data subject. In this case, you must submit a power of attorney according to Form No. 11 of the "Notice on Personal Information Processing Methods (No. 2020-7)".

4. Requests for viewing and suspending the processing of personal information may be restricted by Article 35(4) and Article 37(2) of the "Personal Information Protection Act".

5. Requests for correction and deletion of personal information cannot be made if the personal information is specified as a collection target in other laws.

6. semdu verifies whether the person requesting viewing, correction/deletion, or processing suspension is the subject themselves or a legitimate representative.

Article 7 (Measures to Ensure the Safety of Personal Information)

semdu takes the following measures to ensure the safety of personal information:

1. Restriction of access to personal information

• Taking necessary measures to control access to personal information by granting, changing, and revoking access rights to database systems that process personal information

• Controlling unauthorized access from outside using intrusion prevention system

2. Encryption of personal information

• Users' passwords are encrypted for storage and management, so only the user knows them

Article 8 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)

1. semdu uses 'cookies' that store and periodically retrieve usage information to provide individualized customized services to users.

2. Cookies are small pieces of information sent by the server (http) operating the website to users' computer browsers and may be stored on users' PC hard drives. a. Purpose of using cookies: Used to provide optimized information to users by understanding visit and usage patterns, popular search terms, secure access status, etc. b. Installation, operation, and rejection of cookies: You can reject cookie storage through option settings in the Tools > Internet Options > Privacy menu at the top of your web browser. c. If you reject cookie storage, you may have difficulty using customized services.

Article 9 (Personal Information Protection Officer)

1. semdu has designated the following personal information protection officer to be responsible for overall personal information processing tasks and handle complaints and damage relief related to personal information processing:

Personal Information Protection Officer

• Name: You Jun-yong

• Position: General Operations Manager

• Phone: +82 10-4169-7671

• Email: junyong008@gmail.com

2. Data subjects can inquire about all personal information protection-related matters, complaints, and damage relief that occur while using semdu's services (or business) to the personal information protection officer. semdu will respond to and handle inquiries from data subjects without delay.

Article 10 (Department Receiving and Processing Personal Information Access Requests)

Data subjects can request access to personal information under Article 35 of the "Personal Information Protection Act" from the following officer. semdu will strive to process personal information access requests from data subjects promptly.

Personal Information Access Request Reception and Processing Officer

• Name: You Jun-yong

• Position: General Operations Manager

• Phone: +82 10-4169-7671

• Email: junyong008@gmail.com

Article 11 (Changes to Privacy Policy)

• This privacy policy was revised on May 19, 2025.