Crazy Diamond Co., Ltd. ("the Company") is committed to protecting and safely managing users' personal data. This Privacy Policy applies to personal information collected through the TotsRally application ("the Service"). The Company has established and disclosed this policy to inform users of the procedures and standards regarding personal data processing, and to ensure that any related concerns are addressed quickly and efficiently.
Article 1 (Purpose of Processing Personal Information)
The Company processes personal information directly or indirectly provided by users for the following purposes. The Company does not use personal information for any other purposes without the user’s consent.
1. To fulfill the contract of service provision:
Account creation and management
Identity and age verification (e.g., using date of birth)
Operation, maintenance, and enhancement of the Service
Provision of personalized features and content
Delivery of important notifications and updates
Customer support and handling inquiries
Managing events, surveys, and prize distribution
2. For legitimate business interests:
Improving service quality and analyzing usage behavior
Enhancing security and preventing unauthorized access or abuse
Detecting and responding to fraudulent or illegal activities
Resolving disputes and handling complaints
3. To comply with legal obligations:
Retaining records in accordance with applicable laws
Responding to lawful government or regulatory requests
Fulfilling accounting and tax responsibilities
4. Based on user consent:
Sending marketing and promotional communications
Providing targeted advertisements
Conducting usage analytics and compiling statistics
Article 2 (Personal Information Collected)
To provide and improve the Service, the Company collects the following types of personal information, either directly from users or automatically through their use of the Service:
1. Information Provided Directly by Users
Account Information: Email address (used as user ID), password, and nickname
Profile Information: Nickname, date of birth (collected solely for age verification purposes and not stored or linked unless required for legal or security reasons), and status message
Contact Information: Phone number and address (if entered during events or customer support requests)
Payment Information: Payment method details are not collected. Information such as purchased items and the payment platform (e.g., Google Play, Apple App Store) may be collected for customer support and transaction confirmation purposes.
Customer Support: Any additional information voluntarily provided when submitting inquiries to customer service
2. Information Collected Through Social Login
When users sign in using third-party services such as Google, Apple, or Facebook, the Company may collect basic profile information (e.g., email address, nickname) provided with the user's consent and strictly within the scope permitted by the respective platform.
Users are encouraged to review the privacy policies of these platforms, as the Company does not control how third-party platforms handle personal data.
3. Information Automatically Collected During Use
To ensure stable service operation and maintain account integrity, the following information may be automatically collected:
Gameplay-related data (e.g., nickname, in-game actions)
Device information (e.g., model, operating system version, firmware version, device ID)
Browser and OS information for PC users
IP address, cookies, and access logs
Location and country (inferred from IP address)
Service usage history and behavioral data
Records of abnormal or abusive activity
Article 3 (Retention and Use Period of Personal Information)
In principle, the Company promptly destroys users’ personal information once the purpose of collection and use has been fulfilled. However, certain information may be retained as required by applicable laws and for the periods outlined below.
Membership Cancellation and Grace Period
Upon a user’s request to delete their account, a 7-day grace period is applied.
This is a protective measure to prevent damages caused by account theft and to ensure user safety.
If the user logs back into the account during the grace period, the cancellation request is automatically withdrawn.
After the grace period ends, the account will be automatically deleted. However, certain information may still be retained in accordance with applicable laws.
Retention Based on Legal Requirements
Records related to contracts or withdrawal of subscription: retained for 5 years
Records related to payment and the supply of goods or services: retained for 5 years
Records related to consumer complaints or dispute resolution: retained for 3 years
Records of service visits: retained for 1 year
Records related to advertisements and displays: retained for 6 months
Article 4 (Sharing of Personal Information)
The Company may share users’ personal information with affiliates, group companies, or third parties when necessary for efficient service delivery, in accordance with applicable laws and with the user's consent. Personal information may be shared in the following cases:
Information disclosed by the user:
Nickname, profile picture, status message, etc.Service providers and business partners:
For purposes such as customer support, system development, advertising services, and customer satisfaction surveysPayment partners:
Information related to purchases may be shared for payment processing and fraud preventionLegal requirements:
To comply with applicable laws, respond to legal procedures, or fulfill requests from government or law enforcement agencies
Article 5 (Protection of Children's Personal Information)
The Company’s services are intended only for users aged 12 and older. We do not knowingly collect personal information from users under the age of 12.
To prevent access by underage users, we may request users to provide their date of birth solely for age verification purposes. This information is processed locally on the device and is not stored or shared, unless required by applicable laws.
If it is discovered that personal information has been collected from a user under the age of 12, such data will be promptly deleted and the associated account will be terminated.
Article 6 (User Rights and How to Exercise Them)
As the subject of personal information, users have the following rights.
To exercise these rights or submit a request, please contact us through the channels provided in the “Inquiries Regarding Personal Information” section.
Request to view, correct, or update personal information
Request to delete an account, suspend processing of personal data, or transfer personal data
Withdraw consent and opt out of receiving marketing communications
Article 7 (Measures to Ensure the Security of Personal Information)
To protect users’ personal information, the Company implements the following security measures:
Encryption of unique identifiers and sensitive data
Management and minimization of access rights to personal information
Installation and operation of security software
Regular security inspections and audits
Article 8 (Inquiries Regarding Personal Information)
If you have any questions, complaints, or requests regarding the processing of personal information, please contact us using the information below. We will respond and take action as promptly as possible. If there is an unavoidable delay, we will notify you accordingly.
Email: totsrallyhelp@crazydiamond.co.kr
Article 9 (Remedies for Infringement of Rights)
Organization
Website
Contact Number
Personal Information Infringement Report Center
118 (toll-free)
Personal Information Dispute Mediation Committee
1833-6972 (toll-free)
Supreme Prosecutors’ Office Cyber Investigation Department
1301 (toll-free)
National Police Agency Cyber Security Bureau
182 (toll-free)
If you need assistance or consultation regarding personal information infringement, you may contact the following organizations:
Article 10 (Changes and Notifications Regarding the Privacy Policy)
This Privacy Policy is subject to change.
If there are any significant changes, users will be notified at least seven (7) days prior to the effective date.
[Addendum]
Announcement Date: February 28, 2025
Effective Date: February 28, 2025