Customer Center

STOVE Privacy Policy

STOVE Privacy Policy

Version at 30 August 2017

 

1. Why are you reading this?

This policy ("the Privacy Policy") sets out how we will use personal information and what measures we will take to protect personal information when we provide services (“our Service”) to individuals (“User” or “Member” or “you”).

It is important to us (“the Company” or “we”) that we treat your personal information in accordance with relevant laws and regulations, including the Personal Information Protection Act and the Act on the Promotion of Information and Communications Network Use and Information Protection, etc.

We may amend our Privacy Policy from time to time. If we do, we will let you know by posting a notice on our website 7 days prior to the amendments taking effect. If we are making significant changes to User's rights (e.g., collection and use of personal information, policy about providing information to a third party), we will endeavor to post this notice 30 days prior to the amendments taking effect. In addition, we may inform you of amendments via email or other communication channels.

Unless otherwise defined herein, all capitalized terms used herein shall have the same meaning as set forth in the Terms and Conditions of Service User of STOVE.

The latest version of our Privacy Policy can be found on our website at http://www.onstove.com.

2. Collection

1) What information do we collect?

① The following information is collected when a User signs up for our Service.

- Member: Stove Account Login Information (ID, Password, Nickname)

- PC game member residing outside Korea: Stove Account Login Information (ID, password, nickname, date of birth)

- Guest: MAC address, OS information, model name of devices with smart OS installed (tablet PCs, smartphones, etc.), OS information, device identifier (device ID or IMEI)

- Connection with Facebook: e-mail address of Facebook account (ID), nickname, profile information, Facebook friend information

- Connection with Google: e-mail address of Google account (ID), nickname, profile information, Google friend information

② The following information may be collected while Members use our Service.

- PC games: service usage records, improper use records, payment records, login records, cookies, MAC address, IP information, PC specifications information.

- Mobile games: e-mail address (ID), service usage records, improper use records, payment records, login records, MAC address, IP information, country, model name of devices with smart OS installed (tablet PC, smartphone, etc.), OS information, device identifier (device ID or IMEI).

- Mobile apps: model name of devices with smart OS installed (tablet PCs, smartphones, etc.), OS information, device identifier (device ID or IMEI).

③ The following information may be collected when a 1-on-1 inquiry is made.

- PC game: E-mail address (ID), nickname

- Mobile game: E-mail address (ID), nickname

④ We may collect additional information for the following customer-related services, and if so, shall enter into a separate agreement with you for the collection and use of personal information.

- PC game: event participation, legal representative's agreement on payment, gameplay time selection, subscription to channeling services, marketing notifications (SMS, TM, etc.)

- Mobile game: event participation, marketing notifications (Push notification, SMS, TM, etc.)

⑤ The following information can be collected when Users make payments for our Service.

- PC game

l Payment by mobile phones: date of birth, gender, mobile phone number, mobile carrier

l Payment by deposit without bankbook or by Internet banking: bank name, depositor’s name, purchaser’s name

l Coupon registration: e-mail address, member number, name, date of birth, country code, IP information

l Payment by credit cards: card company name, installment period, card number, expiration date, purchaser’s name, confirmation number

- Mobile game

l Payment through market: market order number

l Coupon registration: Coupon information

2) How do we collect information?

We collect information which you provide to us in the following circumstances:

  • when you sign up for our Service through our website or via your mobile device
  • when you use our Service
  • when you communicate with us over fax, telephone, email or other channels
  • when you participate in our events
  • when you provide information to our partnership companies

3. Processing of Unique Identification Information

1) Unique Identification information refers to "information selected by presidential decree" as defined in the Personal Information Protection Act and its Enforcement Ordinances, which includes resident registration number, passport number, driver's license number, and alien registration number.

2) We collect unique identification information for the following purposes, and collection of each requires us to enter into a separate agreement with you.

① To impose tax and public utilities charges on prize winners

② When required by law

Collected unique identification information shall not be used for purposes other than the purposes listed above, and shall be stored in an encoded format for safe management.

4. Use

We use the personal information we collect for the following purposes:

1) Provide our Service

  • fulfill contracts for services
  • conduct payment settlement for the said services
  • provide contents
  • make purchases and payments
  • deliver packages
  • collect fees

2) Member management

  • User identification

· protection from improper use or unauthorized use of our Service

  • confirmation of User's intention to sign up
  • age verification
  • processing user complaints
  • storing records for dispute settlement
  • sending notifications.

3) Guest management

· Handling complaints or customer counseling related to use of mobile services

4) Marketing and advertisements

· sending notifications about new services, events, advertisements

· providing service for Users depending on demographic characteristics

· creating statistics about member's connection frequency or use of service

5. Exceptions

We may provide personal information that we have collected for other purposes in the following circumstances:

① If Users provided prior consent to the provision of personal information

② If relevant laws (e.g., Framework Act on Telecommunications, Telecommunications Business Act, etc.) request it or if law authorities request it in accordance with the procedures and methods specified by law for investigation purposes

③ If information is needed for statistics generation, research, or market investigation purposes and information is provided in a format which Users cannot be identified

We may also use the personal information which we collected from the parties listed in the table below to improve our Service if you have given us your prior consent. We will use your personal information in accordance with the table below.

Information on Provision of Personal Information to Third Party for Residents of Korea

PC game

Provided To

Purpose of Provision

Personal Information Provided

Storage and Usage Period of Provided Information

Smilegate Entertainment, Inc.

Provide customer service, conduct game events

E-mail address (ID), , nickname, name, date of birth, gender

Until membership withdrawal or termination of service

Customer counseling

E-mail address , nickname

Stored for 3 years, then discarded

Smilegate RPG, Inc.

Provide customer service, conduct game events

E-mail address (ID), , nickname, name, date of birth, gender

Until membership withdrawal or termination of service

Customer counseling

E-mail address , nickname

Stored for 3 years, then discarded

 

Mobile game

Provided To

Purpose of Provision

Personal Information Provided

Storage and Usage Period of Provided Information

Smilegate Megaport, Inc.

Provide game service

E-mail address (ID), login records, service usage records, payment records, device record

Until membership withdrawal or termination of service

Customer counseling

E-mail address

Stored for 3 years, then discarded

YJM Games

Provide game service

E-mail address (ID), login records, service usage records, payment records, device record

Until membership withdrawal or termination of service

Customer counseling

E-mail address

Stored for 3 years, then discarded

Daeri Soft

Provide game service

E-mail address (ID), login records, service usage records, payment records, device record

Until membership withdrawal or termination of service

Customer counseling

E-mail address

Stored for 3 years, then discarded

Esentertainment Co., Ltd.

Provide game service

E-mail address (ID), login records, service usage records, payment records, device record

Until membership withdrawal or termination of service

Customer counseling

E-mail address

Stored for 3 years, then discarded

6. Consignment of Personal Information Management

To improve our Service, we consign personal information to companies specialized in personal information management, and ensure the management of personal information is in accordance with relevant laws.

Entrusted

Companies

Purpose of Consignment

Payletter Inc.

To process and settle payments made from paid services

Galaxia Communications Co., Ltd.

To process and settle payments made from paid services

Smilegate Megaport, Inc.

System maintenance

SMS, EMS dispatch

PC Game Service Operation

Customer counseling

Smilegate Entertainment, Inc.

Service support

7. Transferring Personal Information Overseas

The STOVE platform uses cloud services overseas to provide seamless services and boost User's convenience. The following section provides information on our arrangement to transfer personal information overseas.

1) Agreement to transferring personal information outside the country due to use of overseas server (Amazon)

① Information transferred

- E-mail address, name, date of birth, legal representative's name and e-mail address, cookies, IP address, personal identifier (CI)

② Country, date/time and method

- Country: countries where Amazon's Global Cloud services are being provided (US, Ireland, Japan)

- Date/time: the first date and time when each member signs up

- Method: transfer data locations to servers in Global Cloud areas through a highly secured private network

③ Recipients

- Name: Amazon Web Services, Inc. (Person in charge: Stephen Schmidt)

- Address: 410 Terry Avenue North, Seattle, WA 98109-5210 / Tel: (206) 266-1000

④ Purpose of transferring

- Provide Global Cloud service to operate our website

⑤ Period of retention and usage

In principle, collected personal information is discarded promptly when the purpose of collection is reached. However, the following information is held for a specified period for the reasons below:

- Information retained: e-mail address, name, date of birth, legal representative's name and e-mail address, cookies, IP address, personal identifier (CI)

- Retention period: until the date of membership withdrawal

- Reasons for retention: notify essential information such as change of the terms and conditions of our Service and Company information

2) Agreement to transferring personal information outside the country for use of customer inquiry management system

① Information transferred

- E-mail address, nickname

② Country, date/time and method

- Country: countries where Zendesk service is being provided (US)

- Date/time: the date and time when PC online members submit the first customer inquiry

- Method: transfer data locations through a highly secured private network when an inquiry is submitted to the customer center

③ Recipients

- Name: Zendesk, Inc. (Person in charge: John Geschke)

- Address: 1019 Market Street, San Francisco, CA 94103 / Tel: (415) 418-7506

④ Purpose of transferring

- Provide answers during customer inquiries and secure better communication

⑤ Period of retention and usage

In principle, collected personal information is discarded promptly when the purpose of collection is reached. However, the following information is held for a specified period for the reasons below:

- Information retained: e-mail address, nickname

- Retention period: 3 years from the date of receipt of inquiry (e.g., handling complaints and errors), 5 years from the date of receipt of inquiry regarding online payment in accordance with the Act on the Consumer Protection in the Electronic Commerce Transaction, etc

- Reasons of retention: check proof materials and data during customer inquiry to identify the content of the conversation

8. Retention

1) We destroy the collected personal information of Users promptly when the purpose of collection is satisfied. However, we store the personal information for 30 days after such discard, in order to handle customer complaints and dispute resolution such as unwilling withdrawal of membership as a result of hacking. After 30 days, the information will be destroyed permanently.

2) If storage duration of User information is otherwise stated in commercial law or e-commerce customer protection law, we will store such User information for the duration stated in relevant laws. In this case, we will retain such personal information solely for the purpose of storage, and the duration of storage is as follows:

① Records of contract or withdrawal: 5 years

· (Reason for storage: Act on Consumer Protection in the Electronic Commerce Transactions, Etc.)

② Records of payment and goods supply: 5 years

· (Reason for storage: Act on Consumer Protection in the Electronic Commerce Transactions, Etc.)

③ Records of customer complaints and disputes: 3 years

· (Reason for storage: Act on Consumer Protection in the Electronic Commerce Transactions, Etc.)

④ Marketing or advertisement records: 6 months

· (Relevant law: Act on Consumer Protection in the Electronic Commerce Transactions, Etc.)

⑤ Website visiting history: 3 months

· (Reason for storage: Protection of Communications Secrets Act)

⑥ If the storage duration has been notified to the User or a separate agreement from the User was received: The period notified or agreed upon individually

⑦ We may store the following information for the duration set by our internal policy and use it for the purpose set by us.

- Stored information: Application record, content and documents of customer counseling

- Reason for storage: To process counseling for User disputes

- Storage duration: 3 years

9. Destruction methods

We will destroy the collected personal information promptly when the purpose of collection is fulfilled. The process is as follows:

1) Destruction process

When the storage purpose is reached, we destroy information entered by the User for signing up for our Service, without delay in accordance with this policy and relevant law.

2) Destruction methods

① Personal information printed on paper shall be shredded or burned.

② Personal information stored in electronic files shall be removed using technology that permanently deletes the file without the possibility of restoration.

10. Your rights

1) Members can check or modify the entered personal information at any time, and may request membership withdrawal or removal of personal information if the member does not agree with the way we process personal information. However, if personal information required for the provision of our Service is removed, the entire or part of our Service may not be available.

2) Members can check or modify personal information in the [Change Personal Information] menu within our Service. Also, Members can use the [Withdrawal] menu in Service to end the contract at any time, and personal information of the Member shall be removed when the contract is terminated. However, we may store the Member's personal information for a certain period under the circumstances listed in paragraph 7 below.

3) If a Member requests modification or removal of personal information, we will take the necessary actions promptly.. Also, we may destroy personal information such as a Member's ID based on the terms and conditions of our Service and at the discretion of the Personal Information Protection Director.

4) When a request for changing incorrect personal information is submitted, we will not provide or use the personal information until the information is properly corrected. Also, if incorrect information is already provided to a third party, the correct information will be notified to the 3rd party without delay for prompt correction.

5) We keeps the personal information removed or deleted by Member's request in accordance with Section 8 (Retention) and does not allow viewing or using the stored information for other purposes.

11. Cookies

In order to provide customised services for Users, we use 'cookies' to collect your personal information. Cookies are bits of information that the server sends to the User's web browser or app, and are stored in your computer or device. These cookies may enable us to identify your computer or device, but we will not use this data to identify individual Users.

You may choose whether or not to enable cookies by changing the settings on your web browser or device. However, if you choose not to enable cookies, you may not be able to access certain services which we provide.

12. Security

We implement technical and managerial procedures to protect User's personal information from being lost, stolen, exposed, falsified, or damaged.

1) Technical measures

① User's personal information is encoded in a way that is only viewable by the User only, and change of information can only be done by the User on the website or upon User’s request.

② To prevent leakage of User's personal information, we have set up devices that protect personal information from external attack, hacking, and unauthorized access. Also, all personal information is safely transferred into our network system using a secured network system. In the case of the servers containing our User's personal information, we ensure that these services are not directly connected to external internet lines, and that we have all available technical devices in place to ensure security is protected.

③ We have a backup system for the system and data to handle unexpected issues which may arise.

④ We regularly update our anti-virus software programs to prevent damage caused by computer viruses.

2) Managerial measures

① We restrict access to your personal information to a limited number of employees who:

  • are engaged in marketing services directly to Users

· work in the personal information management department or engage in work related to personal information management

· are required, out of necessity, to process personal information

② We provide regular training for employees on new security technologies and protection of personal information, and regularly audit personal information management status and compliance by employees. We use our best endeavors to fix problems when a problem is discovered.

③ When employees are involved in handing over their duties, the transition process is carried out in a strictly confidential manner. We clearly notify employees of their responsibilities or consequences for incidents that might happen as a result of information leakage after joining and leaving the Company.

④ The Company's personal information processing is strictly limited to the relevant administrators, and we provide them with separate passwords that are periodically updated. We also conduct regular training for such employees to enhance our personal information protection practices.

⑤ We hold no responsibility for incidents or leakage of personal information resulting from a User's mistake or inherent risk factors of the Internet, so Users are responsible for keeping their accounts and passwords secure to protect personal information.

13. Users in California

1) Specific rights may be granted to Users residing in California. We abide by the California Online Privacy Protection Act and take measures to protect the personal information of Users.

2) Users can request confirmation of information leakage when their personal information is leaked. Also, all Users of our website can access their accounts and modify personal information at any time.

3) We shall not track website visitors. Also, we shall not use “Tracking Protection” signals.

4) Without User's consent, we will not collect personal identifiers through advertisements and will not provide the collected information to third parties.

14. Persons under the age of 13 residing outside of Korea

We will not knowingly collect any personal information from persons under the age of 13 who reside outside of the Republic of Korea. Persons under the age of 13 should not use our website or gaming platform at any time. If we have been notified that we have collected personal information from such persons, we will delete their information as soon as possible and in accordance with applicable laws and regulations.

In principle, our website and our Service are intended for adults. There is a minimum age requirement that must be met in order to sign up for an account to use our Service.

If we unknowingly collect personal information from Users under 13 years of age to provide our Service, the following additional processes shall be taken to protect the personal information of these persons:

1) Acquire agreement from the legal representative to collect personal information to directly provide information about our Service to the User

2) Notify parents about our Privacy Policy including content, purpose and sharing of information collected

3) Notify a legal representative about access to the User’s personal information, modification or removal of its personal information, temporary pause of its personal information process, and rights to withdraw the consent to provide its personal information provided in the past

4) We shall not collect information that is not necessary for participating in the online activity.

15. Our Privacy Personnel

We have a personal information protection director to handle feedback and complaints relating to our use of personal information.

 

Personal Information Protection Director

Personal Information Manager

Name

Hyoung Ju Han

Won Dong Eom

Department/Title

Dept. of Information Protection/Head of Department

Dept. of Publishing Support/ Team Leader

Telephone no.

+82-1899-1999

+82-1899-1999

Fax

+82-31-8017-4470

+82-31-8017-4470

E-Mail

privacy@smilegate.com

privacy@smilegate.com

Users may contact the Personal Information Protection Director or Personal Information Manager listed above via message board or e-mail to take the steps to send all complaints or issues related to personal information they may face while using our Service. We will use our best endeavors to provide responsive and sufficient answers to Users.

You may also contact the following centers with further inquiries or reports about invasion of personal information.

1) Cyber Privacy Report Center ( www.boho.or.kr / 118 (without area code))

2) Supreme Prosecutor's Office Internet Criminal Investigation Center( www.spo.go.kr / +82-2-3480-3571 )

3) National Police Agency Cyber Terror Response Center ( www.ctrc.go.kr / +82-2-392-0330 )

16. Third Party Websites

We may provide Users with links to a third party’s website or data. Our Privacy Policy does not apply to such cases, and we have no control over external websites and their data. We will not be responsible for, or guarantee, the usefulness of service or data provided by these third parties. We do not have control over their policies and procedures so please refer to the privacy policy of these websites when accessing them through these links.