Bluejoy (hereinafter referred to as the “Company”) complies with relevant laws and regulations that information and communication service providers must comply with, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., the Personal Information Protection Act, the Communication Secrets Protection Act, and the Telecommunications Business Act. We comply with the personal information protection regulations above, 
We are doing our best to protect user rights and interests by establishing a personal information processing policy in accordance with relevant laws and regulations. The company discloses this personal information processing policy in the in-game customer center and on the website screen so that members can easily find it.
This personal information processing policy may be changed from time to time due to changes in related laws and guidelines or changes in the company's internal policies. If the company revises the personal information processing policy, the reason and contents of the change will be provided on the customer center or the first screen of the website. We will notify you through the connection screen.

This privacy policy contains the following contents.

1. Items and collection methods of personal information collected

 A. Items of personal information collected
We collect the following personal information for membership registration, customer consultation, and provision of various services.
Nickname, terminal information (model name, OS version, device unique identification number, etc.), telecommunication company information, store information, game version, game and service usage records, connection records, cookies, payment records, paid billing information, promotion/event participation records, and Information related to product shipment, IP address
The following information may be collected when using external platform-based services.

Google: Member identifier information, email
Apple: Member identifier information, email

When some services require age verification or identity verification according to related laws, identity verification values (CI) are processed through certified organizations.
We may process your email address, mobile phone number, and address information to process your inquiries and send promotional products.
We may process your name and resident registration number for tax processing.
 

 B. Personal information collection method
Collected through consent process when signing up for the company's service
For promotions and events, collection is conducted through a separate consent process.
Automatically collected through platforms in partnership with the company to provide services
Collected when voluntarily provided by the user or requested upon request when responding to customers during subscription and use of the service
all. Refusal of collection and use of personal information
Users may refuse the collection and use of the above personal information. However, if you refuse to collect and use personal information, it may be difficult to use some or all of the services.

2. Purpose of collection and use of personal information
The company does not disclose collected personal information without the user's prior consent, and the collected information is not used for purposes other than the following.

 A. Fulfillment of contract for service provision and settlement of fees according to service provision
Provision of content, notification of event winners, delivery of goods or invoices, identity verification, purchase and payment
me. Member protection
Development of new services and provision of customized services, provision of services and posting of advertisements according to demographic characteristics, confirmation of service effectiveness, provision of event and advertising information and participation opportunities, identification of access frequency, statistics on member service use, promotions/events Service provided

3. Sharing and provision of personal information
The company uses the user's personal information within the scope notified in 2. “Purpose of collection and use of personal information,” and in principle does not use the user's personal information beyond this scope or disclose the user's personal information to outside parties without the user's prior consent. . However, exceptions are made in the following cases.

 If the user consents to disclosure or provision in advance
「Act on Real Name Financial Transactions and Guarantee of Confidentiality」, 「Act on Use and Protection of Credit Information」, 「Framework Act on Telecommunications」, 「Telecommunications Business Act」, 「Local Tax Act」, 「Consumer Protection Act」, 「Bank of Korea Act」 , if there are special provisions in laws such as the Criminal Procedure Act, 
When there is a request from a court, investigative agency, or other administrative agency for the purpose of investigation in accordance with the procedures and methods prescribed by law.
When it is necessary for statistical compilation, academic research, or market research and is provided in a form that does not identify a specific individual even when combined with other information.

4. Entrustment of processing of personal information
In order to provide professional customer support and improve service, the company entrusts and operates personal information as follows, and stipulates necessary matters to ensure that personal information is safely protected when entering into a consignment contract in accordance with relevant laws and regulations. The company's personal information processing agency and 
The details of the entrusted work are as follows.

Among the entrusted personal information processing tasks, the consignment tasks handled overseas are as follows.
Google Firebase - For game operation and management, ID, service usage records, payment records, etc. are transferred to the Firebase US region through the network. The period of use is until membership withdrawal or termination of the consignment contract.

5. Retention and use period of personal information
In accordance with the Personal Information Protection Act and the Enforcement Decree of the same Act, the “Company” terminates the contract and destroys and separates personal information in order to protect the personal information of members who have not used the service for one consecutive year (hereinafter referred to as “dormant account”). You can take necessary measures, such as storage. 
In this case, the “member” will be notified of the expiration date of the personal information retention period and the details of the action taken on personal information 30 days prior to the date of action.

Personal information collected with the user's consent is retained and used while membership is maintained, and in principle, once the purpose of collection and use of personal information is achieved, the information is destroyed without delay. However, in order to prepare for unwanted membership withdrawal due to personal information theft, etc.
Personal information will be retained for 7 days after you request membership withdrawal.

Additionally, the following information will be kept for the specified period for the reasons below and will never be used for any other purpose.

 A. Reasons for retaining information according to company internal policy
Illegal use records, duplicate subscription confirmation information (DI)
Reason for preservation: Prevention of unauthorized use
Retention period: 1 year
me. Reasons for retaining information in accordance with relevant laws and regulations
Records of contracts or subscription withdrawals, etc.
Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
Retention period: 5 years
Records of payment and supply of goods, etc.
Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
Retention period: 5 years
Records of consumer complaints or dispute resolution
Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
Retention period: 3 years
Records related to identity verification
Reason for preservation: Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
Retention period: 6 months
Service visit records
Reason for preservation: Communication Secrets Protection Act
Retention period: 3 months
all. When consent is obtained from individual members

6. Personal information destruction procedures and methods
In principle, personal information of users is destroyed without delay once the purpose of collection and use has been achieved. The company's personal information destruction procedures and methods are as follows.

 A. Destruction procedure
The information entered by users for membership registration, etc. is transferred to a separate DB (separate filing cabinet in the case of paper) after the purpose is achieved and stored for a certain period of time and then destroyed according to information protection reasons according to internal policies and other related laws.
This personal information will not be used for any purpose other than that for which it is retained, unless required by law.
me. Destruction method
Personal information printed on paper is destroyed by shredding or incineration. Personal information stored in electronic file format is deleted using technical methods that render the records unrecoverable.

7. Rights of users and legal representatives and methods of exercising them
go. User rights and how to exercise them
Users can view or modify their registered personal information at any time, and if they do not agree to the company's processing of their personal information, they can refuse consent or request cancellation of membership (leaving the game). However, in such cases, use of part or all of the service may be prohibited.
It can be difficult. To view and edit your personal information, go through ‘Change Personal Information’ (or ‘Modify Membership Information,’ etc.), and to cancel your subscription (withdraw consent), go through the identity verification process through “Customer Center” or “Cancel Membership.” You can view, correct, or withdraw directly afterward.
Alternatively, if you contact the Personal Information Protection Manager in writing, by phone or email, we will take action without delay. Personal information canceled or deleted at the request of the user is processed as specified in Article 5, “Retention and Use Period of Personal Information” collected by the “Company.”
We process it so that it cannot be viewed or used for any other purpose.
me. Personal information protection of children under 14 years of age
In principle, the company does not collect personal information from users under the age of 14.
If a legal representative requests that a person under the age of 14 withdraw from the 'Company' service, the legal representative will be informed of possible methods for processing withdrawal.
When it is necessary to collect personal information of children under the age of 14 in order to process work requested by users, the consent of the legal representative is sought in advance, and the related information is destroyed without delay when the relevant work is completed.

8. Matters related to installation/operation and refusal of automatic personal information collection devices
  In order to provide customized services to users, the company uses 'cookies' to store and retrieve user information from time to time. Cookies are stored on the user's PC or   server used to operate the service.
It is a very small text file sent to a mobile device and may be saved on the user's PC or mobile device.
The company uses cookies to create and provide more convenient services by identifying the visitation and usage patterns of members and non-members and the size of users. Users have a choice regarding the installation of cookies. 
You can confirm each time a cookie is saved, or refuse to save all cookies. However, if you refuse to store cookies, it may be difficult to use some or all of the services that require login.

9. Technical/managerial/physical protection measures for personal information
When processing users' personal information, the company is taking the following measures to ensure safety and prevent personal information from being lost, stolen, leaked, altered or damaged.

 A. Measures against hacking, etc.
The “Company” is doing its best to prevent members’ personal information from being leaked or damaged by hacking or computer viruses. We regularly back up data in preparation for damage to personal information, and use the latest anti-virus program to protect users' personal information.
We prevent data from being leaked or damaged, and personal information can be transmitted safely over the network using encrypted communication. In addition, unauthorized access from outside is controlled using an intrusion prevention system, and other systematic 
We are trying to equip all possible technical devices to ensure security. However, the company is not responsible for any problems arising from leakage of personal information such as ID, password, and date of birth due to the user's carelessness or Internet problems.
me. Minimization and training of those subject to processing
The “Company” limits access to users’ personal information to the minimum number of people (persons in charge who can handle personal information), provides a separate password for this, and updates it regularly, and provides regular training to the person in charge. The company's privacy policy 
Compliance is always emphasized.
all. Operation of a dedicated personal information protection organization
The “Company” checks the implementation of the company’s personal information processing policy and whether the person in charge is complying with it through an in-house personal information protection organization, etc., and strives to immediately correct and correct any problems if they are discovered. However, the user's own carelessness or 
The company is not responsible for any problems caused by personal information such as ID, password, or resident registration number being leaked due to Internet problems.
la. Access and storage control
The “Company” defines the area where personal information is processed and stored as a security area and controls the access of unauthorized persons or outsiders. Printouts, printed handwritten records, and external storage media containing personal information are kept in a safe place with a lock. Keep it 
It is protected so that it is impossible to check the contents or the existence of the information without unlocking the lock.

10. Contact information of personal information protection officer and person in charge
In order to protect users' personal information and handle complaints related to personal information, the company has designated a responsible department and personal information protection manager as follows. All complaints related to personal information protection that arise while using the company's services should be addressed to the personal information protection officer.
Or, you can report it to the responsible department. The company will promptly respond to user reports.

Personal information protection responsibility, person in charge

Name: Jang Byeong-ju
Email: jbj8342@gmail.com
Phone number: 010-7213-3331

 
If you need to report or consult about other personal information infringements, please contact the organizations below.

Electronic Commerce Dispute Mediation Committee (http://www.ecmc.or.kr / 1661-5714)
Personal Information Infringement Reporting Center (http://privacy.kisa.or.kr / 118 without area code)
Supreme Prosecutors' Office Cyber Crime Investigation Team (www.spo.go.kr / 1301 without area code)
National Police Agency Cyber Security Bureau (http://cyberbureau.police.go.kr / 182 without area code)
11. Duty to notify
If there are any additions, deletions or modifications to the personal information processing policy, the company will notify you through a notice at least 7 days prior to the revision.

12. Others
This privacy policy does not apply to the collection of personal information from other companies' websites that are linked to the services provided by the company. Matters related to the collection of personal information on a website that a user newly visits can be found in the  
Please check the privacy policy.

<Supplementary Provisions>
Announcement date: September 23, 2023

Effective date: September 29, 2023