Jambo.team (hereinafter referred to as the “Company”) is doing its best to protect the valuable personal information of information subjects (hereinafter referred to as “users”) and provides information and communications service providers such as the Personal Information Protection Act, Communications Secrets Protection Act, and Telecommunications Business Act. We are complying with the personal information protection regulations of relevant laws and regulations that must be complied with.

Through its personal information processing policy, the company informs you of the purpose for which the personal information you provide is collected and used and what efforts and measures the company is taking to protect your personal information.

Article 1. Collection and use of personal information

In principle, the company collects and uses only essential personal information necessary to provide services.

step. In order to provide better services, in addition to the [required] consent, the company may collect some optional information after receiving the user's consent in accordance with a separate consent procedure.

The company collects and uses personal information from users for the following purposes.

A.  Information provided by users

1. Personal information items collected when using the Service

   [Required] When linking an account through an external platform: User identification information provided by the external platform and personal information consented to by the user

   ※ External platforms: Google, Apple, Facebook, Kakao, Naver, etc.

2. The following information may be automatically generated and collected during the service use process or business processing.

   • Service use records, access records, cookie information, IP information, authentication records, payment records, usage suspension records, mobile device information (mobile carrier information, terminal information, country information (MCC)), advertising ID)

3. Additional information may be collected when using the company's customer-related services below, and consent to the collection and use of personal information may be obtained.

• Event participation and prize delivery [Required] Physical product: name, shipping address, phone number [Required] Mobile product: Mobile phone number [Required] Imposition of taxes and fees: name, resident registration number, address, account number, bank name, name of depositor [Required] Application for participation: Membership number (ID), nickname, email address ※ Personal information collected may vary depending on events and promotions, or there may be additional personal information collected.
• When applying for consultation through the customer center (including 1:1 inquiries) [Required] Email address, nickname, membership number (ID), payment number, mobile device information (device name, OS version), and other information required for consultation. ※ Depending on the type of inquiry, the collected personal information may be different or additional personal information may be collected.

B. How to collect personal information

Collected through consent procedures when using the service or registering for membership on the website or mobile web/app.

Collected through a separate consent process to proceed with the event

Voluntarily provided during customer service consultations and collected upon request when necessary.

Article 2. Purpose of use of personal information

The purpose of use of personal information collected by the company is as follows, and if the purpose changes, it is processed with detailed information and consent.

Fulfillment of contract for service provision and fee settlement according to service provision, content provision, purchase and fee payment, refund

Product delivery, identity verification, fee collection

Identity verification, personal identification, prevention of unauthorized use by delinquent members, and prevention of unauthorized use when using membership services.

(For children under 14 years of age) Confirm whether the legal representative consents, and confirm the legal representative's identity.

Handling complaints, including customer consultation, preserving records for dispute resolution, and delivering notices

Development and specialization of new services, delivery of advertising/promotional information such as events, provision of services and posting of advertisements according to demographic characteristics, statistical analysis of members’ use of services

Article 3. Provision or sharing of personal information with third parties

A. The company collects and uses the following personal information when applying for the first use of the service to provide customer use, consultation, and various services.

1. Furthermore, the following information is collected and used in the process of using services.

   1. Cookie Information

      The company uses cookies when necessary to provide customized services, and cookies mean a set of information stored in the user's device (computer and smart phone, etc.). Users have the right to choose whether to allow or not to store cookies, and when refuse to allow and store cookies, please note that there may be some restrictions or difficulties in logging in and using the service.

   2. Other statistics and usability analysis information

      The company uses information related to statistics and usability for better service. The relevant information will be used only for service improvement and usability analysis.

B. The company does not share or provide users' personal information to unauthorized organizations, organizations, or business partners (hereinafter referred to as “third parties”) without prior consent. However, exceptions are made when the user consents in advance or when there is an obligation to submit information to government agencies or investigative agencies pursuant to relevant laws such as the “Personal Information Protection Act.”

C. If the company determines that it is necessary to provide the user's personal information to a third party for the purpose of providing better service, who is the third party receiving the information, what personal information items are needed and why, and for how long it will be provided and managed. We will notify you and provide it to you after obtaining your consent in accordance with the consent process.

Article 4. Entrustment of personal information

The company entrusts the following personal information processing tasks for smooth personal information processing.

1. When concluding a consignment contract, in accordance with Article 26 of the 「Personal Information Protection Act」, 'Restriction on processing of personal information due to entrustment of work', the company clearly states in documents such as contracts, responsibilities, such as prohibition of personal information processing other than for the purpose of performing entrusted tasks, technical and administrative protection measures, restrictions on re-entrustment, management, supervision and compensation for consignees and, supervises the trustee for safe handling of personal information.
2. If the contents of the entrusted work or the entrusted person is changed, we will disclose it through this personal information processing policy without any delay.

Article 5. Retention and use period of personal information

The company retains and uses the user's personal information for the period of consent, and destroys the personal information without delay when the purpose of collection and use is achieved or the retention period expires.

However, exceptions are made in cases where preservation is required by relevant laws or where consent has been obtained from the user.

A. When there is a need for preservation according to relevant laws and regulations

1. Records of labeling and advertising (6 months): Act on Consumer Protection in Electronic Commerce, etc.
2. Records on contracts or subscription withdrawals, etc. (5 years): Act on Consumer Protection in Electronic Commerce, etc.
3. Records of payment and supply of goods, etc. (5 years): Act on Consumer Protection in Electronic Commerce, etc.
4. Records of consumer complaints or dispute resolution (3 years): Act on Consumer Protection in Electronic Commerce, etc.
5. Service use records such as login (3 months): Communications Secrets Protection Act

B. If the consent to collection and use is withdrawn due to membership withdrawal, etc., or if victim protection is necessary due to personal information theft, etc., the information will be retained for up to 30 days for internal settlement processing or damage recovery, and then completely destroyed in a non-recoverable manner.

C. Personal information collected for events, etc. is stored for up to one year, but this may vary for each event and the period listed on the individual event page takes precedence.

D. In the case of members, according to the personal information expiration date, personal information of users that has not been used for one year after signing up or for the period selected at the time of signing up is separately stored or destroyed.

E. Text message transmission history is stored for one year from the date of transmission and then destroyed.

Article 6. Procedures and methods for destroying personal information

The company destroys personal information for which the purpose of collection and use has been achieved without delay, and the destruction procedures and methods are as follows.

A. Destruction procedure: After the purpose of use has been achieved, it is preserved for a certain period of time and then destroyed in accordance with the company's internal policy and information protection reasons in related laws (see 4. Retention and use period of personal information).

B. Destruction method: In the case of printed files, they are shredded or incinerated with a shredder, and in the case of electronic files, they are completely deleted using a technical method that makes them unrecoverable.

Article 7. Rights of users and legal representatives and methods of exercising them

Users and legal representatives of children under the age of 14 (hereinafter referred to as “children”) may exercise their right to view or correct personal information of the user or the child in question, or to withdraw consent to the collection and use of personal information at any time.

You can withdraw your consent to the collection and use of personal information by selecting withdrawal of membership or account deletion on the in-game settings screen or through the customer center (1:1 inquiry). However, if personal information is destroyed due to membership withdrawal, related information created and accumulated while the user uses the company's game service may also be destroyed.

If the company collects personal information from children, it obtains consent from the legal representative. The collected legal representative information is used only for the purpose of confirming actual consent or processing requests to view, correct, or delete personal information about the child. Additionally, if an agent visits the company in person and requests to view or correct personal information, the agent may be asked to present proof of the agency relationship.

If the company has a justifiable reason to refuse a request to view or correct all or part of a user's personal information, it will notify the user and explain the reason.

Article 8. Matters related to installation, operation and refusal of automatic personal information collection devices

During the process of using the service, the company collects and processes behavioral information for the purpose of providing customized services, increased convenience, and customized advertisements, and users can refuse this.

A. Block/allow customized advertising through web browser

Users can voluntarily select the use of cookies by changing the options in their web browser, such as allowing all cookies, confirming each time a cookie is saved, or refusing to save all cookies. However, if you refuse to store cookies, you may have difficulty providing some services provided by the company.

Internet Explorer: [Tools] at the top of the web browser → [Internet Options] → [Privacy] → [Advanced]

Chrome: [⋮] in the upper right corner of the web browser → [Settings] → [Show advanced settings] → [Privacy] → [Content Settings] → [Cookies and other site data]

B. Block/Allow Smartphone Advertising Identifier

Android: [Settings] → [Privacy] → [Advertising]

iOS: [Settings] → [Privacy] → [Tracking] → Allow apps to request tracking off

※ Menus and methods may differ depending on the mobile OS version.

Article 9. Technical, managerial and physical protection measures for personal information

When processing users' personal information, the company has established and thoroughly implemented the following technical, managerial, and physical measures to prevent personal information from being lost, stolen, leaked, altered, or damaged.

However, even though the company has fulfilled its obligations to protect personal information, the company does not take any responsibility for problems caused by the user's negligence, such as loss of the device or problems on the Internet.

A. Technical protection measures

1. The company encrypts and stores the password and unique identification information entered by the user when registering as a member in a safe manner. The encrypted password and unique identification information are known only to the user and can only be confirmed or changed by the user.
2. In order to safely transmit personal information over the network, the company encrypts communication sections within and outside the company.
3. The company controls unauthorized access from outside through an intrusion prevention system and monitors whether personal information is leaked from within through an internal information leak prevention system.
4. The company independently inspects the access log for the personal information processing system once a month for any abnormalities and takes necessary measures.
5. The company regularly backs up personal information in preparation for emergencies, and is doing its best to prevent users' personal information from being leaked or altered without permission by hacking or viruses by using the latest anti-virus programs.

B. Administrative protection measures

1. The company minimizes the number of personnel and access rights to users' personal information, and allows access to the personal information processing system only to personal information processors.
2. The company regularly conducts mandatory personal information protection training for employees who process personal information, always emphasizing the importance of personal information protection and compliance with the personal information processing policy.
3. The company checks the implementation of the personal information processing policy and compliance by the person in charge through an in-house personal information protection organization, etc., and strives to immediately correct and correct any problems if discovered.

C. physical protection measures

1. If the company needs to print out documents containing personal information and keep them for a certain period of time, it stores them in a safe place with a lock.
2. The company has moved its personal information processing system to a cloud environment to fundamentally block physical access by unauthorized persons.

Article 10. Changes to personal information processing policy

If there are changes to the personal information processing policy (addition/deletion or modification of content), we will notify you of the changes and reasons for the change through the game or game community at least 7 days prior to revision.

Article 11. Personal information protection officer or personal information department

In order to protect users' personal information and handle related complaints or grievances, the company has designated a personal information protection manager and personal information department as follows.

[Personal Information Protection Manager]

Name: Ra, Jonghwan (Operations Team)

Phone number: 02-6959-6619

Email: support@jambo.team

If you need to report or consult about other personal information infringements, please contact the organizations below.

Electronic Commerce Dispute Mediation Committee (http://www.ecmc.or.kr / 1661-5714)

Personal Information Infringement Reporting Center (http://privacy.kisa.or.kr / 118 without area code)

Supreme Prosecutors' Office Cyber Crime Investigation Team (www.spo.go.kr / 1301 without area code)

National Police Agency Cyber Security Bureau (http://cyberbureau.police.go.kr / 182 without area code)

This personal information processing policy comes into effect on March 20, 2024.