Privacy Policy

GrowKing (hereinafter "Company") complies with the Personal Information Protection Act and other relevant laws of the Republic of Korea, as well as privacy regulations and guidelines, to protect the valuable personal information of customers (hereinafter "Users") who use the Company's services.

Through this Privacy Policy, the Company informs Users of the purposes for which their personal information is used and the measures taken to protect such information.

This Privacy Policy includes the following:

1. Items of Personal Information Collected

2. Purpose of Collection and Use of Personal Information

3. Processing and Retention Period of Personal Information

4. Provision of Personal Information (Entrusted Processing, Third-Party Provision, Overseas Transfer)

5. Procedures and Methods for Destruction of Personal Information

6. Rights and Obligations of Users and How to Exercise Them

7. Installation and Operation of Automatic Personal Information Collection Devices and How to Refuse Them

8. Measures to Ensure the Security of Personal Information

9. Personal Information Protection Officer Information

10. Other Supplementary Policies

1. Items of Personal Information Collected

* The Company collects only the minimum personal information necessary to provide its services.

(1) Game

- Required items: Nickname, email address

- Items automatically generated and collected during service use:

PID, UUID, service usage records (date, time), approximate location information

- Items not considered personal information but automatically generated and collected during service use:

Advertising identifier, device information (OS version, app version, language and country)

- Collection method:

The Company collects Users' personal information during the installation of the mobile app and the service usage process.

- Right to refuse consent and disadvantages from refusal:

Users may refuse consent to the collection of personal information.

Refusal of optional items does not restrict service use.

However, refusal of required items makes it impossible to receive the service.

(2) Customer Center Inquiry

- Required item: Email address

- Optional item: Name

- Collection method:

The Company collects Users' personal information during service use.

- Right to refuse consent and disadvantages from refusal:

Users may refuse consent to the collection of personal information.

Refusal of optional items does not restrict service use.

However, refusal of required items makes it impossible to receive the service.

2. Purpose of Collection and Use of Personal Information

The Company uses Users' personal information for the following purposes:

- Identity verification and confirmation for services provided by the Company

- Complaint handling, such as processing inquiries and notifying results

- Detection and prevention of fraudulent use

- Approximate location information: Used for service usage statistics analysis and quality improvement through Firebase Analytics

3. Processing and Retention Period of Personal Information

The Company destroys personal information without delay once the purpose of collection and use has been achieved. However, the Company may retain information for a certain period for the following reasons:

- Retention according to Company policy:

Items listed in Section 1: Until the User withdraws from the service

Information of fraudulent users: Until the expiration of the sanction period for each fraudulent act (growkingmaster@gmail.com)

- Retention required by relevant laws even after the purpose of collection is achieved:

Records of display/advertisement: 6 months (E-commerce Act)

Records related to contracts or withdrawal of subscription: 5 years (E-commerce Act)

Records of payment and supply of goods: 5 years (E-commerce Act)

Records of electronic ledger transactions (sales establishment/cancellation, refunds): 5 years (Framework Act on National Taxes)

Records of consumer complaints or dispute resolution: 3 years (E-commerce Act)

Service usage records: 3 months (Communications Privacy Protection Act)

Approximate location information: 6 months (Personal Location Information Protection Act recommendation)

4. Provision of Personal Information

(1) Entrusted Processing of Personal Information

- To ensure safe operation and improved quality of the services provided to Users, the Company entrusts the processing of personal information as follows and enters into a personal data protection agreement to ensure safe management of personal information during the outsourcing process.

Trustee: Firebase Inc.

Details of entrusted work:

Game name, game version, nickname, installation platform, IP address, device information, service usage records, advertising identifier, date of registration, date of connection, purchased items, purchase date, purchase amount

(2) Provision of Personal Information to Third Parties

The Company does not use Users' personal information for purposes other than those consented to, nor does it provide such information to third parties. However, the Company may use or provide personal information for purposes other than originally intended without the User's consent in the following cases:

① When separate consent is obtained from the User

② When required by special provisions of relevant laws, or when a court or investigative agency requests personal information according to legally prescribed procedures and methods

(3) Overseas Transfer of Personal Information

To provide seamless services, the Company entrusts the processing of personal information overseas as follows and does not otherwise transfer Users' personal information abroad. However, during the service process, personal information may be transferred overseas for safe processing. In such cases, Users are notified in advance and separate consent is obtained.

Items of personal information transferred:

PID, UUID, service usage records (date, time), approximate location

Country to which personal information is transferred:

United States

Time and method of transfer:

Transmitted through the network whenever data is updated

Purpose of use:

Customer inquiry support and management

Retention and use period:

Until the User withdraws from the service

* Recipient of the personal information:

Google Inc. (Firebase)

5. Procedures and Methods for Destruction of Personal Information

The procedures and methods for destroying personal information are as follows:

- Destruction procedure: Personal information is destroyed without delay once the purpose of collection and use has been achieved. If a separate retention period has been consented to under Section 3, or if retention is required by relevant laws, the information is stored for the agreed or legally required period before being destroyed.

- Destruction method: Personal information stored in electronic file format is deleted using technical methods that prevent recovery. Personal information stored on paper, CDs, etc., is destroyed physically through shredding or incineration.

6. Rights and Obligations of Users and How to Exercise Them

- Users, as the owners of their personal information, may request access, correction, or deletion of their personal information at any time. To exercise these rights, Users may contact the Personal Information Protection Officer by phone or email, and after identity verification, necessary actions will be taken without delay.

- If a User requests correction of an error in their personal information, the Company will not use or provide the affected information until the correction is complete. If incorrect information has already been provided to a third party, the Company will promptly notify the third party so that the correction can be made.

- Personal information deleted or terminated at the request of the User is processed according to "3. Processing and Retention Period of Personal Information" and is not viewed or used for any other purpose.

7. Installation and Operation of Automatic Personal Information Collection Devices and How to Reject Them

(1) The Company uses Users' advertising identifiers to provide more suitable and useful services and advertising services (including personalized ads). Advertising identifiers are automatically collected when the advertising-related functions of the User's smartphone or tablet PC OS settings are enabled. Users may refuse the use of advertising identifiers for interest-based advertising by changing device settings or using the opt-out features of advertising platform providers. Even if opt-out is enabled, non-personalized ads may still be shown.

① Marketing Analytics Tools / Advertising Platform Providers

- Advertising platform providers: Unity Ads, Google AdMob, Facebook,  AppLovin

② Blocking Marketing Information

- Android: Disable [Settings → Google → Privacy → Receive Marketing Information]

③ Blocking Personalized Ads

- Android: Disable "Opt out of Ads Personalization" in [Settings → Google → Ads] or [Settings → Google → Privacy → Ads]

- iOS: Disable "Personalized Ads" in [Settings → Privacy → Apple Advertising]

④ Using the Opt-Out Features of Marketing Analytics Tools / Advertising Platform Providers

- Unity Ads: https://unity3d.com/legal/privacy-policy

- Google AdMob: https://policies.google.com/privacy

(2) Analytics software is used to analyze information automatically generated when Users visit websites or use mobile services, and Users may refuse such collection.

- Android: Enable "Smart Tracking Prevention" or "Request Websites Not to Track You" in [Settings → Internet Settings → Privacy and Security]

- iOS: Disable "Allow Apps to Request to Track" in [Settings → Privacy → Tracking]

- Internet Explorer: From the browser menu, select "Tools" > "Safety" > "Turn on Do Not Track Requests"

- Chrome: Enable "Send a ‘Do Not Track' request with your browsing traffic" in [Settings → Privacy and Security → Cookies and Other Site Data → General Settings]

8. Measures to Ensure the Security of Personal Information

The Company takes the following measures to ensure the security of personal information:

- Administrative measures:

Establishment and implementation of internal management plans, regular employee training, etc.

- Technical measures:

Access rights management for personal information processing systems, installation of access control systems, installation of security programs, etc.

- Physical measures:

Access control for unauthorized personnel through installation of access control devices, etc.

9. Personal Information Protection Officer

To protect Users' personal information and handle related complaints, the Company designates the following person to manage the protection of personal information:

- Person in charge of the protection of personal information

Name: Jungwoo Park

Department: GrowKing

Email: growkingmaster@gmail.com

Users may report any personal information-related complaints that arise while using the Company's services to the Personal Information Protection Officer. For additional reporting or consultation regarding personal information infringement, please contact the following organizations:

- Personal Information Infringement Report Center: 118

- Personal Information Dispute Mediation Committee: 1833-6972

- Supreme Prosecutors' Office Cyber Investigation Division: 1301

- National Police Agency Cyber Bureau: 182

10. Other Matters

If any changes are made to this policy, the Company will notify Users through the website notice board or in-game announcements at least 7 days before the effective date. However, changes that significantly affect Users' rights or obligations will be announced at least 30 days in advance.

Effective Date of the Privacy Policy: July 30, 2024