Purposes for processing personal information
DeepLoL Pro (“https://pro.deeplol.gg” hereafter referred to as “DeepLoL Pro”) processes personal information for the purposes outline below. Processed personal information shall not be used for any purpose other than those listed below, unless the Company asks for and obtains prior consent.
1. Types of Personal Information Collected and Means of Collection
The Company collects the minimum personal information listed below for the purpose of signing up of members to the website, efficient consultation, and provision of various services.
1) When signing up as a regular member
- Required: First and last name, email ID, and password
- Optional: Country and phone number
2) When signing up for the Demo Version Service
- Required: Name, email address, country, phone number, company name, and business title
3) When making a purchase/transaction
- Required: Purchaser’s member ID, purchaser’s first and last name, team name, league (country and league), company name, business registration number, country, company address, phone number, and email address
4) When making an inquiry
- Required: Inquirer’s name, email address, and affiliation (company name)
※ Users may choose not to consent to the collection of personal information or the means of collection. In such case, the user may be unable to use some of the services provided to members.
2. Purposes for Collected Personal Information
The Company uses collected personal information for the following purposes:
- Contract fulfillment through provision of services and settlement of fees for services provided, supply of content, purchases, payments, etc.
2) Member management
- Use of members-only services, identify verification, prevention of wrongful and unauthorized use by rogue members, confirmation of intention to sign up for services, preservation of records for conflict mediation, handling of complaints and grievances, delivery of notices, and confirmation of the identity of legal representatives.
3) Marketing and promotions
- Provision of information on events, opportunities to participate in events, delivery of advertisements, and other marketing and promotional purposes.
3. Procedure and Method of Destroying Collected Personal Information
The Company destroys the personal information within five (5) days from the end of the retention period for the collected personal information, If the purpose for personal information processing has been achieved, if the service is shut down, or if the collected personal information is no longer of use, the Company destroys the personal information within five (5) days from when any of these occur. However, personal information that must be retained for a certain period in accordance with relevant law shall be destroyed only after that certain period has passed. The procedures for and methods of destroying the collected personal information are as follows:
1) Procedure for destruction
- Following the occurrence of a cause to destroy information according to internal policies or related statutes, once the personal information that members have provided during sign-up, etc., has fulfilled the planned purposes, it will be transferred to a separate database (DB) (or filed separately in a folder if on paper) and destroyed after a certain period of time.
2) Method of destruction
- Personal information that has been recorded and saved in an electronic file format will be deleted using technologies, such as low-level formatting, that prevent reproduction of the deleted records.
- Personal information that has been retained on paper will be shredded or burned.
4. Personal Information Processing and Retention Period
1) Once the personal information has fulfilled the purposes for which it was collected, the Company destroys it without delay, unless it is deemed necessary to preserve the information in accordance with laws or internal policy.
- Retained information: collected personal information
- Retention period: During the period of membership maintained under the contract for use.
2) In accordance with the provisions of relevant law, if there is a need to retain the collected personal information of members even after the member account is deleted, the Company will do so during the period specified below as stipulated in the relevant law:
Act on the Consumer Protection in Electronic Commerce, etc.
- Records on contract or subscription withdrawal, etc.: five (5) years
- Records on payments and supply of goods, etc.: five (5) years
- Records on consumer complaints or dispute settlement: three (3) years
- Records on electronic finance under the Electronic Financial Transactions Act: five (5) years
- Legal financial transaction information related to the report and use of specific financial transaction information: five (5) years
- Log-in records under the Protection of Communications Secrets Act: three (3) months
For reference, in accordance with the Company’s “Personal Information Validity Period Policy,” it shall separately store and manage personal information of members who have not used Game Eye services for one (1) year.
5. Rights of Users and Legal Representatives and Methods of Exercising those Rights
1) Personal information that can be viewed
Members and legal representatives can request to view or correct personal information at any time regarding the following matters:
(1) User’s personal information retained by the Company
(2) Details on the Company’s use of user’s personal information or provision of users’ personal information to third parties
(3) Details on user agreements regarding the Company’s collection, use, and provision of user’s personal information
2) Method of viewing, correcting, terminating, or withdrawing consent
Members and legal representatives may view or edit their own information at any time. They may also refuse to agree or withdraw membership (terminate membership) if they do not agree to the processing of personal information. However, in such cases, it may be difficult to use some or all of the services offered.
(1) Method of viewing or correcting personal information
- Members may directly view or correct their information by logging into their account on the Company website, and selecting Edit Profile from the Account section. Separately, members may also contact the Company’s Chief Privacy Officer via written letter, phone, or email to request to view or correct their personal information.
(2) Method of terminating or withdrawing consent
- Members may directly withdraw their consent (terminate membership) by logging into their account on the Company website, clicking Edit Profile in the Account, selecting Delete Account, and following the identity verification procedure. Separately, members may also contact the Company’s Chief Privacy Officer via written letter, phone, or email, and necessary actions, such as destruction of the member’s personal information, shall occur without delay. However, even after the withdrawal of consent (termination of membership), minimum information will be retained in accordance with relevant laws.
(3) Should a member request correction of errors regarding his or her personal information, the Company will not use or provide any personal information until such corrections have been made. In addition, if the wrong personal information has already been provided to a third party, the Company shall immediately notify the third party regarding the corrections so that corrections can be properly made by the third party.
6. Matters Regarding the Installation and Operation of Company Services, and Refusal to Consent to Automated Collection of Personal Information
Website servers read cookies to maintain member settings, making it easier for the member to log in and use the Company’s services. In addition, cookies are used to analyze the services accessed by the member, frequency of use, time of use, and number of times the services have been accessed, as well as use patterns and participation in events, which are used to provide marketing or personalized services for the member.
A member may refuse to install cookies at any given time. A member may set the option on his or her browser options to allow all cookies, be asked to be informed every time cookies are saved, or block all cookies. However, blocking cookies may create difficulty for some of the Company’s services that require the member to log in. The cookie settings need to be set separately for each type of browser.
∙ How to block cookies (Internet Explorer)
Click “Tools” in the browser toolbar. Choose Internet Options. Click the Privacy tab and, under Settings, adjust the cookie settings accordingly.
7. Technical and Managerial Measures for the Protection of Personal Information
The Company takes the following technical, managerial, and physical measures necessary to ensure safety, in accordance with Article 29 of the Personal Information Protection Act:
(1) Establishment and enforcement of an internal management plan
Establishment and enforcement of the Company’s internal management plan is done in accordance with the Ministry of the Interior and Safety’s Internal Management Plan.
(2) Password encryption
- A DeepLoL Pro member’s password for his or her member ID is first encrypted, and then saved and managed. Only the member can know his or her password, and personal information may be verified or changed only by the member who knows his or her own password.
(3) Measures against hacking
- The Company does its utmost to prevent the disclosure or corruption of members’ personal information due to computer viruses or other forms of hacking. To prevent the corruption or disclosure of personal information or other information, data backups are constantly performed, and the latest anti-virus programs installed. In addition, encrypted communication and other technologies help send personal information over the network in a safe and secure manner.
- Unauthorized access from the outside is restricted via an intrusion prevention system. The Company is striving to equip all technical devices possible to ensure systemic security.
(5) Appointment of persons authorized to handle personal information
- The Company, however, accepts no liability for issues that arise, such as the disclosure of member IDs, passwords, or other personal information, that are attributable to member carelessness or problems on the Internet.
(6) Restriction of access to personal information
The Company takes necessary measures to restrict access to personal information, such as the granting, changing, and cancelling of access privileges to the database system that processes personal information. In addition, the Company uses an intrusion prevention system to prevent unauthorized access from the outside.
(7) Encryption of personal information
A user’s personal information is first encrypted, and then saved and managed. In addition, the Company uses separate security measures, such as the encryption of important data when saved or sent.
(8) Matters regarding physical security measures
The Company has a separate physical storage space for the system that stores personal information, which is operated based on the Company’s entry and exit control procedures.
8. Chief Privacy Officer
1) The Chief Privacy Officer is an employee responsible for protecting and preventing the disclosure of customers’ personal information. The Chief Privacy Officer helps users to confidently use the services provided by the Company and takes responsibility for any incidents that occur in violation of the notices regarding the protection of personal information that have been provided to users.
2) The Company is not liable for any corruption or deletion of information due to unexpected incidents arising from hacking or other basic risks on the network despite having taken supplementary technical measures or various conflicts that arise due to posts that users have uploaded on the website.
3) The Company has appointed the following individual as the Chief Privacy Officer in accordance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
Officer in charge of customer service and privacy matters
Name: ByungHyun, Lee
Department: Development Team
Phone: 82 70 7327 4680
Members may report all complaints and grievances regarding personal information that arise during the use of Company services to the Chief Privacy Officer. The Company will promptly respond to such complaints and grievances.
For further consultation or to report privacy infringements, please contact the following organizations:
- Personal Information Infringement Report Center (privacy.kisa.or.kr / Dial 118)
- Personal Information Dispute Mediation Committee (www.kopico.go.kr / Dial 1833-6972)
- Cybercrime Investigation Center, Supreme Prosecutor’s Office (www.spo.go.kr / Dial 1301)
- Korean National Police Agency Cyber Bureau (www.ctrc.go.kr / Dial 182)
3) Members shall be notified of important changes to their rights, such as the collection, use, and third-party disclosure of personal information, at least thirty (30) days prior to the date such changes come into effect.
Date announced: June 1, 2020
Date enacted: June 1, 2020