PRIVACY POLICY
Privacy Policy
BitMango Co., Ltd.
BitMango Co., Ltd. (hereinafter the “Company”) values the protection of users’ personal information and complies with the relevant personal information protection laws.
Through this Privacy Policy, the Company informs users of the purposes and methods for which the personal information they provide is used, and the measures taken to protect their personal information.
This Privacy Policy is organized in the following order:
- Items of Personal Information Collected and Methods of Collection
- Purposes of Collection and Use of Personal Information
- Provision and Entrustment of Personal Information
- Retention and Use Period of Personal Information
- Procedures and Methods for Destroying Personal Information
- Rights of Users / Legal Representatives and How to Exercise Them
- Installation and Operation of Automatic Personal Information Collection Devices and Refusal Thereof
- Technical / Administrative Protection Measures for Personal Information
- Personal Information Infringement Complaint Services
- Changes to the Privacy Policy
1. Items of Personal Information Collected and Methods of Collection
1) Items of Personal Information Collected
(1) Items of Personal Information
| Service | Purpose of Collection | Items Collected | Type |
|---|---|---|---|
| Game Service | Service provision and operation | No personal information is collected for the game service. However, for the efficient provision and operation of the game service, a device identifier (IDFV) is collected from the user’s device to provide the service. This information alone cannot identify or single out a living individual, and except where identification of an individual user is explicitly required (such as for complaint handling), the Company does not retain or use any other personal information or additional information that could be combined with it. | Mandatory |
| Customer Support Service | Customer consultation and complaint handling | Email address, nickname, inquiry content. Information entered by the user or automatically collected when submitting a customer support inquiry is directly transmitted to, and stored in, an overseas cloud system without passing through the Company’s servers. | Mandatory |
| IDFV, VID, device model, OS version | Optional | ||
| Recruitment (https://bitmango.ninehire.site) | Recruitment | Name, date of birth, address, email address, mobile phone number, nationality, career history, education, GPA, major, annual salary | Mandatory |
| Military service, language proficiency, recruitment channel, qualifications, awards, volunteer activities, veterans’ status, research papers, etc. | Optional |
(2) If a user refuses consent to the collection of personal information, use of some services and job applications may be restricted.
(3) The following information may be created and collected during the course of using the service:
- The user’s mobile device information (model name, OS version), IP address, last access location
- Access date and time, service usage records
2) Methods of Collecting Personal Information
The Company collects personal information through the following methods:
- Collected through a consent procedure upon signing up for the Company’s service
- Collected through a separate consent procedure for the purpose of conducting promotions and events
- Collected upon voluntary provision by the user, or upon request as needed, during customer consultation and complaint handling
- Collected after consent to the collection of personal information via the recruitment website and recruitment sites
2. Purposes of Collection and Use of Personal Information
The Company uses the collected information of users for the following purposes:
- (1) Securing smooth communication channels for customer consultation, complaint handling, etc.
- (2) Providing customer services such as handling inquiries regarding the use of paid services/content, contract performance, dispute resolution, and payment refunds
- (3) Providing information on new services and new product events, etc.
- (4) Conducting the hiring process, verifying qualifications, confirming pass/fail results for each stage, and providing notification of results
3. Provision and Entrustment of Personal Information
1) Except where the user has consented or where required by relevant laws and regulations, the Company does not, under any circumstances, use users’ personal information beyond the scope disclosed in “Purposes of Collection and Use of Personal Information,” nor provide it to any other individual, company, organization, or institution.
2) Where it is necessary to provide or share a user’s personal information—such as when the Company enters into partnerships with business affiliates or business operators to provide various services and limited provision of user information is required—the Company will announce, at least 10 days prior to the effective date, via a notice or message on the initial screen of its website or within the application, who receives or shares the information, their main business, what personal information items are provided or shared, and the purpose of providing or sharing the personal information, and will proceed only after obtaining the user’s prior consent.
3) In the following cases, personal information may be provided without the user’s consent pursuant to relevant laws and regulations:
- (1) When necessary for the settlement of fees arising from the provision of services
- (2) When necessary for statistical compilation, academic research, or market research, and provided in a form that cannot identify a specific individual
- (3) When there is a request from a relevant agency for investigative purposes in accordance with applicable laws
- (4) When there are special provisions in laws such as the Act on Real Name Financial Transactions and Confidentiality, the Credit Information Use and Protection Act, the Framework Act on Telecommunications, the Telecommunications Business Act, the Local Tax Act, the Consumer Protection Act, the Bank of Korea Act, and the Criminal Procedure Act
4) The Company entrusts the processing of personal information as follows for the provision and improvement of services, and stipulates necessary matters in the entrustment contract so that personal information can be managed safely in accordance with relevant laws and regulations.
[Details of Personal Information Processing Entrustment (Domestic)]
| Entrusted Party | Description of Entrusted Work | Retention and Use Period |
|---|---|---|
| Puzzle One Studio Co., Ltd. | Provision of customer inquiry response service | Until the applicable legal retention period expires and the purpose of use has been achieved (3 years from the date of inquiry response), or until termination of the entrustment contract |
| NineHire | Operation and management of the job application service | Until the applicable legal retention period expires and the purpose of use has been achieved (destroyed 3 years after the point of application), or until termination of the entrustment contract |
[Details of Personal Information Processing Entrustment (Overseas Transfer)]
The following describes the processing of personal information entrusted to an overseas entity.
The Company does not provide users’ personal information to other overseas business operators. However, for smooth service operation such as data storage, it entrusts the following. The company listed below has no access to the data, and the Company performs the relevant work under strict controls.
Users may refuse the overseas transfer of their personal information through the Company’s Chief Privacy Officer and the department in charge. If a user refuses the overseas transfer of personal information, the Company will exclude that user’s personal information from the overseas transfer. However, in this case, the use of services that necessarily involve the overseas transfer of personal information may be restricted.
| Entrusted Service Provider | Helpshift, Inc. |
|---|---|
| Entrusted Service Provider Location (Country) | United States |
| Timing and Method | Transmitted over the network at the point of personal information collection |
| Personal Information Manager Contact | privacy@helpshift.com |
| Personal Information Items Entrusted | Name (only if provided by the user), email (only if provided by the user, or when the user submits a web support ticket), hardware data such as device model, device type (phone or tablet), battery level, and available storage space, network type, carrier, language, country, and other identifying information included in the user’s inquiry |
| Description of Entrusted Work | Operation and management of the customer support service |
| Personal Information Retention and Use Period | Destroyed three years after the date of transfer |
4. Retention and Use Period of Personal Information
1) In principle, users’ personal information is destroyed without delay once the purpose of collection and use of the personal information has been achieved.
2) Where information needs to be retained for a certain period in accordance with the provisions of relevant laws and regulations, the Company stores the personal information separately in accordance with the provisions of the law during this period, and never uses this information for any other purpose.
3) In other cases where there is a user’s individual consent, the information is retained until the period stipulated by the individual consent.
| Category | Basis for Retention (Name of Law) | Retention Period |
|---|---|---|
| Records on labeling and advertising | Act on the Consumer Protection in Electronic Commerce, etc. | 6 months |
| Records on contracts or withdrawal of subscription, etc. | Act on the Consumer Protection in Electronic Commerce, etc. | 5 years |
| Records on payment and supply of goods, etc. | Act on the Consumer Protection in Electronic Commerce, etc. | 5 years |
| Records on consumer complaints or dispute handling | Act on the Consumer Protection in Electronic Commerce, etc. | 3 years |
| Records on the collection, processing, and use of credit information | Credit Information Use and Protection Act | 3 years |
| Retention of records on identity verification | Act on Promotion of Information and Communications Network Utilization and Information Protection | 6 months |
| Retention of records on access | Protection of Communications Secrets Act | 3 months |
| Collection and retention of personal information for the hiring process | Personal Information Protection Act | 1 year |
5. Procedures and Methods for Destroying Personal Information
In principle, the Company destroys the relevant information without delay after the purpose of collection and use of personal information has been achieved. Upon destruction, personal information stored in physical form is shredded or incinerated, and personal information stored in electronic file form is deleted using technical methods that prevent the records from being restored.
6. Rights of Users / Legal Representatives and How to Exercise Them
BitMango actively takes the necessary measures regarding requests for access to, provision of, or correction of users’ personal information.
1) Users may submit a request to the Chief Privacy Officer for access to, correction or deletion of, suspension of processing of, or withdrawal of consent to the processing of personal information, via email, etc.
2) Personal information whose use has been terminated or that has been deleted at the request of the user or their legal representative is processed by the Company as specified in “Retention and Use Period of Personal Information,” and is handled so that it cannot be accessed or used for any other purpose.
7. Installation and Operation of Automatic Personal Information Collection Devices and Refusal Thereof
BitMango may automatically collect and use personal information for purposes such as providing customized services and analyzing service usage patterns, and users have the right to refuse this.
1) Provision of Customized Services
The Company uses “cookies” that store and frequently retrieve user information in order to analyze and evaluate how users use the Company’s services, understand demand, and improve and customize services and products to provide efficient services. A cookie is a very small text file sent by the server used to operate the Company’s website to the user’s browser, and is stored on the user’s computer hard disk.
Users have the option regarding the installation of cookies. Therefore, by setting options on the website, users may allow all cookies, go through confirmation each time a cookie is stored, or refuse the storage of all cookies. However, if the installation of cookies is refused, there may be difficulties in using the website services.
[How to Refuse Cookie Settings (Web browser)]
| Setting in Internet Explorer | Setting in Chrome |
|---|---|
| ① Select [Internet Options] from the [Tools] menu ② Select [Advanced] on the [Privacy] tab ③ Set to “Block” under [How to handle cookies] |
① Select [Settings] from the More menu at the top right ② Select [Site Settings] under [Security and Privacy] ③ Set to “Block” under [Cookies and site data] |
[How to Refuse Cookie Settings (Mobile browser)]
| Setting in Safari | Setting in Chrome |
|---|---|
| ① Select [Safari] from the [Settings] menu ② Enable “Block All Cookies” under [Privacy & Security] ③ Select [Clear History and Website Data], then “Clear History and Website Data” |
① Select [Sync and Google services] from the [Settings] menu ② Disable “Autocomplete searches and URLs” and “Improve search and browsing” |
2) Analysis of Service Usage Patterns
The Company uses Google Analytics, a web analytics service provided by Google, for the purpose of providing better services to users. Google Analytics collects behavioral information about users of the Company’s website through cookies; however, it collects only non-identifiable information that cannot identify an individual user. Nevertheless, users may refuse the use of cookies by Google Analytics by refusing cookie settings or by installing the following add-on, etc.
Google Analytics opt-out method (browser add-on): https://tools.google.com/dlpage/gaoptout
For other web log analysis tools, please follow each tool’s opt-out method.
8. Technical / Administrative Protection Measures for Personal Information
In processing users’ personal information, the Company takes the following technical and administrative measures to ensure security so that personal information is not lost, stolen, leaked, altered, or damaged:
1) Administrative Protection Measures
Establishment and implementation of an internal management plan, regular employee training, supervision of entrusted service providers’ compliance with security requirements, etc.
2) Technical Protection Measures
Management of access rights to the personal information processing system, installation and operation of an access control system, encryption of personal information, installation and operation of security programs, etc.
3) Physical Protection Measures
Access control of computer rooms, data storage rooms, etc.
4) Implementation of and Compliance with the Privacy Policy
The Company checks the implementation of the Privacy Policy and whether the responsible personnel comply with the Privacy Policy, and strives to promptly correct any problems found. However, the Company assumes no responsibility whatsoever for problems arising from the leakage of personal information such as passwords due to the user’s own carelessness or problems on the internet.
9. Personal Information Infringement Complaint Services
The Company has appointed a Chief Privacy Officer and a department in charge of personal information management as follows. If you have any inquiries regarding your personal information, please contact the personal information department below.
- Chief Privacy Officer: Jung Do-young
- Responsible Department: Business Team
- Email: cpo@bitmango.com
If you wish to receive personal information infringement counseling from a public institution other than the Company, please seek help from the following organizations:
- Personal Information Dispute Mediation Committee (http://www.kopico.go.kr, Tel. 1833-6972)
- Personal Information Infringement Report Center (http://privacy.kisa.or.kr, Tel. 118)
- Supreme Prosecutors’ Office Cyber Investigation Division (http://spo.go.kr, cid@spo.go.kr, Tel. 1301)
- National Police Agency Cyber Investigation Bureau (http://ecrm.police.go.kr, Tel. 182)
10. Changes to the Privacy Policy
1) This Privacy Policy is effective from July 2, 2025.
2) The previous Privacy Policy can be viewed through the “Privacy Policy Change History” at the bottom.
Privacy Policy Notice Date: 2025-07-02
Privacy Policy Effective Date: 2025-07-02