Privacy Policy for Lightness Inc.
Lightness Inc. (hereinafter referred to as "Lightness") is committed to protecting the privacy of its users in accordance with the Personal Information Protection Act. In order to promptly and smoothly handle related complaints, we have established and disclosed the following privacy policy.
Article 1 (Purpose of Personal Information Processing)
The purpose of processing personal information by Lightness under the Personal Information Protection Act Article 32 is as follows:
Personal Information File Name: Lightness_Privacy.html
Purpose of Personal Information Processing: Game Service Provision
Collection Method: Collected through a creation information collection tool
Legal Basis for Retention: Personal Information Protection Act Article 15
Retention Period: Immediately destroyed
Related Regulations: Records related to the collection/processing and use of credit information: 3 years, Records related to consumer complaints or dispute resolution: 3 years, Records related to payment and supply of goods, etc.: 5 years, Records related to contracts or subscription withdrawals, etc.: 5 years, Records related to display/advertising: 6 months
Article 2 (Rights and Obligations of Information Subjects and Their Exercise Methods)
Users may exercise their rights to access, correct, delete, or request the suspension of the processing of their personal information at any time.
The exercise of the rights under paragraph 1 may be made in writing, by electronic mail, facsimile transmission (FAX), or other methods as prescribed in Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and Lightness will take prompt action in response.
The exercise of rights under paragraph 1 may be made through a legal representative or a delegate, and in this case, a power of attorney according to the format specified in Annex No. 11 of the "Guidelines on Personal Information Processing Methods (No. 2020-7)" must be submitted.
The request for access to personal information and the request for suspension of processing may be limited under Article 35, Paragraph 4, and Article 37, Paragraph 2 of the Personal Information Protection Act.
The request for correction and deletion of personal information cannot be made if other laws specify that such personal information is subject to collection.
Lightness verifies whether the requester of requests for access, correction, deletion, and suspension of processing is the user or a legitimate representative when receiving such requests.
Article 3 (Items of Personal Information Processed)
Lightness processes the following personal information:
Lightness_Privacy.html:
Mandatory Information: Email
Optional Information: N/A
Article 4 (Destruction of Personal Information)
Lightness shall promptly destroy the relevant personal information when it becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose.
Even if the personal information retention period agreed upon by the user has expired or the processing purpose has been achieved, if it is necessary to continue to retain the personal information under other laws, Lightness shall transfer the relevant personal information to a separate database (DB) or store it in a different location.
Article 5 (Ensuring the Security of Personal Information)
Lightness takes the following measures to ensure the security of personal information:
Regular internal audits
Lightness conducts regular (quarterly) internal audits to ensure the security of personal information handling.Minimization and education of personnel handling personal information
Lightness designates personnel handling personal information, limits them to a minimum, and implements measures to manage personal information.Establishment and implementation of internal management plans
To ensure the secure processing of personal information, Lightness establishes and implements internal management plans.Technical measures against hacking
Lightness installs security programs to prevent the leakage and damage of personal information due to hacking, computer viruses, etc., and periodically updates and checks them. It also installs systems in areas where access is controlled from the outside and monitors and blocks them technically/physically.Encryption of personal information
User personal information is stored and managed in encrypted form, with passwords only known to the user. Important data is secured using additional security features such as file encryption or file locking functions.Storage and prevention of tampering with access logs
Lightness stores and manages records of access to the personal information processing system for at least 1 year. However, in the case of processing more than 50,000 individuals' personal information or processing unique identification information or sensitive information, access logs are stored and managed for at least 2 years. Security functions are also used to prevent tampering, theft, or loss of access logs.Access control for personal information
Lightness grants, changes, and revokes access permissions to the database system that processes personal information to control access to personal information as needed. Intrusion prevention systems are used to control unauthorized access from the outside.Use of locking devices for document security
Documents containing personal information, auxiliary storage media, etc., are stored in a secure location with locking devices.Access control to prevent unauthorized access
Lightness separately manages the physical storage location of personal information and establishes and operates access control procedures for it.
Article 6 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
Lightness does not use "cookies" that store and frequently retrieve user information for users.
Article 7 (Personal Information Protection Officer)
Lightness is responsible for overseeing personal information processing and has designated a personal information protection officer as follows:
▶ Personal Information Protection Officer
Contact: admin@lightness.co.krUsers can contact the personal information protection officer or the relevant department regarding any inquiries, complaints, or requests related to personal information protection, as well as damage relief and other matters related to the use of Lightness's services (or business). Lightness will respond promptly to user inquiries.
Article 8 (Request for Personal Information Access)
Users can request access to personal information in accordance with Article 35 of the Personal Information Protection Act to the following department:
▶ Personal Information Access Request and Processing Department
Contact: admin@lightness.co.kr
Article 9 (Remedy for Violation of Rights)
Information subjects may apply for mediation or seek relief for personal information breaches through the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Breach Reporting Center, and other related agencies. For reporting and consultation regarding other personal information breaches, please contact the following institutions:
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
Personal Information Breach Reporting Center: 118 (privacy.kisa.or.kr)
Supreme Prosecutor's Office: 1301 (www.spo.go.kr)
National Police Agency: 182 (ecrm.cyber.go.kr)