(Effective Date: August 22, 2019)
Gravity Interactive Inc. ("Controller"), jointly with Company’s affiliates and independent contractors (“Co-Providers”, collectively with Controller, "us," "our," or , "we"), provide mobile game named RO MMOPRP (Game) and related services, including, without limitation, online communities for Game or social network services offered by us via the support.warpportal.com or our branded websites (“Sites”) (collectively, our “Service”).
1. Controller’s name and contact details
Controller in the sense of the GDPR and other data protection or data privacy laws in the Member States of the European Union or the European Economic Area and other guidelines with a data protection nature regarding the Services is:
Company Name: Gravity Interactive, Inc.
Official Address: 7001 Village Drive Buena Park, CA 90621
Contact Email: email@example.com
The Representative of Controller under Art. 27 can be contacted at firstname.lastname@example.org.
2. Contact details of the Data Protection Officer (DPO)
The Data Protection Officer of Gravity Interactive Inc may be contacted at email@example.com.
3. General information on our data processing
We process Personal Data with your consent, when necessary for the performance of a contract with you, when processing is necessary for compliance with a legal obligation we are subject to or based on our legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of you which require the protection of your Personal Data. This section applies to all detailed processing activities listed below.
3.1 Information Security
Our employees and we understand the need for user privacy, and we maintain reasonable and appropriate security procedures to protect your information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the Personal Data. However, no security system is impenetrable, and we cannot guarantee the security of our systems or your information.
3.2 Information Sharing
We may share Personal Data with developer, co-developer, vendors or agents working on our behalf for the purposes described in this Policy. Any developer, co-developer, vendor or agent that we retain must comply with our data privacy and security requirements and are not allowed to use Personal Data they receive from us for any other purpose. We use service providers for cloud hosting, security monitoring and enforcement, advertising, marketing, recruiting, product testing, customer service, social networking and data analytics.
We may also share your Personal Data:
• with other parties in connection with a company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business or assets by another company or third party, or in the event of a bankruptcy, dissolution, or related or similar proceedings
• as required by law or subpoena or if we reasonably believe that such action is necessary to comply with the law or the reasonable requests of law enforcement, to enforce our Terms of Service or other agreements or to protect the security or integrity of our Sites and Services, and/or to exercise or protect the rights, property, or personal safety of Gravity Interactive Inc, our users, or others
• among our affiliates, which may include companies owned by or under common ownership of Gravity Interactive Inc, all of which will be required to use your personal information as described in this Policy
3.3 Third country transfers
We transfer Personal Data to the following third countries:
Recipients Third countries
Legal safeguards of Recipient
Host Provider Japan
DPAs, Privacy Shield
App Distributors German
DPAs, Privacy Shield
Customer Support Provider South Korea
DPAs, Privacy Shield
Customer Support Agents South Korea
DPAs, Privacy Shield
To receive a copy of the respective safeguards, please contact us at firstname.lastname@example.org.
We will not knowingly collect personal information from any child, or process such information, without parental consent. For the purpose of this Policy, a child means any individual who is under the age of 16 (or the minimum legal age to consent to the collection and processing of personal information where this is different under applicable law).
3.5 Retention periods
We will retain your Personal Data only as long as it is necessary to fulfill the respective purpose, unless we are required by law to store your Personal Data longer. After you have terminated your use of our Service, we may store your information in an aggregated and anonymized format. Notwithstanding the foregoing, we may also retain any Personal Data as reasonably necessary to comply with our legal obligations, allow us to resolve and litigate disputes, and to enforce our agreements.
3.6 Automated Decision-Making
We do not use automated-decision making, including profiling.
4. Use of our Site
On our Sites, we gather information either directly from you (e.g., when you provide certain information to us) or indirectly (e.g., through our Site’s technology).
4.1. Information collected indirectly
We indirectly collect a variety of information through your interaction with and use of our Sites. This information may include but is not limited to, browser settings, data collected through automated electronic interactions, application usage data, demographic information, geographic or geo-location information, statistical and aggregated information (“Other Information”). The processing is necessary for the purpose of our legitimate interests in accordance with Article 6(1)(f)* of the GDPR, as we need this information to keep user data safe by detecting certain threats, and to provide you with the best possible experience.
Statistical or aggregated information does not directly identify a specific person, but it may be derived from Personal Data. For example, we may aggregate Personal Data to calculate the percentage of users in a particular country.
If we combine Other Information with Personal Data, we will treat the combined information as Personal Data.
4.1.1 Tracking Data
Website traffic volume and patterns, such as the number of visitors to a given website or page daily is typically referred to as “Tracking Data.” This type of indirectly collected information is gathered through various means, such as an IP address, which is a number that is automatically assigned to your computer whenever you are surfing the Web. Web servers, the computers that “serve up” web pages, automatically identify your computer by its IP address. When you visit any of our Sites, our servers log your computer’s IP address.
4.1.2 Our Cookies
Other types of indirectly collected information are stored in Cookies from us.
4.1.3 Third-party Cookies
4.2. Information collected directly
We also collect Personal Data and other information that you voluntarily provide. It is entirely your decision to provide the requested information. However, certain features of our Sites may not be available in this case.
We keep all information collected directly confidential, and will only use the information for the particular purpose it is collected for. We will seek your specific permission for any additional use. We will never barter, trade, or sell access to your information without your specific consent.
4.2.1 User Accounts
When setting up an account on one of our Sites (“User Account”), you may be asked to provide Personal Data including, but not limited to, your name, email address, and your phone number.
As a user of our Sites, we may obtain your Personal Data when you register to use one of our Sites or services and products or when you provide feedback about our products or services. The processing is necessary to perform the contract with you according to Article 6(1)(b)* of the GDPR. As a user, we will use your Personal Data, unless otherwise prohibited by law, for the following purposes:
• To provide you with the products and services you request.
• To communicate with you about your account or transactions with us and send you information about features on our sites or changes to our policies.
• To provide support including, but not limited to, product updates, product patches, and fixes and other similar communications.
Furthermore, we will use your Personal Data for our legitimate interests according to Article 6(1)(f) of the GDPR to notify you about information about features on our Sites, new product releases and service developments and to advertise our products and services under this Policy.
Any User Account data will only be stored until you decide to terminate your User Account. In case we are obliged to further store your Personal Data due to statutory retention requirements, your Personal Data will be barred for further use by us and only stored until such retention periods expire.
4.2.1 Personal Data provided by other means
Personal Data provided by you on our Sites by other means, e.g., via contact forms, will be stored in our service database and retained for the period necessary to fulfill our contractual obligations to you under Art. 6(1)(b) of the GDPR, unless a longer retention period is required by law.
5. Your rights
You have the right to access your Personal Data that we hold about you and to correct, update, amend, suppress, delete or otherwise modify any Personal Data where it is inaccurate, or has been processed in violation of the applicable data protection regulations, unless we have to keep the Personal Data for legitimate business or legal purposes. When updating your Personal Data, we may ask you to verify your identity before we can act upon your request.
You may object to the use or processing of your Personal Data or withdraw consent to use your Personal Data at any time.
You have the following rights:
• The right to require free of charge (i) information whether your Personal Data is retained and (ii) access to and/or (iii) duplicates of the Personal Data retained. However, if the request affects the rights and freedoms of others or is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking action requested) or refuse to act on the request;
• The right to request proper rectification, removal or restriction of your Personal Data;
• Where processing of your Personal Data is based on legitimate interests according to Article 6(1)(f) of the GDPR, the right to object on grounds relating to your particular situation at any time. If you object, we will no longer process your Personal Data unless there are compelling and prevailing legitimate grounds for the processing or the data is necessary for the establishment, exercise or defense of legal claims;
• Where processing of your Personal Data is either based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, the right to receive the Personal Data concerning you in a structured, commonly used and machine-readable format or to have your Personal Data transmitted directly to another company, where technically feasible (data portability);
• Where the processing of your Personal Data is based on your consent, the right to withdraw your consent at any time without impact to data processing activities that have taken place before such withdrawal or to any other existing legal justification of the processing activity in question; and
• The right not to be subject to any automatic individual decisions, which produces legal effects on you or similarly significantly affects you.
To exercise the rights referred to above, please contact us at email@example.com. You may take legal actions concerning any breach of your rights regarding the processing of the Personal Data, as well as to lodge complaints before the competent authority.
6. Changes to this Policy