top of page
FABLO_logo.png

Privacy Policy

A Legal Disclaimer

The explanations and information provided on this page are only general and high-level explanations and information on how to write your own document of a Privacy Policy. You should not rely on this article as legal advice or as recommendations regarding what you should actually do, because we cannot know in advance what are the specific privacy policies you wish to establish between your business and your customers and visitors. We recommend that you seek legal advice to help you understand and to assist you in the creation of your own Privacy Policy.

FABLO GLOBAL PTE. LTD. (“we” or the “Company”) legally processes and safely manages personal information in compliance with the provisions of the Personal Information Protection Act (“PIPA”) and other relevant statutes to protect the freedom and rights of users. Accordingly, in accordance with Article 30 of the PIPA, we implemented and post this Privacy Policy (this “Policy”) in order to guide users to the procedures and standards for processing of personal information and to handle related grievances promptly and smoothly.

 

Article 1 (Scope of Collection, Purpose of Use, Retention and Use Period of Personal Information)

(1) The Company processes users' personal information for the following purposes. The personal information to be processed will not be used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures, such as obtaining a separate consent pursuant to Article 18 of the PIPA, will be implemented:

1. Simplified Registration

- Simplified Registration (Apple) Collected Items : (Mandatory) Social media linked ID / (Optional) Email

- Simplified Registration (Google) Collected Items : (Mandatory) Social media linked ID, Email

- Simplified Registration (Kakao) Collected Items : (Mandatory) Social media linked ID, Email / (Optional) Nickname, profile photo, gender, date and year of birth, phone number

- Simplified Registration (Naver) Collected Items : (Mandatory) Social media linked ID, Email / (Optional) Nickname, gender, date of birth, age scope

- Simplified Registration (Line) Collected Items : (Mandatory) Social media linked ID / (Optional) Email

- Simplified Registration (Metamask) Collected Items : (Mandatory) Wallet address / (Optional)

- Simplified Registration (WalletConnect) Collected Items : (Mandatory) Wallet address / (Optional)

- Purpose of Use : For user identification, membership management, service provision, customer support, and service improvement

- Grounds for Collection : User consent

- Retentionand Use Period : Until member withdrawal

2. Daily Quests and Event Participation

- Collected Items : (Mandatory) Social media linked ID (Google, Facebook, X, Discord, Telegram), email, network wallet address

- Purpose of Use : For participant identification, selection and notification of winners, reward distribution, and service management

- Grounds for Collection : User consent

- Retentionand Use Period : Until member withdrawal

3. Reward Redemption

- Collected Items : (Mandatory) Name, mobile phone number, date of birth, gender, Korean or other nationality, individual validation information (CI/DI), refund information (account holder, bank name, account number)

- Purpose of Use : For purchase, refund, and related inquiries

- Grounds for Collection : User consent

- Retentionand Use Period : 5 years (Electronic Commerce Act)

4. Event/Promotion

- Collected Items : (Mandatory) Nickname, name, email, mobile phone number, mailing information (name, address, contact information) / Resident registration number (only when subject to report under the Income Tax Act)

- Purpose of Use : For participant identification, winner selection, and prize distribution

- Grounds for Collection : User consent

- Retentionand Use Period : Until prize is delivered

5. Inquiries

- Collected Items : (Mandatory) Email

- Purpose of Use : For customer inquiries and support

- Grounds for Collection : User consent

- Retentionand Use Period : 3 years

- Personalized Services

- Collected Items : (Mandatory) Member registration information, service usage record, access log, IP address, MAC address, HDD device information, online identifier (user-specific identifier such as advertisement ID, UUID), device information

- Purpose of Use : For providing customized content and services based on user preferences and usage analysis

- Grounds for Collection : User consent

- Retentionand Use Period : Until member withdrawal

(2) The Company retains personal information only within the legally required period or for the period consented to by users during collection.

- Member information: Until membership withdrawal

- Until debt or credit relationship due to service usage is settled

(3) To prevent members who conduct unauthorized and unlawful act such as making economic gains from discount promotion or event benefits that the Company offers by repeating withdrawal, re-registration, arbitrary cancellation, etc. or using identity without authority, records for identity verification are retained for three months after account deactivation.

(4) In cases where laws require continued retention, the Company may keep personal information for specified periods even after the purpose of collection and use is achieved.

1. Protection of Communications Secrets Act

- Service usage-related access records (Retention Period : 3 months)

2. Electronic Financial Transactions Act

- Records related to electronic transactions (Retention Period : 5 years)

3. Consumer Protection in Electronic Commerce Act

- Records of contracts or subscription withdrawals (Retention Period 5 years)

- Records of payments and goods supply (Retention Period 5 years)

- Consumer complaints or dispute handling (Retention Period 3 years)

- Advertising records (Retention Period : 6 months)

 

Article 2 (Collection, Use, Provision, and Rejection of Behavioral Information)

(1) The Company collects and uses behavioral information to provide optimized services to data subjects in the process of using services, and does not provide customized advertisements.

(2) The Company collects behavioral information as follows:

1. Items of behavioral information to be collected: service visit history, purchase history, online activities, advertising ID

2. Method of collecting behavioral information: When the user uses the service, it is automatically generated and stored through the log information analysis tool (e.g. Google Analytics)

3. Purpose of collecting behavioral information: Improving and developing services according to the analysis of user interest

4. Period of retention and use and subsequent information processing method: Delete immediately after membership withdrawal

(3) The Company collects only the minimum behavioral information necessary to improve the service, and does not collect sensitive behavioral information that may clearly infringe on the rights, interests, or privacy of individuals, such as ideas, beliefs, family and relatives, education and medical history, and other social activities career.

(4) Users can opt out of behavioral information collection through device settings (e.g., on Android and iOS).

(5) Users may make inquiries regarding behavioral information, exercise of veto rights, and receipt of damage reports, etc. by contacting the following contact details:

▶ Department in charge of personal information protection

Department: Product Team

Email: info@playfablo.com

 

Article 3 (Provision of Personal Information to Third Parties)

(1) The Company will process users' personal information only within the scope specified in the purpose of processing personal information, and will not provide it to a third party without the user's consent.

(2) The Company provides personal information to third parties for smooth provision of the service as follows:

1. Community

- Purpose of Provision : Operation and management such as participant identification, winner selection and notification, and reward distribution

- Items Provided : Nickname, e-mail, network, wallet address

- Grounds for Provision : User consent

- Retention and Use Period : Until membership withdrawal

(3) The Company may provide personal information to a third party without the consent of the user when the Company is obligated to submit personal information pursuant to the relevant laws and regulations, or in case of resolving emergency situations such as disasters, infectious diseases, events or accidents that pose an imminent danger to life or body, or imminent loss of property.

 

Article 4 (Entrustment of Personal Information Processing)

(1) The Company entrusts the following personal information processing tasks for the smooth processing of personal information.

1. FACTBLOCK Corporation

- Details of Entrusted Work : Development and operation/management services for providing service

- Retention and Use Period : Until membership withdrawal or end of the delegation contract

2. Amazon Web Services, Inc. (Seoul Region)

- Details of Entrusted Work : Data storage and management

- Retention and Use Period : Until membership withdrawal or end of the delegation contract

3. NICE Information Service Co., Ltd.

- Details of Entrusted Work : Mobile phone identity verification service

- Retention and Use Period : Not separately stored, as the information is already held by the contractor

(2) In accordance with Article 26 of the PIPA, when entering into a consignment contract, the Company specifies in documents such as contracts certain matters including prohibition of processing personal information other than for the purpose of performing consignment work, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and liability for damages, etc., and supervises whether the consignee handles personal information safely.

(3) If the content of the entrusted work or the consignee is changed, the Company will disclose it through this Policy without delay.

 

Article 5 (Procedures and Methods for Destroying Personal Information)

(1) When the personal information becomes unnecessary, such as the expiration of the retention period of personal information or the achievement of the purpose of processing, the Company destroys the personal information without delay.

(2) In cases where personal information must continue to be preserved pursuant to other laws and regulations despite the expiration of the personal information retention period agreed upon by the user or the purpose of processing has been achieved, the personal information will be transferred to a separate database or stored in a different storage location.

(3) The procedures and methods of destroying personal information are as follows:

1. Destruction procedure: The Company will select the personal information for which the reason for destruction has occurred, and destroy the personal information with the approval of the Privacy Officer of the Company;

2. Destruction method: The Company will destroy personal information recorded and stored in the form of electronic files so that the records cannot be reproduced, and the personal information recorded and stored in paper documents will be destroyed by shredding or incineration.

 

Article 6 (Rights and Duties of Users and Legal Representatives and Methods of Exercising them)

(1) Users may exercise their rights to the Company at any time, such as requesting viewing, correction, deletion, and suspension of processing of personal information However, the exercise of the right, such as the request for viewing, correction, deletion, suspension of processing of personal information, by the user shall be limited under the provisions of the relevant statutes such as Article 35 (4), Article 36 (1), and Article 37 (2) of PIPA.

(2) Users may exercise their rights through e-mail, telephone, etc. in accordance with Article 41 (1) of the Enforcement Decree of the PIPA, and the Company will take action without delay.

(3) The exercise of the rights under Paragraph (1) may be made through the legal representative of the user or an agent such as a person who has been delegated. In this case, a power of attorney in the attached Form 11 of the "Public Notice on Personal Information Processing Methods (No. 2020-7)" shall be submitted.

(4) Users and their legal representatives may view or correct personal information in 'Settings> Profile Management> Account Information' after logging into the service.

(5) When requesting correction or deletion of personal information, if the personal information is specified as the object of collection in other statutes, the deletion cannot be requested.

(6) The Company will confirm whether the person who made the request for access, correction or deletion, or suspension of processing, etc. according to the user's right is the identical person or a legitimate agent.

 

Article 7 (Measures to Ensure Safety of Personal Information)

The Company takes the following measures to ensure safety of personal information:

(1) Administrative measures;

1. Establishment and implementation of internal management plan: For the safe handling of personal information, a Privacy Officer is designated and an internal management plan is established and implemented.
2. Minimization of the number of personnel handling personal information and training on information protection: The minimum number of personnel handling personal information is designated and operated, and information protection training and inspections are conducted for persons handling personal information.
 

(2) Technical measures;

1. Preparation of technical measures against hacking, etc.: The Company installs security programs to prevent the leakage or damage of users' personal information due to hacking or computer viruses, and manages to protect it safely through periodic checks and updates of the latest patches.
2. Management of access rights to the personal information processing system: The Company establishes and operates access control measures for personal information by granting, changing, and revoking access rights to the system that processes personal information, and controls unauthorized access from the outside using an intrusion prevention system.
3. Encryption of personal information: The Company stores and manages important personal information such as user passwords by applying a secure encryption algorithm.
 

(3) Physical measures;

1. Designation and operation of protected areas: The Company separately designates, operates and manages computer rooms, etc., where important information such as users' personal information is handled as protected areas such as control areas or restricted areas.
2. Access control for unauthorized persons: The Company establishes and operates access control procedures for protected areas, and prevents leakage and damage of users' personal information.

 

Article 8 (Privacy Officer)

(1) In order to protect the personal information of users, the Company has designated a Privacy Officer as follows who is responsible for the overall handling of personal information, and for handling user complaints and damage relief related to the handling of personal information.

▶ Contact information of the Privacy Officer:

Department: Product Team

Name: Kwon-Sam Lee

Email: info@playfablo.com

(2) The user may file a request for access to personal information pursuant to Article 35 of the PIPA to the following person or department in charge. The Company will endeavor to promptly process the personal information access request of the data subject.

▶ Department in charge of personal information protection:

Department Name: Product Team

Email: info@playfablo.com

(3) Users may contact the Privacy Officer or the department in charge of personal information protection about all personal information protection inquiries, complaints, and damage relief caused by using the Company's service. The Company will respond to and handle inquiries from users.

(4) The Company is not liable for any damages not attributable to the Company, such as user negligence or accidents in areas not managed by the Company, even though the Company has fulfilled the technical, physical and administrative measures required by law to protect personal information.

 

Article 9 (Methods of Remedy for Infringement of Rights and Interests)

(1) Users may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Personal Information Infringement Report Center of the Korea Internet and Security Agency, etc. For other reports and consultations of personal information infringement, please contact the following agencies:

- Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr);

- Personal Information Infringement Reporting Center: (without area code) 118 (privacy.kisa.or.kr);

- Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr);

- National Police Agency: (without area code) 182 (ecrm.cyber.go.kr).

(2) Any person whose rights or interests have been infringed due to the disposition or omission made by the head of a public institution in response to a request under Articles 35, 36 and 37 of the PIPA may file an administrative appeal under the provisions of the Administrative Appeals Act.

- Central Administrative Appeals Commission: (without area code) 110 (www.simpan.go.kr)

 

Article 10 (Changes to the Privacy Policy)

(1) This Policy is effective as of December 16, 2024.
(2) Previous versions of the Privacy Policy may be found at the top of the document.

bottom of page