Effective Date: November 22, 2025

Playbase Privacy Policy

Article 1 (General Provisions)
1. Lestination (hereinafter "the Company") complies with applicable laws and regulations such as the "Personal Information Protection Act" and the "Act on Promotion of Information and Communications Network Utilization and Information Protection," and has established and operates this privacy policy to protect the personal information of its members.
2. This policy applies to the Playbase services provided by the Company, and the Company will make this policy available on the service screen for viewing at any time.

Article 2 (Personal Information Items Collected)
The Company may collect the following personal information for purposes such as membership registration, service provision, consultation, and prevention of misuse.

1. During membership registration and account creation
- Required: Google email, name or nickname, profile image (within the extent provided through Google account linking)
2. For account verification and certification
- Email, URL for verification, business information (such as business name, business registration number, contact person name for suppliers), broadcasting channel information (such as URL, platform name for streamers)
3. Information automatically collected during service use
- IP address, connection device information (browser information, OS, device identification information, etc.), cookies, service usage records (login/logout records, menu access records, click records, etc.), error logs, etc.
4. During customer inquiries and report handling
- Email address, inquiry content, attached files, records generated during the process
5. When using advertising and statistics functions (within the open range)
- Non-identifiable statistical data such as click, exposure, and conversion information for specific campaigns

The Company strives to collect no more information than necessary for service provision in accordance with the principle of minimum collection.

Article 3 (Methods and Purposes of Collecting Personal Information)
1. Methods of Collection
1) Direct input through membership registration, account settings, and input fields within the service
2) Provision through OAuth connectivity (such as Google login)
3) Collection of automatically generated log information during service use
4) Customer service inquiries, emails, report submissions, etc.
2. Purposes of Use
1) Member management and identity verification (such as confirmation of membership intention, account identification and certification, prevention of misuse)
2) Service provision and contract performance (such as game key registration, issuance, matching, notification sending, service function provision)
3) Service improvement and statistical analysis (such as usage pattern analysis, function improvement, service planning)
4) Customer service and complaint handling (such as checking and responding to inquiries and reports and dispute resolution)
5) Prevention of illegal activities and ensuring service stability (such as detecting unauthorized logins and analyzing security logs)
6) (In the future) When providing advertising and marketing services, operating campaigns and analyzing achievements within the scope of prior notice and consent

Article 4 (Retention and Use Period of Personal Information)
1. The Company promptly destroys personal information once the purpose of collection and use is achieved.
2. However, in the following cases, the information may be retained for a specified period according to relevant laws.
1) Records related to contracts or withdrawal of subscriptions: 5 years
2) Records related to payment settlements and supply of goods: 5 years
3) Records related to consumer complaints or dispute resolution under the Electronic Commerce Act: 3 years
4) Connection records (such as log records): at least 6 months
5) Other cases where preservation is necessary according to related laws: the period specified by the relevant law
3. If a member withdraws from the service or their account is deleted, the Company safely destroys personal information after the above retention period has elapsed.

Article 5 (Provision of Personal Information to Third Parties)
1. In principle, the Company does not provide personal information to third parties beyond the purposes of collection and use.
2. Exceptions may apply in the following cases.
1) When the member has given prior consent
2) When there are special provisions in the law, or public institutions such as investigative or supervisory agencies request it through legal procedures
3) When necessary for the protection of a person's life, body, or property and it is difficult to obtain the member's consent
3. The Company does not currently provide member information directly between suppliers or streamers, and if third-party provision is necessary in the future, the recipients, purpose of provision, provided items, retention, and use period will be separately notified and consent obtained.

Article 6 (Outsourcing of Personal Information Processing)
1. The Company may outsource personal information processing to external professional companies, if necessary, for service provision.
2. When concluding an outsourcing contract, the Company specifies in the contract that personal information processing for purposes other than the outsourced task is prohibited, technical and managerial protective measures, restrictions on re-outsourcing, management, supervision, and liability for damages according to the "Personal Information Protection Act," and supervises to ensure the processor handles personal information safely.
3. When outsourcing personal information processing occurs, the Company notifies via the service screen (such as the homepage) or includes it in this policy to inform about the recipient (company name) and content of the outsourced task.

Article 7 (Use and Rejection of Cookies)
1. The Company may use cookies to provide customized services to members, analyze access frequency, understand service usage patterns, etc.
2. Users can refuse to store cookies through browser settings or delete stored cookies.
However, refusing cookies may restrict some service use.

Article 8 (Member's Rights and How to Exercise Them)
1. Members can request to view, correct, delete, or suspend the processing of their personal information at any time.
2. These rights can be exercised through the account settings menu within the service, email (contact@playbase.asia), etc., and the Company shall take prompt action within the period specified by relevant laws.
3. The Company may limit or deny access, correction, deletion, etc., in the following cases according to relevant laws.
1) When prohibited or restricted by law
2) When there is a significant risk of harm to the life, body, property, or other interests of others
3) When it is evident that the Company has already destroyed the personal information
4. To verify an individual or a legitimate representative making a request for access, correction, or deletion, the Company may request additional information within the necessary scope.

Article 9 (Measures to Ensure the Security of Personal Information)
The Company implements the following technical, managerial, and physical measures to ensure the security of personal information.

1. Technical Measures
- Encryption of personal information and passwords
- Management of access rights through an access control system
- Installation of security programs and periodic updates
- Monitoring of access logs and unusual activities
2. Managerial Measures
- Appointment of a person in charge of personal information protection and establishment of an internal management plan
- Minimizing and educating personnel handling personal information
- Regular internal inspections and improvements
3. Physical Measures
- Limiting physical access to servers and storage media
- Entry control for secure areas, etc.

Article 10 (Personal Information for Children Under 14)
In principle, the Company does not provide services to children under 14 years old and does not intentionally collect personal information from them.
If the Company becomes aware that information from a child under 14 has been collected, it will promptly delete the information and take necessary action.

Article 11 (Personal Information Protection Officer and Contact Information)
The Company is responsible for overseeing personal information processing, handling inquiries, complaints, damage relief, and has designated a personal information protection officer as follows.

- Personal Information Protection Officer: Yongwoo Shin
- Email: contact@playbase.asia

Members can direct all inquiries, complaints, and requests for relief related to personal information protection arising from using the services to the above email, and the Company strives to respond and handle them as quickly and sincerely as possible. (The goal is to respond within 2 days.)

Article 12 (Obligation to Notify and Revise)
1. The Company may amend the privacy policy according to changes in relevant laws, service content, and internal policies.
2. In the event of changes to this policy, the Company will announce them at least 7 days before the effective date on the service screen, stating the changes and effective date.
However, in cases of significant changes to members' rights and obligations, announcements will be made at least 30 days in advance.
3. The revised policy takes effect from the announced effective date.