Privacy Policy – ELVN Helpdesk

This Privacy Policy (the "Policy") explains Blueberry Meta Co., Ltd. (The “Company”) regard personal information of the users as important and complies with the relevant laws and regulations such as the Personal Information Protection Act.

The Company informs them of the purpose and method of the Company's using the personal information provided by the users and the measures taken by the Company for protection of that personal information.

The purpose of the privacy policy.
Personal information collection items and methods of collection.
Purpose of collecting and using personal information.
Period of retention and use of personal information.
Destruction of personal information
Sharing and providing personal information
Entrusted Parties for Personal Information Handling.
Rights of users and legal representatives and methods of exercise.
Matters concerning measures to secure the safety of personal information.
Cookies and other tracking technologies.
Staff responsible for protecting personal information
Responsibility for the external site.
Amendment to this privacy policy

1. The purpose of the privacy policy.

This processing policy is based on the Personal Information Protection Act, but the Company has tried to explain in as much detail as possible the status of user personal information processing in the company's ‘Sportium(https://sportium.fan)’ and " ELVN(https://eleven.soccer)" services (hereinafter referred to as "Service").

This processing policy has important meanings as follows.

It transparently provides information related to the "period of personal information," such as what information the company collects, how to use, who shares it with ('consignment or provision') as needed, and when and how to destroy information that has achieved its purpose of use.
As an information subject, we inform you of what rights users have to their personal information and how and in what procedures they can exercise it.
In the event of a personal information infringement accident, we will inform you of who you can contact to prevent additional damage and how you can get help to recover the damage that has already occurred.
Above all, it is a means to guarantee the user's "right to self-determination of personal information" by defining the rights and obligations between the company and the user about personal information.

2. Personal information collection items and methods of collection

The company collects users' personal information for the following purposes to provide users with the best experience.

(1) The personal information collected by the company from users at the time of membership registration is as follows.

The company requires information such as name, date of birth, and user email address as authentication means to use the service from users when signing up for membership. In addition, it must be linked with external social accounts to perform a series of activities such as service use, event, challenge participation, and marketplace use. Users may refuse to provide personal information, but in this case, they may not be able to access or use some of the company's specific services.

The following information will be collected when signing up as a member.
- When using Blocto Wallet: Name, email address Blocto
* When signing up for membership through external platform authentication, we do not store personal information other than the above information.
The following information may be collected according to identity verification and certification for normal use of the service after signing up as a member.
- Name, email address, ID, telephone number, address, national information, encoded identification information (CI), identification information of overlapped membership (DI), Masked ID, and face for KYC authentication.

(2) The company can collect the following personal information from users in the process of using the service.

Additional personal information collection may occur only for users of the service in the process of using individual services, applying for events, and applying for prizes on the service website. When collecting additional personal information, the user will be informed and agreed on "the items of personal information to be collected, the purpose of collecting and using personal information, and the period of retention and use of personal information."

(3) In the process of using the service, the company can generate and collect IP addresses, cookies, service usage records, and device information.

Service usage records listed in this processing policy refer to all normal or abnormal logs that occur during service use, such as https://sportium.fan/ and https:/eleven.soccer first/final access date, list of pages accessed, timestamp, click, browsing time, etc.
Device information refers to information assigned to the device during production and sales and information that can be checked through software used to drive the device. It refers to the name of the computer given to the PC by the user during the installation of the operating system (Windows, Mac OS, etc.), web browser information, and unique identification values required for communication on the smartphone such as IMEI, MCC, MNC, IMSI, IDFA, etc.

(4) other processes, personal information is collected through the following methods.

During the consultation process through the customer center, users' personal information can be collected through web pages and e-mails.
Personal information can be collected in writing at events, promotions, etc. that are held online or offline.
Personal information can be provided from an external company or organization affiliated with the company, and in this case, it is provided to the company after obtaining consent from the affiliate to provide personal information to the user under the Personal Information Protection Act.
The company can collect electronic wallet addresses for smooth and transparent transactions.

3. Purpose of collecting and using personal information

The company uses personal information only for member management, service development, provision and improvement, and the establishment of a safe Internet environment.

We use personal information to manage membership, such as confirmation of intention to sign up, age, identification of users, withdrawal of membership, and confirmation of intention to withdraw.
In addition to providing services (including ads), personal information is used to discover new service elements and improve existing services, such as service visit records and access frequency analysis, statistics on service use, demographic analysis, service analysis, and information recommendation.
Personal information is used to protect users and operate services such as restrictions on the use of users who violate laws and company terms and conditions, prevent sanctions, prevent account theft and fraudulent transactions, deliver notices such as terms and conditions updated, preserve records for dispute settlement, and handle complaints.
Personal information is used to verify the identity of the service.
Personal information is used for marketing and promotion purposes, such as event information, participation opportunities, and advertising information.
Personal information is used to establish a service-use environment that users can use with confidence in terms of security, privacy, and safety.

4. Period of retention and use of personal information.

The company uses and holds personal information within the period of use, retention, or collection of personal information agreed upon by the user according to laws and regulations. However, if it is necessary to preserve it even after the purpose of collection and use is achieved by the provisions of the relevant laws and regulations, the company will keep member information for a certain period as follows.

Records of indication/advertisement: 6 months (ENFORCEMENT DECREE OF THE ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.)
Records of website visits: 6 months (PROTECTION OF COMMUNICATIONS SECRETS ACT)
Records of withdrawal of contracts or subscriptions: 5 years (ENFORCEMENT DECREE OF THE ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.)
Records of payment and supply of goods, etc.: 5 years (ENFORCEMENT DECREE OF THE ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.)
Records of consumer complaints or disputes: 3 years (ENFORCEMENT DECREE OF THE ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.)
Records of electronic financial transactions: 5 years (ELECTRONIC FINANCIAL TRANSACTIONS ACT)

5. Destruction of personal information

In principle, the company destroys the personal information without delay if the period of retention of personal information has elapsed or the purpose of processing has been achieved. However, if personal information must be preserved by laws and regulations even after the period of personal information retention agreed by the user has elapsed or the purpose of use has been achieved, the personal information will be moved to a separate database (DB) or preserved differently.

When a request for membership withdrawal is received, a seven-day grace period will be given from the time of request for membership withdrawal to minimize damage caused by account theft, and if the request for membership withdrawal is not canceled during this period, membership withdrawal will be processed.

Information on which the preservation obligation has been completed in the statute is also destroyed in a way that cannot be reproduced without delay after the expiration of the period. In the case of electronic file types, they are safely deleted using technical methods for restoration and reproduction prevention, and printed materials are crushed or incinerated and destroyed.
The company destroys or separately stores and manages the personal information of members who have not used the service for a year under the "personal information expiration date system." Personal information stored separately is never used for any other purpose and will be destroyed without delay after 4 years of storage.

6. Sharing and providing personal information

In principle, the company does not provide personal information to the outside without the user's prior consent. The company processes the personal information of the data subject only for the purposes specified in this processing policy. However, exceptions shall be made when requesting data from the relevant authorities, such as cases where the data subject has prior consent, the company is obligated to submit personal information under the provisions of laws, and urgent risks to the safety of the user's life or property are identified.

7. Entrusted Parties for Personal Information Handling

The company entrusts some of its work to external professional companies to provide convenient and better service. In addition, the entrusted company stipulates, manages, and supervises necessary matters to safely process personal information by the Personal Information Protection Act.

(1) Entrusted Parties for Personal Information Handling.

Consignment company	Purpose of consignment work
Alphaworks	Analysis of service indicators and usage behavior, and response to errors (failures)
BlueberryNFT	service provision, handling of complaints, delivery of notification, identification for subscription-based service use

(2) Cross-border transfer of personal information.

Entrusted Party	Purpose	Items to be transferred	Country, Information Management Officer	Transfer Date	Use Period
portto Co., Ltd.	Connect wallet, Send email authentication code.	Email address, wallet address	Taiwan, support@blocto.app	Transmission via the network at the time-of-service use	5 years since the withdrawal
Twilio Inc	Send a confirmation text message	mobile phone number	USA, privacy@twilio.com	Transmission via the network at the time of verification to get phone verification.	30 days after verifying the phone verification
Amplitude, Inc.	Collect weblog	Device information (OS, model name, language, country, mobile carrier)	USA, privacy@amplitude.com	Transmission via the network at the time-of-service use	5 years since the withdrawal

8. Rights of users and legal representatives and methods of exercise

Users can check personal information or exercise their rights to modify or delete the company at any time. However, some information, such as email address, name, and date of birth, may not be modified, and additional documents or materials may be needed to check the facts of the personal information you want to modify.
If a user requests the correction of an error in personal information, the personal information is not used or provided until correction is completed. In addition, if wrong personal information has already been provided to a third party, we will notify the third party of the correction process without delay so that the correction can be made.
In principle, the company does not collect personal information if the user is under the age of 19. People under the age of 19 cannot use the service, but if they inevitably collect the personal information of members under the age of 19, they will seek consent from their legal representatives in advance and destroy the information as soon as it's over. And the Company will thoroughly manage personal information during the work.

9. Matters concerning measures to secure the safety of personal information

(1) In processing users' personal information, the company is seeking the following technical measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged.

The user's personal information is protected by a password, and information of the user's account is only available and changeable to the owner who knows the password.
To prevent the leakage of users' personal information in preparation for external intrusion such as hacking, the company is currently preventing attacks such as hacking by using devices that block intrusion from the outside. In particular, servers with users' personal information maintain the highest level of security, such as managing them separately without directly connecting to external Internet lines.
The company has a backup system and data in case of an emergency.
The company is taking measures to prevent damage caused by computer viruses using vaccine programs. Vaccine programs are updated periodically, and in the event of a sudden virus, they are provided as soon as the vaccine comes out to prevent personal information from being violated.

(2) The company is taking management measures, such as limiting users' access to personal information to a minimum number of people.

Employees who process personal information are managed to a minimum, and the possibility of personal information leakage is reduced by separating the external Internet network and the internal network of employees who can download personal information from the personal information processing system. It also constantly emphasizes that the protection of member personal information is the most important value of the company through regular training for personal information handlers, occasional training, and campaigns for executives and employees of the company.
To protect personal information, a separate organization is operated, access control procedures are established to prevent leakage of personal information, and access to outsiders is blocked.

10. COOKIES AND OTHER TRACKING TECHNOLOGIES

We may also collect specific information through the use of "cookies" and other tracking technologies Cookies are small files that Applicant / User's browsers place on their computers. The company uses cookies for the following purposes.

Purpose of Using Cookies: Cookies support more rapid web environments for users by storing users' preferred settings and are used for the improvement of services to allow for the more convenient use of Services. By doing so, cookies allow Users to use services more easily.
Rejection of cookies: Cookie does not collect personally identifiable information automatically or actively, and a user has an option for setting a cookie. Hence, a user may allow all cookies by setting the option on the web browser; whenever a cookie is stored, the confirmation thereof shall be completed; or, otherwise, a user may reject the storage of all cookies. Provided, however, when a user rejects the storage of a cookie, then the user may have some difficulties in using a service.
Examples of Settings
- Edge: Select the "Settings" menu at the top right side of the browser. > Cookies and site permissions > click “Manage and delete cookies and site data”
- Chrome: Select the "Settings" menu at the top right side of the browser. > "Show advanced settings" > In the "Privacy" section, click "Content settings". > Cookies
- Safari: Select Environmental Setting Menu > Click Personal Data Tab > Setting the Level of Cookie and Website Data.

11. Staff responsible for protecting personal information

The company designates a person in charge of personal information protection and a person in charge as follows for handling inquiries and complaints related to users' personal information.

Privacy Protection Officer
- Name: Hong Sungdae
- Service Planning & Operation part
- Contact: 02-2135-3407
- Email: support@blueberrymp.co.kr

Users can report all personal information protection-related complaints arising from using the company's services to the person in charge of personal information protection. The company will respond quickly and sufficiently to users' reports.

Please make inquiries to the following organizations if you need to report or consult regarding the violation of personal information.

KISA Report Center for Personal Information Breach: (Toll-free) 118 https://privacy.kisa.or.kr
Cyber Crime Investigation, Supreme Prosecutors' Office: (Toll-free)1301 cid@spo.go.kr
Cyber Terror Response Center, National Police Agency: (Toll-free)182 https://ecrm.cyber.go.kr

12. Responsibility for the external site

The company can provide users with links to other external sites. In this case, the company does not have control over external sites, so users cannot be responsible and guaranteed for the usefulness, integrity, and legality of services or data provided from external sites, and the linked external site's personal information processing policy is irrelevant to the company.

13. AMENDMENT TO THIS PRIVACY POLICY

The Company may amend its Privacy Policy to reflect any legal or service changes. If we make any material changes to this policy, we will notify you of such changes by posting them on a website or by sending you an email or other notification. In addition, we compare and disclose the changes before and after the changes so that users can easily check them.

[Supplementary provisions]

This Privacy Policy shall enter into force on Jan 24, 2022.

Related articles