Privacy Policy for Night Crows 


Wemade Co., Ltd (“we”, “our”, “us”, “the Company”) is committed to protecting the privacy and security of the personal data we collect about you and being transparent about the ways in which we collect and process your personal data. 


PROCESSING ACTIVITIES COVERED BY THIS PRIVACY POLICY

This statement (this “Privacy Policy” or this “Policy”) sets out our policies and practices for handling the personal data we collect from or about you as a user of the game called “Night Crows” (the “Services”). 

It is important that you read this Privacy Policy, together with any other notices we may provide on specific occasions when we collect or process your personal data, so that you are aware of how and why we are using such personal data and what your rights are under the relevant data protection laws.

[If you are a California resident, please also see our California Privacy Statement.] 

Our Services may contain links or integrate with other websites, platforms, applications, games, and services which are owned and maintained by third parties i.e., not us. The privacy practices of these third parties are not covered by this Privacy Policy and are covered by the privacy policies of those third parties. Please review those third-party privacy policies for information. 

If you have questions about any parts of the Privacy Policy, please contact us.


COLLECTION OF PERSONAL DATA  

In this Privacy Policy, “personal data” means any information about an identified or identifiable individual. The type of personal data we collect from you depends on how you interact with us and our Services. We process the following categories of personal data from you when you use our Services:

  • Contact information, such as your phone number and email address.

  • Age information, such as if you are older than 16 years.

  • Registration information, such as authentication tokens issued by the third-party platform through which you log-in to sign up to the Services (Google, Apple, Meta).

  • Streamer Supporting System use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

  • Your in-game character name and server name.

  • Residence Status in California, USA.

  • Information collected automatically using cookies or other tracking technologies such as web beacons, pixels, local storage, and scripts. You can find more information on this in our Cookie Policy and you can also learn more about cookies by visiting www.aboutcookies.org or www.allaboutcookies.org.

  • Gameplay data, including access time, pay time, and pay history (levels, records of playing with play mates (if necessary). 

  • Information required to facilitate the processing of your purchases through third parties, e.g., as Apple store, Google play store, and Xsolla, such as transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address, and phone number.

  • Information required to link your game account with your WEMIX wallet account, such as WEMIX wallet address, WEMIX wallet ID, UUID (Universally Unique Identifier).

  • Chat information, such as chat content and associated metadata.

  • Information necessary to manage inquiries and requests from you, such as your in-game character name and information related to the issue you are contacting us about.

  • Information necessary to organize an event such as your in-game character name, guild name and server name, email address, and full name.

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID, advertisement ID.

  • Mobile Device information such as model name, carrier information, OS information, language and country information, unique device identifier, and advertising ID.

  • IP address.

We receive the above categories of information from you when you directly provide it to us, or from other sources, including from other users of our Services or third-party services and organizations (e.g. Google, Apple, Meta). Please see Appendix II for more information on personal data collected from third parties. Without this information, we may not be able to provide you with all the requested services, and the services we are able to provide may differ depending on the information you provide us. 

We do not collect any sensitive personal data (i.e., personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation) or any personal data relating to criminal convictions and offences. Please do not submit any sensitive personal data to us.


USE OF PERSONAL DATA 

We will use your personal data for the following purposes:

  • To provide you with the Services. We use your information to open and maintain your accounts, facilitate the functionality of our Services, and customize the Services (where applicable).

  • To improve the quality of our Services. We use your information to maintain, improve, and administer our Services, including by troubleshooting, data analytics, and testing.

  • To keep our Services and users safe. This includes detecting users illegally using our programs, and to otherwise prevent and respond to fraud, abuse, security risks, and technical issues.

  • To provide support services relevant to the Services as requested by you.

  • To invite you to an event, organize the event, and facilitate communications with you around the event and future events.

  • To manage your preferences in relation to use of cookies and other tracking technologies, to ensure our Services function properly when the information is collected through essential cookies.

  • To comply with applicable laws and regulations. This includes using your information to ensure compliance with our legal obligations (such as recordkeeping obligations and transparency obligations).

  • To resolve disputes, enforce our contractual agreements, enforce our company policies (such as the operational policy) and to establish, exercise or defend legal claims.

  • To facilitate your purchases and transactions.

  • To provide information about the Services during pre-registration. We use your information to offer updates and rewards for the pre-registration.

We will use your personal data under the following legal bases as described in Appendix I:

1.     To perform in terms of the contract we have entered into with you. When you sign up to our Services, we provide you with our Terms of Use.  

2.     To comply with our legal obligation.

3.     To protect our legitimate interests (or those of a third party). We rely upon this legal base only when our legitimate interests are compelling enough to override your rights. 

4.     Where your consent is given.


AUTOMATED DECISION-MAKING AND PROFILING 

We do not engage in profiling or other automated decision making during our relationship with you. 


DISCLOSURE OF PERSONAL DATA

We may share your personal data with third parties in the following contexts: 

  • Disclosure to our affiliates:

We share your personal data with Wemix if you choose to integrate the Wemix wallet or other services to the Services. We may share your personal data with Wemade Entertainment USA to process service operations such as multilingual translation, customer service, and community management.

  • Disclosure to our service providers:

We use third-party vendors and service providers (or “data processors”) to process your personal data for the purposes outlined above. Our data processors operate only in accordance with our instructions, in line with this Privacy Policy, and are subject to appropriate confidentiality and security obligations. Our processors include companies that assist us to manage support requests from you and are our cloud service providers. Please see Appendix I for more information on personal data shared with third parties.

  • Disclosure to external controllers:

We share your personal data with external controllers to process your personal information for their own purposes, primarily to process payments and facilitate access to the Services. Please refer the privacy policies of those third-party controllers to understand what personal data of yours they process and why. 

  • Disclosure pursuant to business transfers:

We may share your personal data in connection with a substantial corporate transaction, such as the appraisal or evaluation of our business, a sale, a merger, consolidation, asset sale, joint venture initial public offering, or in the unlikely event of bankruptcy.

  • Disclosure for legal purposes or to obtain professional advice:

We may also disclose your personal data to law enforcement agencies, governmental authorities, legal counsel, and external consultants in compliance with applicable data protection laws. 

  • Disclosure with your consent:

Lastly, we may also share information about you to third parties when you have consented to it.

Please see Appendix I for more information on personal data provided to third parties.

Our Services allow you to upload and share messages and other content with others. If you choose to engage in public activities on the Services, you should be aware that any information you share there can be read, collected, or used by other users of these areas. You should always exercise discretion and use caution when disclosing information while participating in these areas. We are not responsible for how other use the information you choose to submit in these public areas.

When you use our Services, we will need to transfer your personal data to countries where we, our affiliates, service providers, and third party controllers operate. These areas include the Republic of Korea, the Republic of Singapore, and the United States of America. 


EEA users: If a recipient of your personal data is located outside of the European Economic Area (“EEA”) in a country that is not recognized by the European Commission as ensuring an adequate level of data protection, we will implement appropriate measures to ensure that your personal data remains protected and secure when it is transferred outside of your home country, in accordance with applicable data protection and privacy laws. For the EEA, these safeguards include data transfer agreements implementing European Commission’s Standard Contractual Clauses (a form of data transfer agreement pre-approved by the European Commission as providing adequate safeguards for personal data). You may ask for a copy of such appropriate measures by contacting us using the contact details at the end of this Policy. 


CHILDREN 

Our Services are not intended for anyone under the age of 16. We do not knowingly collect or sell any information from individuals younger than 16 without parental consent or as otherwise permitted by applicable law.


DATA SECURITY  

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to only those employees, agents, contractors and other third parties who have a business need for such access. 

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

 

DATA RETENTION  

We will only retain your personal data for as long as necessary to fulfil the purposes set out above, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. 

Some of the main criteria we use to determine specific retention periods include recording keeping obligations under applicable law or industry standards, relevance to potential litigation, whether data is necessary for us to exercise our rights or maintain the Services. For more information on data retention periods, please contact us by using the information below.


YOUR DUTY AND RIGHTS IN RELATION TO YOUR PERSONAL DATA  

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. If you become aware of changes or inaccuracies in your information, you should inform us of such changes so that the information may be updated or corrected.

Your rights in connection with personal data

You may be entitled, in accordance with applicable law, to the following rights: 

  • Right to be informed. This right allows you to know what personal data we collect about you, why we collect it, who collects it, how long it will be kept, who we share it with, amongst other things. Through this Privacy Policy, we are informing you of this processing information. 

  • Right of access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  • Right to correct or rectify your personal data. This right gives you the right to ask us to correct anything that you think is wrong with the personal data we have about you, and to complete any incomplete personal data.

  • Right to deletion of your personal data. This is called the “right to erasure”, “right to deletion”, or the “right to be forgotten”. This right means you can ask for your personal data to be deleted. Sometimes we can delete your information, but other times it is not possible for either technical or legal reasons. If that is the case, we will consider if we can limit how we use it. We will also inform you of our reason for denying your deletion request.

  • Right to restrict processing of your personal data. This is the right to ask us to only use or store your personal data for certain purposes. You have this right in certain instances, such as where you believe the data is inaccurate or the processing activity is unlawful.

  • Right to data portability. This is the right to request we move or transfer your personal data, in a machine-readable form. It is the right to ask for and receive a portable copy of your personal data that you have given us, so that you can move it, copy it, keep it for yourself and/ or transfer it to another organization.

  • Right to object to the processing of your personal data by us. This is your right to tell us to stop using your personal data. You have this right where we rely on a legitimate interest of ours (or of a third party). You may also object at any time to the processing of your personal data for direct marketing purposes. We will stop processing the relevant personal data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your personal data to establish, exercise, or defend a legal claim.

  • Right to withdraw your consent. In case that the processing of your personal data is based on the legal basis of consent, you may withdraw your consent at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect processing performed on other lawful grounds.

If you wish to make a complaint about how we process your personal data, please contact us and we will endeavor to handle your request as soon as possible. You may lodge a complaint with a supervisory authority if you believe our processing of your information is unlawful. If you are in the EU, you can find the supervisory authority for your country and how to contact them in https://edpb.europa.eu/about-edpb/board/members_en. If you are in the UK, the supervisory authority is the Information Commissioner’s Office, who you can contact in https://ico.org.uk/make-a-complaint/your-personal-information-concerns. 

How you can exercise your rights:

To exercise any of your rights, please contact us by using the contact details at the end of this Privacy Policy.  When submitting a privacy request, please describe your relationship with us and provide sufficient detail to allow us to properly understand, evaluate, and respond to you.

We may need to request specific personal data from you to help us verify your identity. This is another appropriate security measure to ensure, for example, that personal data is not disclosed to any person who has no right to receive it.

If you wish to submit a request on behalf of another person, please provide sufficient information to allow us to reasonably verify that you are authorized by that person to make the request on their behalf. 

How we will respond to you:

We will confirm the receipt of your request within ten (10) business days, and, in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, unless we have already granted or denied the request.

Please allow us up to a month for us to reply to your requests from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why and the extension period in writing. 

If we cannot satisfy a request, we will explain why in our response to you. For data portability requests, we will choose a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without difficulty.

We will generally not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.

In certain circumstances, we may decline a request to exercise the rights described above, particularly where we are unable to verify your identity. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.


DATA CONTROLLER AND CONTACT DETAILS

The Company is the data controller for the purposes of the General Data Protection Regulation (EU) 2016/679 (“EU GDPR”), the UK GDPR and other applicable data protection laws. If you have any questions about this Privacy Policy or wish to contact the Company regarding your personal data or concerns you have about this Privacy Policy, please contact:

Company: Wemade Co., Ltd

Address: 49, Daewangpangyo-ro 644beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Phone: +82-2-3709-2000 

Email: privacy@wemade.com 

Please allow up to one month for us to reply.


Data Protection Officer 

We have appointed VeraSafe as our Data Protection Officer (DPO). While you may contact us directly, VeraSafe can also be contacted on matters related to the processing of Personal Data. VeraSafe’s contact details are:

Company: VeraSafe, LLC (for the attention of: Anastasia Pavlou, Privacy Counsel)

Address: 100 M Street S.E., Suite 600 Washington, D.C. 20003 USA

Phone: +1 (617) 398-7067

Email: experts@verasafe.com 


European Union Representative  

Company: VeraSafe Netherlands BV

Address: Keizersgracht 555, Amsterdam, 1017 DR, The Netherlands

Phone: +420 228 881 031

Contact Form: https://verasafe.com/public-resources/contact-data-protection-representative 


United Kingdom Representative  

Company: VeraSafe United Kingdom Ltd.

Address: 37 Albert Embankment, London SE1 7TL, United Kingdom

Phone: +442 045 322 003

Contact form: https://verasafe.com/public-resources/contact-data-protection-representative 


CHANGES TO THIS POLICY  

We will update this Privacy Policy to reflect changes in our practices and Services and take appropriate measures to notify you of any significant changes in accordance with applicable data protection laws. When we post changes to this Privacy Policy, we will revise the “Last Updated” date at the top of this Privacy Policy. 


APPENDIX I

  1. DETAILS for Processing USER Data

Purpose of Use

Categories of Personal Data

Legal Basis for Processing 

Categories of Third Parties with Whom We Share Personal Data

To provide you with the Services: We use your information to open and maintain your accounts, to authenticate you as a user, to facilitate the functionality of our Services, and to provide features you request. 

  • Registration information, such as authentication tokens issued by the third-party platform through which you log-in to sign up to the Services (Google, Apple, Meta). 

  • Your in-game character name and server name.

  • Age information, such as if you are older than 16 years.

  • Residence Status in California, USA.

If you do not provide this personal data to us, we will not be able to achieve the stated purpose.

  • Contract

None.

To improve the quality of our Service, user experiences, and to fix bugs: We may use your information to maintain, improve, and administer our Services, including by troubleshooting, data analytics, and testing. We may also customize the Services (where applicable).

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID.

  • Gameplay data, including access time, pay time, and pay history (Levels, records of playing with play mates (if necessary).

  • Legitimate interests to improve our Services

None.

To keep our Services and users safe: We may use your information to detect users illegally using our programs, and to otherwise prevent and respond to fraud, abuse, security risks, and technical issues.

  • Registration information, such as authentication tokens issued by the third-party platform through which you log-in to sign up to the Services (Google, Apple, Meta).  

  • Your in-game character name and server name.

  • Information required to facilitate the processing of your purchases through third parties, e.g., as Apple store, Google play store, and Xsolla such as transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address and phone number and IP address.

  • Information required to link your game account with your WEMIX wallet account, such as WEMIX wallet address, WEMIX wallet ID, UUID (Universally Unique Identifier).

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID.

  • Mobile Device Information: model name, carrier information, OS information, language and country information, unique device identifier, advertising ID.

  • IP address. 

  • Legitimate interests to protect our business rights, our users, and the Services

None.

To provide support services relevant to the Services as requested by you.

  • Contact information, such as your phone number and email address.

  • Registration information, such as authentication tokens issued by the third-party platform through which you log-in to sign up to the Services (Google, Apple, Meta). 

  • Your in-game character name and server name.

  • Gameplay data, including access time, pay time, and pay history (levels, records of playing with play mates (if necessary).

  • Information required to facilitate the processing of your purchases through third parties, e.g., as Apple store, Google play store, and Xsolla such as transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address and phone number and IP address. 

  • Information required to link your game account with your WEMIX wallet account, such as WEMIX wallet address, WEMIX wallet ID, UUID (Universally Unique Identifier).

  • Information necessary to manage inquiries and requests from you, such as your in-game character name and information related to the issue you are contacting us about.

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID, advertisement ID.

  • Legitimate interest to provide support services to you

  • Our affiliates that help us provide support services to you and to integrate to WEMIX (as requested by you). 

  • Our data processors that assist us with providing customer support and responding to queries.

To invite you to an event, organize the event, and facilitate communications with you around the event.

  • Information necessary to organize an event such as your in-game character name, guild name, server name, email address, and full name.

  • Legitimate interests to organize and facilitate communication regarding the event you signs-up for.

  • Our data processors that assist us with facilitating the event.


To manage your preferences in relation to use of cookies and other tracking technologies, to ensure our Services function properly when the information is collected through essential cookies.

  • Information collected automatically using cookies or other tracking technologies such as web beacons, pixels, local storage, and scripts.

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID, advertisement ID.

  • Consent when the information is collected through non-essential cookies.

  • Legitimate interests to protect our business rights and Services (if cookies are essential).

None.

To comply with applicable legal obligations. This may include using your information to ensure compliance with our legal obligations such as to respond to legitimate requests from law enforcement authorities or government officials, your data subject rights requests; keep records and transparency obligations.

  • Contact information, such as your phone number and email address.

  • Age information, such as if you are older than 16 years.

  • Registration information, such as authentication tokens issued by the third-party platform through which you log-in to sign up to the Services (Google, Apple, Meta). 

  • Your in-game character name and server name.

  • Residence Status in California, USA. 

  • Information collected automatically using cookies or other tracking technologies such as web beacons, pixels, local storage, and scripts. You can find more information on this in our Cookie Policy and you can also learn more about cookies by visiting www.aboutcookies.org or www.allaboutcookies.org.

  • Gameplay data, including access time, pay time, and pay history (levels, records of playing with play mates (if necessary). 

  • Information required to facilitate the processing of your purchases through third parties, e.g., as Apple store, Google play store, and Xsolla such as transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address and phone number and IP address.

  • Information required to link your game account with your WEMIX wallet account, such as WEMIX wallet address, WEMIX wallet ID, UUID (Universally Unique Identifier).

  • Information necessary to manage inquiries and requests from you, such as your in-game character name and information related to the issue you are contacting us about.

  • Information necessary to organize an event such as your in-game character name, guild name, server name, email address, and full name.

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID, advertisement ID.

  • Legal obligation

  • Our affiliates. 

  • Our service providers and third-party controllers that give us professional advice such as lawyers, consultants, advisors, auditors. 

  • Regulators, government officials, other authorities. 

To resolve disputes, enforce our contractual agreements, and to establish, exercise or defend legal claims.

  • Contact information, such as your phone number and email address.

  • Age information, such as if you are older than 16 years.

  • Registration information, such as authentication tokens issued by the third-party platform through which you log-in to sign up to the Services (Google, Apple, Meta). 

  • Your in-game character name and server name.

  • Residence status in California, USA.

  • Information collected automatically using cookies or other tracking technologies such as web beacons, pixels, local storage, and scripts. You can find more information on this in our Cookie Policy and you can also learn more about cookies by visiting www.aboutcookies.org or www.allaboutcookies.org. 

  • Gameplay data, including access time, pay time, and pay history (levels, records of playing with play mates (if necessary).

  • Information required to facilitate the processing of your purchases through third parties, e.g., as Apple store, Google play store, and Xsolla such as transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address and phone number and IP address.

  • Information required to link your game account with your WEMIX wallet account, such as WEMIX wallet address, WEMIX wallet ID, UUID (Universally Unique Identifier).

  • Information necessary to manage inquiries and requests from you, such as your in-game character name and information related to the issue you are contacting us about.

  • Information necessary to organize an event such as your in-game character name, guild name, server name, email address, and full name.

  • Internet or other electronic network activity information, such as your IP and MAC address, device ID, advertisement ID.

  • Mobile Device Information: model name, carrier information, OS information, language and country information, unique device identifier, and advertising ID.

  • IP address. 

  • Legitimate interests to establish, exercise and defend our legal rights

  • Our service providers and third-party controllers that give us professional advice such as lawyers, consultants, advisors, auditors.

To facilitate your purchases and transactions.

  • Information required to facilitate the processing of your purchases through third parties, e.g., as Apple Store, Google play store, and Xsolla such as transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address and phone number and IP address.

  • Information required to link your game account with your WEMIX wallet account, such as WEMIX wallet address, WEMIX wallet ID, UUID (Universally Unique Identifier).

  • Contract

  • Our service providers and third party controllers that process payments.


To provide information about the Services during pre-registration. We use your information to offer updates and rewards for the pre-registration.

  • Email address.

  • Consent

None.




APPENDIX II

  1. Personal data Collected from third parties

Third Parties

Purpose of Use

Personal Data Collected

Meta Platforms, Inc. (Formerly, Facebook, Inc.)

To set up a new account by using user’s Facebook account.

  • Authentication token issued by Facebook

Google LLC

To set up a new account by using user’s Google account.

  • Authentication token issued by Google

To process payment-related procedures, such as checking payment status.

  • Transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, and email address.

Apple Inc.

To set up a new account by using user’s Apple account.

  • Authentication token issued by Apple

To process payment-related procedures, such as checking payment status.

  • Transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, and email address.

Xsolla

To process payment-related procedures, such as checking payment status

  • Transaction date and time, transaction number, purchased product name, purchased amount, purchase market information, email address, and phone number.