ArcheAge

XLGAMES Co., Ltd. (hereinafter referred to as the 'Company') values the user's personal information and makes all the necessary efforts to effectively manage and secure the personal information of its members.

The Company informs the user of what purpose and method of personal information is being used and what measures are being taken to protect their personal information. Furthermore, the Privacy Policy is disclosed in the official website of XLGAMES so that the members can easily access and view the information.

The Privacy Policy can be amended according to changes in the relevant laws and internal operational policies. In the event that revisions are made, the reason and changes shall be informed to the members without any delay.

A. In case all or part of the business is transferred or the rights and duties are transferred due to merger, inheritance, etc., the members shall be informed through a notification to be displayed on the front page of the official website of XLGAMES (hereinafter referred to as the 'Service Website') for 30 days or more.

B. In case the Privacy Policy is revised, the members shall be informed at least seven days prior to the revision by a notice on the Service Website (or individual notice) or by posting the link of the Privacy Policy to the Service Website.
The Privacy Policy contains the following information:
1. Items and Methods of Collecting Personal Information
The Company collects and uses the minimum amount of personal information necessary to provide services to users. Among them, the selection is collected to provide better quality services, but there is no restriction in using the service even if the information is not provided.
A. Items of Personal Information Collected
Account usage
- Account login: Unique identifier of the members of partners, profile information, country information
Payment information
Items collected during the service
- User’s pc specification, system information, and cookies, including browser type, operating system, and IP address.
- Connection time, location information, improper usage record, and service usage history service use record
Optional information may be requested by the company for statistical analysis and/or to provide rewards for company organized events.
B. Methods of Collecting Personal Information
Service website, written form, fax, telephone, support forum, email, event application, and delivery request
Partners and suppliers
Collecting using generated information tools
2. Purpose of Collecting and Using Personal Information
“Personal information” is the information about a living identifiable human being, which can be used to identify an individual, including information that can be combined with other information to further verify a person's identity. The purpose of collecting and using personal information collected by the company is as follows:
  • Country information: Checking availability of conversion to charge XL Cash
  • Unique identifier of the members of partners: Personal identification based on membership, prevention of fraudulent activities and illicit usage, confirmation of the user’s will to use, handling complaints, and delivering notices.
  • Address, mobile phone number: Securing the correct shipping destination for shipments such as prizes, etc.
  • Certificate to verify the user's identity: Identification of the users to protect their rights and/or to resolve disputes between the user and the company
  • Service usage history, access log, access IP information: Prevention of recurrence of illegal use by inappropriate users, checking access frequency, statistical data on service use of the members
3. Period of Retention and Use of Personal Information
The user's personal information will only be used in a limited way and it will commence once the user starts using the service until the end of service. If the user demands to withdraw their consent to collect personal information, the purpose of collecting and using the information has been achieved, or the period of use and retention has ended, the users' information shall be destroyed without any delay.
4. Procedure and Method for Personal Information Destruction
In principle, users' personal information shall be destroyed once the purpose has been achieved.
The procedures and methods for destroying users' personal are as follows:
A. Destruction Procedure
The information provided by the users for service use shall be collected and transferred to a separate secured database (if necessary, protected under the company's security policy or a separate document box if incase on paper form) and destroyed after a certain period of time in accordance with its internal policy.
Personal information transferred to a separate secured database shall not be used for other purposes other than those held by the law or re-registration processing, etc.
Personal information whose retention period has ended should be destroyed.
B. Method of Destruction
Personal information printed on paper should be shredded or destroyed by incineration.
Personal information stored in electronic file form is deleted using a technical method that cannot be reproduced.
C. Deleting Personal Information of Partners
Unlinking the game from the LINE App will not delete the stored personal information until the account from LINE POD service or game is deleted.
5. Sharing and Providing Personal Information
The Company will not provide personal information to third parties under any circumstances beyond the range notified in the [Purpose of Collecting and Using Personal Information] except in the case of users' consent or unless demanded by applicable laws. Exceptions are provided in the following cases:
  • The user agrees in advance
  • When the data is required for statistical analysis, academic or market research, the data must be processed so that individuals cannot be recognized.
6. Matters Concerning Installation/Operation and Rejection of Personal Information Auto-Collection Device
The Company can use 'cookies' as a method to provide the users with personalized services, such as analyzing service usage patterns and membership services.

Cookies are very small text files that are installed on the user's hard disk via a web server. The Company uses the minimum amount of cookies required to provide services in an encrypted form, which recognizes computers but not specific individuals.

The user will have the option to refuse to store all cookies, check whenever a cookie is stored, or accept all cookies by specifying options in the web browser. In case the user reject cookies, however, usage of some services that require login may be limited.
How to Specify whether to Allow the Installation of Cookies (for Internet Explorer)
① Select [Internet Options] from [Tools] menu.
② Click [Personal Information Tab].
③ Set [Personal Information Processing Policy Level].
7. Technical / Administrative Protection Measures for Personal Information
The Company takes the following technical and administrative measures to ensure safety so that personal information is not lost, stolen, leaked, tampered with, or damaged in handling the user's personal information.
A. Technical Measures
The user's account information is stored and managed in encrypted form.
The Company is doing its best to prevent personal information of the users from being leaked or compromised by hacking or computer viruses. To prevent personal information from being damaged, data is frequently backed up. The latest vaccine programs are used to prevent leakage or damage of user information or data. Personal information will be transmitted safely on the network through encrypted communication. To control unauthorized access from the outside source, the Company uses intrusion prevention systems and tries to have all possible technical devices to ensure system security.
B. Administrative Measures
Only the person in charge in the Company is permitted to handle personal information related to the Company and for this, account credentials are separately granted and updated regularly. Furthermore, the Company always emphasizes compliance with the Company's Privacy Policy by regular training for the person in charge.
The Company's Privacy Policy is maintained and implemented thoroughly by the Personal Information Protection Organization in the Company and in case any issue occurs, the Company will do best to correct it immediately.
Regular in-house training or external outsourcing training is provided for the employees who handle personal information regarding the acquisition of new security technologies and the obligation to protect personal information.
The handover of personal information-related handlers is carried out thoroughly while security is maintained, and the responsibility for personal information accidents after joining and resigning from the Company is clarified.
The Company does not take any responsibility for the leakage of personal information caused by personal error of the user or the inherent risk of the Internet. The users must properly manage their account and password and take responsibility for protecting their personal information.
8. Link Sites, Webpages
The Company may provide external links of other companies' websites or materials. In this case, as the Company has no control over external websites and materials, the Company shall not be liable for usefulness, integrity or legality of the services or data and cannot guarantee them. In case the user gets redirected to another website or webpage by clicking a link, the privacy policy of the website or webpage is irrelevant to the Company, thus, the user needs to check the policy of the newly visited website or webpage.
Effective Date: 28th of May, 2020