BaeAI Privacy Policy

In order to provide the best gaming experience to users, BaeAI ("we", "us", "our", or "the Company") collects and uses personal data from users to provide our game services.

With respect to handling personal data of users, we shall comply with applicable privacy laws and regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant laws and regulations. This Privacy Policy is subject to change due to amendments to applicable laws and regulations or changes to our internal policies.

Article 1 [Personal Data Collection and Collection Method]

1. Personal Data We Collect

We collect and handle the following personal data, and the collected personal data shall never be used for purposes other than those specified herein:

1) Account Registration and Management

• Required: Email address (account ID), password, username/nickname
• Optional: Profile photo, date of birth (for age verification)
• Social Login: If you register via third-party services (Google, Apple, etc.), we may collect your email address, name, and profile information provided by the service

2) Payment and Transaction Management

• Required: Payment history, transaction records, purchase details
• Payment Information: Payment method, billing address (processed securely through third-party payment processors)

3) Game Data and Service Usage

• Game progress, achievements, in-game items, character data
• Gameplay statistics, scores, leaderboard rankings
• In-game communications, chat logs (if applicable)
• IP address, device information, operating system, game version
• Service usage history, access logs, date and time of account creation
• Error logs and crash reports (for service improvement)

4) Health Data

With your explicit consent, we may access and collect the following health-related data through your device's Health Connect (Android) or similar health data APIs:

• Activity Data: Step count, distance traveled, calories burned, active minutes
• Exercise Data: Workout type, duration, and exercise sessions
• Body Measurements: Height, weight (if provided by the user)
• Heart Rate Data: Heart rate readings (if available from connected devices)
• Sleep Data: Sleep duration and sleep stages (if available)

Important: Health data is collected only when you explicitly grant permission through your device's health data settings. You may revoke access to health data at any time through your device settings. We do not sell, share, or use health data for advertising purposes. Health data is used solely to provide and improve in-app health-related features and personalized experiences.

2. Collection Methods

We collect personal data using the following methods:

• Data directly input by users on our website, applications, or within game services
• Data automatically collected through game services and stored in our systems
• Data collected through third-party services (social login, analytics, etc.)

Article 2 [Purpose of Collection and Use of Personal Data]

We may use collected personal data for the following purposes. Personal data handled by us is never used for purposes other than the following, and in the case of changes to the purpose of use, necessary measures such as obtaining consent shall be taken according to relevant laws and regulations.

1) Account Registration and User Management

• Confirmation of account registration, user identification/verification
• Maintenance and management of account qualifications
• Prevention of duplicate registrations and abuse
• Fulfillment of service contracts, dispute resolution

2) Game Service Provision

• Provision of game services, gameplay features, and content
• Game progress saving and synchronization across devices
• Multiplayer features, leaderboards, and social interactions
• Customer support, complaint handling, and service notifications
• Delivery of important notices and updates

3) Payment and Settlement Services

• Processing in-game purchases and payments
• Payment verification and fraud prevention
• Refund processing and transaction history management

4) Health Data Utilization

• Providing health-related features within the app (e.g., activity tracking, fitness goals)
• Personalizing user experience based on health and activity data
• Displaying health statistics and progress within the app
• Improving health-related features and services

Note: Health data is never used for advertising, marketing, or any purpose unrelated to the app's health features. Health data is not shared with third parties except as strictly necessary to provide the health-related features of the app.

5) Service Improvement and Development

• Analysis of service usage patterns and user behavior
• Game balance improvements and feature development
• Bug fixes and technical support
• Personalized content recommendations

6) Legal Compliance

• Performance of obligations stipulated by law
• Response to legal requests and court orders
• Protection of rights and safety of users and third parties

Article 3 [Retention Period of Personal Data and Account Withdrawal]

1. Retention Period

We shall retain and use personal data collected from users while the user's account is maintained. If the purpose for collecting the data is completely achieved, the data will be deleted immediately. However, we shall keep and use personal data for the written retention period if we have any of the following bases for retention:

• Retention basis: Customer satisfaction, dispute settlement, prevention of re-registration, etc., when canceling account
• Retention period: 30 days
• Retained items: Email, access records, abuse records, payment records, username

2. Legal Retention Periods

Notwithstanding the provisions above, if there is reason to retain personal data under relevant laws and regulations, we shall preserve the data for the period prescribed by law:

• Records concerning contracts or withdrawal of subscription: 5 years
• Records of payment and goods supply: 5 years
• Records of complaints or disputes: 3 years
• Records of access logs and connection information: 3 months
• Books and supporting documents on transactions: 5 years (as required by tax law)

3. Account Withdrawal

Your account will be withdrawn immediately upon application for withdrawal. User registration with the same email address will be restricted for 30 days after withdrawal to prevent abuse.

Article 4 [Protection and Sharing of Personal Data]

1. Data Sharing

We shall collect and use personal data within the scope specified in Article 2. In cases where personal data not mentioned in this Privacy Policy is shared with third parties, we shall notify users in advance to obtain consent. However, personal data may be shared with third parties without consent in the following cases:

• If consent has already been obtained
• If required by law or legal obligations (including requests by investigating agencies or administrative organs)
• In case of business transfer, merger, or acquisition (users will be notified in advance)

2. Third-Party Services

We may use third-party services that process personal data on our behalf:

• Cloud Services: For hosting and data storage
• Analytics Services: For understanding user behavior and improving services
• Payment Processors: For processing in-game purchases
• Customer Support: For handling user inquiries

These third parties are contractually obligated to protect your personal data and use it only for the purposes we specify.

Article 5 [Handling Consignment of Personal Data]

We may consign certain tasks related to personal data processing to third-party service providers to improve service quality. When doing so, we:

• Stipulate necessary matters for safe management of personal data in consignment contracts
• Limit the amount of data shared to the minimum necessary
• Monitor and supervise the consignee's handling of personal data

If the consignee or its tasks change, we shall announce such changes through this Privacy Policy.

Article 6 [Procedures and Methods for Destroying Personal Data]

In principle, when the purpose for collecting and using personal data is achieved, we shall destroy the data without delay. Our procedures and methods for personal data destruction are as follows:

1) Destruction Procedure

• Personal data is transferred to a separate database after the purpose is accomplished, stored temporarily, and then destroyed
• Personal data will not be used except as prescribed by law during the retention period

2) Destruction Methods

• Personal data stored electronically: Deleted using methods that make recovery impossible
• Personal data printed on paper: Destroyed by shredder or incineration

Article 7 [Protection of Personal Data of Children]

Our services are intended for users who are 13 years of age or older. We do not knowingly collect personal data from children under 13 without parental consent. If we become aware that we have collected personal data from a child under 13 without parental consent, we will take steps to delete such information.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately. We will delete such information upon verification.

Article 8 [Health Data Protection]

We recognize the sensitive nature of health data and apply additional safeguards to protect it:

1) Collection and Consent

• Health data is collected only with your explicit, informed consent
• You will be prompted to grant access to specific health data categories before any data is read or written
• You may grant or deny access to individual health data types independently

2) Use and Restrictions

• Health data is used solely to provide and improve the health-related features of our app
• We do not use health data for advertising, marketing, or data mining
• We do not sell health data to any third party
• We do not share health data with third parties for advertising or marketing purposes

3) Storage and Security

• Health data is encrypted both in transit and at rest
• Access to health data is strictly limited to authorized systems and personnel
• Health data is stored separately from other personal data with additional security measures

4) Deletion and Revocation

• You may revoke the app's access to health data at any time through your device's health data settings (e.g., Health Connect on Android)
• Upon revocation of access or account deletion, all stored health data will be deleted promptly
• You may request deletion of your health data at any time by contacting us

Article 9 [Cookies and Automatic Data Collection]

1. Cookies

We install and operate tools that automatically collect personal data, such as cookies, to provide personalized services. A cookie is a small text file sent to your device by our server and stored on your device.

2. Purpose of Cookie Use

• To maintain login sessions and user preferences
• To analyze website and service usage
• To provide personalized content and advertisements

3. Cookie Management

You can allow all cookies, require permission each time a cookie is saved, or refuse to save all cookies through your device settings. However, if you refuse to store all cookies, some services may be restricted or unavailable.

Article 10 [Technical and Administrative Protection Measures]

We take the following technical and administrative measures to prevent personal data from being lost, stolen, leaked, altered, or damaged:

1) Password Encryption

User passwords are encrypted, stored, and managed using industry-standard encryption methods. Even we cannot view your password in plain text.

2) Network Security

• We implement various technical measures to prevent data leakage from hacking, computer viruses, etc.
• We use secure cryptographic communication methods (HTTPS/SSL) for data transmission
• We continuously monitor network connections and security

3) Access Control

• Personal data handling staff is limited to authorized personnel
• Separate passwords are assigned and updated periodically
• We conduct regular training on privacy protection
• Access to personal data is logged and monitored

4) Data Storage

Areas where personal data is handled and stored are secured, and only authorized personnel can access them. Electronic records containing personal data are stored securely with encryption.

Article 11 [Personal Data Protection Manager]

We make our best effort to provide the best service while keeping personal data safe. The personal data protection manager is responsible for the protection of personal data. However, despite technical remedies, we have no liability for any damage to data due to unexpected accidents caused by basic network dangers such as hacking.

Your Rights

You have the right to:

• Access, revise, or erase your personal data
• Rectify any incomplete or incorrect data
• Object to the processing of your data
• Request limitations on the processing of your data
• Obtain a copy of your personal data in a machine-readable format
• Withdraw your consent at any time

To exercise any of these rights, please contact us at the email address above. We may request identity verification before addressing such inquiries.

Complaint Processing

If you need to report or consult about personal data infringement, you may contact:

• Your local data protection authority
• Personal Information Infringement Notification Center (if applicable in your jurisdiction)

Article 12 [GDPR and Jurisdiction-Specific Provisions]

General Data Protection Regulation (GDPR)

If you are a resident of the European Union or the European Economic Area, GDPR applies to you, granting you specific rights as outlined in Article 11. To exercise any of these rights, please contact us at the email address provided above.

You retain the right to submit a complaint with a Data Protection Authority regarding our collection and utilization of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area.

California Consumer Privacy Act (CCPA)

If you are a California resident, you have additional rights under the CCPA, including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information (if applicable).

Article 13 [Notification of Changes]

This Privacy Policy is subject to change due to changes in laws and our internal policies. In such cases, we shall notify users of the changes through our official website or within our services. Significant changes will be communicated through prominent notices.

Previous versions of this Privacy Policy are available upon request.

---

© BaeAI. All Rights Reserved.
For questions about this Privacy Policy, please contact: kernys01@gmail.com