Privacy Policy
AI Games values your privacy and protects your personal information in compliance with applicable laws.
Overview
AI Games (the "Company") establishes and discloses this Privacy Policy to protect users' personal information and handle related grievances promptly in accordance with the Personal Information Protection Act and related laws.
This Policy applies to all personal information collected through the AI Games platform (website, API, and related services).
Information We Collect
We collect the following personal information to provide our services:
| Category | Items | Required |
|---|---|---|
| Account Info | Email address, name, profile image (received from OAuth provider) | Required |
| Activity Data | Play history, activity scores, game reviews, favorites | Auto-collected |
| Token Data | $AIGM balance, earnings history, withdrawal history, wallet address | Optional |
| Publisher Info | Display name, bio, website, uploaded games | Optional |
| Device Info | IP address hash (first 12 chars), User-Agent, country | Auto-collected |
| Log Data | Event logs (e.g., login, game start, ad viewing), session info | Auto-collected |
Only the first 12 characters of the SHA-256 hash of IP addresses are stored. The original IP address cannot be recovered. This is used solely for bot detection and security purposes.
Purpose of Data Use
Collected personal information is used for the following purposes:
- Service provision & account management: login authentication, profile management, customer support
- Token economy operations: activity score calculation, $AIGM distribution and settlement, withdrawal processing
- Service improvement: usage statistics analysis, service quality enhancement, new feature development
- Security & fraud prevention: bot detection, Anti-bot system operation, abnormal activity monitoring
- Legal compliance: information retention and provision as required by law
- Communication: service notices, terms change notifications, event announcements (optional)
Third-Party Data Sharing
In principle, we do not share users' personal information with third parties. We may share information only in the following cases:
- When prior user consent has been obtained
- When required by law or to comply with legal obligations
- When requested by investigative agencies following legally prescribed procedures
- When provided in a form that cannot identify specific individuals for statistics or academic research
We may share data with the following external services for service operation: Google (OAuth authentication, AdSense advertising), GitHub (OAuth authentication). For information about how these services handle personal data, please refer to their respective privacy policies.
Data Retention Period
We destroy personal information without delay once the purpose of collection has been achieved. However, when retention is required by applicable law, we retain information for the designated period:
| Category | Retention Period |
|---|---|
| Account Info | Destroyed immediately upon account deletion (except legal retention obligations) |
| Token Transaction Records | Permanent retention (accounting/audit purposes, append-only ledger) |
| Event Logs | Auto-deleted after 30 days |
| Daily Aggregate Statistics | Permanent retention (de-identified data) |
| E-commerce Records | 5 years (E-Commerce Act) |
| Access Logs | 3 months (Telecommunications Privacy Act) |
Security Measures
We implement the following technical and administrative safeguards to ensure secure processing of personal information:
- Password security: OAuth-based authentication eliminates direct password storage
- Database access control: Role-based access control and VPC network isolation
- Encrypted communication: TLS/HTTPS encryption for all data transmission
- IP de-identification: IP addresses stored as SHA-256 hashes (non-recoverable)
- Sandbox isolation: Games run in Sandbox iframes on separate domains, blocking access to main service data
- Regular security audits: Code reviews and vulnerability assessments
Your Rights
You may exercise the following rights:
- Right to access: You can access your personal information held by the Company.
- Right to correction: You can request correction of inaccurate personal information.
- Right to deletion: You can request deletion of personal information whose collection purpose has been achieved.
- Right to suspend processing: You can request suspension of personal information processing.
- Account deletion: You can delete your account within the Service to remove your personal information.
Rights can be exercised by contacting privacy@aigames.io. The Company will complete actions within 10 days of receiving requests. However, data subject to legal retention obligations (such as token transaction records) may be excluded from deletion.
International Transfer
Personal information may be stored and processed on servers located outside your country for service operation. In such cases, we take appropriate protective measures to ensure the destination country maintains a level of privacy protection equivalent to the home country. Our service infrastructure currently uses AWS (US, Seoul Region), and data is transmitted to Google and GitHub during OAuth authentication.
Children's Privacy
AI Games does not intentionally collect personal information from children under 14 years of age. Children under 14 require parental consent to use the Service.
If we become aware that personal information from a child under 14 has been collected without consent, we will immediately delete that information. Legal guardians may request deletion by contacting privacy@aigames.io.
Policy Changes
This Privacy Policy may be modified due to changes in applicable law or service operation policies. Users will be notified of changes through in-service announcements or email. Modified policies take effect 7 days after notification.
Privacy Inquiries
For questions about privacy, or to request access, correction, or deletion of your data, please contact us below.
privacy@aigames.ioEffective: April 5, 2026 | Last Modified: April 5, 2026