Privacy Policy
App Name: QuickLotto
Operator: VEXI
Effective Date: November 1, 2022
Last Updated: May 6, 2026
VEXI ("the Company") establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to promptly and smoothly handle any related grievances.
Article 1 (Purpose of Processing Personal Information)
The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those listed below. If the purpose of use changes, the Company will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
- Membership registration and management: No separate registration process exists; personal information collected through registration is not gathered.
- Development of new services and marketing: Development of new services and provision of customized services, service provision and advertisement placement based on statistical characteristics, verification of service validity, provision of events and promotional information and participation opportunities, tracking of access frequency, and app usage statistics.
Article 2 (Retention Period for Personal Information)
① The Company processes and retains personal information within the personal information retention and use period as required by law or as consented to by the data subject at the time of collection.
② The retention period for each category of personal information is as follows:
-
Service membership registration and management: Until withdrawal from the service
- However, if any of the following reasons apply, until the end of that reason:
- If an investigation is underway due to a violation of applicable laws, until the end of that investigation
- If an outstanding credit-debt relationship remains from the use of the service, until the settlement of that relationship
- However, if any of the following reasons apply, until the end of that reason:
-
Provision of goods or services: Until completion of supply of goods/services and payment/settlement
- Records pursuant to the Act on Consumer Protection in Electronic Commerce:
- Records related to labeling and advertising: 6 months
- Records related to contracts, withdrawal of offers, payment, and supply of goods: 5 years
- Records related to consumer complaints or dispute resolution: 3 years
- Communication records pursuant to Article 41 of the Protection of Communications Secrets Act:
- Subscriber communication date/time, start/end times, counterpart subscriber number, frequency of use, base station location tracking data: 1 year
- Computer communications, internet log records, and access location tracking data: 3 months
- Records pursuant to the Act on Consumer Protection in Electronic Commerce:
Article 3 (Provision of Personal Information to Third Parties)
① The Company processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only in cases falling under Article 17 of the Personal Information Protection Act, such as with the consent of the data subject or under special provisions of law.
② The Company does not provide personal information to third parties.
Article 4 (Consignment of Personal Information Processing)
① The Company does not consign personal information processing to third parties.
Article 5 (Rights and Obligations of Data Subjects and How to Exercise Them)
① Data subjects may exercise the following personal information protection rights against the Company at any time:
- Request for access to personal information
- Request for correction in case of errors
- Request for deletion
- Request for suspension of processing
② The rights under Paragraph 1 may be exercised against the Company via written request, telephone, email, or fax, and the Company will take action without delay.
③ If a data subject requests correction or deletion of personal information due to errors, the Company will not use or provide the personal information until the correction or deletion is completed.
④ Rights under Paragraph 1 may be exercised through a legal representative or an authorized agent. In such cases, a power of attorney in accordance with the form in Appendix 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.
⑤ Data subjects must not infringe upon the personal information or privacy of themselves or others processed by the Company in violation of the Personal Information Protection Act or other applicable laws.
Article 6 (Personal Information Items Processed)
The Company processes the following personal information items:
| Category | Items |
|---|---|
| Membership registration and management — Required | None |
| Membership registration and management — Optional | None |
| Provision of goods or services — Required | None |
| Provision of goods or services — Optional | None |
The following items may be generated and collected during the course of service use:
- IP address, cookies, MAC address, service usage records, visit records, unauthorized usage records, and mobile device information
Article 7 (Destruction of Personal Information)
① When personal information becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose, the Company will destroy it without delay.
② If personal information must continue to be retained under other laws despite the expiration of the consented retention period or the achievement of the processing purpose, the Company will transfer the personal information to a separate database (DB) or store it in a different location.
③ The procedures and methods for destroying personal information are as follows:
- Destruction procedure: The Company selects personal information for which a reason for destruction has arisen and destroys it with the approval of the Company's personal information protection officer.
- Destruction method: Personal information stored in electronic file format is destroyed using methods such as low-level formatting to prevent recovery. Personal information stored in paper documents is destroyed by shredding or incineration.
Article 8 (Measures to Ensure Safety of Personal Information)
The Company takes the following measures to ensure the safety of personal information:
- Administrative measures: Establishment and implementation of internal management plans
- Physical measures: No physical data is collected
Article 9 (Installation, Operation, and Opt-Out of Automatic Personal Information Collection Devices)
① The Company uses 'cookies' that store and retrieve usage information to provide personalized services to users.
② Cookies are small pieces of information sent by the server (http) operating the website to the user's computer browser and may be stored on the user's PC hard drive.
- Purpose of cookies: Used to identify visit and usage patterns for each service and website visited by the user, popular search terms, and whether secure connections are used, in order to provide optimized information to users.
- Installation, operation, and opt-out of cookies: You can refuse cookie storage through the settings in your web browser under Tools > Internet Options > Privacy.
- Refusing to store cookies may cause difficulties in using personalized services.
Article 10 (Personal Information Protection Officer)
① The Company designates a personal information protection officer as follows, who is responsible for overseeing personal information processing and handling complaints and remedies from data subjects:
| Item | Details |
|---|---|
| Name | Chang-Ju Na |
| Title | Representative |
| Contact | ncj1305@gmail.com |
② Data subjects may contact the personal information protection officer or relevant department with any inquiries, complaints, or requests for remedy related to personal information protection arising from the use of the Company's services. The Company will respond and take action without delay.
Article 11 (Request for Access to Personal Information)
Data subjects may submit requests for access to personal information pursuant to Article 35 of the Personal Information Protection Act to the following department:
| Item | Details |
|---|---|
| Department | Development Team |
| Contact Person | Chang-Ju Na |
| Contact | ncj1305@gmail.com |
Article 12 (Remedies for Infringement of Rights)
Data subjects may contact the following organizations for consultation or remedies regarding personal information infringement:
| Organization | Website | Phone |
|---|---|---|
| Personal Information Infringement Report Center (KISA) | privacy.kisa.or.kr | 118 |
| Personal Information Dispute Mediation Committee | www.kopico.go.kr | 1833-6972 |
| Supreme Prosecutors' Office Cyber Investigation Division | www.spo.go.kr | 1301 |
| National Police Agency Cyber Safety Bureau | ecrm.cyber.go.kr | 182 |
Article 13 (Installation and Operation of Video Information Processing Devices)
VEXI does not install or operate any video information processing devices (CCTV).
Article 14 (Changes to the Privacy Policy)
① This Privacy Policy is effective from November 1, 2022.