개인정보 처리방침
로고

개인정보 처리방침





Privacy Policy (UK & Global Users)



Effective date: 2 November 2025



WeRamble Co., Ltd. (doing business as Ramble)

Head Office: Seoul, Republic of Korea

UK Representative: Landmark Pinnacle, 10 Marsh Wall, London E14 9GU, United Kingdom

Contact: weramble888@gmail.com | Phone: +44 7826 3689717



This Policy is effective from 2 November 2025 and supersedes all prior versions.




Definitions

In this Privacy Policy:

“Company”, “We”, “Us” or “Our” refers to WeRamble Co., Ltd. (doing business as Ramble), including its UK representative.

“User” or “You” means any individual who accesses or uses our mobile applications, websites, or related services (the “Services”).

“Personal Data” means any information relating to an identified or identifiable individual.

“Processing” means any operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion.

“Applicable Laws” refers to the data protection and privacy laws relevant to your location, including but not limited to the UK GDPR and comparable international privacy regulations.


1. Purpose

The purpose of this Policy is to describe how the Company collects, uses, stores, discloses and destroys Personal Data in accordance with applicable laws and to enable users to exercise their rights.


2. Principles of personal data processing

We process Personal Data in accordance with applicable data protection laws and this Policy. Personal Data collected is processed only where a lawful basis exists and may be provided to third parties only with consent or where required or permitted by law.


3. Publication of this Policy

We publish this Policy on our website and make it readily accessible to users, ensuring font size and visibility are sufficient for ease of reading.


4. Changes to this Policy

This Policy may be amended due to changes in law, guidance, or Company services. We will notify users of material changes by notice on the website or by email. We will generally provide at least 7 days’ notice, and at least 30 days’ notice for changes materially affecting users’ rights.



5. Information collected for account registration

We collect the following personal information for account registration:

Mandatory: email address, password, full name, display name or nickname, date of birth, mobile phone number.


6. Information for identity verification

For identity verification purposes we may collect:

Mandatory: mobile phone number, email address, full name, date of birth, gender (if provided), verification keys provided by identity verification services, mobile operator details, and documentation where required. We do not retain government identity numbers unless lawfully required; identity checks are normally performed through certified third-party processors.


7. Information for parental or guardian consent

Where parental or guardian consent is required, we will collect the guardian’s name, date of birth, gender, nationality status, mobile number, mobile operator information, and identity verification data as needed to validate consent.


8. Payment information

To provide payment services we may collect payment details including card or bank information handled by our payment provider, card expiry, billing address and any transaction-related information required to process payments and refunds. We do not store full card numbers or security codes on our servers.


9. Cash receipt / invoicing information

Where invoicing or receipts are required, we may collect the recipient’s name, date of birth or tax identifier where required, address, mobile number and any invoice reference needed to issue receipts in accordance with local law.


10. Information required to provide services

To provide our Services we collect:

Mandatory: user ID, email address, full name, date of birth and contact information.

Optional: where physical goods or prizes are dispatched, delivery name, telephone number and postal address; for tax or regulatory purposes, additional identification details may be requested in compliance with local laws.


11. Service use and fraud detection

We may collect service usage information, cookies, access logs and device information to detect and prevent fraud, abuse, or other improper conduct. Such data may be used for statistical analysis and service improvement.


12. Methods of personal data collection

We collect Personal Data via user input on the website or app (registration, forms), automated collection through device logs, cookies and third-party services, email responses to Company notices or communications, and customer support interactions, forums or other user-generated content.


13. Purposes of use

Personal Data is used for service delivery and account management, responding to enquiries and complaints, service improvement and research, marketing and promotion where consented or otherwise permitted, and legal compliance, dispute resolution and enforcement of our terms.


14. Retention and use period

We retain Personal Data only for as long as necessary to fulfill the purposes set out in this Policy and to comply with legal obligations. Where specific statutory retention periods apply, we will retain records for those periods.


15. Statutory retention periods

We retain certain records for the following statutory periods where applicable:

Contract and order records: 5 years (or as required by local law).

Payment and transactional records: 6 years (tax/accounting where applicable).

Customer complaints and dispute records: 3 years.

Advertising or promotional records: 6 months.

Website log data: 3 months (or in accordance with local law).

Location information records: 6 months (where such data is processed).


16. Principle of destruction

When Personal Data is no longer required, we will securely destroy or anonymise the data without undue delay in accordance with our internal policies and legal obligations.


17. Handling of inactive accounts

We may notify users who have not used the Services for a prolonged period and separate or delete their Personal Data in accordance with this Policy.

Inactive user data will be securely retained and users will be notified by email at least 30 days prior to deletion or separation. Users may reactivate their account by logging in before the deletion date, subject to verification.


18. Data destruction procedure

Personal Data that has reached the end of its retention period will be moved to a secure deletion area and destroyed in accordance with our internal procedures after necessary approvals.


19. Methods of destruction

Electronic data is deleted using irreversible deletion or secure wiping methods. Paper records are shredded or incinerated as appropriate.


20. Marketing communications

We obtain explicit consent before sending marketing messages via electronic channels where required by law. However, where permitted, we may send promotional messages to existing customers about similar products, always providing an opt-out mechanism.

Customers who withdraw consent will not receive further marketing communications and we will act on unsubscribe requests promptly.


21. Protection of children’s personal data

We permit registration only for users aged 13 years and over except where local law requires a higher age threshold. For users under the applicable age threshold, we will obtain parental or guardian consent before processing their personal data.

Where parental consent is obtained, we may collect additional guardian information as necessary to verify consent.


22. Data access and withdrawal of consent

Users nd guardians may access, correct, or withdraw consent to the processing of Personal Data at any time by contacting our Data Protection contact. We will act without undue delay to comply with validated requests.


23. Correction of personal data

Users may request correction of inaccurate Personal Data. We will not continue to use or provide Personal Data to third parties until corrections are made; where data has already been shared, we will notify third parties as appropriate.


24. User obligations

Users must keep their Personal Data accurate and up to date. Users are responsible for maintaining the confidentiality of account credentials and must not provide others with access to their account.


25. Company measures to manage Personal Data

We implement technical and organisational measures to safeguard Personal Data against loss, theft, unauthorised access, alteration, and destruction.


26. Handling of deleted information

Personal Data deleted at the user’s request will be processed in accordance with this Policy and retained only as required under our retention policy or by law.


27. Password encryption

Passwords are stored in an encrypted or hashed form and can only be used by the account holder to authenticate. Password resets require verification to prevent unauthorised access.


28. Measures against hacking

We operate up-to-date anti-malware and intrusion detection measures and maintain secure backup and patch procedures to reduce the risk of data breaches.


29. Minimisation and staff training

Access to Personal Data is restricted to personnel with a legitimate business need. We limit processing staff and provide training on data protection obligations.


30. Data breach notification

If we become aware of a Personal Data breach, we will notify affected users and applicable authorities in accordance with law.


31. Exceptions to breach notification

If we cannot contact users due to lack of contact information or other valid reasons, we may publish a notice on our website for at least 30 days.


32. International transfers

We may transfer Personal Data outside the user’s country and apply appropriate safeguards in accordance with applicable laws.


33. Cookies and choices

Users may choose whether to accept cookies. Blocking cookies may affect functional aspects of the Services.


34. Company’s Data Protection Officer and contact

We have appointed a Data Protection contact responsible for privacy matters.


35. Additional provisions and legal references

This Policy is subject to applicable data protection laws.

Where statutory retention periods or legal obligations differ by jurisdiction, we will comply with the relevant local law.


Contact details

Privacy Lead / Data Protection Contact: Sun Lee

Email: weramble888@gmail.com

Phone: +44 7826 3689717

Head Office: Seoul, Republic of Korea

UK Representative: Landmark Pinnacle, 10 Marsh Wall, London E14 9GU, United Kingdom