Privacy Policy
1. Moa Protocol Personal Information Processing Policy
“Personal Information Processing Policy” refers to the guidelines that the company must adhere to so that users can use the service with confidence. Moa Protocol provides the Personal Information Processing Policy in compliance with relevant laws and regulations of the Republic of Korea, personal information protection regulations, and guidelines that information and communication service providers must adhere to.
Moa Protocol collects, uses, and provides personal information based on user consent. To actively protect users' rights (the right to self-determination of personal information), we are making various efforts to provide an easily understandable privacy policy.
This Privacy Policy has the following important implications :
We transparently provide information related to the processing of personal information, including what information Moa Protocol collects, how it is used, with whom it is shared ("entrusted or provided") as necessary, and when and how information is destroyed after its intended purpose has been achieved.
We inform users, as data subjects, of what rights they have regarding their personal information and the methods and procedures for exercising these rights.
In the event of a personal information breach, we inform users of whom to contact and what assistance they can receive to prevent further damage and restore existing damage.
Above all, we guarantee users' "right to self-determination of personal information" by defining the rights and obligations between Connect service users regarding their personal information.
2. Personal information collected
Personal information collected upon registration
Users can access service and benefit information and information without registering. However, registration is required to take advantage of the various benefits offered by the Moa Crypto Card, based on each tier. When a user registers, Moa Protocol collects the minimum amount of personal information necessary to use the service.
The personal information that Moa Protocol collects from users at the time of registration is as follows.
Email address is required when registering.
This service is only available to users aged 19 or older. Upon registration, consent to the "19+ Agree" requirement is additionally required.
Even if not required, a "Referral Code" is collected as an optional field upon registration.
What are required and optional fields?
Required information refers to information necessary to perform the essential functions of the service, while optional information is information collected in addition to provide additional value to users, although it does not affect the use of the service itself.
The email address and password collected upon registration are required for login.
Optional information does not restrict membership registration or service use even if it is not entered. If necessary, you can enter your referral code directly at any time under "My Page > Member Information > Referral Code."
Personal information collected from users during service use
You can set your profile information (name, profile picture) through your membership information or individual services. If you do not enter a name in your membership information, a randomly generated name will be automatically entered.
Additional personal information may be collected only for users of individual services within Moa Protocol. If additional personal information is collected, we will inform users of the "personal information items collected, the purpose of collection and use of personal information, and the retention period" at the time of collection and obtain their consent.
Personal information generated and collected during service use
During service use, IP addresses, cookies, service usage history, device information, and location information may be generated and collected.
This information is collected by automatically generating user information during service use, storing (collecting) user-entered information, or safely converting unique information from the user's device so that its original value cannot be identified.
Location information may be optionally collected during service use. This collected information may or may not constitute personal information, depending on whether it is linked to personal information.
Additional information about the collection of creation information
What is an IP (Internet Protocol) address?
An IP address is online address information assigned by an internet service provider to a user's PC or other device accessing the internet. Whether an IP address constitutes personal information varies widely from country to country. However, if an IP address can uniquely identify a user, it is protected as personal information.What is a service usage record?
This includes information such as service access date and time, a list of services used, any normal or abnormal logs generated during service use, records of paid product purchases/cancellations/refunds, membership benefit usage records, and customer service inquiry history.What is device information?
The device information described in this privacy policy refers not only to information assigned to the device during the production and sales process, but also to all information verifiable through the software used to operate the device. During the OS (Windows, MAC OS, etc.) installation process, this refers to the computer name assigned by the user to the PC, the serial numbers of peripheral devices installed on the PC, the unique identifiers required for smartphone communication (IMEI, IMSI), AAID or IDFA, the language and time settings, and the USIM carrier code. However, if MOA Protocol needs to collect unique device identifiers such as IMEI, it encrypts the original value in an unrecognizable manner before collection, removing any identifiability.What is a cookie?
Cookies are very small text files that websites store on the user's PC via the user's web browser when the user accesses the website. When the user revisits the website, the website server reads the cookie contents stored on the user's PC to maintain the user's preferred service usage environment, enabling convenient Internet service use. We may also analyze information about the services you visit, the time and frequency of access, and information generated or provided (entered) during your use of the service to provide services (including advertisements) tailored to your preferences and interests. Users have the option to choose whether to accept or reject cookies. By setting options in their web browser, they can choose to allow all cookies, request confirmation each time a cookie is saved, or reject all cookies. However, rejecting cookie storage may cause inconvenience in using some services that require login.
Personal information collection method
We collect personal information when users consent to the collection of personal information and directly enter it during membership registration and service use.
Personal information may be collected through webpages, email, fax, and phone during customer service consultations.
Personal information may be collected in writing when using offline membership benefits or participating in events and seminars.
Generated information, such as device information, may be automatically generated and collected during the use of mobile apps.
3. Use of collected personal information
Moa Protocol uses personal information for the following purposes: member management, service development/provision and improvement, and establishment of a safe service environment.
We use personal information for membership management, including confirming membership registration, age verification, obtaining consent from legal representatives, verifying the identity of users and their legal representatives, user identification, and confirming membership withdrawal.
In addition to providing existing services (including advertising), including content, we use personal information to develop new service elements and improve existing services, including demographic analysis, analyzing service visit and usage records, forming user relationships based on personal information and interests, and providing customized services based on acquaintances and interests.
We use personal information for user protection and service operation, including restricting the use of members who violate laws and regulations and Moa Protocol's Terms of Service, preventing and sanctioning acts that disrupt the smooth operation of the service, including fraudulent use, preventing account theft and fraudulent transactions, notifying users of terms and conditions revisions, preserving records for dispute resolution, and handling complaints.
We use personal information for identity verification (KYC or authentication) for paid services, card issuance, and use of card benefits and services.
We use personal information for marketing and promotional purposes, including providing event information, participation opportunities, and promotional information. We use your personal information to analyze service usage records and access frequency, compile statistics on service usage, provide customized services based on service analysis and statistics, and display advertisements.
We use your personal information to create a secure, privacy- and safety-focused service environment.
4. Provision and entrustment of personal information
Moa Protocol does not provide users' personal information to third parties except with the user's separate consent or as required by law.
Moa Protocol does not, in principle, provide personal information to external parties without the user's consent.
Entrustment of personal information
We may outsource some tasks necessary for service provision.
Moa Protocol may outsource some tasks necessary for service provision to external companies. We establish the necessary requirements to ensure that the outsourced companies safely process personal information in accordance with the Personal Information Protection Act and manage and supervise them as a responsible administrator. If you do not use services related to the tasks outsourced by Moa Protocol to the outsourced company, your personal information will not be provided to the outsourced company.
5. Destruction of personal information
In principle, the company destroys users' personal information without delay upon withdrawal of membership or achievement of the purpose of use.
However, if the user has given separate consent regarding the retention period for personal information, or if laws and regulations require information to be retained for a certain period, personal information will be physically (or logically) separated and stored safely for that period.
If the purpose of collection and use has been achieved, or if a reason for destruction arises, such as membership withdrawal, the method of destruction will be determined based on the type of personal information. Electronic files will be securely deleted to prevent recovery or reproduction. Records, printed materials, and written documents will be shredded or incinerated for destruction.
Information that is retained for a certain period and then destroyed according to internal policies is as follows :
The following cases are where consent is obtained from users regarding the retention period of their personal information when signing up for membership or a paid membership service.
Prevention of fraudulent registration and use
Email addresses, names, and mobile phone numbers of fraudulent sign-ups and fraudulent users: Retained for 6 months from the date of membership cancellation.
Records of fraudulent use: Retained for 6 months from the date of membership cancellation.
Cancel membership withdrawal request
All member information: Retained for 60 days from the date of membership withdrawal request
Preventing duplicate provision of paid service benefits of Moa Protocol
Encrypted DI (Duplication Information, duplication check key value): Stored for 6 months from the end date of membership benefits
In case of destruction after storage in accordance with relevant laws and regulations
The following are cases where laws such as the Act on Consumer Protection in Electronic Commerce, etc., the Framework Act on Electronic Documents and Transactions, and the Communications Secrets Protection Act stipulate the retention of information for a certain period of time.
Moa Protocol retains personal information in accordance with legal provisions during this period and will never use this information for any other purpose.
Act on Consumer Protection in E-commerce, etc.
Records related to contracts or subscription cancellations: Retained for 5 years
Records related to payment and supply of goods: Retained for 5 years
Records related to consumer complaints or dispute resolution: Retained for 3 years
National Tax Basic Act
Books and supporting documents for all transactions stipulated by tax laws: 5 years
Electronic Financial Transactions Act
Records of electronic financial transactions: 5 years
Communications Secrets Protection Act
Login history: 3 months
How to destroy personal information
Personal information that has fulfilled its purpose for collection and use, such as upon membership withdrawal, service termination, or the expiration of the user's consented retention period, is destroyed in a manner that renders it irretrievable.
Information subject to legal retention requirements is also destroyed without delay after the relevant retention period expires.
Electronic files are securely deleted using technical methods to prevent recovery or reproduction. Printed materials are destroyed by shredding or incineration.
For reference, Moa Protocol securely stores the personal information of users who have not used the service for one year in accordance with its "Personal Information Expiration Period" system. For users who have not used the service for five years, the personal information is completely deleted after the user's withdrawal.
6. Rights of users and legal representatives and how to exercise them
Users can view, edit, or delete their personal information at any time through "My Page > Member Information Management," and may request access to their personal information.
Users may request suspension of personal information processing at any time. However, requests for suspension may be denied if there are special provisions in the law.
Users may withdraw consent to the collection and use of personal information at any time through "Membership Withdrawal," etc.
If a user requests correction of errors in personal information, the relevant personal information will not be used or provided until the correction is completed. Furthermore, if incorrect personal information has already been provided to a third party, we will promptly notify the third party of the correction process to ensure the correction is made.
For users under the age of 19, their legal representatives have the right to view, edit, delete, suspend processing, and withdraw consent to the collection and use of their personal information.
For users under the age of 19, their legal representatives have the right to view, edit, delete, suspend processing, and withdraw consent to the collection, use, and provision of their personal information.
7. Moa Protocol's Efforts to Protect Personal Information
Moa Protocol takes the following efforts to protect users' personal information.
We encrypt key user information.
We minimize the number of people with access to personal information.
We limit the number of employees who process personal information to a minimum. Furthermore, we establish systematic standards for password creation and changes, as well as access rights for the database system that stores personal information and the system that processes it, and conduct ongoing management.We provide training and campaigns on personal information protection obligations and security to all employees who process personal information.
8. Scope of Application of This Privacy Policy
This Privacy Policy applies to ‘Moacard,’ one of the company’s brands, and all related services. Separate privacy policies may apply to services provided under other brands.
9. Disclaimer
Please be aware that although the Company will make every effort to comply with this Privacy Policy, the Company's liability is limited and exempt from liability for damages resulting from natural disasters, malicious hacking by third parties, or network/system intrusions.
10. Guidance on notification obligations prior to revision, etc.
The Company may revise its Privacy Policy to reflect changes in laws or services.
If the Privacy Policy is changed, we will notify you of the change at least seven days in advance via email or an in-service notice.
However, if there are significant changes to user rights, such as changes to the types of personal information collected or the purposes of use, we will provide at least 30 days' advance notice and may obtain user consent again if necessary.
Moa Protocol values your personal information and promises to do its best to ensure you can use our services with greater peace of mind.
Announcement Date : November 1, 2025
Effective Date : November 1, 2025
Join the future of Web3 payments.
Apply for your MOA Card and unlock the power of your crypto in the real world.