HOTEL ELIENA (hereinafter “HOTEL”) greatly values its guests’ personal information, and complies with the Personal Information Protection Act. In this Privacy Policy, HOTEL ELIENA informs the purpose and method of using the guests’ personal information and the measures taken for personal information protection.
Scope of collecting personal information
o A. Hotel collects personal information to the minimum extent necessary to provide service.
o B. Hotel does not collect sensitive personal information whose collection could violate a Member’s basic human rights (e.g., race and ethnicity, ideology and creed, place of birth and permanent address, political inclination, criminal record, health condition, and sexuality).
o C. Hotel may process the collected personal information for statistical purposes, scientific research, public record preservation, etc. through information that has been pseudonymized (hereinafter "pseudonymized information") so that a specific individual cannot be identified.
Method of collecting personal information.
HOTEL collects personal information through the following methods.
1) Membership subscription (through homepage, writing, phone, or fax), message board, and promotional events participation
2) Receiving from affiliated companies or business partners
3) Collection of payment information and point use information created during use of HOTEL.
To provide services, HOTEL collects personal information as follows.
| ON-LINE | |||
|---|---|---|---|
| Division | Items collected | Purpose of using information | |
| Guest room reservation and payment |
Required | Name, email address, phone number, gender, date of birth, card payment information |
Guest room reservation and payment, provide service to eturning guests |
| Period of keeping information : 5 years | |||
| Guest Comment | Required | Name, email address, phone number |
Handle guests’ inquiries and provide service |
| Period of keeping information : 5 years | |||
| Restaurant reservation | Required | Name, email address, phone number |
Make reservation and handle guests’ inquiries |
| Period of keeping information : 5 years | |||
| Meeting/wedding inquiries | Required | Name, email address, phone number |
Make reservation and handle guests’ inquiries |
| Period of keeping information : 5 years | |||
| OFF-LINE | |||
|---|---|---|---|
| Division | Items collected | urpose of using information | |
| Guest room registration card |
Required | Phone number, name, email address |
Identification for offering revisit service, delivering customer notification. |
| Optional | address, nationality | ||
| Period of keeping information : 5 years | |||
| Wedding / Banquet contract | Required | Phone number, name, email address |
Provide banquet/party consultation, booking/contracting services |
| Optional | Company name, nationality, address |
||
| Period of keeping information : 3 years from the date of consultation |
|||
| Guest Comment | Optional | Name, email address, phone number |
Handle guests’ inquiries and provide service |
| Period of keeping information : 2 years | |||
| Event ticket | Required | Name, email address, phone number |
Provide products, services, etc. |
| Period of keeping information Certain period after the end of event (Specified on event ticket) |
|||
| Online/offline | Optional | Name, email address, phone number |
Marketing/PR for goods, events, and services |
| Period of keeping information : 2 years | |||
- IP address, cookie, MAC address, service usage record, visitation record, content of inquiry phone calls, etc.
1. When the purpose of collecting or receiving a Member’s personal information is achieved, Hotel promptly destroys the personal information. The specific timing of destroying personal information is as follows.
A. Information on the use of guest rooms is kept for 5 years to provide service to returning guests (internal policy).
B. Records on phone booking and membership consultation (internal policy): Shall be kept for 3 years for the provision of re-visit service and handling of complaints or opinions.
C. Shipping information is kept until delivery or provision of goods or services.
D. Personal information collected for surveys, events, etc. is kept until completion of the surveys, events, etc.
2. However, if personal information needs to be kept for a certain period for reasons such as checking transaction-related rights and obligations as follows under applicable laws such as the Commercial Act, HOTEL does so.
A. Records on contract, offer withdrawal, etc.: 5 years
B. Records on payment and on supply of goods and services: 5 years
C. Records on handling of consumers’ complaints or disputes: 3 years
3. Implementing the personal information usage period system
A. HOTEL, under Article 29 Paragraph 2 of the Act on Promotion of Information & Communications Network Utilization and Protection of Information and Article 16 of the former’s Enforcement Decree (amended), keeps the personal information of online Members that have not used its services for 1 year or more. This information is kept separate from other information.
4. Destroying method
A. Print-out personal information: Shredding (by a shredder machine) or incineration
B. Personal information stored in the form of an electronic file: Delete by a technical method that disallows reproduction of the records
1. Unless a Member gives consent or unless under applicable laws, HOTEL does not in any circumstance use a Member’s personal information or share it with another person, company, or institution outside of the scope defined in the “Purpose of collecting and using personal information.”
To share a Member’s personal information through business partnering or alliance, HOTEL gives prior and individual notice concerning the party receiving or sharing the information and its main business, the personal information items shared, the purpose of sharing the information, etc. to the Member by email or in writing and then obtains his/her consent. HOTEL only shares personal information with third parties for its unique services. Unless the aforementioned consent is obtained, provision and use of its normal services may be impossible.
However, HOTEL may use personal information without the consent of the Member to the extent reasonably related to the purpose of collection in accordance with laws and regulations. In this case, comprehensive considerations are made to confirm ‘whether it is related to the original purpose of collection, whether there is predictability given the circumstances of collection or processing practices, whether the Member's interests are unreasonably infringed and whether measures necessary to secure safety including pseudonymization or encryption have been taken’.
2. In any of the following cases, HOTEL may share a Member’s personal information without his/her consent, pursuant to applicable laws.
A. It is necessary for payment of prices (points) and shipping of products as a result of provision of service.
B. Any personal information necessary for statistics, academic research, or market surveys is shared in a form in which a specific individual cannot be identified
C. It is required by the law, or required by a crime investigation agency pursuant to the procedure and method of law for crime investigation purposes
To provide guests with better services, HOTEL shares personal information with third parties as follows.
1. To provide services, HOTEL contracts or outsources personal information processing as follows. HOTEL provides for necessary matters in the outsourcing contract pursuant to applicable laws so that personal information can be safely managed.
2. For the safe protection of personal information, HOTEL clearly provides for strict compliance with personal information protection-related directions, prohibitions concerning personal information, and liabilities in the contracts with contractors, and keeps the contracts in writing. In case of a change in contractors, HOTEL announces the new contractor(s) in this Privacy Policy screen on its homepage.
3. So that the processing-outsourced personal information can safely be managed, HOTEL shall appropriately supervise whether the contractors diligently perform the aforesaid provisions within the scope of outsourcing.
1. HOTEL utilizes “cookies” that from store and retrieve a Member’s information from time to time. Cookies, tiny text files which a server used to operate HOTEL’s website, are transmitted to a Member’s browser and stored in a Member’s computer hard disk.
2. HOTEL utilizes cookies for the following purposes.
A. Analyze a guest frequency of access or hours of visit and identify a user’s preference and area of interest. The result is then used as criteria for target marketing, service reshuffling, etc.
B. Track the information on HOTEL and services in which a Member has shown interest. The result is then used to provide customized services next time.
C. Identify a Member’s degree of participation and number of visits in various events conducted by HOTEL. The result is then used to provide differentiated opportunities for participation and differentiated information befitting an individual’s area of interest.
D. A Member can choose whether to install cookies. A Member, by setting options in the web browser, may permit all cookies, require confirmation whenever a cookie is stored, or refuse storage of any cookies.
※ How to designate whether cookie installation is permitted [In the case of Internet Explorer 9.0]
1. In the [Tools] menu, choose [Internet options].
2. Click the [personal information tab].
3. Set the [personal information protection level].
If a Member refuses installation of cookies, however, HOTEL will have difficulties in providing services.
1. HOTEL does not collect personal information from a child below 14 years of age. To otherwise collect information from such a child in connection with hotel business, HOTEL shall comply with applicable laws and government announcements.
1. To protect Members’ personal information, HOTEL collects opinions on personal information. To handle complaints, HOTEL has designated a chief personal information officer as follows.
| Classification | Chief personal information officer | Personal information manager |
|---|---|---|
| Name | JG Park | |
| Department | - | Finance Team |
| Title | Representative | |
| Phone | +82 2-3440-9202 | |
| dooinst@hanmail.net |
2. For any other inquiries on personal information, please contact the following agencies.
| Classification | TEL | URL |
|---|---|---|
| Personal Information Violation Reporting Center | Call 118 (no prefix) | http://privacy.kisa.or.kr |
| Cyber Crime Investigation Division, Supreme Public Prosecutor’s Office | Call 1301 (no prefix) | www.spo.go.kr |
| Cyber Safety Bureau, National Police Agency | Call 182 (no prefix) | cyberbureau.police.go.kr |
1. When processing a Member’s personal information, HOTEL takes the following technical measures to secure safety so that the personal information will not be lost, stolen, leaked, altered without authorization, or damaged.
A. A user’s personal information is protected by password, and important data is protected through a separate security function by use of file/data encryption or file locking.
B. HOTEL adopts a security device that can safely transmit personal information over the network by use of a password algorithm (Secure Socket Layer).
C. To prevent a user’s personal information from being leaked through hacking, etc., HOTEL uses a double firewall to block unauthorized access from the outside. It has also installed an anti-intrusion system for each server for 24-hour (24/7) intrusion monitoring.
HOTEL restricts its personal information processing personnel to a minimum, emphasizes compliance with this Policy through education—from time to time—of the relevant personnel. If HOTEL finds any related problems, it promptly makes corrections.
A. HOTEL shall not be liable for errors made by a Member or the inherent risks of the Internet. Each Member shall appropriately manage, and be responsible for, his/her personal information.
B. If any personal information is lost, leaked, altered without authorization, or damaged due to HOTEL personnel’s error or a technical/administrative problem, then HOTEL shall immediately notify the user, take appropriate measures, and make appropriate compensations.
C. HOTEL separates the pseudonymized information from the additional information so that they are not identified when processing the pseudonymization; stores and manages them separately and takes necessary technical and administrative protective measures.
1. Hotel does not transmit for-profit advertising information against a guest’s express refusal to receive it.
2. To transmit any advertising information by a method such as email for online marketing (e.g., provision of product information), Hotel includes the following in the email’s title and main text so that the guest can easily identify the advertising information.
o Email title: Indicate the word “advertisement” and the transmitter’s name.
o Email main text :Specify the name, email address, phone number, and address of the transmitter against whom the user can refuse to receive the advertising information. Specify the methods by which the user can easily refuse to receive the information.
3. To transmit to a guest having consented to receiving of advertisement any for-profit advertising information by a method (e.g., fax, text message) other than email, Hotel takes necessary measures such as indicating the transmitter’s name.
Addition to, deletion from, and changes in, this Privacy Policy due to the enactment/ amendment of laws, changes in government policies, changes in Hotel, internal policies, or changes in security technology shall promptly be announced on Hotel homepage.
(06116)
645, Nonhyeon-ro,
Gangnam-gu,
Seoul,
south Korea
