The-K Hotel operated by The-K Hotel & Resort (“the Company”) values users’ personal information and complies with the Promotion of Information Network Utilization and Information Protection Act. The Company informs you of the collection method of personal information and its purpose as well as the steps being taken to protect your personal information through the privacy policy statement. Moreover, the Company will notify the privacy policy statement via the website (or individual notification) when it is revised.

Article 1. Personal Information Items Collected and Method of Collection

You can freely access most of our contents without joining as a member. If you want to use the Company’s membership services, you must enter the following information, and there is no restriction on the use of the service without entering the optional items.

1. 1. Scope of Collection of Personal Information

   1. A. The Company only collects personal information to the minimum extent necessary to provide services.
   2. B. The Company does not collect sensitive information about you that is likely to violate your fundamental human rights (including personal information related to ethnic race, thoughts, beliefs, origin, place of family register, political bias, criminal record, health condition, and sexual orientation).

2. 2. Personal Information Items Collected

   1. To sign up as a website member

      1. * Required items: Name, name in English, date of birth, gender, address, mobile number, email, and password
      2. * Optional items: Marital status, wedding anniversary, and phone number

   2. To book a room

      1. * Required items: Name, gender, date of birth, nationality, mobile number, and email
      2. * Optional items: Company name, phone number, and fax number

   3. To book a banquet

      1. * Required items: Name, mobile number, address, and email
      2. * Optional items: Phone number

   4. To join the membership

      1. * Required items: Name, name in English, date of birth, gender, address, mobile number, and email
      2. * Optional items: Marital status, wedding anniversary, and phone number

3. 3. Method of Collecting Personal Information

   The Company collects personal information through the website (membership registration, reservation consultation, customer’s voice, online questionnaire survey, event participation), written form, telephone, fax, etc. In addition, the following information can be generated and collected in the course of service use or business processing.

   1. * IP Addresses, cookies, time and date of visits, records of service use

Article 2. Purpose of Collection and Use of Personal Information

The Company collects personal information to provide satisfactory services and for the following purposes

1. 1. 1. To perform the service agreement and produce contents related to the service provision, provide service- and subscription-related counseling, deliver notices, confirm customers’ intent, and secure a communication path such as receiving customers’ opinions
2. 2. 2. To manage members (signing up as a member, members and users identification, prevention of inappropriate or unauthorized use, confirmation of users’ intent to become a member, age check, complaint handling, delivery of notices); and
3. 3. 3. To utilize for marketing/advertisement (to deliver information on advertisements including promotional events, provide services based on demographic characteristics, and place advertisements)

Article 3. Period of Retaining and Utilizing Personal Information

1. 1. The K-Hotel destroys members’ personal information without delay once the purpose of its collection and use has been attained. The time of destruction is as follows:

   1. A. Membership subscription information is kept for one year to provide service to returning guests after the membership withdrawal (under the internal policy)

      1. ① Membership subscription information is kept for one year to provide service to returning guests after the membership withdrawal (under the internal policy)
      2. ② The personal information of members who have not used the service for one year is separately stored, and the separated personal information is stored for one year and then destroyed without delay
   2. B. Information on the use of guest rooms is kept for five years to provide service to returning guests (under the internal policy)
   3. C. Shipping information is kept until the goods or services have been delivered; and
   4. D. Personal information collected through surveys, events, etc. is kept until the survey, event, etc. is completed.

2. 2. However, if the Company needs to keep personal information for a certain period under applicable laws such as the Commercial Act after the purpose of its collection and use has been attained, it does so for the following periods

   1. A. Records on payment and supply of goods: five years
   2. B. Records on the processing of consumers’ complaints or disputes: three years
   3. C. Information that is necessary to be retained as evidence for a lawsuit or dispute; five years; and
   4. D. Records on contracts or canceled applications, etc.: five years.

Article 4. Provision and Sharing of Personal Information

1. 1. Unless a member gives consent or it is permitted under the applicable laws, The-K Hotel does not in any circumstance use or share personal information of its members with another entity outside the scope defined in the “Purpose of Collection and Use of Personal Information.”
   To share members’ personal information through business alliance, the Company gives prior and individual notice concerning the party receiving or sharing the information and its main business, the personal information items shared, the purpose of sharing the information, etc. to the member by email or in writing and then obtains his/her consent. The Company only shares personal information with third parties for its unique services. Unless the aforementioned consent is given, the provision and use of services of the Company may be limited.

2. 2. In any of the following cases, the Company may share members’ personal information without consent, under the applicable laws

   1. A. It is necessary for settling payment of fees (or points) for the service provided or shipping goods
   2. B. Any personal information necessary for statistics, academic research, or market surveys is shared in a form in which a specific individual cannot be identified; or
   3. C. It is required by law or required by a criminal investigation agency under the statutory procedures and methods for crime investigation purposes.

Article 5. Notification of Consignment of Personal Information Processing

To improve its services, the Company hires contractors to process personal information as follows

1. - Contractor: Sanha IT Co., Ltd.
2. - Tasks consigned: Maintenance of the room, banquet, and B/O systems
3. - Period of use of personal information: Until the termination of the service or service contract

1. - Contractor: Safer Zone Co., Ltd.
2. - Tasks consigned: Maintenance of the security system for internal data
3. - Period of use of personal information: Until the termination of the service or service contract

1. - Contractor: Intermajor Co., Ltd.
2. - Tasks consigned: Development and maintenance of the web site systems
3. - Period of use of personal information: Until the termination of the service or service contract

Article 6. Procedure and Method of Destruction of Personal Information

The Company promptly destroys members’ personal information when the purpose of collecting or using it is achieved.

1. * The method and specific timing of destroying personal information are as follows:

   1. - Personal information stored in an electronic file is deleted by a technical method that prevents retrieval of such data.
   2. - Personal information printed in paper is shredded or incinerated.

Article 7. Rights of Users and Legal Representatives and Exercising Them

Members can access or correct their personal information provided to the Company. The Company will take measures without delay once a request to access or edit personal information is made in writing, via phone, or email to the Company’s Privacy Officer or Controller. If a member requests for correction of an error in his/her personal information, the information will not be used or provided until the correction has been completed.

1. * The Company may refuse your request to view or correct your personal information in cases where:

   1. - the request may threaten the data subject’s or other people’s lives, body, property, or rights
   2. - the request may affect the operation of the relevant service provider; and
   3. - the request is prohibited under the applicable laws and regulations.

Article 8. Method of Withdrawal of Consent

At any time, you have the right to request to withdraw the consent you have made during the membership subscription process to collecting, using, and providing your personal information. The Company will immediately take necessary steps to process your request if you “LOGIN” on the Company’s website and click on “Withdraw membership” or contacting the Company’s Privacy Officer or Controller in writing, via phone, or email.

Article 9. Protection of Personal Information of Children under the Age of 14

The Company does not collect personal information from children under the age of 14. However, if it is necessary to collect personal information from children under the age of 14, the Company will comply with the applicable laws and public notifications.

Article 10. Installation, Operation, and Rejection of Device for Automatic Collection of Personal Information

The Company uses cookies to store and load user information. Cookies are small text files that are sent from the Company’s web server to your browser, and are stored on your hard drive. In particular, the Company uses cookies for the following purposes.
Analyzing members’ and nonmembers’ visiting time or frequency to the Company’s website.
Remembering your preferences and interests, and tracking your digital footprints; and Understanding how often you participate in events or visit the Company’s website to perform targeted marketing and provide personalized services.
You have the right to block or allow cookies. You can configure your web browser to allow all cookies, allow cookies after confirmation, or block all cookies.

1. * How to block cookies

   1. A. To allow or block cookies if you are an Internet Explorer user.

      1. 1. Select “Internet Options” on the “Tools” menu.
      2. 2. Click on the “Privacy” tab.
      3. 3. Set the “Privacy Level”

   2. B. To view cookies if you are an Internet Explorer user.

      1. 1. Click on “Tools” on the taskbar.
      2. 2. Select “Internet Options”
      3. 3. Click on “Settings” under “General (Standard) Tab”
      4. 4. Select “View File”

Article 11. Technical and Administrative Management of Personal Information

The Company takes technical and administrative measures to secure your personal information from being lost, stolen, leaked, fabricated, or damaged.

1. ① Users’ ID and passwords are encrypted before they are saved and managed so that only the data subject knows his/her ID and password. Viewing and changing personal information is enabled by the data subject only, who remembers his/her password.

2. ② Measures against hacking

   1. - The Company strives to prevent members’ personal information from being leaked or damaged through hacking or viruses.
   2. - The Company controls attempts of outsiders’ unauthorized access by operating an anti-intrusion system.

3. ③ Minimizing the number of personnel to access personal information and their trainings

   1. - Only those in charge of handling personal information are allowed to have access to personal information. The Company always emphasizes compliance with the Privacy Policy by training its personnel regularly.

4. ④ Operation of a Task Force dedicated to personal information protection

   1. - The TF immediately takes corrective measures if any issue arises in connection with the implementation and compliance with the Privacy Policy of the Company.
   2. - However, the Company is not liable for any damages inflicted upon the user whatsoever if ID and password, etc. have been disclosed because of negligence of the data subject or errors on the Internet.li>

Article 12. Privacy Officer and Controller

The Company has designated the person responsible for dealing with customer complaints related to personal information as follows

1. [Privacy Officer]

   1. - Name: Jin Jaeho
   2. - Position: CEO
   3. - Email: lsk1608@thek-hotel.co.kr
   4. - Phone: +82-2-526-9310
   5. - Fax: 02-526-9397

2. [Privacy Controller]

   1. - Name: Cho Geum-young
   2. - Department: IT
   3. - Position: Head of Team
   4. - Email: netcho@thek-hotel.co.kr
   5. - Phone: +82-2-526-9422
   6. - Fax: 02-526-9444

Users may raise all complaints on personal information protection while using the Company’s services to the Privacy Officer or the responsible department. The Company will respond swiftly and sufficiently to the raised complaints. For other reports or counseling on the breach of privacy, please contact the following institutions.

1. - KISA PRIVACY Center (privacy.kisa.or.kr / 118)
2. - Personal Information Infringement Reporting Center (www.118.or.kr / 118)
3. - Information Protection Mark Certification Committee (www.eprivacy.or.kr / +82-2-580-0533~4)
4. - Cyber Crime Division of the Supreme Prosecutors’ Office, (www.spo.go.kr / +82-2-3480-2000)
5. - Cyber Security Bureau of the National Police Agency (www.ctrc.go.kr / 182)

Article 13. Transmission of Advertising Information

1. 1. The-K Hotel does not transmit for profit-making advertising information against the customers’ express refusal.

2. 2. The-K Hotel includes the following in the email’s title and main text when it transmits any advertising information for online marketing (e.g., provision of product information) so that the customer can easily identify the advertising information.

   1. - Email title: Indicating the word “advertisement” and the transmitter’s name; and
   2. - Email main text: Specifying the name, email address, phone number, and address of the transmitter against whom the user can refuse to receive the advertising information.Specifying the methods by which the user can easily refuse to receive the information.
3. 3. To transmit to a user who has consented to receive profit-making advertising information by a method (e.g., fax, text message) other than email, the Company takes necessary measures such as indicating the transmitter’s name.

Article 14. Duty of Notification

If the content of the current Privacy Policy is added, deleted, or modified, the Company shall give prior notice before the enforcement of the revised version by displaying “Notice” on the website.

1. - The version of the current Privacy Policy: 2.1
2. - Public notice date of the Privacy Policy: September 29, 2011
3. - Enforcement date of the Privacy Policy: September 30, 2011
4. - Revision date of the Privacy Policy: November 16, 2016
5. - Revision date of the Privacy Policy: November 25, 2016
6. - Revision date of the Privacy Policy: August 23, 2017
7. - Revision date of the Privacy Policy: October 26, 2018
8. - Revision date of the Privacy Policy: August 12, 2019
9. - Revision date of the Privacy Policy: August 30, 2019
10. - Revision date of the Privacy Policy: December 23, 2020 [View previous version]
11. - Revision date of the Privacy Policy: January 6, 2022 [View previous version]

This Privacy Policy of The-K Hotel is effective as of January 6, 2022