1. Privacy Policy
  2. Terms of Use
  3. Terms of Membership
  4. CCTV Policy

Privacy Policy

Last Update

Parnas Hotel Co., Ltd.(hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

G. Operate customer support or reporting window

  1. Receive questions and provide answers on the use of the website or service
  2. Operate a window to receive reports on our employees regarding unjust requests and provide updates on the case

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

THE PARNAS
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office), email address
Optional information
Gender, date of birth
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

G. Provide customer support or reporting window

Required information
guest name, email address, contact information, mobile phone number
Optional information
Optional information: details of inquiry

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Service Providers Purpose of processing personal data Personal Data and Remarks Period of retention
Unies Outsourcing of room maintenance in InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
SAMKOO Inc. Outsourcing of room maintenance in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
RNG Service Outsourcing of valet parking service for Grand InterContinental Seoul Parnas and InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Manpower Korea Outsourcing of business center operation in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Hansung MS Outsourcing of parking lot management in InterContinental Seoul COEX guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
Bpos Outsourcing of parking lot management in Grand InterContinental Seoul Parnas guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
TCK Outsourcing of room Instant Service Center operation room number, guest name, phone number, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Infinity Consulting Inc. Management of membership service, information services, shipping service and telemarketing service phone number, guest name, date of birth, e-mail address With the expiry of outsourcing contract
Hanju Holdings Management of list of guests who have refused further receipt of LMS messages phone numbers of guests who have requested to block 080 numbers With the expiry of outsourcing contract
Bluewave Co,.ltd Management of website membership service, information service, supporting marketing services for guests who have consented to use of personal information guest name, phone number, e-mail address With the expiry of outsourcing contract
SurveyMonkey Management of customer inquiry and feedback guest name, phone number, e-mail address With the expiry of outsourcing contract
GS ITM Operation and Maintenance of Computer System guest name, e-mail address, phone number, address With the expiry of outsourcing contract
BASIC9(GS ITM’S Re-consignment Company) Operation of guest management system guest name, e-mail address, phone number, address With the expiry of outsourcing contract
Grid System Maintenance of Database guest name, e-mail address, phone number, address With the expiry of outsourcing contract
KIS Information & Communication Processing of payment paying card number, date of payment 5 years
Samhwa Taxi Provision of rent-a-car service to hotel guests guest name, e-mail address, phone number, flight number With the expiry of outsourcing contract
NAAF media & design Receipt of SNS events or offline event winners' personal information and sending the winning prize collects guest name, mobile phone number With the expiry of outsourcing contract
KOREA INFORMATION & COMMUNICATIONS CO.LTD Processing of payment and sending vouchers via mobile phone messages paying card number, date of payment, mobile phone number Card number, date of payment : 3 months
mobile phone number : 5 years
S&I Corp. Issuance of pass cards for Parnas Tower guests, registering membership subscribing guests guest name, mobile phone number, e-mail address, date of birth, corporate name With the expiry of outsourcing contract
designwid Management of guests to Parnas Tower, occupants' guests and air conditioning and heating guest name, mobile phone number, corporate name With the expiry of outsourcing contract
Cody the Manager E-Registration, e-Housekeeping, outsourcing of booking engine (reservation system) room number, guest name, phone number, duration of stay (day of check-in and check-out), name, date of birth, email address, address With the expiry of outsourcing contract

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Han Man Hwan, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Kim, Jae Gwon (IT Team) Contact Info +82 2-559-7347

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : January 25, 2023
  2. Date of Implementation : February 1, 2023

Parnas Hotel Co., Ltd.(hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

G. Operate customer support or reporting window

  1. Receive questions and provide answers on the use of the website or service
  2. Operate a window to receive reports on our employees regarding unjust requests and provide updates on the case

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

THE PARNAS
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office), email address
Optional information
Gender, date of birth
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

G. Provide customer support or reporting window

Required information
guest name, email address, contact information, mobile phone number
Optional information
Optional information: details of inquiry

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Service Providers Purpose of processing personal data Personal Data and Remarks Period of retention
Unies Outsourcing of room maintenance in InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
DOING C&S Outsourcing of room maintenance in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
RNG Service Outsourcing of valet parking service for Grand InterContinental Seoul Parnas and InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Manpower Korea Outsourcing of business center operation in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Hansung MS Outsourcing of parking lot management in InterContinental Seoul COEX guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
Bpos Outsourcing of parking lot management in Grand InterContinental Seoul Parnas guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
TCK Outsourcing of room Instant Service Center operation room number, guest name, phone number, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Infinity Consulting Inc. Management of membership service, information services, shipping service and telemarketing service phone number, guest name, date of birth, e-mail address With the expiry of outsourcing contract
Hanju Holdings Management of list of guests who have refused further receipt of LMS messages phone numbers of guests who have requested to block 080 numbers With the expiry of outsourcing contract
Bluewave Co,.ltd Management of website membership service, information service, supporting marketing services for guests who have consented to use of personal information guest name, phone number, e-mail address With the expiry of outsourcing contract
SurveyMonkey Management of customer inquiry and feedback guest name, phone number, e-mail address With the expiry of outsourcing contract
GS ITM Operation and Maintenance of Computer System guest name, e-mail address, phone number, address With the expiry of outsourcing contract
BASIC9(GS ITM’S Re-consignment Company) Operation of guest management system guest name, e-mail address, phone number, address With the expiry of outsourcing contract
Grid System Maintenance of Database guest name, e-mail address, phone number, address With the expiry of outsourcing contract
KIS Information & Communication Processing of payment paying card number, date of payment 5 years
Samhwa Taxi Provision of rent-a-car service to hotel guests guest name, e-mail address, phone number, flight number With the expiry of outsourcing contract
NAAF media & design Receipt of SNS events or offline event winners' personal information and sending the winning prize collects guest name, mobile phone number With the expiry of outsourcing contract
KOREA INFORMATION & COMMUNICATIONS CO.LTD Processing of payment and sending vouchers via mobile phone messages paying card number, date of payment, mobile phone number Card number, date of payment : 3 months
mobile phone number : 5 years
S&I Corp. Issuance of pass cards for Parnas Tower guests, registering membership subscribing guests guest name, mobile phone number, e-mail address, date of birth, corporate name With the expiry of outsourcing contract
designwid Management of guests to Parnas Tower, occupants' guests and air conditioning and heating guest name, mobile phone number, corporate name With the expiry of outsourcing contract
Cody the Manager E-Registration, e-Housekeeping, outsourcing of booking engine (reservation system) room number, guest name, phone number, duration of stay (day of check-in and check-out), name, date of birth, email address, address With the expiry of outsourcing contract

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Han Man Hwan, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Kim, Jae Gwon (IT Team) Contact Info +82 2-559-7347

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : April 4, 2022
  2. Date of Implementation : April 4, 2022

Parnas Hotel Co., Ltd.(hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

G. Operate customer support or reporting window

  1. Receive questions and provide answers on the use of the website or service
  2. Operate a window to receive reports on our employees regarding unjust requests and provide updates on the case

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

G. Provide customer support or reporting window

Required information
guest name, email address, contact information, mobile phone number
Optional information
Optional information: details of inquiry

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Service Providers Purpose of processing personal data Personal Data and Remarks Period of retention
Unies Outsourcing of room maintenance in InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
DOING C&S Outsourcing of room maintenance in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
RNG Service Outsourcing of valet parking service for Grand InterContinental Seoul Parnas and InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Manpower Korea Outsourcing of business center operation in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Hansung MS Outsourcing of parking lot management in InterContinental Seoul COEX guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
Bpos Outsourcing of parking lot management in Grand InterContinental Seoul Parnas guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
TCK Outsourcing of room Instant Service Center operation room number, guest name, phone number, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Infinity Consulting Inc. Management of membership service, information services, shipping service and telemarketing service phone number, guest name, date of birth, e-mail address With the expiry of outsourcing contract
Hanju Holdings Management of list of guests who have refused further receipt of LMS messages phone numbers of guests who have requested to block 080 numbers With the expiry of outsourcing contract
Bluewave Co,.ltd Management of website membership service, information service, supporting marketing services for guests who have consented to use of personal information guest name, phone number, e-mail address With the expiry of outsourcing contract
SurveyMonkey Management of customer inquiry and feedback guest name, phone number, e-mail address With the expiry of outsourcing contract
GS ITM Operation and Maintenance of Computer System guest name, e-mail address, phone number, address With the expiry of outsourcing contract
BASIC9(GS ITM’S Re-consignment Company) Operation of guest management system guest name, e-mail address, phone number, address With the expiry of outsourcing contract
Grid System Maintenance of Database guest name, e-mail address, phone number, address With the expiry of outsourcing contract
KIS Information & Communication Processing of payment paying card number, date of payment 5 years
Samhwa Taxi Provision of rent-a-car service to hotel guests guest name, e-mail address, phone number, flight number With the expiry of outsourcing contract
NAAF media & design Receipt of SNS events or offline event winners' personal information and sending the winning prize collects guest name, mobile phone number With the expiry of outsourcing contract
KOREA INFORMATION & COMMUNICATIONS CO.LTD Processing of payment and sending vouchers via mobile phone messages paying card number, date of payment, mobile phone number Card number, date of payment : 3 months
mobile phone number : 5 years
S&I Corp. Issuance of pass cards for Parnas Tower guests, registering membership subscribing guests guest name, mobile phone number, e-mail address, date of birth, corporate name With the expiry of outsourcing contract
designwid Management of guests to Parnas Tower, occupants' guests and air conditioning and heating guest name, mobile phone number, corporate name With the expiry of outsourcing contract
Cody the Manager E-Registration, e-Housekeeping, outsourcing of booking engine (reservation system) room number, guest name, phone number, duration of stay (day of check-in and check-out), name, date of birth, email address, address With the expiry of outsourcing contract

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Han Man Hwan, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Kim, Jae Gwon (IT Team) Contact Info +82 2-559-7347

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : April 4, 2022
  2. Date of Implementation : April 4, 2022

Parnas Hotel Co., Ltd.(hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

G. Operate customer support or reporting window

  1. Receive questions and provide answers on the use of the website or service
  2. Operate a window to receive reports on our employees regarding unjust requests and provide updates on the case

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
PARNAS PLATINUM
Required information
Name (Korean/English), company name, home address, contact information (mobile phone/telephone)
Optional information
Date of birth, gender, wedding anniversary date, birth date of spouse, email address, company name, office telephone, office fax, company address, job title
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

G. Provide customer support or reporting window

Required information
guest name, email address, contact information, mobile phone number
Optional information
Optional information: details of inquiry

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Service Providers Purpose of processing personal data Personal Data and Remarks Period of retention
Unies Outsourcing of room maintenance in InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
DOING C&S Outsourcing of room maintenance in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
RNG Service Outsourcing of valet parking service for Grand InterContinental Seoul Parnas and InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Manpower Korea Outsourcing of business center operation in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Hansung MS Outsourcing of parking lot management in InterContinental Seoul COEX guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
Bpos Outsourcing of parking lot management in Grand InterContinental Seoul Parnas guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
TCK Outsourcing of room Instant Service Center operation room number, guest name, phone number, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
JY Marketing Management of membership service, information services, shipping service and telemarketing service phone number, guest name, date of birth, e-mail address With the expiry of outsourcing contract
Hanju Holdings Management of list of guests who have refused further receipt of LMS messages phone numbers of guests who have requested to block 080 numbers With the expiry of outsourcing contract
Bluewave Co,.ltd Management of website membership service, information service, supporting marketing services for guests who have consented to use of personal information guest name, phone number, e-mail address With the expiry of outsourcing contract
SurveyMonkey Management of customer inquiry and feedback guest name, phone number, e-mail address With the expiry of outsourcing contract
GS ITM Operation and Maintenance of Computer System guest name, e-mail address, phone number, address With the expiry of outsourcing contract
BASIC9(GS ITM’S Re-consignment Company) Operation of guest management system guest name, e-mail address, phone number, address With the expiry of outsourcing contract
Grid System Maintenance of Database guest name, e-mail address, phone number, address With the expiry of outsourcing contract
KIS Information & Communication Processing of payment paying card number, date of payment 5 years
Samhwa Taxi Provision of rent-a-car service to hotel guests guest name, e-mail address, phone number, flight number With the expiry of outsourcing contract
NAAF media & design Receipt of SNS events or offline event winners' personal information and sending the winning prize collects guest name, mobile phone number With the expiry of outsourcing contract
KOREA INFORMATION & COMMUNICATIONS CO.LTD Processing of payment and sending vouchers via mobile phone messages paying card number, date of payment, mobile phone number Card number, date of payment : 3 months
mobile phone number : 5 years
S&I Corp. Issuance of pass cards for Parnas Tower guests, registering membership subscribing guests guest name, mobile phone number, e-mail address, date of birth, corporate name With the expiry of outsourcing contract
designwid Management of guests to Parnas Tower, occupants' guests and air conditioning and heating guest name, mobile phone number, corporate name With the expiry of outsourcing contract
Cody the Manager E-Registration, e-Housekeeping, outsourcing of booking engine (reservation system) room number, guest name, phone number, duration of stay (day of check-in and check-out), name, date of birth, email address, address With the expiry of outsourcing contract

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Han Man Hwan, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Kim, Jae Gwon (IT Team) Contact Info +82 2-559-7347

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : Jul 17, 2019
  2. Date of Implementation : Jul 17, 2019

Parnas Hotel Co., Ltd.(hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

G. Operate customer support or reporting window

  1. Receive questions and provide answers on the use of the website or service
  2. Operate a window to receive reports on our employees regarding unjust requests and provide updates on the case

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
PARNAS PLATINUM
Required information
Name (Korean/English), company name, home address, contact information (mobile phone/telephone)
Optional information
Date of birth, gender, wedding anniversary date, birth date of spouse, email address, company name, office telephone, office fax, company address, job title
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

G. Provide customer support or reporting window

Required information
guest name, email address, contact information, mobile phone number
Optional information
Optional information: details of inquiry

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Service Providers Purpose of processing personal data Personal Data and Remarks Period of retention
Unies Outsourcing of room maintenance in InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
DOING C&S Outsourcing of room maintenance in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
RNG Service Outsourcing of valet parking service for Grand InterContinental Seoul Parnas and InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Manpower Korea Outsourcing of business center operation in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Hansung MS Outsourcing of parking lot management in InterContinental Seoul COEX guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
Bpos Outsourcing of parking lot management in Grand InterContinental Seoul Parnas guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
TCK Outsourcing of room Instant Service Center operation room number, guest name, phone number, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
JY Marketing Management of membership service, information services, shipping service and telemarketing service phone number, guest name, date of birth, e-mail address With the expiry of outsourcing contract
Hanju Holdings Management of list of guests who have refused further receipt of LMS messages phone numbers of guests who have requested to block 080 numbers With the expiry of outsourcing contract
Bluewave Co,.ltd Management of website membership service, information service, supporting marketing services for guests who have consented to use of personal information guest name, phone number, e-mail address With the expiry of outsourcing contract
Daekyo CNS (VOC) Management of VOC services guest name, phone number, e-mail address With the expiry of outsourcing contract
GS ITM Operation and Maintenance of Computer System guest name, e-mail address, phone number, address With the expiry of outsourcing contract
BASIC9(GS ITM’S Re-consignment Company) Operation of guest management system guest name, e-mail address, phone number, address With the expiry of outsourcing contract
Grid System Maintenance of Database guest name, e-mail address, phone number, address With the expiry of outsourcing contract
KIS Information & Communication Processing of payment paying card number, date of payment 5 years
Lotte Rent-a-car Provision of rent-a-car service to hotel guests guest name, e-mail address, phone number, flight number With the expiry of outsourcing contract
NAAF media & design Receipt of SNS events or offline event winners' personal information and sending the winning prize collects guest name, mobile phone number With the expiry of outsourcing contract
fromA collects guest name, mobile phone number With the expiry of outsourcing contract
KOREA INFORMATION & COMMUNICATIONS CO.LTD Processing of payment and sending vouchers via mobile phone messages paying card number, date of payment, mobile phone number Card number, date of payment : 3 months
mobile phone number : 5 years
S&I Corp. Issuance of pass cards for Parnas Tower guests, registering membership subscribing guests guest name, mobile phone number, e-mail address, date of birth, corporate name With the expiry of outsourcing contract
designwid Management of guests to Parnas Tower, occupants' guests and air conditioning and heating guest name, mobile phone number, corporate name With the expiry of outsourcing contract

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Han Man Hwan, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Oh Joo Young, Manager (IT Team) Contact Info +82 2-559-7347

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : Jul 17, 2019
  2. Date of Implementation : Jul 17, 2019

Parnas Hotel Co., Ltd.(hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

G. Operate customer support or reporting window

  1. Receive questions and provide answers on the use of the website or service
  2. Operate a window to receive reports on our employees regarding unjust requests and provide updates on the case

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
SUMMIT
Required information
Name (Korean/English), company name, home address, contact information (mobile phone/telephone)
Optional information
Date of birth, gender, wedding anniversary date, birth date of spouse, email address, company name, office telephone, office fax, company address, job title
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

G. Provide customer support or reporting window

Required information
guest name, email address, contact information, mobile phone number
Optional information
Optional information: details of inquiry

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Service Providers Purpose of processing personal data Personal Data and Remarks Period of retention
Unies Outsourcing of room maintenance in InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
DOING C&S Outsourcing of room maintenance in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
RNG Service Outsourcing of valet parking service for Grand InterContinental Seoul Parnas and InterContinental Seoul COEX room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Manpower Korea Outsourcing of business center operation in Grand InterContinental Seoul Parnas room number, guest name, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
Hansung MS Outsourcing of parking lot management in InterContinental Seoul COEX guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
Bpos Outsourcing of parking lot management in Grand InterContinental Seoul Parnas guest name, vehicle no., phone number, car model With the expiry of outsourcing contract
TCK Outsourcing of room Instant Service Center operation room number, guest name, phone number, duration of stay (day of check-in and check-out) With the expiry of outsourcing contract
JY Marketing Management of membership service, information services, shipping service and telemarketing service phone number, guest name, date of birth, e-mail address With the expiry of outsourcing contract
Hanju Holdings Management of list of guests who have refused further receipt of LMS messages phone numbers of guests who have requested to block 080 numbers With the expiry of outsourcing contract
Bluewave Co,.ltd Management of website membership service, information service, supporting marketing services for guests who have consented to use of personal information guest name, phone number, e-mail address With the expiry of outsourcing contract
Daekyo CNS (VOC) Management of VOC services guest name, phone number, e-mail address With the expiry of outsourcing contract
GS ITM(CMS) Operation of guest management system guest name, e-mail address, phone number, address With the expiry of outsourcing contract
Lotte Rent-a-car Provision of rent-a-car service to hotel guests guest name, e-mail address, phone number, flight number With the expiry of outsourcing contract
NAAF media & design Receipt of SNS events or offline event winners' personal information and sending the winning prize collects guest name, mobile phone number With the expiry of outsourcing contract
fromA collects guest name, mobile phone number With the expiry of outsourcing contract
KOREA INFORMATION & COMMUNICATIONS CO.LTD Processing of payment and sending vouchers via mobile phone messages paying card number, date of payment, mobile phone number Card number, date of payment : 3 months
mobile phone number : 5 years
S&I Corp. Issuance of pass cards for Parnas Tower guests, registering membership subscribing guests guest name, mobile phone number, e-mail address, date of birth, corporate name With the expiry of outsourcing contract
designwid Management of guests to Parnas Tower, occupants' guests and air conditioning and heating guest name, mobile phone number, corporate name With the expiry of outsourcing contract

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Kim Ju-seong, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Jae Deok, Jeon, Manager (IT Team) Contact Info +82 2-559-7387

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : May 28, 2019
  2. Date of Implementation : May 28, 2019

Grand InterContinental Seoul Parnas and InterContinental Seoul COEX (hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
SUMMIT
Required information
Name (Korean/English), company name, home address, contact information (mobile phone/telephone)
Optional information
Date of birth, gender, wedding anniversary date, birth date of spouse, email address, company name, office telephone, office fax, company address, job title
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Contracting Division Service Providers Personal Data & Remarks Number of Outsourced Items
HR Unies Room no., guest name, duration of stay (date of check-in & check-out) Subject to change
Doing CNS Room no., guest name, duration of stay (date of check-in & check-out)
RNG Service Room no., guest name, duration of stay (date of check-in & check-out)
Manpower Korea Room no., guest name, duration of stay (date of check-in & check-out)
Hansung MS Name, vehicle no., contact information, vehicle type
Bpos Name, vehicle no., contact information, vehicle type
Marketing
&
Communications		 JY Marketing Information required for membership registration (e.g. contact information, name, birth date, email)
Bluewave Consulting Co., Ltd Information of guests registered through website (e.g. contact information, name, birth date, email)
Hanju Holdings Mobile phone no. of guests who refuses to receive calls (080)
IT Team Daekyo CNS (VOC) Guests (name, contact information, email)
GS ITM (CMS) Name, email, contact information, address
General Affairs Lotte Rent A Car Name, email, contact information, flight no.
Rental Business
(Parnas)		 Naafmedia Marketing service provider for Parnas Mall
Collect guest’s name and mobile phone no., for prize (online/offline)
Monkey Lab Marketing service provider for Parnas Mall
Collect guest’s name and mobile phone no., for prize (mainly offline)
Rental Business
(Tower)		 Unies Guest’s name and contact information, issue pass cards at the Info. Desk
Period of Retention & Use
Period of Retention & Use
Until the purpose of processing is achieved or the contract expires

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Kim Ju-seong, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Jae Deok, Jeon, Manager (IT Team) Contact Info +82 2-559-7387

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : May 09, 2019
  2. Date of Implementation : May 09, 2019

Grand InterContinental Seoul Parnas and InterContinental Seoul COEX (hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

The Personal Information Protection Act sets forth the framework under which personal information is handled and managed, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. sets out the rules for the protection of personal information and creates a safe environment for information and communication service users. The Hotels will collect, retain, and process personal information in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. to provide services and protect the rights of the guests.

In addition, the Hotels respect and support the guests' rights to access, correct and remove their personal information, and stop its processing, and the users may raise legal claims in accordance with the Administrative Appeal Act in case of the violation of their rights under the Personal Information Protection Act.

This Privacy Policy is subject to change in accordance with the laws, guidelines and internal operation policy and details will be announced as required by the laws.

This Privacy Policy consists of the following:

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
SUMMIT
Required information
Name (Korean/English), company name, home address, contact information (mobile phone/telephone)
Optional information
Date of birth, gender, wedding anniversary date, birth date of spouse, email address, company name, office telephone, office fax, company address, job title
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Service Providers, Scope of Work, Period of Retention & Use
Contracting Division Service Providers Personal Data & Remarks Number of Outsourced Items
HR Unies Room no., guest name, duration of stay (date of check-in & check-out) Subject to change
Doing CNS Room no., guest name, duration of stay (date of check-in & check-out)
RNG Service Room no., guest name, duration of stay (date of check-in & check-out)
Manpower Korea Room no., guest name, duration of stay (date of check-in & check-out)
Hansung MS Name, vehicle no., contact information, vehicle type
Bpos Name, vehicle no., contact information, vehicle type
Marketing
&
Communications		 JY Marketing Information required for membership registration (e.g. contact information, name, birth date, email)
Bluewave Consulting Co., Ltd Information of guests registered through website (e.g. contact information, name, birth date, email)
Hanju Holdings Mobile phone no. of guests who refuses to receive calls (080)
IT Team Daekyo CNS (VOC) Guests (name, contact information, email)
GS ITM (CMS) Name, email, contact information, address
General Affairs Lotte Rent A Car Name, email, contact information, flight no.
Rental Business
(Parnas)		 Naafmedia Marketing service provider for Parnas Mall
Collect guest’s name and mobile phone no., for prize (online/offline)
Monkey Lab Marketing service provider for Parnas Mall
Collect guest’s name and mobile phone no., for prize (mainly offline)
Rental Business
(Tower)		 Unies Guest’s name and contact information, issue pass cards at the Info. Desk
Period of Retention & Use
Period of Retention & Use
Until the purpose of processing is achieved or the contract expires

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Kim Ju-seong, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Park Dae Jin, Manager (IT Team) Contact Info +82 2-559-7321

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : March 30, 2019
  2. Date of Implementation : March 30, 2019

Grand InterContinental Seoul Parnas and InterContinental Seoul COEX (hereinafter the "Hotels") collects, retains, and processes personal information under the Personal Information Protection Act. The Personal Information Protection Act sets forth the framework under which personal information is handled and managed. The Hotels will collect, retain, and process personal information in accordance with the act and protect the rights of the guests. In addition, the Hotels meet the guests' requests for access, correction, removal, and discontinuation of processing their personal information, and the users may raise legal claims to protect their rights under the Administrative Appeal Act. The Hotels established the following Privacy Policy to protect the rights and interests of the guests and handle their complaints. The Hotels also keep guests updated on any changes in the Privacy Policy by announcing such changes on the website or notifying them individually.

This Privacy Policy will be effective on January 1, 2018.

  1. Purpose of Processing Personal Information
  2. Types of Personal Information
  3. Processing & Retention Period
  4. Third Party Disclosure
  5. Outsourcing the Processing of Personal Information
  6. Rights & Obligations of Information Owners and How to Exercise these Rights
  7. Destruction of Personal Information
  8. Security Measures
  9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse
  10. Personal Information Manager
  11. Response to Infringement of Rights
  12. Revision History

1. Purpose of Processing Personal Information

The Hotels do not use personal information for any purposes other than those described in this Privacy Policy. The Hotels do not collect personal information through online membership registration and operate any online membership programs on the website. In addition, the Hotels do not collect personal information of persons under 14 years of age. The Hotels process personal information strictly for the following purposes.

A. Web Membership Enrollment & Management

  1. Online information service, reservations and shopping through the website
  2. Securing communication channels for identification, order, shipping, cancelation and refund

B. Room Guest Information

  1. Identification and confirmation of guests for their reservations
  2. Communication including announcements and complaint handling
  3. Compliance with the Tourism Promotion Act

C. Membership Management

  1. Identification of members for membership services
  2. Communication including announcements and complaint handling
  3. Delivery of membership cards
  4. Service customization

D. Service Offer

  1. Identification of guests and execution of contract for providing accommodation, food, and beverage services, venues, and meeting/wedding services
  2. Customer satisfaction survey
  3. Service customization

E. Marketing & Advertisement

  1. Development of new services and service customization
  2. Promotion of new services and offers
  3. Service delivery and advertisement based on statistical data

F. Employment & Job Experience Program

  1. Job application, selection process, qualification review, test records of applicants, aptitude test, Q&A, etc. Recruitment process
  2. Application and selection of job experience programs, Q&A, etc.

2. Types of Personal Information

The Hotels collect the following personal information to provide hotel services while keeping the information collected to a minimum.

A. Web Member

Required information
Name, email address, phone number, date of birth
Optional information
Address, gender, country

B. Room Guest Information

Required information
Name, date of birth, personally identifiable number (passport number), nationality, payment method
Optional information
Email address, address, company, city, zip code, telephone number, membership number

C. Membership Management

I CHOICE
Required information
name (Korean/English), contact information (mobile phone/telephone), address (home/office)
Optional information
Gender, date of birth, email address
IWC
Required information
Name (Korean/English), date of birth, mobile phone number, date of wedding, home address
Optional information
Email address
SUMMIT
Required information
Name (Korean/English), company name, home address, contact information (mobile phone/telephone)
Optional information
Date of birth, gender, wedding anniversary date, birth date of spouse, email address, company name, office telephone, office fax, company address, job title
Fitness Club
Required information
Name, resident registration number (transferring membership), photo, contact information (mobile phone, home or office), address (home or office), email address (web membership only), company name (for corporate members), company registration number
Optional information
Gender, email address, company name, job title, wedding anniversary date, license plate number

D. Service Offer

Customer Satisfaction Survey
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
Food & Beverage Service
Required information
Name, email address, mobile phone number
Optional information
Date of birth, wedding anniversary date
VOC
Required information
Name, email address, phone number
Optional information
Gender, address, company name

E. Recruitment & Job Experience Program

Required information
Photo, applied department and job experience, name (Korean, English), date of birth, telephone number, mobile phone number, email address, current address, educational background, training record, job experience, foreign language skills and certificate, military service records (if applicable), self-introduction
Optional information
Family relations, national veteran status and certification number, disability record, other information
Method of collection
Email address, job recruitment website

3. Processing & Retention Period

A. The Hotels store personal information for a certain period of time after the purpose of the collection has been fulfilled and destroy it according to the following schedule under their internal policies and applicable laws.

  1. General shipping information : Upon delivery of goods or services
  2. Information collected for promotional offers and other purposes : Upon completion of such promotional offers (unless stated otherwise when agreeing to the collection of personal information)

B. The Hotels store personal information if required by law as follows.

  1. Record of contract or withdrawal of subscription : 5 years
  2. Payment and supply of goods : 5 years
  3. Consumer complaint and dispute resolution : 3 years
  4. Identification and preferences of guests for revisit and service customization : 5 years

Job application information

  1. Period of retention : 3 years
  2. Basis for retention : Internal policies and regulations (To prevent errors in the application process, personal information is destroyed at the time when the process finishes.)

4. Third Party Disclosure

The Hotels do not disclose personal information to third parties without the consent of the guests unless :

A. agreed otherwise by the guest in advance

B. required by laws or investigators for the purpose of investigation

5. Outsourcing the Processing of Personal Information

A. The Hotels outsource the processing of personal information to the following third-party service providers :

Outsourcing the Processing of Personal Information to the following third-party service providers
Service Providers Scope of Work
Doing C&S, Hansung MS Room management
IPSOS (by IHG) Survey on the satisfaction of guests and IHG membership
JY Marketing Membership management, information communication, shipping and telemarketing
Dain Manpower Inc., NCTAS, Jinmyung, TCK Hotel operations
Lotte Rental Airport transportation service for hotel guests
Hanju Holdings Marketing message service
GS Park 24, NCTAS Auto parking information
TCK Korea Response to call inquiries
Naafmedia Parnas Mall promotional event (selection of prize winners)
Sanha Information Technology, Oracle, Creavision INT, Solutek System, Daekyo CNS, Do It System, Wiz Group Building and maintenance of computer systems
Period of Retention & Use
Period of Retention & Use
Until the purpose of processing is achieved or the contract expires

B. The Hotels set forth the clear security guidelines and ensure their strict compliance for the protection of personal information and prohibition of unauthorized disclosure. The Hotels keep the contract in writing or electronic format. Any changes in service providers are announced through the Privacy Policy posted on the website.

6. Rights & Obligations of Information Owners and How to Exercise these Rights

A. As the owner of personal information, the guests can exercise the following rights.

  1. Request for access to personal information

    The guests can request access to their personal information under Article 35 (Access to Personal Information) of the Personal Information Protection Act.
    However, such request may be denied under Article 35-5 thereof if :

    1. such access is prohibited or restricted under the law
    2. such access may cause death or injuries, damage to personal property, or infringe the rights of others
  2. Request for correction and removal of personal information

    The guests may request correction and removal of their personal information under Article 36 (Correction & Removal of Personal Information) of the Personal Information Protection Act unless required otherwise by law.

  3. Request for cessation of processing personal information

    The guests may request cessation of processing their personal information under Article 37 (Cessation of Processing Personal Information) of the Personal Information Protection Act unless required otherwise in accordance with Article 37-2 thereof if :

    1. such cessation may result in violation of the law
    2. such cessation may cause death or injuries, damage to personal property, or infringe the rights of others
    3. such cessation may interrupt the delivery of service and performance of the contract and the guests fail to express their intention to terminate the contract

B. If the guests request access, correction, or removal of personal information, or cessation of processing personal information by phone or email, then the Hotels will take necessary measures immediately after the proper identification process.

C. If the guests request correction of personal information, then the Hotels will not use or provide their personal information until it is corrected. In the event that the Hotels provide incorrect personal information to a third party, the Hotels will notify the party immediately to make sure that its correction is made

D. The guests must keep their personal information updated and are responsible for any damage or loss caused by providing inaccurate personal information. Abusing or misusing other persons' personal information may result in the loss of membership or restrictions of using service.

E. The guests are responsible for protecting their own personal information and not infringing the rights of others. The guests must take necessary precautions to prevent their personal information from being compromised and not to abuse the information of others. Failure in fulfilling these responsibilities, infringing the rights of others, or providing false information may result in the loss of membership and prosecution under the law.

F. The Hotels operate the following support team to ensure smooth communication with the guests regarding their personal information.

Guest support team
IT Team
TEL
+82 2-559-7321
Address
Grand InterContinental Seoul Parnas, 521, Teheran-ro, Gangnam-gu, Seoul
Website
http://seoul.intercontinental.com Service Center > VOC

7. Destruction of Personal Information

A. Process

  1. The Hotels retain personal information for a set period of time and destroy it when the purpose of the collection is fulfilled in accordance with the internal policies and applicable laws. Upon expiry of retention period or fulfillment of the purpose of collection or any other cases where the retention of personal information is no longer required, the Hotels destroy personal information immediately.
  2. In the event that other laws require that personal information be stored even after the retention period is expired or the purpose of collection is fulfilled, the Hotels transfer such personal information to a separate database or store it in a different place.

B. Method

Paper containing personal information is shredded or incinerated while electronic files are deleted beyond recovery.

8. Security Measures

A. Establishment and implementation of internal control plan

The internal control plan is established and implemented in accordance with the Internal Control Guidelines set by the Ministry of the Interior and Safety and training is conducted on a regular basis.

B. Minimization and education of personal information handling personnel

The manager handling personal information takes necessary security measures to minimize the access and conduct security training on a regular basis.

C. Restriction of access to personal information

The Hotels restrict the access to personal information by controlling the access to the database system and prevent any unauthorized access from outside using this security system.

D. Storage of access logs and prevention of its modification

The Hotels store and manage the record (e.g. web logs, summary) of accessing the personal information processing system for at least 6 months and take necessary security measures to prevent unauthorized modification, loss, and theft.

E. Encryption of personal information

Personal information is encrypted for storage and management. Important data is secured through encryption for storage and transmission.

F. Technological measures against hacking

The Hotels install, update, and inspect security software to protect personal information from hacking and computer viruses. The security system is installed in a secure place and protected technically and physically to prevent any unauthorized access.

G. Prevention of unauthorized access

The personal information system is located separately and protected with physical access control and procedures.

9. Installation and Operation of Automatic Personal Information Collection and Rights to Refuse

  1. The Hotels use cookies to store and access the user information in order to provide personalized service for the users.
  2. Cookies are small files which are sent by the website server(http) and stored on a user's PC hard disk drive.
    1. Purpose of using cookies : to identify the user's pattern of accessing or using the service and website, popular search words and security access to provide personalized information
    2. Installation, operation and refusal of cookies : users may disable cookies in Tools > Internet Option tab in the web browser.
  3. C. The users may not be able to use personalized service if they disable cookies.

10. Personal Information Manager

For the protection of personal information and complaint handling, the Hotels have appointed the following managers

Personal Information Manager
Kim Ju-seong, Managing Director
Personal Information Manager
Kim Jung Jun, Deputy Manager (IT Team)
Personal Information Assistant Manager
Park Dae Jin, Manager (IT Team) Contact Info +82 2-559-7321

11. Response to Infringement of Rights

The guests may request the settlement of dispute or consultation to the Personal Information Arbitration Committee and Personal Information Infringement Notification Center of Korea Internet Security Agency in addition to the following organizations :

  1. Privacy Breach Report Center (operated by Korean Internet Security Agency)
    Responsibilities
    consultation and report privacy breaches
    Website
    privacy.kisa.or.kr
    TEL
    (without area code) 118
    Address
    Privacy Breach Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeonnam, 58324
  2. Personal Information Arbitration Committee
    Responsibilities
    arbitration and group dispute resolution regarding personal information (civil resolution)
    Website
    www.kopico.go.kr
    TEL
    (without area code) 1833-6972
    Address
    4F, Government Complex Seoul, 209, Sejongdae-ro, Jongno-gu, Seoul, 03171
  3. Cyber Criminal Investigation Team of Supreme Prosecutors Office : +82 2-3480-3573 (www.spo.go.kr)
  4. Cyber Terror Response Center of National Police Agency : 182 (http://cyberbureau.police.go.kr)

12. Revision History

This Privacy Policy takes effect on the date of implementation.

  1. Date of Announcement : January 1, 2018
  2. Date of Implementation : January 1, 2018

InterContinental Seoul COEX (hereinafter referred to as "Hotel") collects, possesses and handles all personal information based on the basis of "Personal Information Protection Act".

"Personal Information Protection Act" presents the general standard with regard to handling personal information, and Hotel will legitimately and properly handle the personal information collected, possessed and handled in accordance with the regulation of "Personal Information protection Act" for the appropriate implementation of hotel business and the protection of customers' right.

Besides, Hotel respects customers' right such as perusal, correction, delete, handling discontinuance and so on regarding personal information possessed according to the stipulation of "Personal Information Protection Act", and users can appeal administrative adjudication as for infringement of rights on "Personal Information Protection Act" in accordance with "Administrative Adjudication Law".

Hotel has the personal information handling policy as follows in accordance with "Personal Information Protection Act" in order to protect customers' personal information and rights as well as to treat customers' difficulties smoothly with regard to personal information, and in case that personal information handling policy is revised, it will be noticed through the website announcement (or individual notice).

This policy will be effective from Jul. 18, 2015.

  1. Purpose of Handling Personal Information
  2. Handling Items of Personal Information
  3. Handling and Retention Period of Personal Information
  4. Providing Personal Information to Third Parties
  5. Consignment of Personal Information Handling
  6. Right and Obligation of Information Subject and Exertion Method
  7. Destruction of Personal Information
  8. Measures to Secure Stability of Personal Information
  9. Privacy install, operate and veto of the automatic collection device
  10. Manager of Personal Information Protection
  11. Remedy for Right Infringement
  12. Change of Personal Information Handling Policy

1. Purpose of Handling Personal Information

Hotel handles the personal information for the purposes as follows. Processed personal information is used only for the following purposes, and it will ask for users' prior consent when the purpose of use is changed.

A. Management of Members

  1. Identification of subscribers pursuant to the use of membership services
  2. Securing the smooth communication path for notice delivery, difficulties treatment and so forth
  3. Securing correct destination for the delivery of membership card
  4. Providing customized services

B. Providing Services

  1. Member identification and implementation of contract with regard to providing services at rooms, restaurants and lounges, banquet and wedding
  2. Using for customer satisfaction survey
  3. Providing customized services

C. Utilizing for Marketing and Advertising

  1. Developing new services and providing customized services
  2. Advertising new services and providing various events information
  3. Providing services and putting ads in accordance with demographic characteristics

D. Recruitment of Employees and Providing Practice Program

  1. Processing recruitment of employees such as application and selecting examination, confirming qualification proof, confirming applicant's test scores, aptitude test, medical check-up, answer and guidance to applicant's question and so on
  2. Supporting and selecting programs and answer and guidance to applicant's question

2. Handling Items of Personal Information

Hotel collects personal information as follows within the minimum required range to provide services.

A. Management of Members

I Choice / SUMMIT / IWC membership
Compulsory Items
name (Hangul/English), contact information (mobile phone/phone), address (home/work)
Optional Items
gender, date of birth, email address, employer, job title and department
Fitness Club
Compulsory Items
Name, national id number(transfer receive), ID Card Number, Gender, Photo, Contact Information (mobile phone, home or office). Address (home or office) and E-mail address (website members only), Corporate members must also supply company name and corporate registration number
Optional Items
Gender, E-mail Address, Company Name, Department and Job Title, Wedding Anniversary and Vehicle Number
E-newsletter Member
Compulsory Items
E-mail Address
Optional Items
Name, Gender, Contact Information (mobile phone, home or office), date of birth

B. Providing Services

Customer Satisfaction Survey
Compulsory Items
Name, E-mail Address and mobile phone number
Optional Items
Date of Birth and Wedding Anniversary
Food and Beverage Service
Compulsory Items
Name and Contact Information (mobile phone, home or office)
Optional Items
E-mail Address
VOC Receive
Compulsory Items
Name, E-mail Address and mobile phone number
Optional Items
Sex, Address, Company name

3. Handling and Retention Period of Personal Information

A. Hotel destroys customers' personal information without delay, when the purpose of collecting personal information or provided purpose is achieved. Specific time of destroy is as follows.

  1. Delivery Information : When products or services are delivered or provided
  2. In case of collection information for event or etc. : When the event is finished

B. In accordance with the regulations and provisions of relevant laws, it may be necessary to share membership information with the following outsource companies for the reasons and time periods listed below.

  1. Records of contract or withdrawal of subscription : 5 years
  2. Records of payment and supplying goods : 5 years
  3. Records of consumer's complaint and the settlement of dispute : 3 years
  4. For the rest, Information of identification and preference for revisit and customized services : 5 years

C. Job Application Information

  1. Retention Period : Deleting immediately after the completion of recruit evaluation
  2. Retention Basis : Internal regulation and polity of Hotel (It is to be destroyed only after the entire completion of the relevant recruit examination to prevent from errors that may occur at recruit examination)

4. Providing Personal Information to Third Parties

Hotel does not provide personal information to any third party without member's consent. But exceptions are as follows.

A. In case of a member's prior consent

B. In case that law enforcement agencies request it by the procedure and method in due course stipulated by law in accordance with the legal provision or for the purpose of investigation

5. Consignment of Personal Information Handling

A. Hotel operates the work to process personal information consigning to external specialists as follows to implement services

Consignment of Personal Information Handling 업체/Consigned Works
Consignee Consigned Works
Doing C&S, Hansung MS Housekeeping
IPSOS (by IHG) Customer satisfaction evaluation for hotel guests and IHG Members
JY Marketing Member information management, communications, mailing and telemarketing
Dain Manpower Inc. Hotel operations
Lotte rental Airport limousine service
Hanju Holdings Advertisement Rejecting Service
GS Park 24, nctas Auto Parking check
TCK KOREA telephone inquiry
naafmedia,froma Parnas mall Promotion
SINHA information technology, Oracle, Creavison INT, Solutek System, Daekyo CNS, Do it System, GS ITM Construction of a computer system and maintenance
Period of possession and use
Period of possession and use
Until the service has been provided and/or the contract term expires

B. When the consignment contract is made, Hotel clearly stipulates the strict observance of the instructions related to the protection of personal information, the prohibition of using personal information and the responsibility in case of an accident to ensure the safety of personal information protection, and keeps the relevant contract electronically as well as by written document. In the event that the above company is replaced, Hotel notices the name of the change company at the screen of personal information handling polity on the website.

6. Right and Obligation of Information Subject and Exertion Method

A. Customers can exert the following rights as the information subject

  1. Request of the perusal of personal information

    Customers may ask for perusal of the personal information file possessed by Hotel according to Article 35 (Perusal of Personal Information) of "Personal Information Protection Act". In the event of requesting the perusal of personal information, it can be restricted according to Article 35, Clause 5 of the above act.

    1. In case that perusal is prohibited or restricted according to law
    2. In case of concern that may damage to other person's life or body or unfairly infringe other person's property and other interests
  2. Request of the correction and deletion of personal information

    Customers may ask for correction and deletion of the personal information file possessed by Hotel according to Article 36 (Correction and Deletion of Personal Information) of "Personal Information Protection Act". Nevertheless, they can not ask for the deletion, in case that the personal information is specified as the object of collection in other laws and regulations.

  3. Request to cease handling personal information

    Customers may request to stop handling the personal information file possessed by Hotel according to Article 37 (Suspension of Handling Personal Information) of "Personal Information Protection Act". In the event of requesting the suspension of handling personal information, it can be rejected according to Article 37, Clause 2 of the above act.

    1. In case that it is inevitable to be rejected due to the special provision of law or the observance of statutory obligation
    2. In case of concern that may damage to other person's life or body or unfairly infringe other person's property and other interests
    3. In case that it is difficult to implement the contract unless the personal information is handled, for instance that services agreed with the subject of information can not be provided, and in case that the subject of information does not clearly express the intention of cancellation

B. When you want to peruse, correct, delete, cease handling or withdraw consent, please contact the department that receives and treats the request of perusal of personal information or a staff in charge of personal information protection by a letter, phone call or e-mail. We will take steps with delay after the procedure of identification.

C. In the event that a customer requests correction of the error of personal information, Hotel would not use or provide the relevant personal information before completing correction. And in case that incorrect personal information has been already provided to a third party, Hotel will take measures to correct it by noticing the corrected result to the third party without delay

D. We request that customers correctly input the new personal information to prevent an unexpected accident. Customer is responsible for an accident caused by the incorrect information that the customer entered. And In case that a customer input false information such as illegal use of other's information, the customer may lose membership or get restricted to use service.

E. You have the right that your personal information is to be protected as well as the obligation to protect yourself and not to infringe other's information. Please be careful that your personal information will not be leaked and pay attention not to infringe other's personal information including postings. If you can not carry out such responsibility and illegally user or infringe other's information or input false information, you may loose service and membership and can be punished according to the relevant laws and regulations.

F. Hotel operates customer service department for better communication with customers with regard to the perusal request of personal information. Contact information is :

Customer Service Dept
Marketing & Communication Team
Tel
+82 2-559-7713
Address
서InterContinental Seoul COEX, 524 Bongeunsa-ro, Gangnam-gu, Seoul, Korea
Customer's Inquiry through Website URL
http://www.grandicparnas.com Customer Center > Customer's Voice

7. Destruction of Personal Information

A. Destruction Procedure

After collecting and achieving the purpose of use, personal information is to be destroyed after storage for a specific period according to the internal policy and the information protection grounds by the relative laws and regulations. (See the period of retention and use.)

B. Destruction Method

Personal information that has been printed out on paper is destroyed by a shredder or an incinerator, and personal information that is stored as electronic file is deleted by using the technical method that the information can not be regenerated.

8. Measures to Secure Stability of Personal Information

A. Establishment and Implementation of Internal Management Plan

Establishment and implementation of the internal management plan of Hotel are carried out complying with the internal management policy of Ministry of Public Administration and Security.

B. Minimization and Training of Staffs in charge of Personal Information

The following parties are constantly seeking to perfect the handling of personal information and conduct periodic training dedicated to personal information management.

C. Access Restriction to Personal Information

Hotel takes measures required for access control to personal information by granting, modifying and cancelling the access right of database system that processes personal information, and controls unauthorized access by using firewall system.

D. Storage and Falsification Prevention of Access Record

Hotel keeps and manages records (web log, summarized information and etc.) accessed to personal information processing system for at least 6 months, and uses security function to prevent the access records from falsification, theft or loss.

E. Encryption of Personal Information

Customer's personal information is kept and managed after encryption. Besides, we use the special security function such as using encryption of important data for storage and transmission.

F. Technical Measures against Hacking and etc

Hotel installs security program to prevent the leakage and damage due to hacking or computer viruses, performs periodic renewal and check, equips the system at the area where access from outside is restricted, and technically / physically watches and blocks it.

G. Access Control to Unauthorized Persons

Hotel locates personal information system that stores personal information at a separate physical storage place, and establishes and operates the access control procedure about it.

9. Privacy install, operate and veto of the automatic collection device

The hotel does not use cookies (cookie) for personal information other than access information of users of the homepage. Although cookies identify your access device, they do not identify you personally, but you may have the option to reject cookies on the Tools (optimization tab) at the top of your Web browser.

10. Manager of Personal Information Protection

Hotel appoints manager and staff in charge of personal information protection as follows in order to protect personal information and treat complaints with regard to personal information.

Manager of Personal Information Protection
Joo Seong Kim (Director)
Administrator of Personal Information Protection
Tae Yeon Kim (General Manager, Marketing Team)
Staff in charge of Personal Information Protection
Do Yon Kim (Assistant Manager, Marketing Team) Contact Info +82 2-559-7713

11. Remedy for Right Infringement

Customers can apply for dispute settlement or consultation to Personal Information Arbitration Committee or Personal Information Infringement Notification Center of Korea Internet Security Agency. In addition, please contact the organizations below as for notification and consultation of other personal information infringement.

  1. Personal Information Arbitration Committee : (without an area code) 118 (ext. 2)
  2. Information Protection Mark Certification Committee : +82 2-580-0533~4 (http://eprivacy.or.kr)
  3. Supreme Prosecutors Office, Cyber Criminal Investigation Team : +82 2-3480-3573 (http://www.spo.go.kr/)
  4. National Police Agency, Cyber Terror Response Center : 1566-0112 (http://www.netan.go.kr/)

12. Change of Personal Information Handling Policy

This personal information handling policy will be effective from the date of implementation, and we will notify the addition, deletion and correction of the changed details according to laws and regulations or policies on announcement from 7 days before the implementation of the change, if available.

  1. Date of Announce : July 18, 2015
  2. Date of Implementation : July 18, 2015

Grand InterContinental Seoul Parnas (hereinafter referred to as "Hotel") collects, possesses and handles all personal information based on the basis of "Personal Information Protection Act".

"Personal Information Protection Act" presents the general standard with regard to handling personal information, and Hotel will legitimately and properly handle the personal information collected, possessed and handled in accordance with the regulation of "Personal Information protection Act" for the appropriate implementation of hotel business and the protection of customers' right.

Besides, Hotel respects customers' right such as perusal, correction, delete, handling discontinuance and so on regarding personal information possessed according to the stipulation of "Personal Information Protection Act", and users can appeal administrative adjudication as for infringement of rights on "Personal Information Protection Act" in accordance with "Administrative Adjudication Law".

Hotel has the personal information handling policy as follows in accordance with "Personal Information Protection Act" in order to protect customers' personal information and rights as well as to treat customers' difficulties smoothly with regard to personal information, and in case that personal information handling policy is revised, it will be noticed through the website announcement (or individual notice).

This policy will be effective from Jul. 18, 2014.

  1. Purpose of Handling Personal Information
  2. Handling Items of Personal Information
  3. Handling and Retention Period of Personal Information
  4. Providing Personal Information to Third Parties
  5. Consignment of Personal Information Handling
  6. Right and Obligation of Information Subject and Exertion Method
  7. Destruction of Personal Information
  8. Measures to Secure Stability of Personal Information
  9. Manager of Personal Information Protection
  10. Remedy for Right Infringement
  11. Change of Personal Information Handling Policy

1. Purpose of Handling Personal Information

Hotel handles the personal information for the purposes as follows. Processed personal information is used only for the following purposes, and it will ask for users' prior consent when the purpose of use is changed.

A. Management of Members

  1. Identification of subscribers pursuant to the use of membership services
  2. Securing the smooth communication path for notice delivery, difficulties treatment and so forth
  3. Securing correct destination for the delivery of membership card
  4. Providing customized services

B. Providing Services

  1. Member identification and implementation of contract with regard to providing services at rooms, restaurants and lounges, banquet and wedding
  2. Using for customer satisfaction survey
  3. Providing customized services

C. Utilizing for Marketing and Advertising

  1. Developing new services and providing customized services
  2. Advertising new services and providing various events information
  3. Providing services and putting ads in accordance with demographic characteristics

D. Recruitment of Employees and Providing Practice Program

  1. Processing recruitment of employees such as application and selecting examination, confirming qualification proof, confirming applicant's test scores, aptitude test, medical check-up, answer and guidance to applicant's question and so on.
  2. Supporting and selecting programs and answer and guidance to applicant's question

2. Handling Items of Personal Information

Hotel collects personal information as follows within the minimum required range to provide services.

A. Management of Members

I Choice / SUMMIT / IWC membership
Compulsory Items
name (Hangul/English), contact information (mobile phone/phone), address (home/work)
Optional Items
gender, date of birth, email address, employer, job title and department
Fitness Club
Compulsory Items
Name, ID Card Number, Gender, Photo, Contact Information (mobile phone, home or office). Address (home or office) and E-mail address (website members only), Corporate members must also supply company name and corporate registration number
Optional Items
Gender, E-mail Address, Company Name, Department and Job Title, Wedding Anniversary and Vehicle Number
E-newsletter Member
Compulsory Items
E-mail Address

B. Providing Services

Customer Satisfaction Survey
Compulsory Items
Name, E-mail Address and mobile phone number
Optional Items
Date of Birth and Wedding Anniversary
Food and Beverage Service
Compulsory Items
Name and Contact Information (mobile phone, home or office)
Optional Items
E-mail Address

3. Handling and Retention Period of Personal Information

A. Hotel destroys customers' personal information without delay, when the purpose of collecting personal information or provided purpose is achieved. Specific time of destroy is as follows.

  1. Membership Registration Information : When a member withdraws or he or she is expelled from membership
  2. Delivery Information : When products or services are delivered or provided
  3. In case of collection information for event or etc. : When the event is finished

B. In accordance with the regulations and provisions of relevant laws, it may be necessary to share membership information with the following outsource companies for the reasons and time periods listed below.

  1. Records of contract or withdrawal of subscription : 5 years
  2. Records of payment and supplying goods : 5 years
  3. Records of consumer's complaint and the settlement of dispute : 3 years
  4. For the rest, Information of identification and preference for revisit and customized services : 5 years

C. Job Application Information

  1. Retention Period : Deleting immediately after the completion of recruit evaluation
  2. Retention Basis : Internal regulation and polity of Hotel (It is to be destroyed only after the entire completion of the relevant recruit examination to prevent from errors that may occur at recruit examination)

4. Providing Personal Information to Third Parties

Hotel does not provide personal information to any third party without member's consent. But exceptions are as follows.

A. In case of a member's prior consent

B. In case that law enforcement agencies request it by the procedure and method in due course stipulated by law in accordance with the legal provision or for the purpose of investigation

5. Consignment of Personal Information Handling

A. Hotel operates the work to process personal information consigning to external specialists as follows to implement services.

Consignment of Personal Information Handling
Consignee Consigned Works
Doing C&S, Hansung MS Housekeeping
IPSOS (by IHG) Customer satisfaction evaluation for hotel guests and IHG Members
JY Marketing Member information management, communications, mailing and telemarketing
Dain Manpower Inc. Hotel operations
Seoul Rent Car Inc. Airport limousine service
Hanju Holdings Advertisement Rejecting Service
Period of possession and use
Period of possession and use
Until the service has been provided and/or the contract term expires

B. When the consignment contract is made, Hotel clearly stipulates the strict observance of the instructions related to the protection of personal information, the prohibition of using personal information and the responsibility in case of an accident to ensure the safety of personal information protection, and keeps the relevant contract electronically as well as by written document. In the event that the above company is replaced, Hotel notices the name of the change company at the screen of personal information handling polity on the website.

6. Right and Obligation of Information Subject and Exertion Method

A. Customers can exert the following rights as the information subject

  1. Request of the perusal of personal information

    Customers may ask for perusal of the personal information file possessed by Hotel according to Article 35 (Perusal of Personal Information) of "Personal Information Protection Act". In the event of requesting the perusal of personal information, it can be restricted according to Article 35, Clause 5 of the above act

    1. In case that perusal is prohibited or restricted according to law
    2. In case of concern that may damage to other person's life or body or unfairly infringe other person's property and other interests
  2. Request of the correction and deletion of personal information

    Customers may ask for correction and deletion of the personal information file possessed by Hotel according to Article 36 (Correction and Deletion of Personal Information) of "Personal Information Protection Act". Nevertheless, they can not ask for the deletion, in case that the personal information is specified as the object of collection in other laws and regulations

  3. Request to cease handling personal information

    Customers may request to stop handling the personal information file possessed by Hotel according to Article 37 (Suspension of Handling Personal Information) of "Personal Information Protection Act". In the event of requesting the suspension of handling personal information, it can be rejected according to Article 37, Clause 2 of the above act.

    1. In case that it is inevitable to be rejected due to the special provision of law or the observance of statutory obligation
    2. In case of concern that may damage to other person's life or body or unfairly infringe other person's property and other interests
    3. In case that it is difficult to implement the contract unless the personal information is handled, for instance that services agreed with the subject of information can not be provided, and in case that the subject of information does not clearly express the intention of cancellation

B. When you want to peruse, correct, delete, cease handling or withdraw consent, please contact the department that receives and treats the request of perusal of personal information or a staff in charge of personal information protection by a letter, phone call or e-mail. We will take steps with delay after the procedure of identification.

C. In the event that a customer requests correction of the error of personal information, Hotel would not use or provide the relevant personal information before completing correction. And in case that incorrect personal information has been already provided to a third party, Hotel will take measures to correct it by noticing the corrected result to the third party without delay.

D. We request that customers correctly input the new personal information to prevent an unexpected accident. Customer is responsible for an accident caused by the incorrect information that the customer entered. And In case that a customer input false information such as illegal use of other's information, the customer may lose membership or get restricted to use service.

E. You have the right that your personal information is to be protected as well as the obligation to protect yourself and not to infringe other's information. Please be careful that your personal information will not be leaked and pay attention not to infringe other's personal information including postings. If you can not carry out such responsibility and illegally user or infringe other's information or input false information, you may loose service and membership and can be punished according to the relevant laws and regulations.

F. Hotel operates customer service department for better communication with customers with regard to the perusal request of personal information. Contact information is :

Customer Service Dept
Marketing Team
Tel
+82 2-559-7713
Address
Grand InterContinental Seoul Parnas, 521 Teheran-ro, Gangnam-gu, Seoul, Korea
Customer's Inquiry through Website URL
http://www.grandicparnas.com Customer Center > Customer's Voice

7. Destruction of Personal Information

A. Destruction Procedure

After collecting and achieving the purpose of use, personal information is to be destroyed after storage for a specific period according to the internal policy and the information protection grounds by the relative laws and regulations. (See the period of retention and use.)

B. Destruction Method

Personal information that has been printed out on paper is destroyed by a shredder or an incinerator, and personal information that is stored as electronic file is deleted by using the technical method that the information can not be regenerated.

8. Measures to Secure Stability of Personal Information

A. Establishment and Implementation of Internal Management Plan

Establishment and implementation of the internal management plan of Hotel are carried out complying with the internal management policy of Ministry of Public Administration and Security.

B. Minimization and Training of Staffs in charge of Personal Information

The following parties are constantly seeking to perfect the handling of personal information and conduct periodic training dedicated to personal information management.

C. Access Restriction to Personal Information

Hotel takes measures required for access control to personal information by granting, modifying and cancelling the access right of database system that processes personal information, and controls unauthorized access by using firewall system.

D. Storage and Falsification Prevention of Access Record

Hotel keeps and manages records (web log, summarized information and etc.) accessed to personal information processing system for at least 6 months, and uses security function to prevent the access records from falsification, theft or loss.

E. Encryption of Personal Information

Customer's personal information is kept and managed after encryption. Besides, we use the special security function such as using encryption of important data for storage and transmission.

F. Technical Measures against Hacking and etc

Hotel installs security program to prevent the leakage and damage due to hacking or computer viruses, performs periodic renewal and check, equips the system at the area where access from outside is restricted, and technically / physically watches and blocks it.

G. Access Control to Unauthorized Persons

Hotel locates personal information system that stores personal information at a separate physical storage place, and establishes and operates the access control procedure about it.

9. Manager of Personal Information Protection

Hotel appoints manager and staff in charge of personal information protection as follows in order to protect personal information and treat complaints with regard to personal information.

Manager of Personal Information Protection
Seung-geol Lee (Director of S&M)
Administrator of Personal Information Protection
SJ Jung (Manager, Marketing Team)
Staff in charge of Personal Information Protection
Do Yon Kim (Assistant Manager, Marketing Team) Contact Info. +82 2-559-7713

10. Remedy for Right Infringement

Customers can apply for dispute settlement or consultation to Personal Information Arbitration Committee or Personal Information Infringement Notification Center of Korea Internet Security Agency. In addition, please contact the organizations below as for notification and consultation of other personal information infringement.

  1. Personal Information Arbitration Committee : (without an area code) 118 (ext. 2)
  2. Information Protection Mark Certification Committee : +82 2-580-0533~4 (http://eprivacy.or.kr)
  3. Supreme Prosecutors Office, Cyber Criminal Investigation Team : +82 2-3480-3573 (http://www.spo.go.kr/)
  4. National Police Agency, Cyber Terror Response Center : 1566-0112 (http://www.netan.go.kr/)

11. Change of Personal Information Handling Policy

This personal information handling policy will be effective from the date of implementation, and we will notify the addition, deletion and correction of the changed details according to laws and regulations or policies on announcement from 7 days before the implementation of the change, if available.

  1. Date of Announce : July 1, 2014
  2. Date of Implementation : July 18, 2014

Grand InterContinental Seoul Parnas (hereinafter referred to as "Hotel") collects, possesses and handles all personal information based on the basis of "Personal Information Protection Act".

"Personal Information Protection Act" presents the general standard with regard to handling personal information, and Hotel will legitimately and properly handle the personal information collected, possessed and handled in accordance with the regulation of "Personal Information protection Act" for the appropriate implementation of hotel business and the protection of customers' right.

Besides, Hotel respects customers' right such as perusal, correction, delete, handling discontinuance and so on regarding personal information possessed according to the stipulation of "Personal Information Protection Act", and users can appeal administrative adjudication as for infringement of rights on "Personal Information Protection Act" in accordance with "Administrative Adjudication Law".

Hotel has the personal information handling policy as follows in accordance with "Personal Information Protection Act" in order to protect customers' personal information and rights as well as to treat customers' difficulties smoothly with regard to personal information, and in case that personal information handling policy is revised, it will be noticed through the website announcement (or individual notice).

This policy will be effective from Dec. 16, 2011.

  1. Purpose of Handling Personal Information
  2. Handling Items of Personal Information
  3. Handling and Retention Period of Personal Information
  4. Providing Personal Information to Third Parties
  5. Consignment of Personal Information Handling
  6. Right and Obligation of Information Subject and Exertion Method
  7. Destruction of Personal Information
  8. Measures to Secure Stability of Personal Information
  9. Manager of Personal Information Protection
  10. Remedy for Right Infringement
  11. Change of Personal Information Handling Policy

1. Purpose of Handling Personal Information

Hotel handles the personal information for the purposes as follows. Processed personal information is used only for the following purposes, and it will ask for users' prior consent when the purpose of use is changed.

A. Management of Members

  1. Identification of subscribers pursuant to the use of membership services
  2. Securing the smooth communication path for notice delivery, difficulties treatment and so forth
  3. Securing correct destination for the delivery of membership card
  4. Providing customized services

B. Providing Services

  1. Member identification and implementation of contract with regard to providing services at rooms, restaurants and lounges, banquet and wedding
  2. Using for customer satisfaction survey
  3. Providing customized services

C. Utilizing for Marketing and Advertising

  1. Developing new services and providing customized services
  2. Advertising new services and providing various events information
  3. Providing services and putting ads in accordance with demographic characteristics

D. Recruitment of Employees and Providing Practice Program

  1. Processing recruitment of employees such as application and selecting examination, confirming qualification proof, confirming applicant's test scores, aptitude test, medical check-up, answer and guidance to applicant's question and so on.
  2. Supporting and selecting programs and answer and guidance to applicant's question

2. Handling Items of Personal Information

Hotel collects personal information as follows within the minimum required range to provide services.

A. Management of Members

Double Choice
Compulsory Items
Name, Contact Information (mobile phone, home or office). Address (home or office), Credit Card Information and E-mail address (website members only)
Optional Items
E-mail address, Company Name, Department and Job Title, Wedding Anniversary and Vehicle Number
Fitness Club
Compulsory Items
Name, ID Card Number, Gender, Contact Information (mobile phone, home or office). Address (home or office) and E-mail address (website members only)
Optional Items
E-mail Address, Company Name, Department and Job Title, Wedding Anniversary and Vehicle Number
InterContinental Wedding Club
Compulsory Items
Name (applicant and spouse), Contact Information (mobile phone, home or office), Address (home or office), Wedding Anniversary and E-mail address (website members only)
Optional Items
E-mail Address, Company Name, Department and Job Title, and Date of Birth
Website Member
Compulsory Items
Name and E-mail Address
Optional Items
Contact Information, Address, Country of Residence, Date of Birth, Gender and Matter of Interest
E-newsletter Member
Compulsory Items
E-mail Address
Optional Items
Name, Gender, Date of Birth and Contact Information
Method of Collection
Website, Telephone or Written Form

B. Providing Services

Room Service
Compulsory Items
Name, Contact Information (mobile phone, home or office), Date of Birth (age limitation for room guests), Passport Number (foreigners), E-mail Address (only for applicant who requests reservation confirmation) and Credit Card Information
Optional Items
ID Card Number, Address (home or office) and E-mail Address
Food and Beverage Service
Compulsory Items
Name and Contact Information (mobile phone, home or office)
Optional Items
E-mail Address
Banquet Service
Compulsory Items
Name and Contact Information (mobile phone, home or office), E-mail Address
Optional Items
직장명, Address지(자택 혹은 직장)
Wedding Service
Compulsory Items
Name (applicant, spouse and reservation agent including family), Contact Information (applicant, spouse or reservation agent) and E-mail Address
Optional Items
Address (applicant's home or office) and Company Name

C. Recruitment of Employees and Providing Practice Program

Compulsory Items
Picture, Applied Department & Career, Name (Korean / English / Chinese characters), ID Card Number, Telephone Number, Mobile Phone Number, E-mail Address, Current Address, Education & Training Information, Career, Family, Ability of Foreign Language & Qualification, Military Service Career, National Relief Recipient & Relief Number, Disability Information and Self-introduction
Method of Collection
E-mail

3. Handling and Retention Period of Personal Information

A. Hotel destroys customers' personal information without delay, when the purpose of collecting personal information or provided purpose is achieved. Specific time of destroy is as follows.

  1. Membership Registration Information : When a member withdraws or he or she is expelled from membership
  2. Delivery Information : When products or services are delivered or provided
  3. In case of collection information for event or etc. : When the event is finished

B. But Hotel possesses personal information for a specific period, in case that it is required to keep it for the period for confirmation of business related management obligation as follows according to the regulation of relevant law such as commercial law and internal policy of Hotel.

  1. Records of contract or withdrawal of subscription : 5 years
  2. Records of payment and supplying goods : 5 years
  3. Records of consumer's complaint and the settlement of dispute : 3 years
  4. Information of identification and preference for revisit and customized services : 5 years

C. Job Application Information

  1. Retention Period : Deleting immediately after the completion of recruit evaluation
  2. Retention Basis : Internal regulation and polity of Hotel (It is to be destroyed only after the entire completion of the relevant recruit examination to prevent from errors that may occur at recruit examination)

4. Providing Personal Information to Third Parties

Hotel does not provide personal information to any third party without member's consent. But exceptions are as follows.

A. In case of a member's prior consent

B. In case that law enforcement agencies request it by the procedure and method in due course stipulated by law in accordance with the legal provision or for the purpose of investigation

5. Consignment of Personal Information Handling

A. Hotel operates the work to process personal information consigning to external specialists as follows to implement services.

Consignment of Personal Information Handling
Consignee Consigned Works
Solutech System Information data processing and maintenance Consignment operation of customer information DB system (Data processing maintenance)
SANHA IT
GSITM
Daegyo CNS
Newmarket International Software Pte Ltd.
Micros-Fidelio Korea
GABIA Inc. Web server and DB management
Mail Link Mail dispatch
UNIFOCUS Satisfaction survey with staffs in charge of banquet event
IHG (Synovate) Satisfaction survey about room toward PCR membership customers
JY Marketing Double Choice membership telemarketing
ACE DM DM dispatch
WEES GROUP INC. Web site maintenance and E-news letter dispatch

B. When the consignment contract is made, Hotel clearly stipulates the strict observance of the instructions related to the protection of personal information, the prohibition of using personal information and the responsibility in case of an accident to ensure the safety of personal information protection, and keeps the relevant contract electronically as well as by written document. In the event that the above company is replaced, Hotel notices the name of the change company at the screen of personal information handling polity on the website.

6. Right and Obligation of Information Subject and Exertion Method

A. Customers can exert the following rights as the information subject.

  1. Request of the perusal of personal information

    Customers may ask for perusal of the personal information file possessed by Hotel according to Article 35 (Perusal of Personal Information) of "Personal Information Protection Act". In the event of requesting the perusal of personal information, it can be restricted according to Article 35, Clause 5 of the above act.

    1. In case that perusal is prohibited or restricted according to law
    2. In case of concern that may damage to other person's life or body or unfairly infringe other person's property and other interests
  2. Request of the correction and deletion of personal information

    Customers may ask for correction and deletion of the personal information file possessed by Hotel according to Article 36 (Correction and Deletion of Personal Information) of "Personal Information Protection Act". Nevertheless, they can not ask for the deletion, in case that the personal information is specified as the object of collection in other laws and regulations

  3. Request to cease handling personal information

    Customers may request to stop handling the personal information file possessed by Hotel according to Article 37 (Suspension of Handling Personal Information) of "Personal Information Protection Act". In the event of requesting the suspension of handling personal information, it can be rejected according to Article 37, Clause 2 of the above act.

    1. In case that it is inevitable to be rejected due to the special provision of law or the observance of statutory obligation
    2. In case of concern that may damage to other person's life or body or unfairly infringe other person's property and other interests
    3. In case that it is difficult to implement the contract unless the personal information is handled, for instance that services agreed with the subject of information can not be provided, and in case that the subject of information does not clearly express the intention of cancellation

B. When you want to peruse, correct, delete, cease handling or withdraw consent, please contact the department that receives and treats the request of perusal of personal information or a staff in charge of personal information protection by a letter, phone call or e-mail. We will take steps with delay after the procedure of identification.

C. In the event that a customer requests correction of the error of personal information, Hotel would not use or provide the relevant personal information before completing correction. And in case that incorrect personal information has been already provided to a third party, Hotel will take measures to correct it by noticing the corrected result to the third party without delay

D. We request that customers correctly input the new personal information to prevent an unexpected accident. Customer is responsible for an accident caused by the incorrect information that the customer entered. And In case that a customer input false information such as illegal use of other's information, the customer may lose membership or get restricted to use service.

E. You have the right that your personal information is to be protected as well as the obligation to protect yourself and not to infringe other's information. Please be careful that your personal information will not be leaked and pay attention not to infringe other's personal information including postings. If you can not carry out such responsibility and illegally user or infringe other's information or input false information, you may loose service and membership and can be punished according to the relevant laws and regulations.

F. Hotel operates customer service department for better communication with customers with regard to the perusal request of personal information. Contact information is :

Customer Service Dept
Marketing Team
Tel
+82 2-559-7740
Address
Grand InterContinental Seoul Parnas, 521 Teheran-ro, Gangnam-gu, Seoul, Korea
Customer's Inquiry through Website URL
http://www.grandicparnas.com Customer Center > Customer's Voice

7. Destruction of Personal Information

A. Destruction Procedure

After collecting and achieving the purpose of use, personal information is to be destroyed after storage for a specific period according to the internal policy and the information protection grounds by the relative laws and regulations. (See the period of retention and use.)

B. Destruction Method

Personal information that has been printed out on paper is destroyed by a shredder or an incinerator, and personal information that is stored as electronic file is deleted by using the technical method that the information can not be regenerated.

8. Measures to Secure Stability of Personal Information

A. Establishment and Implementation of Internal Management Plan

Establishment and implementation of the internal management plan of Hotel are carried out complying with the internal management policy of Ministry of Public Administration and Security.

B. Minimization and Training of Staffs in charge of Personal Information

The following parties are constantly seeking to perfect the handling of personal information and conduct periodic training dedicated to personal information management.

C. Access Restriction to Personal Information

Hotel takes measures required for access control to personal information by granting, modifying and cancelling the access right of database system that processes personal information, and controls unauthorized access by using firewall system.

D. Storage and Falsification Prevention of Access Record

Hotel keeps and manages records (web log, summarized information and etc.) accessed to personal information processing system for at least 6 months, and uses security function to prevent the access records from falsification, theft or loss.

E. Encryption of Personal Information

Customer's personal information is kept and managed after encryption. Besides, we use the special security function such as using encryption of important data for storage and transmission.

F. Technical Measures against Hacking and etc

Hotel installs security program to prevent the leakage and damage due to hacking or computer viruses, performs periodic renewal and check, equips the system at the area where access from outside is restricted, and technically / physically watches and blocks it.

G. Access Control to Unauthorized Persons

Hotel locates personal information system that stores personal information at a separate physical storage place, and establishes and operates the access control procedure about it.

9. Manager of Personal Information Protection

Hotel appoints manager and staff in charge of personal information protection as follows in order to protect personal information and treat complaints with regard to personal information.

Manager of Personal Information Protection
Seung-geol Lee (Director of S&M)
Administrator of Personal Information Protection
Hyung-suk Kim (Manager, Marketing Team) Contact Info. +82 2-559-7742
Staff in charge of Personal Information Protection
Ji-Young Lee (Assistant Manager, Marketing Team) Contact Info. +82 2-559-7728

10. Remedy for Right Infringement

Customers can apply for dispute settlement or consultation to Personal Information Arbitration Committee or Personal Information Infringement Notification Center of Korea Internet Security Agency. In addition, please contact the organizations below as for notification and consultation of other personal information infringement

  1. Personal Information Arbitration Committee : (without an area code) 118 (ext. 2)
  2. Information Protection Mark Certification Committee : +82 2-580-0533~4 (http://eprivacy.or.kr)
  3. Supreme Prosecutors Office, Cyber Criminal Investigation Team : +82 2-3480-3573 (http://www.spo.go.kr/)
  4. National Police Agency, Cyber Terror Response Center : 1566-0112 (http://www.netan.go.kr/)

11. Change of Personal Information Handling Policy

This personal information handling policy will be effective from the date of implementation, and we will notify the addition, deletion and correction of the changed details according to laws and regulations or policies on announcement from 7 days before the implementation of the change, if available.

  1. Date of Announce : Dec. 9, 2011
  2. Date of Implementation : Dec. 16, 2011

This Privacy Policy applies to the collection and the use of the personal information and the confidentiality thereof to protect the personal information of those who joined the online membership at the Grand InterContinental Seoul Parnas and InterContinental Seoul COEX Homepage.

  1. Collected personal information items, purpose and method
  2. Period of possession and use for personal information
  3. To Provide personal information to third party
  4. Consignment of handling personal information
  5. Procedures and methods of destruction of Personal Information
  6. The right of clients and the legal representatives and How to exert
  7. The technical and administrative measure for protecting the personal information
  8. Administrator of Personal information and in-charge

1. Collected personal information items, purpose and method

A. Items

Required Items
Name, Date of Birth, Passport No. (Personal ID No. for Korean), Pay method (Credit card No.)
Optional Items
E-mail, address, city, postal code, nationality, Membership No., Company

B. Purpose

Required Items
For checking the Identity, For Payment
Optional Items
Inform the notices, news, emergency, Give the membership service

C. Method

Required Items
Upon the reservation and registration

2. Period of possession and use for personal information

After achieving the purpose of collection and use, Hotel destroys all of personal information. However, Hotel holds the information only in case of followings.

  1. If there is a need to preserve by the regulation of the law, Hotel should hold information for period.
  2. Records of contract or withdrawal of subscription, Records of payment and supplying goods : 5 years
  3. Records of consumer's complaint and the settlement of dispute : 3 years
  4. For purpose as revisit and customized service for identifying and checking the preference : 5 years
  5. ) In case of Lawsuit or disputes related to the perseverance of evidence : 10 years after completion of litigation or dispute

3. To Provide personal information to third party

Hotel does not provide personal information to any third party without member's consent. But exceptions are as follows.

  1. In case of a member's prior consent
  2. In case that law enforcement agencies request it by the procedure and method in due course stipulated by law in accordance with the legal provision or for the purpose of investigation

4. Consignment of handling personal information

Hotel does not consign to outsourcing company for handling personal information without guest's agreement. However, Hotel will get customers' agreement regarding the consignment content and subject if it has to be done.

5. Procedures and methods of destruction of Personal Information

Destruction Process
After collecting and achieving the purpose of use, personal information is to be destroyed after storage for a specific period according to the internal policy and the information protection grounds by the relative laws and regulations. (See the period of retention and use.)
Destruction Method
Personal information that has been printed out on paper is destroyed by a shredder or an incinerator, and personal information that is stored as electronic file is deleted by using the technical method that the information can not be regenerated.

6. The right of clients and the legal representatives and How to exert

Customers and the legal representatives can modify, view and request for withdrawal of agreement for their own registered information or under 14-year-old's. If the customers contact the in-charge of personal information Dept for customers themselves or under 14years children in order to modify or view via writing, phone or E-mail, Hotel will take action without delay. If the customers request to modify personal information's error to be fixed, Hotel does not provide the information until it finished. Hotel handles revocation or deleted information requested by either guests or legal representative as following the procedure 'Period of possession and use for personal information' and does not provide other purpose.

7. The technical and administrative measure for protecting the personal information

Hotel does have the server and network firewalls for protecting the personal information and only administrators have permission to access the information through his/her own account. Hotel maintains the administrator by ongoing security training and regular security checks to meet the internal standards.

8. Administrator of Personal information and in-charge

If you inquiry about protection of personal information, below our staffs answer to you sincerely.

Administrator
Moon, Jung Joon (Revenue & Marketing) Contact Info. +82 2-559-7763
In-charge
Jang, Mi Jeong (Revenue & Marketing) Contact Info. +82 2-559-7740

'InterContinental Hotels Seoul (hereinafter referred to as "Hotel") has the personal information handling policy as follows in accordance with "Personal Information Protection Act" in order to protect customers' personal information and rights "Personal Information Protection Act" presents the general standard with regard to handling personal information, and Hotel will legitimately and properly handle the personal information collected, possessed and handled in accordance with the regulation of "Personal Information protection Act" for the appropriate implementation of hotel business and the protection of customers' right. In case that personal information handling policy is revised, it will be noticed through the website announcement (or individual notice)

  1. Collected personal information items, purpose and method
  2. Hotel handles the personal information for the purposes as follows
  3. Period of possession and use for personal information
  4. Procedures and methods of destruction of Personal Information
  5. To Provide personal information to third party
  6. Consignment of handling personal information
  7. The right of clients and the legal representatives and How to exert
  8. Installation and management conditions of personal information auto-collecting devices
  9. Administrator of Personal information and in-charge

1. Collected personal information items, purpose and method

Hotel collects personal information as follows within the minimum required range to provide services.

  1. Required Item : Name, Date of Birth, Gender, Contact information (Home, Mobile), Address, E-mail, Company Name.
  2. Method : Homepage (Voice of Customers, E-Newsletter registration, reservation), Purpose of Handling Personal Information.

2. Hotel handles the personal information for the purposes as follows

  1. Providing Services : Member identification and implementation of contract with regard to providing services.
  2. Management of Members : Securing the smooth communication path for notice delivery, difficulties treatment and so forth.
  3. Utilizing for Marketing and Advertising : Advertising new services and providing various events information.

3. Period of possession and use for personal information

After achieving the purpose of collection and use, Hotel destroys all of personal information

4. Procedures and methods of destruction of Personal Information

After achieving the purpose of collection and use, Hotel destroys all of personal information. Procedures and methods of destruction of Personal Information as follows :

Procedures of destruction
Information provided by the customer for membership application will be transferred to a separate database (in case of paper, a separate file) after achieving the purpose of collection and use, and be destroyed in accordance with Hotel's internal and other PIPA regulations and procedures (refer to "Personal Information Collection and Usage Period by the Company" clause). Unless enforced by law, the information transferred to a separate database serves only to be kept as a record and no other
Methods of destruction
Information stored in the form of electronic files is deleted by technical means that cannot be recovery.

5. To Provide personal information to third party

Hotel doesn't provide the personal information to the 3rd party without guests' agreement. However, there is exception as bellow case.

  1. In the event that guests agree in advance
  2. With the provisions of the law or for the purpose of the investigation by the procedures and methods of enforcement agencies upon request

6. Consignment of handling personal information

Hotel does not consign to outsourcing company for handling personal information without guest's agreement. However, Hotel will get customers' agreement regarding the consignment content and subject if it has to be done

7. The right of clients and the legal representatives and How to exert

Customers and the legal representatives can modify, view and request for withdrawal of agreement for their own registered information or under 14-year-old's. If the customers contact the in-charge of personal information Dept for customers themselves or under 14years children in order to modify or view via writing, phone or E-mail, Hotel will take action without delay. If the customer's request to modify personal information's error to be fixed, Hotel does not provide the information until it finished. Hotel handles revocation or deleted information requested by either guests or legal representative as following the procedure 'Period of possession and use for personal information' and does not provide other purpose

Only when the client requests amends to his personal information does the Hotel uses or provides the information. And in case any incorrect information gets provided to a third party, the Hotel will instantly announce and make amends. The Hotel proceeds with "Personal Information Collection and Usage Period by the Company" clause if the client or his legal guardian requests information withdrawal or abolition. Client's personal information is not open for any other use.

8. Installation and management conditions of personal information auto-collecting devices

Hotel does not operate any Cookies or other personal information auto-collecting devices

9. Administrator of Personal information and in-charge

If you inquiry about protection of personal information, below our staffs answer to you sincerely.

Manager of Personal Information Protection
Seung Kun Park (Manager, IT Team)
Tel
+82 2-559-7345
E-mail
skpark@icseoul.co.kr

Client is entitled to file personal information related complaint claims to the personal information manager in charge or the handling department while in use of the Hotel's services. The Hotel will take immediate actions once claims are made and provide full response. In addition, please contact the organizations below as for notification and consultation of other personal information infringement.

  1. Personal Information Arbitration Committee : (www.1336.or.kr / 1336)
  2. Information Protection Mark Certification Committee (www.eprivacy.or.kr / +82 2-580-0533~4)
  3. Supreme Prosecutors Office, Cyber Criminal Investigation Team (http://icic.sppo.go.kr / +82 2-3480-3600)
  4. National Police Agency, Cyber Terror Response Center (www.ctrc.go.kr / +82 2-392-0330)