Privacy Policy
Royal Hotel Seoul (hereinafter referred to as "RHS") complies with the Personal Information Protection Act, placing great importance on the personal information of its customers. RHS' Personal Information Processing Policy specifies how and what for RHS uses the personal information provided by its customers and which measures RHS takes to protect such personal information.
• Article 1. Scope of Personal Information to be Collected and Method to Collect• Article 2. Purpose of Collection and Use of Personal Information
• Article 3. Retention, Use Period and Destruction of Personal Information
• Article 4. Supply and Sharing of Personal Information
• Article 5. Appointing Entity to Handle Personal Information
• Article 6. Method to View and Correct Personal Information and/or Withdraw from Membership and Give Consent to Withdrawal
• Article 7. Operation and Utilization of Cookie
• Article 8. Protection of Personal Information of Children under Fourteen (14)
• Article 9. Personal Information Protection Officer
• Article 10. Management of Technologies and Systems for Protection of Personal Information
• Article 11. Transmission of Advertising Information
• Article 12. Obligations to Provide Notices
Article 1. Scope of Personal Information to be Collected and Method to Collect
1. Scope of Personal Information to be Collected
RHS shall collect the personal information of its customers only to the minimum extent that it needs such personal information to provide services to them.• a. RHS shall not collect any sensitive personal information which may violate the basic human rights of its customers (including race, nationality, idea, creed, hometown, legal domicile, political orientation and crime sheet, health condition and sex life).
2. Method to Collect Personal Information
RHS shall collect the personal information of its customers in the following manner :• a. Join as a member on its homepage, in a written form, or by telephone or fax, on the consultation notice board or enter for giveaway events
• b. Receive the personal information from its affiliated companies
• c. Collect the information about settlement of accounts, point-based transaction information and any other information created when the customers use RHS
Article 2. Purpose of Collection and Use of Personal Information
RHS is collecting the personal information of its customers in order to provide services to them as follows :
| Classification | Item to be Collected | Purpose of Collection | Retention Period | ||
| Online | |||||
| Joining as a member | Mandatory | E-mail (ID), password, name | To utilize the collected personal information of the member in order to identify whether he is eligible for membership services, provide notices to the member, secure a communication channel for facilitating communication to handle complaints and obtain the information about the correct address to which the membership card will be delivered | For one (1) year after withdrawal | |
| Optional | Contact address (mobile phone number or house), date of birth, address (house or company), country, customer No. | ||||
| Reserving rooms | Mandatory | Name (in English), e-mail, contact address (mobile phone number, house or company), credit card information | To enable the member to reserve a room or rooms and enjoy re-visitation services *The information of the member’s credit card shall be collected for the purpose of guarantee, and not for settlement of accounts. | For two (2) years | |
| Voice of customers | Mandatory | Name, e-mail | To reply to the member about such inquiry and to provide services | For two (2) years | |
| Reserving restaurants | Mandatory | Name, contact address | To provide reservation and consultation services | For five (5) days after the reservation cancellation date or the visitation date | |
| Optional | Name of company, address, e-mail, fax | ||||
| Inquiring about meetings and weddings | Mandatory | Name, e-mail, contact address | To provide reservation and consultation services | For two (2) years | |
| Inquiring about unfunded accrued points | Mandatory | To reply to the member about such inquiry and to provide services | For two (2) years | ||
| Offline | Gold card membership | Mandatory | Name, gender, address, cellular phone, contact address, name of work place, e-mail | To utilize the collected personal information of the member in order to identify whether he is eligible for membership services, provide notices to him, secure a communication channel for facilitating communication to handle complaints, obtain the information about the correct address to which the membership card will be delivered and/or the member’s qualification, etc. will be notified | For one (1) year after withdrawal Two (2) years after a check-in date |
| Platinum card membership | Mandatory | Name, gender, address, cellular phone, contact address, name of work place, e-mail, photographs | To utilize the collected personal information of the member in order to identify whether he is eligible for membership services, provide notices to him, and obtain the information about the correct address to which the membership card will be delivered | ||
| Room registration card Reserving restaurants | Mandatory | Name, date of birth, nationality, cellular phone, e-mail, check-in information | To utilize the collected personal information of the member in order to identify whether he is eligible for revisit services, deal with civil affairs including handling of complaints and lost articles, to solve any problems related to use of the hotel | ||
| Optional | Gender, country, city/province, telephone number, name of company, title | To utilize the collected personal information of the member in order to identify him and provide recognition services | |||
| Optional | E-mail, cellular phone number | To utilize the collected personal information to provide any information about cut-price goods and new products and for the purpose of marketing | |||
Article 3. Retention, Use Period and Destruction of Personal Information
1. If RHS achieves the purpose of collecting and receiving the personal information of its customers, it shall forthwith destroy the personal information. The detailed destruction period shall be as follows :
• a. Information about joining as a member (internal policy): RHS shall keep the personal information for one (1) year after the member withdraws from membership to provide re-visit and recognition services.• b. Information about stay in rooms (internal policy): RHS shall keep the personal information for two (2) years to provide re-visit services
• c. Information about delivery: RHS shall destroy the personal information when the goods or services are delivered or provided
• d. If the personal information is collected for the purpose of questionnaire survey and events, etc.: RHS shall destroy the personal information when the questionnaire survey or events end.
2. Provided, however, that if RHS has to keep the personal information as follows for the purpose of verifying any obligations to manage transactions involving the customer for a certain period of time as required by applicable laws including the Commercial Code, it shall do so :
• a. any record about agreements or withdrawal from subscription: five (5) years• b. any record about payment of price and supply of goods: five (5) years
• c. any record about complaints of customers and handling of disputes: three (3) years
3. Period of Validity of Personal Information
- RHS shall keep the personal information of any online members who have not used RHS’ services for at least one (1) year separately from any other information in accordance with Article 29.2 of the Act on Information and Communications Network and Article 16 of the Revision to Enforcement Decree thereto.4. How to Destroy Personal Information
• a. Personal information printed on paper: RHS shall shred it by using a shredder or incinerate it.• b. Personal information saved in electronic files: RHS shall delete it by using the technical methods which do not allow reproduction of the record.
Article 4. Supply and Sharing of Personal Information
1. If agreed upon by a member or required by the provisions of applicable laws, in no event shall RHS use or provide to any other persons, companies or organizations the personal information of the member beyond the scope notified in the Purpose of Collection and Use of Personal Information.
If RHS intends to provide to or share with the personal information of a member to another person or entity in partnership with RHS, it shall give the member a prior notice by e-mail or in writing, specifying who or what the person or entity is, which business the person or entity is engaged in mainly, which items of the personal information are provided or shared, what the purpose of the supply or sharing of the personal information is, etc., and obtain the member’s consent thereto. Since RHS provides the personal information of its member to another person or entity in partnership with RHS in order to provide RHS’ services only, if the member does not give his consent to RHS’ supply of his personal information to another person or entity in partnership with RHS, he may not receive and use the services normally.
2. If any of the following events occurs, RHS may provide the personal information of its member to another person or entity in partnership with RHS without obtaining the member’s consent in accordance with the provisions of applicable laws:
• a. if RHS has to settle any accounts of rates (points) arising out of supply of services and to deliver goods• b. if RHS provides the personal information of its member after making it not personally identifiable information for the purpose of preparing statistics, conducting academic research or market research
• c. if RHS has to disclose the personal information as required by laws or if an investigation agency requires RHS to provide the personal information in accordance with procedures and in the method, specified in applicable laws.
3. RHS is providing the personal information of its members as follows in order to provide higher quality services to them :
| Classification | Partner | Items Provided | Purpose of Use | Supply Period |
RHS |
JAd Com Co., Ltd. |
Name, cellular phone number, telephone number and address |
Hotel information (notices, handling of complaints, and hotel events) |
At the time of withdrawal from membership |
Gem-tech Co., Ltd. |
Name, cellular phone number |
Hotel events and notices |
At the time of withdrawal from membership |
Article 5. Appointing External Entity to Handle Personal Information
1. RHS appoints the following entity to handle the personal information of its customer in order to provide services to him. In addition, the appointment agreement between RHS and the entity sets forth any terms and conditions under which the personal information shall be managed in a safe manner in accordance with applicable laws.
| Entity | Works Entrusted | Period of Retention and Use of Personal Information |
Oracle Corporation |
Management of e-mail delivery systems |
Until the member withdraws from the membership or the appointment agreement ends |
2. When RHS and the entity sign the appointment agreement, they clearly set forth therein that the entity shall strictly comply with the RHS’ instructions about protection of the confidential information in order to safely manage the personal information, as well as any activities prevented with regard to the personal information and who shall bear liabilities in case of accidents and keep the appointment agreement in writing. If the entity is replaced, RHS shall notify the name of replacing entity on the Personal Information Processing Policy in the homepage.
3. RHS shall supervise whether the appointed entity faithfully performs any terms and conditions of the appointment agreement in order to ensure the safe management of the personal information within the scope of the works entrusted.
Article 6. Method to View and Correct Personal Information and/or Withdraw from Membership and Give Consent to Withdrawal
1. The member may at any time view and correct his personal information registered on RHS’ homepage or withdraws from membership over the homepage.
• a. Any online member may correct his personal information registered on My Page, and withdraw from membership, on the pop-up window after logging in the right top on RHS homepage.• b. If the customer visits or call RHS to request such view, correction, withdrawal or consent, RHS will identify him and then promptly respond to such request.
• c. Telephone No.: 02-756-1112
2. If the member requests correction of any errors in his personal information, RHS shall not use or provide the personal information until the correction is completed. In addition, if any erroneous personal information of the member is already provided to a third party, RHS shall notify the third party of the results of the correction so that the third party can keep the corrected personal information.
Article 7. Operation and Utilization of Cookies
1. RHS operates cookies which store and search the personal information of RHS’ members from time to time. Cookies refer to very small text files that the servers used to operate RHS website send to the members’ browsers and that are stored in the members’ computer hard disks.
2. RHS shall use the cookies for any of the following purposes.
• a. to utilize the cookies as the criteria for target marketing and service reformation by analyzing the frequency of access made by members and non-members and their visit time, etc. and identifying users’ preference and areas of interest.• b. to utilize the cookies to provide members with customized services to them when they use the services of RHS later by tracing the RHS information and services that they look around with interest.
• c. to utilize the cookies as materials intended to provide members with more favorable opportunities to participate in various kinds of events hosted by RHS by identifying their participation degree and the number of their visits and provide them with differentiated information depending on the areas of their individual interest.
• d. A member has the option to install cookies. Therefore, he may allow all the cookies by setting up a concerned option on the web browser, or verify the storage of the cookies whenever they are stored, or refuse the storage of all the cookies.
- How to decide to allow the installation of cookies [In case Internet Explorer 9.0 or higher version is used]
o 1. Select the [Internet Option] on the [Tool] menu.
o 2. Click on the [Personal Information Tab].
o 3. Set the [Personal Information Protection Level].
If the member refuses to install the cookies, it may be difficult for him to use the services rendered by RHS.
Article 8. Protection of Personal Information of Children under Fourteen (14)
1. RHS does not collect the personal information of any children under full fourteen (14) years.
Article 9. Personal Information Protection Officer
1. RHS appoints the following Personal Information Protection Officer to protect the personal information of its customers, accept any opinions about it and handle complaints:
• Royal Hotel Seoul• - Department in charge of personal information: the person in charge of CRM in Room Team
• - Personal Information Protection Officer: Lee Gwang Su, Leader of Room Team (Tel: 02-2129-5750, email: lks3454@royal.co.kr)
• - Person in charge of protection of personal information: Lee Yong Ho, Manager (Tel: 02-2129-5758, email: dragonholee@royal.co.kr)
2. If customers need any consultation about the personal information, they may consult with the following organizations:
• - Personal Information Infringement Report CenterTelephone No.: 118 without an area code
URL : http://privacy.kisa.or.kr • - Cyber Investigation Division of Supreme Prosecutors’ Office
Telephone No.: 1301 without an area code
URL : www.spo.go.kr
• - Cyber Safety Bureau of National Police Agency
Telephone No.: 182 without an area code
URL : cyberbureau.police.go.kr
Article 10. Management of Technologies and Systems for Protection of Personal Information
1. RHS takes the following technical measures in order to prevent the personal information of its members from being lost, stolen, leaked, falsified or damaged while handling the personal information:
• a. RHS protects the user’s personal information by using a password and any important data with the use of separate security functions including encoding files and data to be transmitted or using file locking functions.• b. RHS adopts the secure socket layer which can safely transmit the personal information over the network by using the password algorithm.
• c. RHS uses a safe firewall intended to block any unauthorized access from an external entity in order to prevent the user’s personal information from being leaked by hacking, etc.
2. RHS allows a minimum number of its employees to access and handle the personal information and causes such employees to comply with this policy by providing them with necessary education and training from time to time. If RHS finds any problems arising out of such employees’ failure to comply with this policy, it takes corrective measures without delay.
• a. RHS shall not be liable for mistakes made by members or for any problems which may be caused due to the risks existing on the Internet. Instead, each member shall be solely responsible for managing his own personal information properly and bear any liability arising out of or in connection with his failure to do so.• b. If the personal information of each member is lost, leaked, falsified or damaged due to any other mistakes of internal managers or negligence in management of technologies, RHS shall forthwith notify the member thereof and take any proper measures and provide adequate compensation for damages.
Article 11. Transmission of Advertising Information
1. RHS shall not transmit any advertising information for profit-making purposes against a customer’s explicit intention to refuse to receive such advertising information.
2. If RHS intends to send customers any advertising information for an online marketing purpose, including information about products, by e-mail or any other means, it shall indicate as follows in the subject line and the text space so that customers can easily identify the purpose of such information:
• - e-mail subject line: RHS shall indicate the expression (advertisement) and the name of a sender in the e-mail subject line.• - e-mail text space: RHS shall indicate the name of a sender from whom the user can express his intention to refuse to receive the advertising information e-mail address, the sender’s telephone number and address. In addition, RHS shall indicate any methods in which the user can easily express his intention to refuse to receive the advertising information.
3. When transmitting to any customers who consent to receiving of advertisements any advertising information for profit-making purposes in any manner other than fax transmission, transmission of texts over cellular phones or delivery of e-mails, RHS shall take any necessary measures including indication of a sender.
Article 12. Obligations to Provide Notices
This Personal Information Processing Policy was established as of March 30, 2012. If any contents are added to, or deleted from, the Policy or any modifications are made to the Policy, as a result of changes to applicable laws, policies or security technologies, RHS will post on its homepage the reasons for, and details of, such changes.• First announcement date: March 30, 2012
• Date of Change : January 4, 2018
• Effective Date : January 4, 2018
The above RHS Personal Information Processing Policy shall take effect as of January 4, 2018.
