Center Mark Hotel (hereafter the "Hotel") values the personal data of its clients and complies with the Personal Information Protection Act. The Hotel informs its clients of the purpose and methods of using the personal data that they have provided and what measures are taken to protect their privacy.
Article 1. Scope and methods of personal information collection
Scope of personal information collection
The Hotel collects personal information to the minimum extent necessary to provide services, and all personal data provided will not be used for any purpose other than that unless otherwise agreed.
The Hotel does not collect sensitive personal information items (such as race, religion, ideology, political orientation, health condition and sex life information) that may violate clients' human rights.
Methods of personal information collection
Product reservation and consultation via telephone, fax or website
The Hotel Guest Information form filled out offline
Data provided by affiliates
Payment information generated when using the hotel, mileage transaction information, etc.
Special offer/ event entry (upon clients' agreement)
Article 2 Purpose of Personal Information Collecting and Use
The Hotel collects the following personal information to provide services.
Purpose of collection
Retention and use period
Name, contact, e-mail address, nationality, passport number (foreigners), credit card information (card type, card number, cardholder name, expiration date, and security code)
Product (room/ restaurant) reservation, room reservation guarantee and payment
Date of birth, address, health condition, smoking status, food allergy, preferred or nonpreferred food
Provision of personalized and revisit services
Destruction after check-out
Name, mobile phone number, e-mail address
Survey, event/ special offer promotion
Article 3 Retention/ Use Period and Destruction of Personal Information
The Hotel will destroy personal information without delay when the purpose of collecting or receiving the data is achieved. The specific times of destruction are as follows.
Hotel guest information: Destroyed immediately 5 years after check-out
Information for personalized services: Destroyed immediately after check-out
Data collected for the purpose of surveys, events, etc.: Destroyed immediately at the end of the surveys, events, etc.
However, if the personal information needs to be retained for a certain period of time due to the confirmation of transaction related obligations as follows, the Hotel will retain it for a certain period of time.
Records of contracts or the withdrawal of offers: 5 years (Act on Consumer Protection in Electronic Commerce, Etc.)
Records of payment and the supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, Etc.)
Records of the settlement of complaints from clients or disputes: 3 years (Act on Consumer Protection in Electronic Commerce, Etc.)
Personal information printed on paper: Crushed by a shredder or outsourced to a shredding company
Personal information stored in the form of electronic files: Deleted using technical methods so that they cannot be reproduced
Compliance with the personal information expiration system
The Hotel complies with the personal information expiration system and takes necessary measures such as destruction to protect the personal information of the clients who have not used the services of the Hotel for 3 years to prevent the misuse and leakage of their personal data.
Article 4 Provision and Sharing of Personal Information
The Hotel shall in no event, except in the case of the consent of the Customer or the provisions of relevant laws, use the personal information of clients beyond the limits stipulated in Article 2 (Purpose of Personal Information Collecting and Use) or provide it to other persons, companies and institutions. The Hotel collects personal information for the purpose of providing its services, so clients may not be able to use normal services if they do not consent to the collection of personal data.
The Hotel does not provide the personal information of clients, but in the following cases, it can provide personal data without clients' consent in accordance with the provisions of relevant laws.
Where it is necessary to settle the fare (mileage) according to the provision of services and deliver goods
Where it is necessary for the creation of statistics, academic research or market research; where the personal data are processed and provided in the form where specific individuals cannot be identified; where they are requested pursuant to relevant laws; and where the data are demanded by investigation agencies for the purpose of investigation in accordance with the procedures and ways as prescribed by laws
Article 5 Outsourcing of Personal Information Processing
The Hotel outsources the processing of clients' personal information to the companies listed below to provide services, and in accordance with related laws, the outsourcing agreement stipulates the matters necessary for the safe management of personal information.
Computer system operation and maintenance
Product reservation processing on the website
Hotel sales management
T-On S Co., Ltd.
Video information processing equipment operation and management and facility management
Maintenance of the Hotel's internal and external environment and property management
The Hotel will appropriately supervise, within the scope of the outsourced work, whether the contracting companies faithfully abide by the terms and conditions of the contract so that the personal information entrusted to them can be safely managed.
Article 6 Personal Data Access and Correction/ Withdrawal of Consent
Clients can access or correct their registered personal information at any time.
Guest and payment information can be viewed and changed after identification process before the reservation date.
The request can be made via visit or telephone, and the Hotel will promptly handle it after identification process.
- Email : email@example.com
- Tel : 02-2283-3118
- Address : (03149)38 Insadong-gil Jongno-gu Seoul
If a client requests to correct errors in the provided personal information, the Hotel does not use or provide the information until the correction is completed. If the Hotel has already provided the incorrect personal information to a third party, it will notify the third party of the results of the correction without delay to ensure that it is reflected in the data.
Article 7 Measures to Secure the Technical and Management Stability for Personal Information Protection
Measures to secure technical stability
The Hotel takes measures to prevent damage caused by computer viruses by using a vaccine program. The vaccine program is updated regularly, and if an unknown virus is detected, the Hotel will install the vaccine against it as soon as it is released to prevent the infringement of personal information.
The Hotel has adopted a security device (SSL or SET) to securely transmit personal information on the network using cryptographic algorithms.
Measures to secure management stability
The Hotel provides regular in-house and outsourced training to employees who handle personal information regarding the acquisition of new security technologies and the duty to protect personal information.
The transfer of duties between personal information officers is carried out in full security and they are advised of their responsibility for any personal information incidents after they enter and leave the company.
The Hotel does not store personal information and general data in a mixed way, but in separate servers.
The computer room and data storage room have been designated as restricted areas to control the access of unauthorized persons.
The hotel is not responsible for any incident that happens due to the mistakes of individual clients or the risks inherent in the use of the Internet. Each client should properly manage their ID and passwords to protect their personal information and be responsible for any damage caused by failure to do so.
If the mistake of the Hotel's staff or technical management accident causes any loss, leakage, falsification or degradation of personal information, the Hotel will notify the clients who provided the information immediately and take appropriate measures and compensate for any damage.
Article 8 Privacy of Children Under 14
In principle, the Hotel does not collect personal information of children under 14 years old. However, when it is necessary to collect their personal data, it will comply with relevant laws and regulations.
Article 9 Privacy Manager
The hotel appoints a privacy officer (manager) to protect the personal information of its clients, collect their opinions and handle their complaints.
Il Sang Mok
Computing Team Leader
Clients can contact the following organizations if they need to consult about issues related to personal information.
Personal Information Dispute Mediation Committee (kopico.go.kr/ +82-1833-6972)
Personal Information Infringement Report Center (privacy.kisa.or.kr/ +82-118)
Supreme Prosecutors' Office Cyber Crime Investigation Team (www.spo.go.kr/ +82-2-3480-3573)
Police Cyber Crime Investigation Bureau (cyberbureau.police.go.kr/ +82-182)
Article 10 Duty of Notice
- Effective date: June 1, 2016
- Last modification: November 22, 2018
Centermark Hotel SeoulBusiness Registration Number : 101-86-68909Representative : Eonsik ShinChief Privacy Officer : Brian Jeon Address : 38, Insadong 5-gil, Jongno 1(il)-ga, Jongno-gu, Seoul, South Korea (03149)TEL : +82-2-731-1000E-mail : firstname.lastname@example.org