PRIVACY POLICY

HOTEL ELIENA (hereinafter “HOTEL”) greatly values its guests’ personal information, and complies with the Personal Information Protection Act. In this Privacy Policy, HOTEL ELIENA informs the purpose and method of using the guests’ personal information and the measures taken for personal information protection.

Article 1
(Scope and method of collecting personal information)

Scope of collecting personal information

o A. Hotel collects personal information to the minimum extent necessary to provide service.

o B. Hotel does not collect sensitive personal information whose collection could violate a Member’s basic human rights (e.g., race and ethnicity, ideology and creed, place of birth and permanent address, political inclination, criminal record, health condition, and sexuality).

o C. Hotel may process the collected personal information for statistical purposes, scientific research, public record preservation, etc. through information that has been pseudonymized (hereinafter "pseudonymized information") so that a specific individual cannot be identified.

Method of collecting personal information.

HOTEL collects personal information through the following methods.

1) Membership subscription (through homepage, writing, phone, or fax), message board, and promotional events participation

2) Receiving from affiliated companies or business partners

3) Collection of payment information and point use information created during use of HOTEL.

Article 2
(Purpose of collecting and using personal information)

To provide services, HOTEL collects personal information as follows.

ON-LINE
Division Items collected Purpose of using information
Guest room reservation
and payment
Required Name,
email address,
phone number,
gender, date of birth,
card payment
information
Guest room reservation
and payment,
provide service to
eturning guests
Period of keeping information : 5 years
Guest Comment Required Name,
email address,
phone number
Handle guests’
inquiries
and provide service
Period of keeping information : 5 years
Restaurant reservation Required Name,
email address,
phone number
Make reservation
and handle
guests’ inquiries
Period of keeping information : 5 years
Meeting/wedding inquiries Required Name,
email address,
phone number
Make reservation
and handle guests’
inquiries
Period of keeping information : 5 years
OFF-LINE
Division   Items collected urpose of using information
Guest room
registration card
Required Phone number,
name,
email address
Identification
for offering
revisit service,
delivering customer
notification.
Optional address, nationality  
Period of keeping information : 5 years
Wedding / Banquet contract Required Phone number,
name,
email address
Provide banquet/party
consultation,
booking/contracting
services
Optional Company name,
nationality, address
 
Period of keeping information
: 3 years from the date of consultation
Guest Comment Optional Name,
email address,
phone number
Handle guests’
inquiries
and provide service
Period of keeping information : 2 years
Event ticket Required Name,
email address,
phone number
Provide products,
services, etc.
Period of keeping information
Certain period after the end of event (Specified on event ticket)
Online/offline Optional Name,
email address,
phone number
Marketing/PR
for goods,
events,
and services
Period of keeping information : 2 years
  • 1. During the use of services, the following personal information items may be automatically created and collected.

    - IP address, cookie, MAC address, service usage record, visitation record, content of inquiry phone calls, etc.

  • 2. It is hereby notified that You may refuse to give consent to the collection and use of this personal information but that if You choose to refuse it, there may be restrictions in You becoming a member.
  • 3. If a pseudonym is required for the personal information processed by Hotel, it is processed in a way that it is impossible to identify a specific individual without combining additional information to restore to its original state.
  • 4. Hotel may use personal information without the consent of the Member to the extent reasonably related to the purpose of collection in accordance with laws and regulations. In this case, comprehensive considerations are made to confirm ‘whether it is related to the original purpose of collection, whether there is predictability given the circumstances of collection or processing practices, whether Member's interests are unreasonably infringed and whether measures necessary to secure safety including pseudonymization or encryption have been taken’.
Article 3
(Period of keeping and using personal information, and destruction of personal information)

1. When the purpose of collecting or receiving a Member’s personal information is achieved, Hotel promptly destroys the personal information. The specific timing of destroying personal information is as follows.

A. Information on the use of guest rooms is kept for 5 years to provide service to returning guests (internal policy).

B. Records on phone booking and membership consultation (internal policy): Shall be kept for 3 years for the provision of re-visit service and handling of complaints or opinions.

C. Shipping information is kept until delivery or provision of goods or services.

D. Personal information collected for surveys, events, etc. is kept until completion of the surveys, events, etc.

2. However, if personal information needs to be kept for a certain period for reasons such as checking transaction-related rights and obligations as follows under applicable laws such as the Commercial Act, HOTEL does so.

A. Records on contract, offer withdrawal, etc.: 5 years

B. Records on payment and on supply of goods and services: 5 years

C. Records on handling of consumers’ complaints or disputes: 3 years

3. Implementing the personal information usage period system

A. HOTEL, under Article 29 Paragraph 2 of the Act on Promotion of Information & Communications Network Utilization and Protection of Information and Article 16 of the former’s Enforcement Decree (amended), keeps the personal information of online Members that have not used its services for 1 year or more. This information is kept separate from other information.

4. Destroying method

A. Print-out personal information: Shredding (by a shredder machine) or incineration

B. Personal information stored in the form of an electronic file: Delete by a technical method that disallows reproduction of the records

Article 4
(Sharing personal information)

1. Unless a Member gives consent or unless under applicable laws, HOTEL does not in any circumstance use a Member’s personal information or share it with another person, company, or institution outside of the scope defined in the “Purpose of collecting and using personal information.”

To share a Member’s personal information through business partnering or alliance, HOTEL gives prior and individual notice concerning the party receiving or sharing the information and its main business, the personal information items shared, the purpose of sharing the information, etc. to the Member by email or in writing and then obtains his/her consent. HOTEL only shares personal information with third parties for its unique services. Unless the aforementioned consent is obtained, provision and use of its normal services may be impossible.

However, HOTEL may use personal information without the consent of the Member to the extent reasonably related to the purpose of collection in accordance with laws and regulations. In this case, comprehensive considerations are made to confirm ‘whether it is related to the original purpose of collection, whether there is predictability given the circumstances of collection or processing practices, whether the Member's interests are unreasonably infringed and whether measures necessary to secure safety including pseudonymization or encryption have been taken’.

2. In any of the following cases, HOTEL may share a Member’s personal information without his/her consent, pursuant to applicable laws.

A. It is necessary for payment of prices (points) and shipping of products as a result of provision of service.

B. Any personal information necessary for statistics, academic research, or market surveys is shared in a form in which a specific individual cannot be identified

C. It is required by the law, or required by a crime investigation agency pursuant to the procedure and method of law for crime investigation purposes

To provide guests with better services, HOTEL shares personal information with third parties as follows.

Article 5
(Personal information-processing contractors)

1. To provide services, HOTEL contracts or outsources personal information processing as follows. HOTEL provides for necessary matters in the outsourcing contract pursuant to applicable laws so that personal information can be safely managed.

2. For the safe protection of personal information, HOTEL clearly provides for strict compliance with personal information protection-related directions, prohibitions concerning personal information, and liabilities in the contracts with contractors, and keeps the contracts in writing. In case of a change in contractors, HOTEL announces the new contractor(s) in this Privacy Policy screen on its homepage.

3. So that the processing-outsourced personal information can safely be managed, HOTEL shall appropriately supervise whether the contractors diligently perform the aforesaid provisions within the scope of outsourcing.

Article 6
(Utilization of cookies)

1. HOTEL utilizes “cookies” that from store and retrieve a Member’s information from time to time. Cookies, tiny text files which a server used to operate HOTEL’s website, are transmitted to a Member’s browser and stored in a Member’s computer hard disk.

2. HOTEL utilizes cookies for the following purposes.

A. Analyze a guest frequency of access or hours of visit and identify a user’s preference and area of interest. The result is then used as criteria for target marketing, service reshuffling, etc.

B. Track the information on HOTEL and services in which a Member has shown interest. The result is then used to provide customized services next time.

C. Identify a Member’s degree of participation and number of visits in various events conducted by HOTEL. The result is then used to provide differentiated opportunities for participation and differentiated information befitting an individual’s area of interest.

D. A Member can choose whether to install cookies. A Member, by setting options in the web browser, may permit all cookies, require confirmation whenever a cookie is stored, or refuse storage of any cookies.

※ How to designate whether cookie installation is permitted [In the case of Internet Explorer 9.0]

1. In the [Tools] menu, choose [Internet options].

2. Click the [personal information tab].

3. Set the [personal information protection level].

If a Member refuses installation of cookies, however, HOTEL will have difficulties in providing services.

Article 7
(Personal information protection for children below 14 years of age)

1. HOTEL does not collect personal information from a child below 14 years of age. To otherwise collect information from such a child in connection with hotel business, HOTEL shall comply with applicable laws and government announcements.

Article 8
(Personnel in charge of personal information)

1. To protect Members’ personal information, HOTEL collects opinions on personal information. To handle complaints, HOTEL has designated a chief personal information officer as follows.

Classification Chief personal information officer Personal information manager
Name JG Park
Department - Finance Team
Title Representative
Phone +82 2-3440-9202
Email dooinst@hanmail.net

2. For any other inquiries on personal information, please contact the following agencies.

Classification TEL URL
Personal Information Violation Reporting Center Call 118 (no prefix) http://privacy.kisa.or.kr
Cyber Crime Investigation Division, Supreme Public Prosecutor’s Office Call 1301 (no prefix) www.spo.go.kr
Cyber Safety Bureau, National Police Agency Call 182 (no prefix) cyberbureau.police.go.kr
Article 9
(Technical/administrative measures to protect personal information)

1. When processing a Member’s personal information, HOTEL takes the following technical measures to secure safety so that the personal information will not be lost, stolen, leaked, altered without authorization, or damaged.

A. A user’s personal information is protected by password, and important data is protected through a separate security function by use of file/data encryption or file locking.

B. HOTEL adopts a security device that can safely transmit personal information over the network by use of a password algorithm (Secure Socket Layer).

C. To prevent a user’s personal information from being leaked through hacking, etc., HOTEL uses a double firewall to block unauthorized access from the outside. It has also installed an anti-intrusion system for each server for 24-hour (24/7) intrusion monitoring.

HOTEL restricts its personal information processing personnel to a minimum, emphasizes compliance with this Policy through education—from time to time—of the relevant personnel. If HOTEL finds any related problems, it promptly makes corrections.

A. HOTEL shall not be liable for errors made by a Member or the inherent risks of the Internet. Each Member shall appropriately manage, and be responsible for, his/her personal information.

B. If any personal information is lost, leaked, altered without authorization, or damaged due to HOTEL personnel’s error or a technical/administrative problem, then HOTEL shall immediately notify the user, take appropriate measures, and make appropriate compensations.

C. HOTEL separates the pseudonymized information from the additional information so that they are not identified when processing the pseudonymization; stores and manages them separately and takes necessary technical and administrative protective measures.

Article 10
(Transmission of advertising information)

1. Hotel does not transmit for-profit advertising information against a guest’s express refusal to receive it.

2. To transmit any advertising information by a method such as email for online marketing (e.g., provision of product information), Hotel includes the following in the email’s title and main text so that the guest can easily identify the advertising information.

o Email title: Indicate the word “advertisement” and the transmitter’s name.

o Email main text :Specify the name, email address, phone number, and address of the transmitter against whom the user can refuse to receive the advertising information. Specify the methods by which the user can easily refuse to receive the information.

3. To transmit to a guest having consented to receiving of advertisement any for-profit advertising information by a method (e.g., fax, text message) other than email, Hotel takes necessary measures such as indicating the transmitter’s name.

Article 11
(Obligation to notify)

Addition to, deletion from, and changes in, this Privacy Policy due to the enactment/ amendment of laws, changes in government policies, changes in Hotel, internal policies, or changes in security technology shall promptly be announced on Hotel homepage.

SPECIAL OFFERS

HOTEL ELIENA extends various benefits for guests.

Go To Offers