"Holiday Tour Co., Ltd." (hereinafter referred to as the "Company") values your personal information and adheres to the provisions of the "Act on the Promotion of Information and Communication Network Utilization and Information Protection." The Company explains in its Personal Data Processing Policy how your provided personal information will be used, for what purposes and methods, and what measures have been taken to protect your personal data.

If the Company makes changes to the Personal Data Processing Policy, it will notify you through website announcements (or individual notifications).

Items of Collected Personal Information For purposes such as member registration, inquiries, and service applications, the Company collects the following personal information:

Collected Items: Name, Date of Birth, Gender, Login ID, Password, Password Question and Answer, Home Phone Number, Home Address, Mobile Phone Number, Email, Company Phone Number, Marital Status, Anniversary, Legal Guardian Information, Bank Account Information, Service Usage Records, Login Logs, Cookies, Login IP Information, Payment Records. Methods of Collecting Personal Information: Website, written forms, member registration via phone/fax, participation in prize draws, delivery requests, provided by partners, collected through information collection tools. Purposes of Collecting and Using Personal Information The Company will use the collected personal information for the following purposes: Fulfilling service contracts and performing related fee settlements, providing content, purchasing and fee payment, goods delivery, or sending bills, financial transaction verification and financial services, fee collection. Member management: Confirming individual identity, personal identification, preventing malicious and unauthorized use, confirming membership intent, confirming age, confirming if personal information of children under 14 years of age is obtained with legal guardian's consent, handling complaints and appeals, providing notices. Marketing and advertising utilization: Developing new services (products) and customization, delivering advertising information, providing services and advertisements based on demographic characteristics, analyzing visit frequency, visit time, participation in activities, number of visits, understanding user preferences and interests. Based on these, provide personalized services including advertisements. Retention and Use Period of Personal Information Generally, after the purpose of collecting and using personal information is achieved, the relevant information will be promptly destroyed. However, the following information will be retained for the reasons below: Items retained: Name, Date of Birth, Mobile Phone Number. Basis for retention: Customer management. Retention period: 5 years. In addition, according to relevant laws and regulations, if there is a need to retain information, the Company will retain member information for a specific period according to the following regulations. Records related to markings/advertisements: 6 months (Consumer Protection Law, Electronic Commerce, etc.) Records related to contracts or counterclaims: 5 years (Consumer Protection Law, Electronic Commerce, etc.) Records related to payment and provision of goods: 5 years (Consumer Protection Law, Electronic Commerce, etc.) Records related to consumer complaints or dispute resolution: 3 years (Consumer Protection Law, Electronic Commerce, etc.) Records related to collection/processing and use of credit information: 3 years (Credit Information Use and Protection Law) Destruction Procedure and Method of Personal Information Generally, after achieving the purpose of collecting and using personal information, the relevant information will be immediately destroyed. The destruction procedure and method are as follows: Destruction procedure: Information entered by users for membership registration will be transferred to a specific database (in the case of paper, to a specific file cabinet). The information will be retained for a certain period according to internal policies and other relevant laws (referring to retention and use periods), and then destroyed. Personal information transferred to a specific database will not be used for purposes other than retention and use periods, unless for legal reasons. Destruction method: Personal information stored in electronic file form will be deleted using technology that cannot reproduce records; personal information output in paper form will be shredded or incinerated. Provision of Personal Information In principle, the Company does not provide users' personal information to external parties. However, exceptions apply in the following cases: When the user has given prior consent. When required by law or under legal procedures and methods, requested by prosecution agencies for investigation. Commission of Collected Personal Information The Company will not commission users' personal information to external companies without the user's consent. If such commission is required in the future, the Company will notify users of the commission object and the content of the commissioned business and obtain prior consent when necessary. Rights of Users and Legal Guardians and How to Exercise Them Users and legal guardians can access or modify their personal information, or request termination of membership at any time, for themselves or for children under 14 years of age. To access/modify personal information for users or children under 14 years of age, you can request termination of membership (withdrawal of consent) through "Change Personal Information" (or "Modify Membership Information," etc.), and directly access, modify, or terminate membership after going through the personal identification process. Alternatively, you can contact the personal information manager in writing, by phone, or email, and we will take prompt action. If you request correction of incorrect personal information, we will not use or provide that personal information until the correction is complete. Additionally, if you have provided incorrect personal information to a third party, we will promptly notify the third party for correction. Personal information terminated or deleted by the user's or legal guardian's request will be processed according to the provisions of "Retention and Use Period of Collected Personal Information" to ensure it is not used for other purposes. Installation and Operation of Cookies - Users can refuse installation. Cookies support users in using the website more quickly and conveniently by optimizing settings and provide customized services. What are Cookies? Cookies are very small text files sent from a service server operated by a website to a user's browser and stored on the user's computer. Why use Cookies? Through Cookies, user preferences will be saved to support faster webpage experiences and service improvement. This will make it easier for users to use services. Additionally, by analyzing visit frequency, visit time, participation in various activities, number of visits, etc., based on various services, user preferences and interests are understood. Based on this information, personalized services including advertisements are provided. What if you refuse Cookies? Users can choose whether to install Cookies. Therefore, users can set whether to allow all Cookies, confirm each time a Cookie is saved, or reject all Cookies in the web browser. However, refusing to install Cookies may make internet use inconvenient and certain services that require login may become difficult. Examples of setting methods: For Internet Explorer: Top toolbar of the web browser > Options > Privacy > Settings. For Chrome: Settings menu in the top right corner of the web browser > Show advanced settings at the bottom > Content settings button for personal privacy > Cookies Complaint Services Related to Personal Information To protect customer personal information and handle complaints related to personal information, relevant departments and personal information management personnel have been designated as follows: Department responsible for customer service: - Phone number: - Email: - Personal information management personnel name: 김화 Email: [email protected] For all complaints related to personal information protection resulting from using our service, you can report to the personal information management personnel or relevant department. The Company will provide a thorough response promptly. For reporting or inquiring about other matters related to personal information infringement, please contact the following organizations:
Personal Dispute Mediation Committee (www.1336.or.kr/1336)
Information Protection Mark Certification Committee (www.eprivacy.or.kr/02-580-0533~4)
Network Crime Investigation Center, Prosecutor's Office (http://icic.sppo.go.kr/02-3480-3600)
Network Terrorist Incident Response Center, Police Headquarters (www.ctrc.go.kr/02-392-0330)