A. Items of personal information to be collected
"Staz Hotel Premier Dongtan" collects the following minimum personal information as essential items to ensure smooth customer consultation and provision of various services.
• Required items: name, contact (phone number), e-mail
*If you refuse to provide the required items, you may not be able to receive relevant services
B. How to provide personal information
The hotel collects personal information in the following ways.
• Collection consent screen on the homepage
A. Items of personal information to be collected
By collecting certain personal information provided to the hotel by existing users when developing new services or expanding content, it is possible for "Staz Hotel Premier Dongtan" to more efficiently prioritize services to be developed, and to rationally select and provide content that users need. The information to be collected and utilization details are as follows.
|Division||Collection Items||Purpose of Use||Retention Period||Collection Method|
Other information: name
|Contact information : communication channels such as contact and guidance, communications, complaint handling for the implementation of services. Other information: Questions||1 year||Homepage|
Contact information: Name, phone number
Other information: Email address, nationality, passport number (resident registration number)
Financial information: card number, card expiration date
Contact information: communication channels such as customer identification, room reservation service, contact and guidance for service provision, guidance communications, complaint handling.
Other information: Room reservation guarantee
|5 years after stay or until the deadline stipulated by law||Registration card, phone reservation, online reservation|
Contact information: Address
Other information: Date of birth, company name, position
Contact information: Contact and service guidance
Other information: customer identification and statistical analysis, information on new services and events
The hotel uses users' personal information within the scope specified in "Article 2: Purpose of Collection and Use of Personal Information", and does not use users' personal information beyond that scope or disclose it externally without the prior consent of the user. However, the following cases are exceptions to this:
Where there is a request from an investigative agency pursuant to provisions of the Law or according to the procedures and methods prescribed by Law for the purpose of investigations.
Personal information is collected and used within the scope of ‘items of personal information to be collected’, and the collected personal information will be destroyed after the purpose of using that personal information is achieved.
However, the following information will be retained for the specified period for reasons of preservation stated below
A. Reasons for information retention in accordance with relevant laws
By default, users’ personal information shall be destroyed without delay when the purpose of collecting and using that information is achieved. The hotel's personal information destruction procedures and methods are as follows
A. Destruction Procedure
• The information entered by the user for customer consultation and provision of various services is transferred to a separate DB after the purpose is achieved and stored for a certain period according to the information protection reasons (refer to the retention and use period) of the internal policies and other related laws.
• This personal information will not be used for any other purpose than those held by law, except as required by law.
B. Destruction Method
• Personal information printed on paper is destroyed by shredding or incineration.
• Personal information stored in the form of electronic files is deleted using a technical method that cannot reproduce the record.
The hotel takes the following technical/administrative measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged in processing users' personal information.
A. Countermeasures against hacking, etc
The Hotel is doing its best to prevent members' personal information from being leaked or damaged due to hacking or computer viruses.
In case of personal information damage, data is backed up frequently, personal information or data is prevented from being leaked or damaged using the latest virus prevention program, and personal information can be safely transmitted on the network through cryptographic communication, etc.
The Hotel also uses intrusion prevention systems to control unauthorized external access, and strives to equip all possible technical devices available to secure systemic security.
B. Minimization and training of handling staff
The company's personal information-related processing staff is limited to the person in charge. Separate passwords are assigned for this and are regularly updated, and compliance with the personal information processing policy of “Staz Hotel Premier Dongtan” is always emphasized through frequent training of the relevant personnel.
C. Operation of a dedicated personal information protection organization
Through the in-house personal information protection committee, we check the implementation of the “Staz Hotel Premier Dongtan” personal information processing policy and the compliance of the person in charge, and if any problems are identified, we make efforts to correct them immediately. However, the hotel shall not be responsible for damage that is not attributable to the Hotel, such as user neglect or accidents occurring in areas not managed by the Hotel despite the Hotel having fulfilled its personal information protection obligation.
You can report any complaints related to personal information protection arising from use of the Hotel's services to the person in charge of personal information management or the department in charge.
The company will provide prompt and comprehensive answers to user reports.
If you need to report or consult about any other personal information infringement, please contact the following organizations.
• Personal Information Infringement Report Center privacy.kisa.or.kr / 118 without area code
• Supreme Prosecutors' Office Cyber Investigation Department www.spo.go.kr / 1301 without area code
• National Police Agency Cyber Security Bureau www.ctrc.go.kr / 182 without area code
If there is any addition, deletion, or modification of the current personal information processing policy, notification will be provided through the 'Notice' section of the website at least 7 days before the revision takes effect. However, an important change is made to user rights, such as collection and use of personal information or provision to a third party, notification shall be made at least 30 days in advance.
• Announcement Date: October 27, 2020