Privacy Policy

UTOP Marina Hotel & Resort (the "Company") shall follow the personal information protection provisions imposed on all information and communication service providers by the related laws, including the Act on the Promotion of Information and Communications Network Utilization and Information Protection, Personal Information Protection Act, Communications Secret Protection Act, and Telecommunication Business Act, and establish and implement a privacy policy in accordance with these laws to protect the privacy of its customers to the best of its ability. The present Privacy Policy shall apply to the UTOP Marina Hotel & Resort provided by the Company as well as to the use of all services related to it. Its contents include the following.

  1. 1. Types of personal information collected and methods used to collect it
  2. 2. Purpose of personal information collection and use
  3. 3. Disclosure and provision of personal information
  4. 4. Consignment of personal information handling
  5. 5. Personal information retention and use period
  6. 6. Personal information destruction procedure and method
  7. 7. The rights of the user and legal representative, and the exercise thereof
  8. 8. Installation/operation of automated personal information collection devices and refusal thereof
  9. 9.Technical/administrative measures of personal information protection
  10. 10. Personal information managers and their contact information
  11. 11. Duty of notice

1. Types of personal information collected and collection methods used

A. Types of personal information collected

  1. 1. Firstly, the Company requires the customers to provide the basic personal information mentioned below during member registration in order to facilitate member registration, inquiries and the provision of various services.
    1. [Member registration]
    2. - Required information: ID, password, name, birth date, gender, telephone number for registration confirmation, or the personal information of the legal representative for minors under age 14 (the name, DI, and telephone number of the representative are collected and retained until the child reaches the legal age).
    3. - Optional information: email for emergencies (member registration can be completed without providing the optional information)
    4. [Member registration using organization ID]
    5. - Required information: organization ID, organization name, corporate name (organization name), name of the representative, business address, company phone number, manager ID, manager‘s mobile number, manager department/position
    6. - Optional information: main fax number (registration can be completed without providing optional information).
  2. 2. Secondly, the following information can be automatically generated and collected in the process of service use or business operations.
    1. - IP Address, cookies, access date & time, service use records, abuse record, device information
  3. 3. Thirdly, the following information can be collected in relation to the customers using additional and custom services through their UTOP Marina Hotel & Resort ID, or those participating in events.
    1. - When permission is acquired for additional information collection
  4. 4. Four, the following information may be collected for identification purposes as required by related laws when accessing adult content or using paid or game services.
    1. - Name, birth date, gender, duplicate registration information (DI), cipher identity (CI), mobile phone number (optional), i-Pin number (if used), citizen/alien information
  5. 5. Fifth, the following payment information may be collected in the process of using paid services.
    1. - When paying by credit card: card company name, card number, etc.
    2. - When paying by mobile phone: mobile phone number, carrier, payment approval number, etc.
    3. - Account transfer: bank name, account number, etc.
    4. - When using a gift certificate: gift voucher number

B. Personal information collection method

The Company collects personal information in the following ways.

    1. - Homepage, written forms, fax, telephone, consultation board, email, event participation, and delivery requests
    2. - From partner companies
    3. - Through generated information collection tools

2. Purpose of personal information collection and utilization

A. Execution of service contracts and settlement of service fees

- Content delivery, specific custom service delivery, delivery of goods or bills, personal identification, purchase and payment, collection of fees

B. Member management

- Providing membership services, personal identification, restrictions on members who violate UTOP Marina Hotel & Resort Terms of Use, sanctions on service misuse and actions that disrupt the smooth operation of the service, confirmation of subscription, restriction of registration and number of registrations, confirmation of consent of legal representative when collecting personal information of children under 14 years old, identification of legal representative later, record keeping for the mediation of disputes, complaint handling, provision of notices, confirmation of membership cancellation, etc.

C. Developing new services and utilizing them for marketing and advertising

- Developing new services and providing customized services, providing services and displaying advertisements according to statistical characteristics, validating services, providing event information and participation opportunities, providing advertising information, identifying access frequency, and statistics on the service use among the members

3. Disclosing and providing personal information

The Company shall use the users' personal information within the scope specified in "2. Purpose of collecting and using personal information" and shall not, in principle, disclose the users' personal information to the public without prior consent from the users. Exceptions are made in the following cases:

  1. A. If the user has given prior consent.
  2. B. In case there is a request from an investigative agency according to the provisions of a legal act or in accordance with legally prescribed investigation procedures and methods

4. Consignment of personal information handling

The company consigns personal information as shown below for service improvement, and stipulates necessary matters to ensure that personal information is safely managed when consigned in accordance with the relevant statutes.
The details of consignment processing institutions and the company‘s consignment work are as follows.

Consigned companies Contents of consignment work The retention and usage period of personal information
Sanha Information Communication Co., Ltd. Website management and system management Until membership cancellation or termination of consignment contract

5. The retention and utilization period of personal information

As a general rule, the users‘ personal information shall be destroyed without delay when the purpose of collecting and using it has been achieved. However, the following information shall be retained for the specified time period for the following reasons for preservation:

A. Reasons for information retention established in the Company's internal policy

  1. 1. Records of fraudulent use (records of abnormal service use, such as fraudulent registration and disciplinary records)
    1. - Retained item: Cell phone number for subscription authentication. The DI of the legal representative for members under the age of 14
    2. - Reasons for preservation: Prevention of fraudulent subscription and use
    3. - Retention period: 1 year
    4. ※ These are the records of users whose access to the service was restricted by the company due to fraudulent subscription or postings in violation of the terms of use.

B. Information retention required by related laws

In the event it is necessary to preserve member information according to the provisions of the relevant statutes, such as the Commercial Act, the Act on Consumer Protection in Electronic Commerce, etc., the Company shall keep the member information for the period prescribed in the relevant statutes. In this case, the Company shall use the information only for the purpose of its storage, and the retention period is as follows.

  1. Records of contract or subscription cancellation.
    1. - Reasons for retention: Act on Consumer Protection in Electronic Commerce
    2. - Retention period: 5 years
  2. Records of payment and supply of goods, etc.
    1. - Reasons for retention: Act on Consumer Protection in Electronic Commerce
    2. - Retention period: 5 years
  3. Records on Electronic Financial Transactions
    1. - Reasons for retention: Electronic Financial Transaction Act
    2. - Retention period: 5 years
  4. Records of consumer complaints or dispute handling
    1. - Reasons for retention: Act on Consumer Protection in Electronic Commerce
    2. - Retention period: 3 years
  5. Website visit records
    1. - Reasons for retention: Protection of Communications Secrets Act
    2. - Retention period: 3 years

6. Personal information destruction procedures and methods

As a general rule, the personal information of the users shall be destroyed without delay when the purpose of collecting and using it has been achieved. The procedure and methods used by the Company for destroying personal information are as follows.

A. Destruction procedure

    1. - The information entered by the user for membership registration is transferred to a separate DB after the purpose has been achieved (in case of paper, separate filing boxes) and destroyed after the scheduled retention period prescribed by the internal policy and other reasons for information protection under the relevant statutes (see period of retention and use).
    2. - Such personal information shall not be used for purposes other than those for which it is being retained except when otherwise provided by law.

B. Destruction method

    1. - Personal information printed on paper shall be shredded with a shredder or destroyed through incineration.
    2. - Personal information stored in electronic file format is deleted using technical methods that ensure it cannot be played back.

7. The rights of the users and legal representatives and their methods of exercise

  1. - The users and legal representatives can inquire or modify their personal information or the information of children under the age of 14 at any time, and if they do not agree with the conditions under which the Company is processing the personal information, they can revoke their consent or cancel their membership (registration). However, in such cases, some or all of the services may become unavailable.
  2. - You can check or edit a user‘s personal information or a child’s information under the age of 14 by clicking 'Change Personal Information' (or 'Edit Member Information') or cancel registration (revoke your consent) by clicking 'Cancel Membership' and undergoing a short identity confirmation procedure.
  3. - Alternatively, contact the personal information manager in writing by phone or email and he/she will take immediate action.
  4. - If a user requests the correction of personal information, the personal information shall not be used or provided until the correction is made. In addition, if the wrong personal information has already been provided to a third party, the correction results will be reported to the third party without delay so that the correction can be made.
  5. - The Company processes personal information that has been revoked or deleted at the request of the user or their legal representative as specified in "5. Retention and Use of Personal Information" and cannot view or use it for any other purposes.

8. Matters concerning the installation/operation of devices for automatic collection of personal information and refusal thereof

A. What are cookies?

    1. - The Company uses 'cookies' to store and call user information when needed to provide personalized and customized services.
    2. - Cookies are tiny text files that are sent to your browser by the server used to run the website and are stored on your computer's hard disk. When you subsequently visit the website, the website server reads the contents of the cookies stored on your hard disk to maintain your preferences and provide you with personalized services.
    3. - Cookies do not automatically or actively collect information identifying individuals, and users can reject or delete them at any time.

B. The purpose of cookie use by the Company

    1. Cookies are used to assess data related to visits, use patterns, popular search terms, secure connection use, news modification and user numbers for UTOP Marina Hotel & Resort services and websites in order to provide users with optimized custom information, including relevant advertisements.

C. Installation/use/refusal of cookies

    1. - You can choose whether or not to install cookies. Therefore, you can use web browser settings to allow all cookies, check every time cookies are saved, or refuse to save them.
    2. - However, if you refuse to store cookies, you may experience difficulties using some services of UTOP Marina Hotel & Resort where a login is required.
    3. - Here's how to specify whether cookies are allowed (in Internet Explorer):
      ① Select [Internet Options] from the [Tools] menu.
      ② Click the [Personal Information Tab].
      ③ Set the [Privacy Level].

9. Technical / Administrative Measures for Personal Information Protection

The Company takes the following technical/administrative measures to ensure safety in handling users' personal information to make sure it is not lost, stolen, leaked, tampered with or damaged.

A. Password encryption

    1. - The Utop Marina Hotel & Resort Member ID password is stored and managed under encryption and is known only by the user. Hence, personal information can only be viewed and modified by the user.

B. Measures against hacking

    1. The Company does its best to prevent personal information of members from being leaked or damaged by hacking or computer viruses.
      Data is backed up frequently to protect it from damage. The Company uses the latest anti-virus solutions to prevent the leakage or damage of users' personal information or data, and ensures the safe transmission of personal information over the network through encrypted communication, etc.
      In addition, we use intrusion prevention systems to prevent unauthorized access from outside, and strive to employ all possible technical means to ensure security systematically.

C. Minimization of handling personnel and training

    1. The Company's personal information is handled by the person in charge, and the Company regularly extends their access giving them a separate password. The personal information manager is regularly trained with an emphasis on compliance with the Privacy Policy of the UTOP Marina Hotel & Resort.

D. Operation of Personal Information Protection Organization

    1. In addition, the Company's personal information protection organization checks the implementation of the UTOP Marina Hotel & Resort's Privacy Policy and the compliance of the person in charge. Necessary efforts are made to detect and correct any irregularities in a timely manner.
      However, the Company shall not be held liable for damages not attributable to the Company, such as user negligence or accidents in areas outside of the Company‘s competence, as such damages may occur even if the Company has fulfilled its duty to protect personal information.

10. Personal Information Manager Contact Information

You can report all personal information protection-related complaints that arise from using the Company's services to the personal information manager or related department. The Company will provide a timely and relevant response to your inquiry.

Manager and Access Authority
Personal Information Manager Personal Information Manager
Name Lee Won Seok Name Lee Won Seok
Department Management Department Department Management Department
Tel +82-61-690-8013 Tel +82-61-690-8013
Position Head of Department Position Head of Department
Email yzec22@naver.com Email yzec22@naver.com

11. Duty of notice

If there are any additions, deletions or modifications to the current Privacy Policy, we will notify you through a notice on the website at least 7 days before the revision. However, if there are any significant changes in the user's rights, such as the collection and utilization of personal information and its disclosure to third parties, a corresponding notice shall be given at least 30 days in advance.

    1. - Announcement date: May 30, 2019
    2. - Implementation date: May 31, 2019