Privacy Policy

The Tourist (hereinafter referred to as the "Company") has the following measures to protect users' personal information protection and rights under the Personal Information Protection Act and to smoothly deal with users' grievances related to personal information:

Article 1 (Purpose of Processing Personal Information)

The company processes personal information for the following purposes: Personal information being processed is not used for any purpose other than the following, and if the purpose of use is changed, necessary measures such as obtaining separate consent under the Privacy Act will be implemented.
1. Application for employment and employment management on the website
-- The company does not register as a member of the website and processes personal information for the purpose of identifying online job applicants and notifying them of the processing results.
2. Handling civil service affairs
-- Personal information is processed for the purpose of handling civil complaints such as identification of civil petitioners, identification of civil complaints, contact for fact-finding, notification, and notification of processing results.
3. Deliver goods or services
-- Process personal information for goods delivery, billing, identity verification, rate payment, settlement, bond collection, service provision, service processing, etc.
4. Personal video information
-- Personal information is processed for the purpose of crime prevention, facility safety and fire prevention, and prevention of vehicle theft and damage for the safety of employees and customers.

Article 2 (items, processing and retention period of personal information)

1. The company shall process and retain personal information within the period of retention and use of personal information or the period of use of personal information that has been agreed upon by the entity.
2. Personal information items are as follows.
Name, email, company name, position, home address, password, date of birth, home phone number, gender, mobile phone number, occupation, department, anniversary, hobby, marital status, physical information, educational background, resident registration, religion, payment information, etc.
3. The period of processing and holding personal information is as follows.
1) Collection method: written, homepage, telephone, fax, etc.
2) Retention period:
Records on consumer complaints or dispute handling: three years;
Records on the collection/processing, use, etc. of credit information: three years;
Records on payment and supply of goods, etc.: 5 years;
Or records on withdrawal of subscription, etc.: five years;

Article 3 (Provided by a third party in personal information)

1. In principle, the company shall process the user's personal information within the scope specified in Article 1 (for the purpose of processing personal information) and shall not exceed the original scope or provide it to third parties without the user's consent.
However, personal information can be processed in the following cases:
- Where the user agrees to provide and disclose a third party in advance;
- Where it is required to be provided by Acts and subordinate statutes, etc.;
- Where it is significantly difficult to obtain consent from the public due to economic and technical reasons as personal information necessary for the implementation of the contract on the provision of services;
- If an individual is processed and used in a condition that cannot be specified to identify the individual;

Article 4 (Consignment of Personal Information Processing)

1. In principle, the company does not entrust the processing of personal information to others without the user's consent.
If there is a need to entrust personal information processing for smooth personal information processing in the future, we will notify the consignee, the details of the consignment period, and the details of the entrustment contract (compliance with privacy regulations, prohibition of third party provision and burden of personal information).
2. In accordance with Article 25 of the Act on the Protection of Personal Information, the company will specify in the documents such as the prohibition of personal information processing, technical and administrative protection, restriction on re-entrustment, management and damage compensation.
3. If the details of the consignment work or the trustee change, we will disclose it through this personal information processing policy without delay.

Article 5 (Rights, duties, and methods of exercise of information subjects)

1. The information entity may exercise the following privacy-related rights against the company at any time:
1) Inquiry, modification, and cancellation of personal information.
2) Request for correction and deletion of personal information errors
2. The company may exercise its rights under paragraph (1) in writing, e-mail, FAX, etc. in accordance with attached Form 8 of the Enforcement Rules of the Personal Information Protection Act, and the company will take action without delay.

Article 6 (Destruction of Personal Information)

1. When personal information becomes unnecessary, such as the lapse of the period of personal information retention and the achievement of the purpose of processing, the company destroys the personal information without delay.
2. If the personal information is preserved in accordance with other laws and regulations even though the personal information retention period has expired or the purpose of processing has been achieved, the personal information shall be moved to a separate database (DB) or stored in a different place.
3. The procedure and method of personal information destruction are as follows.
1) Destruction procedure
The company selects personal information where the reason for destruction occurs, and destroys the personal information with the approval of the person in charge of personal information protection of the company.
2) Destruction method
The company destroys information in the form of electronic files by permanently deleting them in a way that cannot be restored or reproduced, and shreds or incinerates personal information recorded or stored in paper documents.

Article 7 (Safety measures for personal information)

The company is taking the following measures to secure the safety of personal information.
1. Management measures: establishing and implementing an internal management plan, regular employee training, etc.
2. Technical measures: management of access rights such as personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs, etc.
3. Physical measures: Control access to computer equipment rooms, data storage rooms, etc.

Article 8 (Personal Information Protection Officer)

1. The company is responsible for the personal information processing and designates a person in charge of personal information protection as follows to handle complaints from the information subjects and to relieve damage.
▶ Person in charge of personal information protection
Name: Lee Kang-hyuk
Phone: 1670-6701
Fax: 031-214-2376

Article 9 (How to relieve infringement of rights)

The information subject may contact the following institutions for damage relief and counseling regarding personal information infringement.
The following institutions are separate from the company, so please contact us if you need further assistance.
▶ Personal Information Infringement Report Center (Operated by the Korea Internet Promotion Agency)
- Business under his/her jurisdiction: Reporting personal information infringement facts and applying for counseling
- Homepage: privacy.kisa.or.kr
- TELEPHONE: 118 (without station code)
- Address: (138-950) Korea Internet & Security Agency's Personal Information Infringement Report Center, 135 Jung-daero, Songpa-gu, Seoul
▶ Personal Information Dispute Mediation Committee (Operated by the Korea Internet Promotion Agency)
- Business under his/her jurisdiction: application for personal information dispute settlement, group dispute settlement (civil resolution)
- Homepage: privacy.kisa.or.kr
- TELEPHONE: 118 (without station code)
- Address: (138-950) Korea Internet & Security Agency's Personal Information Infringement Report Center, 135 Jung-daero, Songpa-gu, Seoul
▶ Supreme Prosecutors' Office Cybercrime Investigation Team: 02-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Terror Response Center: 1566-0112 (www.netan.go.kr)

Article 10 (Installation and operation of video information processing devices)

1. The company installs and operates a video information processing device as follows.
1) Basis for installation of video information processing devices · Purpose: crime prevention, facility safety, fire prevention, etc. for the safety of employees and customers of the company
2) Number of installations, location of installation, and scope of filming
- Number of installations: 12 headquarters, 8 factories
- Installation location: Office lobby, entrance door for each floor, etc.
- Screenshot: Photograph approximately 160° of the center of the door
3) Management officer, department in charge, and person who has access to video information
- Management officer: person in charge of personal information officer
- Department in charge and accessor: Headquarters (Director Yoon Duk-hyun of the General Affairs Team), Plant (Director Kim Hwa-yong of the Production Management Team)
4) Time, storage period, storage location, and processing method of video information
- Filming time: 24 hours of filming
- Storage period: 30 days from the time
- Storage location and processing method: Storage and processing in the control room of the video information processing device
5) How to check image information
4) The rights of the information subject shall be dealt with using the form determined by the company.
- Information subject's rights activities are read, reproduced, and provided.
1) The processing of rights of the information subject shall be provided with the approval of the general manager.
6) Measures for requesting information subject's perusal of video information: Personal video information shall be applied as a request for perusal and verification of existence, and permission to access information subject's life, body, and property interests is allowed.
7) Technical, management, and physical measures to protect video information: establishing internal management plans, restricting access control and access rights, applying safe storage and transmission of video information, storing processing records and preventing forgery and modulation, etc.

Article 11 (Change of Privacy Policy)

The personal information processing policy will be applied from the effective date, and if there is an addition, deletion, or correction of changes according to laws and regulations, it will be notified through a notice before the changes are implemented.


Effective date: 02/03/2021