(주)케이티에스테이트 / 서울시 강남구 테헤란로 422, 17층 / 사업자등록증번호 120-87-57657 / 통신판매번호 제 2021-서울송파-2518호 / 대표 최남철
Date implemented: 2021-07-15
1. Collection of Personal Information; Purposes of Use; Items to Be Collected; and Methods of Collection
A. When you attempt to sign up for Sofitel Ambassador Seoul Hotel & Serviced Residences membership, we collect your personal information as may be required to identify you. The personal information to be collected by the Company is as follows:
Item Purpose Period
Full name To sign up Until we achieve the purpose
E-mail address To provide services
Contact number To confirm financial transaction
(Credit card number, Account number etc) To reply from the guest’s inquiry
B. We collect your personal information from your application for membership on our website and by means of written notices, facsimile or phone communications, online message boards, promotional events and/or other approaches for collection of created information.
2. Disclosure and Sharing of Collected Personal Information
A. In the event that the rights and obligations of a service provider is fully assigned or transferred as a result of sale, merger or acquisition, we will ensure that we inform you according to Article 27 of the Personal Information Protection Act. If you do not want to transfer your personal information, we will also have an action procedure.
B. Where your personal information is to be disclosed or shared, we will seek your consent in advance by notifying you by email or otherwise in writing of what items of such information will be disclosed or shared, whom the information will be disclosed to or shared with, why it should be disclosed or shared, and how and how long it will be protected and managed. The same procedures will apply in case the information recipient is changed.
C. Your personal information may be disclosed without your consent in accordance with applicable provisions of relevant laws:- when duly and reasonably requested by an investigation authority for investigation purposes; or – when made available in unidentifiable form for the compilation of statistics or for academic or market research purposes.
3. Outsourcing the Handling of Personal Information
The Company, for the provision of its services, has outsourced the handling of personal information on a contract basis as follows:
Contractor (Outsourcing) Outsourced Service
4. Collection of personal information using cookies
5. Retention and Destruction of Personal Information
A. The Company will retain your personal information until the purposes of collection or disclosure of such information are accomplished and will destroy your personal information immediately when such purposes are accomplished. The times when we are required to destroy your personal information are as follows: – Your membership information is destroyed when you withdraw or are dismissed from Sofitel Ambassador Seoul Hotel & Serviced Residences membership. – Your delivery information is destroyed when a product or service has been delivered or provided. – Your information collected for a survey or promotional event is destroyed upon when such survey or event is over. – The information used to identify you is destroyed when your identity has been verified.
B. Notwithstanding the foregoing, when any of your personal information needs to be retained under relevant laws or internal regulations, we may retain such information (i) for a period of five (5) years if it pertains to the revocation of contracts or subscriptions; (ii) for a period of five (5) years if it relates to the supply of goods or services and payments therefor; or for a period of three (3) years if it pertains to the handling or resolution of complaints or disputes.
C. Your personal information will be destroyed by the following procedures and methods: – Paper-printed information is destroyed with a paper shredder or through a shredding service provider. – Electronically stored information is permanently deleted in a technically irretrievable manner.
6. Rights and Obligations of Users and Exercise of Rights
A. You have the right at any time to view, correct or delete your registered personal information, have it corrected or deleted, have its processing suspended or withdraw your consent to the use and disclosure thereof, directly on the Membership Information page of our website or by contacting our Privacy Officer in writing, by telephone (at 02-2092-6000) or by email, in which case we will respond forthwith after identity verification.
B. If you request that we correct an error in your registered personal information, such information will not be employed or disclosed until such correction is made accordingly. Where any incorrect part of your personal information has been disclosed to any third party, we will have it corrected by giving immediate notice to such third party.
7. Measures for Security of Personal Information
A. In handling your personal information, we use our best efforts to prevent such information from being lost, stolen, leaked, falsified or damaged by taking the following technical, administrative and physical measures for security assurance:
– Minimum number of information workers and training
Personal information is made accessible to the smallest possible number of people and regular training is provided to such people.
– Regular in-house audits
In-house internal audits are conducted on a regular basis for the security of personal information.
– Internal management plan
An internal management plan is developed and implemented for safe handling of personal information.
– Encryption of personal information
Your password is protected and stored and managed in encrypted form. All data is encrypted for transmission and other important data is protected by separate security features.
– Technical measures against hacking
Personal information is protected by security software for the prevention of leakage, damage or tampering due to hacking or computer virus infection, and the software is periodically updated and tested. All systems are installed in access-controlled areas and technically and physically monitor and block access from outside.
– Limited access to personal information
We take necessary measures to control access to personal information by means of granting, modifying or canceling access to database systems that handle personal information, and a firewall system is employed to control unauthorized access from outside.
– Storage of access logs and prevention of data forging or tampering
We store and maintain a history of your access to our personal information processing system and use security features for your access log data not to be forged, tampered with, damaged, stolen or lost.
– Use of locks for document security
Documents and auxiliary storage media containing personal data are kept in safe, locked places.
– Prevention of unauthorized access
We have set up a separate physical location where personal information is stored and have established and implemented procedures for the control of access to the storage location.
8. Gathering of Opinions and Handling of Complaints
A. We value your opinion and feedback, and you are always entitled to have your questions answered in a serious fashion. We have set up a customer service hotline to effectively communicate with our customers. [Customer Service Center ] Contact number: 82-2-2092-6000
B. The customer service hotline is available from 9:00 AM to 6:00 PM. All inquires by email, fax or mail will receive courteous responses within 24 hours after receipt thereof. However, if received after normal office hours or during weekends and holidays, such inquires will be answered on the following business day.
C. If you want to report a breach of your privacy or seek advice thereon, please contact
– The Privacy Complaint Center (via privacy.kisa.or.kr or at 118)
– The Supreme Prosecutors’ Office High-tech and Financial Crimes Investigation Division (via www.spo.go.kr or at 1301)
– The National Police Agency Cyber Bureau (via cyberbureau.police.go.kr or at 182).
9. Privacy Officer
A. The Company has appointed the following departments and persons to be responsible for protecting its customers’ privacy and personal information and for gathering their opinions and handling their complaints:
Appointed as Privacy Officer Privacy Contact Person
Name Min-Sook CHO Danny LEE
Title/Position General Manager Director of T&C
E-mail Address Sofitel.Seoul@sofitel.com Sofitel.Seoul@sofitel.com
10. Privacy Protection for Children under the Age of 14
The Company does not collect any personal information of our member customers’ children under the age of 14 in compliance with the Juvenile Protection Act. If we need to collect personal information of the minors under the age of 14 with respect to our hotel business, we will get consent from their legal representatives or guardians.
11. Transmission of Advertising Messages
A. We do not send you any advertising messages for commercial purposes so long as your unsubscription request is expressly given.
B. If we send any advertising message by email or otherwise for online marketing purposes such as presenting product information, we will ensure that in a plain and legible manner:
– ‘The email’s subject line communicates what the email is about, although it may not indicate “Advertisement”;
– The body text contains the sender’s name, email address, phone number and mailing address, as well as instructions on how to unsubscribe, so that the recipient can readily unsubscribe from further advertisements.
C. Likewise, if we send you an advertising message for commercial purposes by fax or mobile text message or via non-email means, we will ensure that the sender’s name is indicated in such message, even if you have agreed to the receipt of advertising messages.
12. Linked Sites
A. We may provide you with links to websites or materials of other companies, in which case we assume no responsibility for and make no guarantee as to the usefulness of such websites and materials over which we have no control.
A. We value the comments, suggestions, opinions, statements and other content posted by our customers (collectively “posts”) and use our best efforts to protect such posts from being tampered with, damaged or deleted. Notwithstanding, this does not apply to the following:
– Spam-like messages (e.g., chain letters and advertisements)
– Posts that defame others by disseminating false information to slander them maliciously.
– Posts that reveal the identity of other users without their consent, infringe on third parties’ copyrights or other rights or are irrelevant to the themes of the bulletin board.
– If a post is found to reveal the identity of other users, the Company may delete or correct part of such post in order to maintain and promote a healthy online community culture.
– If the content of a post is deemed movable to another section, the Company will provide a path in such posts to avoid misunderstanding or confusion.
– The Company may delete other posts deemed malicious or improper after giving express or individual warnings.
B. Essentially, you have rights to your posts and are responsible for them. It is difficult to protect information you disclose voluntarily via a post, so we recommend that you give careful consideration before such disclosure.