- Article 1 Scope and methods of collecting personal information
- Article 2 Personal information collection & use purposes
- Article 3 Personal information usage period & cancellation
- Article 4 Personal information offer & sharing
- Article 5 Entrustment of the handling of personal information
- Article 6 Methods of reading and correcting personal information, canceling membership, and withdrawing consent
- Article 7 Cookies operation & use
- Article 8 Personal information protection for children under 14
- Article 9 Personal information manager
- Article 10 Technical/institutional management for personal information protection
- Article 11 Commercial Information transmission
- Article 12 Duty of Disclosure
Article 1 Scope and methods of collecting personal information
1. Scope of collecting personal information
- A. Lotte Hotels may collect minimal personal information in order to provide proper service.
- B. Lotte Hotels does not collect sensitive personal information (race, ethnicity, ideology, belief, place of birth, political orientation, criminal record, state of health, sexual life, etc.) that may infringe upon the basic human rights of members.
2. Methods of collecting personal information
Lotte Hotels may collect personal information in the following ways.
- A. Web site registration, in written form (application for membership), telephone or fax, posting to the bulletin board, and sweepstakes entries
- B. Offers from affiliated companies
- C. Collecting payment information, points transactions, etc. created upon using the company
Article 2 Personal information collection & use purposes
- Lotte Hotels collects personal information to provide services, as follows:
개인정보 수집 및 이용목적 Classification Items to be collected Purpose Retention period Online Membership entry Required Full name (in English), date of birth, title, phone number (mobile or home), email, and country, privilege number, password To identify a member in accordance with the membership service, To send customers notices and handle complaints To ship membership cards and inform members of Hotel products One year after the membership cancellation Optional Full name (in Korean), address (home or work), ID Room Reservations Required Full name (in English), date of birth, contact details (mobile or home or work), email, and credit card information To provide room reservations and revisitation services * Credit card information is collected only for the purpose of a guarantee and direct payment by such credit card. Two years Customer information Required Full name, email, and contact details To respond to customer inquiries and provide services Two years Restaurant reservations Required Full name, mobile phone number, and email To provide reservation and consultation services Two years Optional Contact details Inquiries about a meetings/weddings Required Full name, email, and contact details To provide reservation and consultation services Two years Offline Privilege rewards membership Required Full name (in Korean, and name on your passport), date of birth, gender, email, mobile phone number, and address To identify a member in accordance with the membership service, To send customers notices and handle complaints To ship membership cards and inform members of Hotel products One year after the membership cancellation Optional Company name, job title, and phone number Trevi Club membership Required Full name, date of birth, gender, mobile phone number, and address To identify a member in accordance with the membership service, To send customers notices and handle complaints To ship membership cards To inform members of Hotel products To pay annual membership fees (The information is used only for the payment and not stored in the system) One year after the membership cancellation Optional Phone number, email, company name, job title, and credit card information Fitness Club membership Required Full name, date of birth, gender, mobile phone number, address, phone number, and photo To identify a member in accordance with the membership service, To make urgent contact in an emergency To send customers notices and handle complaints To send a bill for annual membership fees and inform members of Hotels products One year after the membership cancellation Optional Email, company name, and job title Family Club Membership Required Full name, date of birth, gender, mobile phone number, address, and wedding anniversary To identify a member in accordance with the membership service, To send customers notices and handle complaints To ship membership cards To give a discount for members' anniversaries To inform members of Hotels product Optional Email, phone number, company name, and job title Room registration card Required Full name, date of birth, nationality, and mobile phone number To identify a member for the purpose of providing revisitation services To send customers notices and handle complaints Inform customers of Hotels products Two years Optional Full name, email, address, phone number, company name, and job title
Article 3. Personal information usage period & cancellation
- 1. Lotte Hotels will dispose of members' personal information without delay once the purpose for collecting or receiving such information is achieved.
- A. Information on membership entry (internal policy): Retain it for one year to provide customers with revisitation services after the cancellation of membership
- B. Room stay information (internal policy): Retain it for two years to provide customers with re-visitation services.
- C. Shipping information: When goods or services have been delivered or provided
- D. If personal information is collected for a survey, event, etc.: When such surveys, events, etc. are finished
- 2. Lotte Hotels retains such information for a certain period of time when it is necessary to do so for reasons of verifying the rights, obligations, etc. related to the following transactions in accordance with relevant laws and regulations including the Commercial Act:
- A. Records of contracts, offer withdrawal, or the like: Five years
- B. Records of payments and supply of goods, etc.: Five years
- C. Records of the handling of consumer complaints or disputes: Three years
- 3. Implementation of personal information expiration system
Lotte Hotels retains the personal information of online members who have not used our services for one year or more, separately from other information, in accordance with Article 29(2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. and Article 16 of the Enforcement Decree of the same Act. (Effective as of August 18, 2015)
- 4. Disposal methods
- A. Personal information printed on paper: to be cut into pieces by a shredder or incinerated
- B. Personal information stored in electronic files: to be deleted using a technical method that makes it impossible to regenerate it
Article 4. Personal information provision & sharing
- 1. Under no circumstances does Lotte Hotels use or provide personal information of members to third parties or any other company/agency beyond the scope notified in the 『purpose of collecting and using personal information』, except with members' consent or under relevant laws or regulations. When providing or sharing personal information of members through business partnerships or affiliations, Lotte Hotels notifies members in advance, in writing or by email, and individually, about those with whom such information is provided to or shared, their business purpose, the items that are to be provided or shared, and the purpose of such provision or sharing, and then seeks to obtain members' consent. Because the provision of personal information to Lotte Hotels is only for the services intended for Lotte Hotels, members' refusal to give consent may lead to the unavailability of such services that are normally provided or used.
- 2. We can provide personal information pursuant to relevant laws and regulations without members' consent if doing so is:
- A. required to settle charges (points), after services are offered, and to deliver goods
- B. necessary for statistical data, academic research or market survey, in which case such information is provided in an unidentifiable processed format
- C. required by laws and regulations or by law enforcement agencies for the purpose of criminal investigation in accordance with the procedures and methods set forth in applicable laws and regulations
- 3. Lotte Hotels provides personal information to render higher quality services to customers, as follows:
개인정보 제공항목 Affiliated Concerns Items to Be Provided Purpose Offer Period Hotel Lotte DFS Co., Ltd. Hotels Lotte Busan Co., Ltd. Lotte Busan DFS Lotte DF Retail Co., Ltd. Lotte DF Global Co., Ltd. Full name, email, membership number, and accrued points To approve the use of privilege points To provide discount services at the affiliated stores When the membership is canceled Lotte Buyeo Resort Co., Ltd. Full name, date of birth, gender, nationality, mobile phone, email, address, company name, job title, membership number, and accrued points To approve the use of privilege points To provide discount services at the affiliated stores When the membership is canceled Lotte Hotel Busan
Lotte Hotel Moscow
Lotte Legend Hotel Saigon
Name, date of birth, gender, nationality, mobile phone, email, address, company name, job title Upon return to hotel Provision of services Two years from date of Stay
Article 5 Entrusting and handling of personal information
- 1. Lotte Hotels entrusts personal information to third party service providers to render services, as follows, and has the necessary matters stipulated in an entrustment contract for safe management thereof in accordance with relevant laws and regulations
개인정보 취급위탁 내용 Third Party Service Providers Activities to Be Entrusted Period for Retaining and Using Personal Information Lotte Data Communication Co., Ltd. Computer systems maintenance At the time of membership cancellation or when an entrustment contract is terminated Adcapsule Co., Ltd. Website maintenance MG Credit Information Service Co., Ltd. Recruitment and management of Trevi Club (Seoul & Jeju) membership GL Marketing Consulting Inc. Recruitment and management of Trevi Club (Ulsan and Busan) membership Oracle corporation Management of e-mailing system Daehong Communications Inc. Shipping of magazines published by Lotte Hotels Upon completion of product delivery Simmons-K Co., Ltd. Manufacture and shipment of he:on bed products Hyundai Decorations Co., Ltd. Manufacture and shipment of he:on bedding products
- 3. The Company will supervise third party service providers observing specified matters properly within the scope of activities to be entrusted to ensure that personal information subject to such entrustment is managed safely.
- 4. Transfer of personal information overseas due to offshoring
To provide better customer service, Lotte Hotel will transfer personal information to be stored on contractor’s overseas sever, as shown below.
- A. Personal information to be transferred
- - Member: Full name, mobile, e-mail, gender, nationality, date of birth, address, phone number, company name, job title, service use history and booking information, membership number, ID and information on the membership points
- - Non-member (limited to the customer who gave consent to e-mail subscription): Full name, mobile, e-mail, gender, nationality, date of birth, address, phone number, company name, job title, service use history and booking information
- B. Country where the server is located, and date and method of personal information transfer: Personal information will be immediately transferred through a dedicated network to the server (UK001 Amsterdam) of Oracle Corporation in Europe in response to a new membership registration or changes made to membership information
- C. Name of the party to whom the personal information will be transferred: Oracle Corporation (https://www.oracle.com/legal/privacy/services-privacy-policy.html) Tel.:+1 650 506 7000, Fax:+1 650 506 7200
- D. Purpose of personal information use and period of retention and use of personal information by Oracle Corporation: Transferred information will be used for the purpose of storage in the server and the information will be retained until the termination of membership for members, and for two years from the hotel stay for non-members.
- E. Scope of contract for personal information management: Management of e-mailing system
- A. Personal information to be transferred
Article 6 Methods of reading and correcting personal information, canceling membership, and withdrawing consent
- 1. Members may read or correct their registered personal information or cancel the membership at any time.
- A. Online members may modify their personal information or cancel the membership on MY Page located in the top-right corner of the Lotte Hotels website.
- B. Such request made through personal visit to Lotte Hotels or on landlines will be promptly addressed after membership authentication
- C. Phone number: 02-759-7671~3
- 2. If members make a request for correcting an error in their personal information, such information will not be used or provided until such correction is finished. Also, if erroneous personal information was already provided to a third party, we will correct the error by immediately notifying the third party of modified information.
Article 7. Cookie operation & use
- 1. Lotte Hotels runs "cookies" which stores and searches for members' information from time to time. Cookies are very small text files that are transmitted to members' browsers by the server used to operate the Lotte Hotels website and that are stored in their computer's hard disk.
- A. To utilize them as an index of target marketing and service reshuffling by analyzing the access frequency, visit hours, etc. of members and non-members and grasping their preferences and interests
- B. To keep track of the information on Lotte Hotels and the tracking of services that customers have browsed with interest and to provide customized services the next time they visit such services
- C. To verify the extent of members' participation and visit times in various events hosted by Lotte Hotels, offer an differentiated opportunity for entry, and prepare material to provide distinguished information according to their individual interests
- D. Members have the option for installing cookies. Therefore, members may allow all cookies, allow or block cookies individually whenever stored, or block the storage of all cookies, by using the settings option in the web browser.
Method for specifying whether to allow the installation of cookies [for Internet Explorer 9.0]
- 1. On the [Tools] menu, select [Internet Options].
- 2. Click the [Privacy tab].
- 3. Setting the [Privacy level]. Members blocking the installation of cookies will lead Lotte Hotels to having difficulty in rendering the services.
Article 8 Protection of personal information of children under 14
1. In principle, Lotte Hotels does not collect any personal information from children under age 14. If it is necessary to collect personal information from children under age 14, Lotte Hotels will comply with applicable laws and public notifications.
Article 9 Personal information administrator
- 1. Lotte Hotels appoints personal information administrators as follows to protect members' personal information, to collect their opinions, and handle complaints, about such information:
- Department in charge of personal information: CRM at Digital Marketing Team
- Chief Privacy (or Personal Information) Officer : Jung-Joo Lee, Marketing Division Officer
(Tel : 02-759-7687, Email : firstname.lastname@example.org)
- Staffer in charge of personal information: Jae-Ok Han, Manager
(Tel : 02-759-7670, Email :email@example.com)
- 2. Customers can contact the following organizations to make an further inquires about personal information.
- Privacy Violation Reporting Center TEL : 118 without area codes URL : http://privacy.kisa.or.kr
- Cyber Criminal Investigation Division at Supreme Prosecutors' Office TEL : 1301 without area codes URL : www.spo.go.kr
- National Police Agency Cyber Bureau TEL : 182 without area code URL : cyberbureau.police.go.kr
Article 10. Technical/Institutional Management for Personal Information Protection
- 1. Lotte Hotels implements the following technical countermeasures to keep members' personal information secure in handling their information, lest such information should be lost, stolen, leaked, altered, or compromised.
- A. A user's personal information is protected with passwords, and important data is protected through a separate security measure in a manner that encodes files and transmitted data or uses a file locking function.
- B. Lotte Hotels adopts the Secure Socket Layer that makes it possible to send personal information on our network safely by using an encryption algorithm.
- C. To prevent a user's personal information from being leaked by hacking, etc., Lotte Hotels uses a double fire wall to block unauthorized external access, and monitors possible breaches around the clock by installing a 24 hour breach detection system in each server.
- 2. Lotte Hotels minimizes the number of staff handling personal information, emphasizes the importance of compliance with this Policy through frequent education and training given to employees in charge, and takes immediate action against any related problem.
- A. Lotte Hotels takes no responsibility for matters arising from members' mistakes or the basic risk intrinsic to the Internet. Each member must manage his/her personal information appropriately and be responsible for such management.
- B. If personal information is lost, leaked, altered or compromised due to another internal administrator's mistake or an technical accident or incident, Lotte Hotels will immediately notify users of the fact, take proper measures against such accidents or incidents, and work out appropriate compensation.
Article 11. Commercial Information Transmission
- 1. Lotte Hotels does not transmit commercial information for profit-making purposes against the clear intentions of customers who have opted out.
- 2. For the transmission of commercial material including product guides for online marketing, Lotte Hotels takes measures to help customers discern the following matters in both the subject and the body of an email:
- the subject line of the email: A phrase titled (advertisement) and the sender's name are indicated in the email subject.
- the body of the email: The sender's name, email address, telephone and address are indicated there so that users can express their intentions to opt-out. Lotte Hotels specifies individual methods by which users can easily express their intentions to opt-out.
- 3. In case of sending commercial information for profit-making purposes to customers by non-email methods such as fax or text message, Lotte Hotels takes necessary measures such as indication of a sender's name, as well.
Article 12. Duty of Disclosure
- (First) announcement date: July 1, 2008
- Date of Change: November 1, 2012
- Date of Change: September 19, 2014
- Date of Change: July 31, 2015
- Date of Change: September 15, 2015
- Date of Change: January 1, 2016
- Date of Change: February 6, 2016
- Date of Change: March 21, 2016
- Date of Change: June 1, 2016
- Date of Change: July 29, 2016
- Date of Change: September 22, 2016
- Date of Change: March 1, 2017
- Date of Change: March 15, 2017
- Date of Change: May 1, 2017
- Date of Change: July 4, 2017
- Effective Date: July 4, 2017