Go Menu
Go Contents
Go footer

Reservation
  • Facebook Blank
  • Twitter Blank
  • Email Blank
  • Print Blank

Procedures for agreeing to collection and use of personal data

Personal data collection consent form

Agreement form: collection, use and provision to third parties of personal information

Central Tourist Development co., LTD (hereafter referred to as "JW Marriott Hotel Seoul" or “the Hotel”) observes all laws of the Republic of Korea relating to information and communications networks, data protection and personal information protection, and strives to protect the rights and interests of the users of its computer systems by establishing a personal information handling policy based on the relevant laws and regulations. This personal information handling policy is applied to all services provided by JW Marriott Hotel Seoul to its system users. Its details are as follows.

Article 1 - Type of personal information collected and methods of collection

a. Types of personal information collected

In order to ensure adequate provision of services including membership registration and customer consultation, the Hotel collects the following mandatory basic categories of personal information at the time of registration.

Registration

  • Mandatory information: Name, telephone number, email address, credit card details (in cases where customers wish to be able to reserve rooms)
  • Optional information: Postal address

b. Methods of collecting personal information

The hotel collects personal information in the following manner.

  • Via the Reservations page, or the Customer Center page on the Hotel’s website.
Article 2 - Collection and use of personal information

When developing new services or expanding content, JW Marriott Hotel Seoul may use the personal information provided by existing users in order to determine more effectively which services should be developed as a matter of priority, and in order to make rational choices regarding the content needed by users. The information collected and manner in which it is may be used are as follows:

  • Mandatory information collected in the course of reservations of and inquiries about meeting rooms and other Hotel event venues includes company name, name of the individual making the reservation, telephone number and email address. Information entered is used in order to provide better reservation service and responses to inquiries.
  • Mandatory information collected in the course of reservations of and inquiries about weddings and family events includes name of the individual making the reservation, telephone number and email address. Users are also asked to provide further optional information in order to help the Hotel provide optimum service, though this is not mandatory. Reservation information provided by the customer is used to provide better reservation service and responses to inquiries.
  • Mandatory information collected by the Customer Center page includes name, telephone number and email address. This information may be used to ensure adequate communication with customers, including the delivery of relevant notifications, to address complaints and to provide responses to inquiries.
  • Mandatory information collected in the course of room reservations includes name, telephone number, email address, postal address and credit card details. This information is used in order to ensure that reservations are made properly.
  • Mandatory information collected during registration to receive the Hotel’s newsletter includes name and email address. This information is used in order to send the customer a newsletter with details of packages, events and promotions provided by the Hotel.
Article 3 - Entrustment of third parties with personal information

JW Marriott Hotel Seoul entrusts the personal information of users to the following third party company in order to ensure improved customer service and superior computing services:

  • Company: MIDAS IT
  • Services provided: Website management, EDM, e-newsletter sending
  • Company: Shinhanserve Co., Ltd
  • Service provided: Recording CCTV, security and crime prevention
Article 4 - Sharing and provision of personal information

JW Marriott Hotel Seoul uses the personal information of its users within the limits described above in “2. Collection and use of personal information.” No use of personal information outside of these specified limits takes place without obtaining the advance permission of customers. As a matter of principle, the Hotel never reveals the personal information of users to outside parties. However, exceptions may be made in the following circumstances:

  • When investigative authorities demand such information in accordance with legal regulations, or as part of an official investigation that follows legally defined procedures and methods.
Article 5 - Retention and period of use of personal information

JW Marriott Hotel Seoul deletes personal information that has been collected within the limits of “Type of personal information collected” as outlined above, and once the purposes for which it was collected have been fulfilled. However, the following information is retained for the reasons given and the periods stated below.

a. Retention of information as demanded by relevant laws

When consumer protection and other laws mandate the retention of personal information, the Hotel retains such information for the time period stipulated by the applicable laws. In such cases, the Hotel will only use this information for the purpose for which it has been retained. Periods of information retention are as follows:

Record of withdrawal from contract or subscription

  • Reason for retention: consumer protection laws
  • Period of retention: five years

Records pertaining to consumer complaints or resolution of disputes

  • Reason for retention: consumer protection laws
  • Period of retention: three years

Records of visit to website

  • Reason for retention: Protection of Communications Secrets Act
  • Period of retention: three months
Article 6 - Procedure and method for deleting personal information

The personal information of users held by the Hotel is deleted, as a matter of principle and without delay, once the purposes of its collection and use have been fulfilled.
The Hotel’s procedure and method for the deletion of personal information are as follows.

a. Deletion procedure

  • Once the purpose for which personal information provided by users in the course of membership registration or other procedures has been achieved, this information is transferred to a separate database, where it is retained in accordance with internal procedures and relevant laws (see “5. Retention and period of use of personal information”) for a predetermined period of time, then deleted.
  • This personal information is not used for any purpose other than the retention described above, unless legal requirements dictate otherwise.

b. Method of deleting personal information

  • Personal information held in printed form (on paper) is destroyed by shredding or incineration.
  • Personal information held in electronic form is deleted using technology that renders recovery impossible.
Article 7 - Rights of users and attorneys-in-fact, and how they may be exercised
  • Users and their attorneys-in-fact may access and/or amend their own personal information as recorded by the hotel, or that of their children of up to 14 years of age in the year in question, at any time. They may also withhold agreement or request termination of membership in the event that they do not agree with the Hotel’s handling of personal information. However, this may render it impossible for the Hotel to provide certain, or in some cases all, services.
  • Users wishing to select the “Change personal information” option in order to access or amend personal information, or to select the “Terminate membership” option may do so by first clicking on the “Cancel membership” link and following the identity confirmation procedure. This will allow the direct viewing and/or amendment of personal information, and/or the termination of membership.
  • Any requests for the amendment of personal information or the cancellation of membership may also be made in writing, by telephone or by email to the Hotel’s personal information manager, who will act promptly to take the measures requested by the user.
  • When a user requests amendment of erroneously recorded personal information, the information in question will not be used by the Hotel until the requested correction has been made. In cases where erroneous personal information has already been passed on to a third party, the amended information will be passed on to the third party in question without delay, so that the third party may apply the same corrective measures.
  • The Hotel will handle information deleted or left over from cancelled membership, in accordance with the request of users or their attorneys-in-fact, as stipulated above in “5. Retention and period of use of personal information,” and will prevent the accessing or use of this information for any purpose than that stated therein.
Article 8 - Measures for the technical/managerial protection of personal information

When handling the personal information of users, the Hotel employs the following measures to ensure the security of personal information and prevent the loss, theft, exposure, falsification or damage of such data.

a. Password encryption

Passwords provided by users are known to users only, while the viewing and alteration of personal information is possible only by the user in question.

⇒ Alter website to allow users to amend the information they have entered.

b. Measures to prevent hacking

The Hotel makes every possible effort to prevent the leaking or damaging of members’ personal information due to hacking, computer viruses or other illegal activity.
Data is regularly backed up to guard against the possibility of damage to personal information, while the latest antivirus software is deployed to prevent the exposure or damage of such information. Encryption technology is employed to ensure the safe transmission of personal information within and by way of computer networks.
A firewall is used to prevent unauthorised access to the Hotel’s computer systems, while the Hotel also endeavors to employ all other possible technological methods of ensuring system security.

c. Minimisation of number of employees handling data, and employee education

Only designated personal information managers are authorized to handle personal information, using confidential and regularly renewed passwords. Designated personal information managers are given regular training and place strong emphasis on JW Marriott Hotel Seoul’s personal information handling policy.

d. Dedicated personal information protection management body

The Hotel operates a personal information protection committee, which is responsible for ensuring that JW Marriott Hotel Seoul’s personal information handling policy is properly implemented and observed by the designated personal information managers. In the event that problems arise regarding the implementation of these guidelines, the committee makes every effort to ensure that the situation is immediately rectified.
However, the Hotel cannot be held responsible in cases where, despite the Hotel having upheld all of its responsibilities regarding personal information management, negligence on the part of an individual user or the occurrence of an accident outside the managerial bounds of the Hotel results in the compromising of personal information.

Article 9 - Hotel representative in charge of personal information, designated personal information manager and their contact details

Users may report any complaints or problems relating to use of the Hotel’s services and handling of personal information to the Hotel’s representative in charge of personal information or designated personal information manager, or their respective departments.
The Hotel will provide a swift and adequate response to all such issues reported by users.

Hotel representative in charge of personal information
Name: Koh Sung-hee
Department: IT
Tel: 02-6282-6330
Position: Director of IT
Email: sunghee.koh@marriott.com
Designated personal information manager
Name: Kang So-young
Department: Marketing Communications
Tel: 02-6282-6111
Position: Director of Marketing Communications
Email: catherine.kang@marriott.com

Users wishing to make other reports or inquiries related to personal information are invited to contact the following organizations:

  • Korea Internet Security Agency (privacy.kisa.or.kr / Tel. 118)
  • Cybercrime Investigation Division, Supreme Prosecutors’ Office (www.spo.go.kr / Tel. 1301)
  • National Police Agency Cyber Bureau (www.ctrc.go.kr / Tel. 182)
Article 10 - Other details

Please note that the collection of data by other websites linked to the JW Marriott Hotel Seoul website is not governed by JW Marriott Hotel Seoul’s personal information handling policy.

Article 11 - Duty of notification

JW Marriott Hotel Seoul shall provide notification on its website, in the form of an explicitly labeled notice, of any additions to, deletion of or amendment of its personal information handling policy, at least seven days before such changes are made. However, in cases where the rights of users are significantly altered or affected by changes to the collection and use of personal information, and the provision of such information to third parties, notification shall be provided by the hotel at least 30 days in advance of such changes.

  • Date of notification: July 10, 2015
  • Date of implementation: July 11, 2015

Request an Event Quote

Required

Request an Event Quote
- -
@
Submit cancel