Hotel Marina Bay Seoul Co., Ltd. (referred to as the "Company") is committed to protecting customers' personal information and strives to comply with the Act on Promotion of Information Network Use and Information Protection (referred to as the "Information Network Act"). The company's personal information processing policy can be changed according to the enactment and revision of the law, the government's policy, and the company's internal policy. If it changes, we will notify you of the change without delay and take measures to make it easy for you to check.
The company's personal information processing policy contains the following.
Effective date: 2023-06-30
Last change date: 2023-06-30
최종변경일자 : 2023-06-30

1. Collection, purpose, item, and method of collection of personal information;
2. Provision and sharing of collected personal information to third parties
3. Personal information retention period and destruction
4. The rights and obligations of users and the method of exercising them;
5. Measures to ensure the safety of personal information
6. Collection of opinions and handling complaints
7. Person in charge of personal information protection
8. Personal information protection for children under the age of 14
9. Send advertising information
10. Link Website
11. Board
12. Changes in personal information processing policy

1. Collection, purpose, item, and method of collection of personal information;
A. To provide membership registration, e-commerce service, and offline service, the company must collect the following personal information when signing up for membership.

Classification Items	Items	Purpose	Duration
Membership registration	Name (Korean, English), ID, password, date of birth, email, contact (cell phone), IPIN (DI)	Identification and membership service provision, hotel product contract and delivery	Five years after membership withdrawal or stay
Reservation of Stay	Name, email, region (based on passport), date of birth, duration of stay, payment method information, customer symbol, passport number (foreigner)	Identification or handling of complaints, etc.
Reservation for non-members	Name (Korean/English), region (passport basis), email, contact information (mobile/home phone), reservation information, payment information (card type, card number, expiration date)	Hotel reservations and customer reception	One year after the date of reservation
Restaurant Reservation	Name, email, contact (cell phone), sensitive information (with or without food allergies), reservation information, payment information (card type, card number, expiration date)	Identification, restaurant reservations, and customer reception	One year after the date of reservation

B. The company selectively collects the following personal information when registering a member.

Item	Purpose	Duration
Home phone, home address	Special benefits according to anniversary, introduce products and services, and customer satisfaction survey	Five years after membership withdrawal or stay

C. In the case of online members, the company may collect IP information, cookie information, service history, payment information (credit card number, account number, gift card number, carrier payment approval number, etc.) only for the purpose of providing online member services and checking financial transactions.
D. The company collects personal information through website membership registration, written, fax, telephone, counselling bulletin board, event application, and collection of generated information.

2. Provision and sharing of collected personal information to third parties

A. Except with the customer's consent or in accordance with the relevant laws and regulations, the company shall not use or provide the customer's personal information outside of the scope notified by the "Purpose of Collection and Use of Personal Information."
B. If a transaction relationship is made through the service provided by the company, the relevant information is provided to the parties to the transaction as follows if the member agrees to the extent necessary for the transaction.

Recipient	Purpose of personal information of the recipient	Personal information items	Period of storing personal information and usage period
Hotel Marina Bay Seoul Management Team	Use of facilities	Name, reservation information, contact information, payment method information	one year after use or check-out
Marina Bay Ltd.	Use of facilities	Name, reservation information, contact information, payment method information	one year after use or check-out

C. If the rights and obligations of the service provider, such as sales or mergers and acquisitions, are completely succeeded or transferred, the legitimate reasons and procedures shall be notified in advance and the customer's consent shall be withdrawn.

D. If personal information is provided or shared with the customer, the customer shall be notified in writing or e-mail to obtain consent in advance, including who is provided, what is provided or shared, and how it is protected or managed.

E. In the following cases, it is possible to provide personal information without the consent of the customer according to the relevant laws and regulations.
-Performance of a contract on service delivery
-Where there is a request from an investigative agency in accordance with the provisions of relevant laws and regulations or in accordance with the procedures and methods prescribed by laws and regulations for investigative purposes;
-When a particular individual is processed and provided in an unidentifiable form for statistics preparation, academic research, or market research.

3. Personal information retention period and destruction

A. The company retains personal information until the purpose of collecting or receiving it is achieved and destroys it without delay when the purpose is achieved, or the period of consent is over. The specific timing of the destruction is as follows.
-Membership registration information: When withdrawing from membership registration or being expelled from the membership.
-Shipping information: when goods or services are delivered or provided.
-Where collected for the purpose of a survey, event, etc.: When the relevant survey, event, etc. is terminated.
-Identification information: When can prove your identity.
-Notwithstanding the principle of immediate destruction when achieving the above purpose of collecting personal information, if it is necessary to hold it for a certain period due to dispute settlement related to transactions under relevant laws and internal regulations, it shall be held for a certain period of time as follows.
-Records of contract or withdrawal of subscription: 5 years
-Records on payment and supply of goods: 5 years
-Records of consumer complaints or dispute settlement: 3 years

B. The company separately manages the personal information of members who meet the following conditions in accordance with the 'Personal Information Valid Period System'.
- Members who have not logged in to the service homepage (including PC/mobile web, app) for more than a year.
- Members who have no offline stay or purchase history for more than one year.

C. Method of destruction
- Personal information printed on paper: Crushing or crashing through a shredder is consigned to a company specialising in crushing.
- Personal information stored in the form of an electronic file: Delete using a technical method that cannot play records.

4. The rights and obligations of users and the method of exercising them;

A. Customers can access registered customers' personal information at any time, or request correction, deletion, suspension of processing, or withdrawal of consent. If you want to view, correct, delete, suspend processing, or withdraw consent, click Member Information to read or correct it directly, or contact the representative phone (1577-8118) or the person in charge of personal information protection in writing, phone, or email.
B. If a customer requests correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if the wrong personal information has already been provided to a third party, we will notify the third party of the result of the correction without delay so that the correction can be made.

5. Measures to ensure the stability of personal information;

The company takes the following technical, administrative, and physical measures to ensure that personal information is not lost, stolen, leaked, tampered with, or damaged in processing customer's personal information:
-Minimise and train personal information processing staff: Minimise the designation of personal information processors and conduct regular training.
-Conduct regular self-audits: Self-audit is conducted regularly to ensure stability related to personal information processing.
-Establishment and implementation of internal management plan: Establish and implement an internal management plan for the safe processing of personal information.
-Encryption of personal information: Your personal information is encrypted, stored and managed, so only you can know it, and file and transfer data are encrypted, and important data is protected through separate security functions. Security programs are installed to prevent personal information leakage or damage caused by hacking or computer viruses, and systems are installed in areas where access is controlled from the outside, and technically and physically monitored and blocked.
-Restrictions on access to personal information: It takes necessary measures to control access to personal information by granting, changing, and eliminating access to the database system that processes personal information, and controls unauthorised access from the outside using the intrusion prevention system.
-Storage of access records and prevention of forgery: Records accessed to the personal information processing system are kept and managed for at least 6 months, and security features are used to prevent forgery, theft, or loss of access records.
-Using a lock for document security: Documents and auxiliary storage media containing personal information are stored in a safe place with a lock. Access control We establish and operate an access control procedure for the unauthorised person with a separate physical storage location for personal information.

6. Collection of opinions and handling complaints

A. The company values your opinions, and you have the right to always receive sincere answers from questions. We have installed a customer service telephone for smooth communication with you.

[Customer Counselling Centre] Phone number: 1577-8118

B. Telephone counselling is available from 9am to 6pm Consultations using email, fax, and mail will be answered faithfully within 24 hours of receipt. However, in principle, it should be handled after working hours or on weekends and holidays.
C. If you need to report or consult about other personal information infringement, please contact the institution below.
- Personal Information Infringement Report Centre (privacy.kisa.or.kr / 118, without country number)
- Cyber Investigation Division of the Supreme Prosecutors' Office (www.spo.go.kr / 1301 without national code)
- National Police Agency Cyber Safety Bureau (cyberbureau.police.go.kr / 182)

7. Person in charge of personal information protection

The company designates the relevant department and the person in charge of personal information protection as follows to protect the personal information of customers and to collect opinions on personal information and handle complaints. Categorization Person in charge of personal information protection Person in charge of personal information protection



8. Personal information protection for children under the age of 14

The company does not collect personal information on children under the age of 14 to comply with the Youth Protection Act for members who can stay and obtains consent from legal representatives to collect information on minors under the age of 14 related to hotel business.


9. Send advertising information

A. The company does not transmit advertising information for commercial purposes against the customer's express refusal to receive it.
B. When the company sends advertising information by e-mail, etc. for online marketing such as product information guidance, it will take measures to make it easier for customers to recognize the subject and body of the e-mail as follows.
- Email Subject Column: The phrase (advertising) may not appear in the subject column and will display the main contents of the email body column.
- Email body column: Specifies the name, email address, phone number, and address of the sender from which the user can express his/her intention to refuse reception. Specify how users can easily indicate their intention to refuse.
C. When transmitting advertising information for profit other than e-mail, such as fax or mobile phone text transmission, to customers who agree to receive advertisements, take necessary measures, such as marking the sender's name.

10. Link site

A. The company may provide customers with links to other companies' websites or materials. In this case, Hotel Marina Bay Seoul has no control over external sites and materials, so it cannot be responsible for the usefulness of services or materials provided therefrom and cannot guarantee it.
B. If you click the link included by the company and move to the page of another site, the personal information processing policy of the site is not related to Hotel Marina Bay Seoul, so please review the policy of the newly visited site.

11. Post

A. The company values customer posts and does its best to protect them from tampering, damage, or deletion. However, this is not the case in the following cases:
- Spam-based posts (e.g., lucky letters, ads on certain sites, etc.)
- An article that damages the reputation of another person by spreading false information for the purpose of slander;
- Disclosure of personal information of another person without consent, contents that infringe on rights, such as copyright of a third party, and other posts that are different from the subject of the bulletin board.
- To revitalise the desirable bulletin board culture, the company may delete certain parts or modify them with symbols when disclosing the personal information of others without consent.
- If it is possible to move to a bulletin board on a different topic, the route is revealed on the post to prevent misunderstanding.
- Otherwise, you can delete it after an explicit or individual warning.

B. Basically, all rights and responsibilities related to the post belong to the individual author. In addition, information voluntarily disclosed through posts is difficult to be protected, so please review, and consider before disclosing the information.

12. Changes in personal information processing policy

If the contents are added, deleted, or modified according to the enactment or revision of the law, the government's policy change, the company's internal policy change, or the security technology change, we will notify you of the changes through the website without delay.

Personal information processing policy version number: v1.1
Personal Information Processing Policy Enforcement Date: June 30, 2023

The above personal information processing policy on Hotel Marina Bay Seoul website will be applied from June 30, 2023.