Customer support
Terms and policies
- Privacy policy
- Terms of Service
- Use of Location Info
- Ads Info Opt-in
- Tripcash and Coupon policy
- Service Usage Guide
- Terms of Provider Service
Customer support
호텔문의
02-711-6881
Mon to Fri 09:00 to 18:00 (UTC+9)
Weekends and holidays 10:00 to 16:00 (UTC+9)
항공문의
1644-0098
월~금 09:00 - 17:30 (주말 및 공휴일 휴무)
Privacy Policy
01. Tripbtoz Privacy Policy
Tripbtoz, Inc. (the “Company”) informs you of what measure the company is taking to protect personal information on this Privacy Policy. The company always discloses the personal information processing policy on the company's web and app services so that users can easily check it at any time. If the company revises the privacy policy, it will be notified through the website notice (or individual notice).
1. Purpose of handling personal information
The company handles personal information for the following purposes. Personal information being handled will not be used for purposes other than the following purposes, and if the purpose of use is changed, necessary measures will be taken, such as obtaining separate consent in accordance with the Personal Information Protection Act.
1) Homepage member registration and management: Confirmation of intention to sign up as a member, identification and authentication by providing membership service, maintenance and management of membership, prevention of illegal use of services, confirmation of consent of the legal representative when processing personal information of children under 14 years of age, various notices, etc.
2) Provision of services, etc.:
2-1) Provision of accommodation reservation agency service and accompanying activities (notification of accommodation use contract and its implementation, identity verification, payment and settlement, debt collection, improvement of accommodation reservation agency service, etc.)
2-2) Provision of other services (contents, rankings, chatting, etc.) and accompanying activities (customer-tailored service provision, service improvement, etc.)
3) Handling civil complaints: Confirmation of the identity of the complainant, confirmation of the complaint, contact to confirm facts, notification of processing results, etc.
4) Personal information handling tasks required by law
5) Tasks processed with separate consent to the subject of personal information
2. Personal information to be collected, purpose, period of retention and use, etc.
1) The company collects only the minimum amount of personal information necessary to provide the service, uses the collected personal information only within the scope notified, and does not use or disclose it outside the scope without prior consent.
2) If the company needs to collect additional personal information other than the personal information items below, it notifies users in advance and collects personal information only from users who agree to it.
3) In spite of the retention and use period below, if an investigation or inquiry is in progress due to a violation of related laws, until the end of the investigation or inquiry, and if the credit/debt relationships remain due to service usage, related personal information will be retained and used until settlement of the relevant credit/debt relationship.
3. Retention period by ‘terms and conditions’ or related laws
4. How to consent to the collection of personal information
1) To use the company's services, sign up for membership, subscribe to newsletters, apply for events and promotions, etc., check the privacy policy posted within the company's web and app services and click the Agree button
2) For use of the company's services, membership registration, newsletter subscription, event and promotion entry, etc., after receiving information about consent directly from the counselor through telephone consultation with the customer service center, or after checking the personal information processing policy posted in the company's web and app services with the guidance of the counselor, and giving consent over the phone
3) However, if there are special regulations in the law, personal information may be collected and used without consent.
5. Matters concerning the installation, operation, and refusal of automatic personal information collection devices
1) The company uses ‘cookies’ to store and find user information frequently. ‘Cookies’ means a very small text file that our website operation server sends to the user's browser and is stored on the user's computer hard disk. The company uses it to provide optimized information to users by identifying the user's service usage pattern and secure access.
2) Users can refuse automatic cookie collection in the following ways.
a. Internet Explorer: Tools at the top of the web browser → Internet Options → Personal Information → Direct Settings
b. Chrome: Icon at the top right of the web browser → Settings → Show advanced settings → Content Settings button in the Privacy section → Set directly in the Cookies section
c. Safari: Web browser top menu → Preferences → Privacy → Cookies and website data → Manual settings
d. Firefox: Icon at the top right of the web browser → Settings → Privacy and security → Cookies and site data → Manual settings
3) However, if the customer refuses to install cookies, there may be restrictions on using the company website.
6. Destruction procedure and method of personal information
1) In principle, the company destroys the information without delay after the personal information becomes unnecessary, such as the elapse of the retention period and the achievement of the purpose of using the personal information. However, it may be destroyed after a certain period of storage according to the terms of use and other related laws.
2) Personal information of members who have not used the service for 1 year is stored separately and then destroyed.
3) The procedures and methods for destroying or storing personal information in accordance with this Article are as follows.
a. The company selects the personal information for which the reason for destruction or storage has occurred, and destroys or stores the personal information with the approval of the person in charge of personal information protection.
b. Destruction method: The company destroys personal information recorded and stored in electronic file form so that the record cannot be reproduced, and personal information recorded and stored in paper documents is shredded with a shredder or destroyed by incineration.
c. Separate storage method: Separately store information to be separated in a separate DB, and grant limited access to the DB to the minimum numbers of people for management.
7. Long-term unused members (dormant members)
1) Members who do not have a record of use for one year from the last use of the company's service are long-term non-use members (dormant members).
2) Personal information of dormant members is separated and stored safely.
3) For dormant members, information is notified by e-mail at least 30 days prior to the date of separate storage. In the case of a prospective inactive member, in order to continue using the service, please log in to the website or mobile after receiving the notification email, or contact the customer center.
8. Provision of personal information to third parties
1) The company does not provide personal information to a third party unless the consent of the subject of personal information is obtained or it falls under special provisions of the law, such as Article 17 of the Personal Information Protection Act.
2) The company provides the user's personal information to provide services as follows.
3) Users may not agree to the provision of personal information to a third party, and may withdraw their consent to the provision of personal information to a third party at any time. Even if consent is refused, some services can be used, but the use/provision of related services based on the provision of a third party may be restricted.
9. Consignment of processing of personal information
1) The company entrusts the processing of users' personal information to provide services as follows.
2) In addition to the preceding paragraph, the processing of personal information is consigned in cases where there is consent from the user or special provisions of the law.
3) If the contents of the entrusted business or the consignee are changed, it will be disclosed through this Privacy Policy.
4) When signing a consignment contract, the company specifies matters related to liability such as prohibition of personal information processing, technical and administrative protection measures, re-entrustment restrictions, management and supervision of the trustee, and compensation for damages under the ‘Personal Information Protection Act’, and supervise whether the trustee handles personal information safely.
5) Users may not agree to the consignment of processing of personal information, and may withdraw their consent to consignment of processing at any time. Even if consent is refused, some services can be used, but the use/provision of related services based on processing consignment may be restricted.
10. Overseas provision and processing of personal information
1) The company provides the user's personal information to provide services as follows.
2) In addition to the preceding paragraph, the processing of personal information is consigned in cases where there is consent from the user or special provisions of the law.
3) If the contents of the entrusted business or the consignee are changed, it will be disclosed through this Privacy Policy.
4) When concluding a consignment contract, the company specifies in documents such as contracts in accordance with the ‘Personal Information Protection Act’ about responsibilities such as prohibition of processing personal information other than for the purpose of performing duties, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of trustees, compensation for damages, etc. The company also supervises whether the consignee handles personal information safely.
5) Users may not agree to the consignment of processing of personal information, and may withdraw their consent to consignment of processing at any time. Even if consent is refused, some services can be used, but the use/provision of related services based on processing consignment may be restricted.
11. Rights and obligations of users and legal representatives
1) Users and legal representatives can view or modify their registered personal information or the personal information of children under the age of 14 at any time, and may request cancellation of membership.
2) To view/modify/withdraw personal information of customers or children under the age of 14, click 'Personal Information Management - Change' (or 'Member Information - Edit'), and to cancel membership (withdrawal of consent), click "Member Withdrawal," users and legal representatives can view, modify, or withdraw after going through the identity verification process. Or, if a request is made to the person in charge of personal information management in writing, on the phone or by e-mail, we will take action without delay.
3) If a user requests correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if wrong personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that the correction can be made.
4) The company handles personal information that has been canceled or deleted at the request of the user or legal representative as specified in the personal information processing policy and prevents it from being viewed or used for any other purpose.
5) Users have an obligation to keep their information up to date and to protect their personal information. Users are responsible for accidents caused by inaccurate information and failure to prevent leakage of personal information.
6) Users have an obligation not to infringe on other people's information, such as stealing other people's information. Users who provide false information may lose their membership, and in the event of such a situation, they may be punished under the Act on Promotion of Information and Communications Network Utilization and Information Protection and the Personal Information Protection Act.
12. Company policy for ensuring the safety of personal information
1) User's personal information is protected by password, masking, etc., and important data is protected through a separate security method (based on encrypted communication with AWS through international authentication).
2) The company adopts and operates a security device (SSL) that can safely transmit personal information on the network through encryption.
3) The company operates the service by limiting the access rights of business-related persons to the necessary minimum.
4) Continuous education on personal information protection is provided to all employees, information leakage is prevented through a security pledge, and internal guidelines for personal information protection are prepared and followed.
5) The company prepares for emergencies by preparing related policies so that it can respond quickly and appropriately to accidents related to personal information.
6) The company is not responsible for the user's individual mistakes or the basic risks of the Internet.
13. Consent to collection of personal information and provision to third parties
1) In order to protect users' personal information and handle complaints related to personal information, the company has designated the relevant department and personal information manager as follows.
2) Users can report all complaints related to personal information protection that occured while using the company's services to the person in charge of personal information management or the department in charge. The company will provide prompt and sufficient answers to users' reports.
3) If you need to report or consult about personal information infringement, please contact the following organizations.
a. Personal Information Infringement Report Center (http://privacy.kisa.or.kr / 118 without an area code)
b. Supreme Prosecutor’s Office Cyber Investigation Division (http://spo.go.kr / 182 without area code)
c. National Police Agency Cyber Investigation Bureau (http://ecrm.cyber.go.kr / 182 without an area code)
d. Personal Information Dispute Mediation Committee (http://www.kopico.go.kr / 1833-6972)
14. Revision and Notice of Privacy Policy
If the company changes its personal information processing policy, it will be posted on the company's homepage at least 7 days prior to the effective date and explained to users through announcements, etc.
Effective date: April 1, 2016 (1st)
Revision Date: October 1, 2020 (2nd)
Revision Date: November 22, 2021 (3rd)
Revision date: September 27, 2022 (4th)
Revision date: October 24, 2022 (5th)
Revision date: March 2, 2023 (6th)
Tripbtoz, Inc. (the “Company”) informs you of what measure the company is taking to protect personal information on this Privacy Policy. The company always discloses the personal information processing policy on the company's web and app services so that users can easily check it at any time. If the company revises the privacy policy, it will be notified through the website notice (or individual notice).
1. Purpose of handling personal information
The company handles personal information for the following purposes. Personal information being handled will not be used for purposes other than the following purposes, and if the purpose of use is changed, necessary measures will be taken, such as obtaining separate consent in accordance with the Personal Information Protection Act.
1) Homepage member registration and management: Confirmation of intention to sign up as a member, identification and authentication by providing membership service, maintenance and management of membership, prevention of illegal use of services, confirmation of consent of the legal representative when processing personal information of children under 14 years of age, various notices, etc.
2) Provision of services, etc.:
2-1) Provision of accommodation reservation agency service and accompanying activities (notification of accommodation use contract and its implementation, identity verification, payment and settlement, debt collection, improvement of accommodation reservation agency service, etc.)
2-2) Provision of other services (contents, rankings, chatting, etc.) and accompanying activities (customer-tailored service provision, service improvement, etc.)
3) Handling civil complaints: Confirmation of the identity of the complainant, confirmation of the complaint, contact to confirm facts, notification of processing results, etc.
4) Personal information handling tasks required by law
5) Tasks processed with separate consent to the subject of personal information
2. Personal information to be collected, purpose, period of retention and use, etc.
1) The company collects only the minimum amount of personal information necessary to provide the service, uses the collected personal information only within the scope notified, and does not use or disclose it outside the scope without prior consent.
2) If the company needs to collect additional personal information other than the personal information items below, it notifies users in advance and collects personal information only from users who agree to it.
3) In spite of the retention and use period below, if an investigation or inquiry is in progress due to a violation of related laws, until the end of the investigation or inquiry, and if the credit/debt relationships remain due to service usage, related personal information will be retained and used until settlement of the relevant credit/debt relationship.
| Classification | Purpose of collection | What to collect | Retention/ use period |
|---|---|---|---|
| Essential Information | Essential Information - Member registration and management - Identification of users in the service, confirmation of the age at which the service can be used, and confirmation of identity, etc. - Customer support (service subscription/change/cancellation processing, contract conclusion/change/cancellation processing, personal verification, personal identification, confirmation of intent to sign up, delivery of notices, service provision information, sign up with a registered mobile phone to prevent identity theft, delivery of event prizes, prevention of fraudulent use by bad members, handling of complaints and other complaints related to service use, etc.) - Statistical analysis and service improvement using user product and service usage performance information, new service development, customized service provision, etc. | - Email, ID, password, nickname - When signing up for SNS [Apple/Kakao/Naver/Google/Facebook], the following information is additionally collected Apple, Google: Name, account (e-mail), date of birth Kakao: Profile information (nickname, profile picture), Kakao account (e-mail) Facebook: Name, profile picture, Facebook account (e-mail), date of birth - Service use history such as content viewing | Delete without delay when membership is withdrawn (However, if it is necessary to preserve in accordance with the relevant laws and regulations, keep it until the period required by the laws) |
| Provision of lodging reservation agency service (reservation, notification of reservation conclusion, change/cancellation of reservation, fee notice/payment/collection/refund and other financial services, financial transaction identification and related customer support, etc.) | [For members] - Reservation information (ID, nickname, name in Korean and English, e-mail, contact information) - Guest information (English name) - Payment information (Payment method information) [For non-members] - Reservation information (Korean and English name, email, contact information) - Guest information (English name) - Payment information (Payment method information) | ||
| Ranking reward payment (identity confirmation, tax processing, etc.) | Name, contact information, unique identification information | ||
| Customer support | Contents of the consultation and personal information required for the consultation | ||
| Information collected automatically (Essential) | Check service usage and illegal transaction records | App/web access history, access IP information, device ID, browser information | |
| Optional Information | Service usage | Chat content using the chat function | Withdrawal of consent and deletion of membership without delay |
| Provision of additional services (contents, ranking, chatting, etc.) in addition to accommodation reservation agency service | Information provided by members (nickname, profile image, etc.) | ||
| Provision of marketing information (special price, event, promotion, etc.) | E-mail account, phone number | ||
| Use of payment card storage service | Name, email address, contact information, last 4 digits of credit card number, personal identification value, card company name, card expiry date, etc. | ||
| uthentication for using in-service chat service | Name, contact information, date of birth, gender, CI (linkage information), carrier information | ||
| Required information (when participating in the Korea Accommodation Competition) | Provision of accommodation discount coupons and affiliated products, handling of consultations, complaints, and complaints, delivery of notices and information, statistics and analysis of information on product and service usage results, prevention of illegal and fraudulent use | Name, contact information, residential area (state/province, city(si-gun-gu)), date of birth, gender, CI (linkage information), telecommunications company information | Within 4 months after the end of the event |
| Personal information to be retained | Basis for retention | Retention period |
|---|---|---|
| Records of contract or subscription withdrawal, payment, supply of goods, etc. | Act On The Consumer Protection In Electronic Commerce, Article 6 | 5 Years |
| Records on payment and supply of goods, etc. | Act On The Consumer Protection In Electronic Commerce, Article 6 | 5 Years |
| Records on consumer complaints or dispute handling | Act On The Consumer Protection In Electronic Commerce, Article 6 | 3 Years |
| Records on display/advertising | Act On The Consumer Protection In Electronic Commerce, Article 6 | 6 Months |
| Records about site visits | Protection Of Communications Secrets Act, Article 15-2 | 3 Months |
| Fraudulent transaction record | The company’s internal policy | 1 Year |
1) To use the company's services, sign up for membership, subscribe to newsletters, apply for events and promotions, etc., check the privacy policy posted within the company's web and app services and click the Agree button
2) For use of the company's services, membership registration, newsletter subscription, event and promotion entry, etc., after receiving information about consent directly from the counselor through telephone consultation with the customer service center, or after checking the personal information processing policy posted in the company's web and app services with the guidance of the counselor, and giving consent over the phone
3) However, if there are special regulations in the law, personal information may be collected and used without consent.
5. Matters concerning the installation, operation, and refusal of automatic personal information collection devices
1) The company uses ‘cookies’ to store and find user information frequently. ‘Cookies’ means a very small text file that our website operation server sends to the user's browser and is stored on the user's computer hard disk. The company uses it to provide optimized information to users by identifying the user's service usage pattern and secure access.
2) Users can refuse automatic cookie collection in the following ways.
a. Internet Explorer: Tools at the top of the web browser → Internet Options → Personal Information → Direct Settings
b. Chrome: Icon at the top right of the web browser → Settings → Show advanced settings → Content Settings button in the Privacy section → Set directly in the Cookies section
c. Safari: Web browser top menu → Preferences → Privacy → Cookies and website data → Manual settings
d. Firefox: Icon at the top right of the web browser → Settings → Privacy and security → Cookies and site data → Manual settings
3) However, if the customer refuses to install cookies, there may be restrictions on using the company website.
6. Destruction procedure and method of personal information
1) In principle, the company destroys the information without delay after the personal information becomes unnecessary, such as the elapse of the retention period and the achievement of the purpose of using the personal information. However, it may be destroyed after a certain period of storage according to the terms of use and other related laws.
2) Personal information of members who have not used the service for 1 year is stored separately and then destroyed.
3) The procedures and methods for destroying or storing personal information in accordance with this Article are as follows.
a. The company selects the personal information for which the reason for destruction or storage has occurred, and destroys or stores the personal information with the approval of the person in charge of personal information protection.
b. Destruction method: The company destroys personal information recorded and stored in electronic file form so that the record cannot be reproduced, and personal information recorded and stored in paper documents is shredded with a shredder or destroyed by incineration.
c. Separate storage method: Separately store information to be separated in a separate DB, and grant limited access to the DB to the minimum numbers of people for management.
7. Long-term unused members (dormant members)
1) Members who do not have a record of use for one year from the last use of the company's service are long-term non-use members (dormant members).
2) Personal information of dormant members is separated and stored safely.
3) For dormant members, information is notified by e-mail at least 30 days prior to the date of separate storage. In the case of a prospective inactive member, in order to continue using the service, please log in to the website or mobile after receiving the notification email, or contact the customer center.
8. Provision of personal information to third parties
1) The company does not provide personal information to a third party unless the consent of the subject of personal information is obtained or it falls under special provisions of the law, such as Article 17 of the Personal Information Protection Act.
2) The company provides the user's personal information to provide services as follows.
| Recipient | Purpose of provision | Information content | Personal information retention and use period of the recipient |
|---|---|---|---|
| Accommodation service provider (List of Accommodation Service Providers) | Provision of reserved/purchased products/services, execution of contracts (confirmation of users and usage information), settlement of consumer disputes, etc. | Reservation information (subscriber’s name, e-mail, mobile phone number) or guest information (guest name, e-mail, mobile phone number) | Until the purpose of use of personal information is achieved. However, if there is a need to preserve it in accordance with the relevant laws and regulations, it will be destroyed without delay after being preserved until that point. |
| Naver Corp. | Service partnership, cost settlement, provision of user convenience | Reservation information (reservation number, encrypted Naver ID (customer who purchases after logging in to Naver), reservation status), product information (date of booking, check-in/out date, hotel name), payment information (payment amount, payment status, payment date) | Until the purpose of use of personal information is achieved. However, if there is a need to preserve it in accordance with the relevant laws and regulations, it will be destroyed without delay after being preserved until that point. |
| Korea Tourism Organization, SK M&Service (an integrated management and operation agency for this project) | Delivery of notifications related to COVID-19, crisis response (blocking the spread of infectious diseases), provision of accommodation discount coupons | Residential area (province/city, si/gun/gu), year of birth, gender, CI (linked information), reservation information (payment amount, facility name, date of entry, number of nights to stay)) | Within 4 months after the end of the event |
9. Consignment of processing of personal information
1) The company entrusts the processing of users' personal information to provide services as follows.
| Consignee | Entrusted work |
|---|---|
| AWS Korea region | DB data storage and infrastructure management related to reservations, sales, and members |
| (KCP Corp., NHN KCP Corp., Viva Republica Inc., NICE Payments Co., Ltd., Iamport Co., Ltd.) | Payment for accommodation reservations through credit card, digital wallet, etc. |
| DAOU Tech., Inc., Channel Corp. | Sent texts |
| DAOU Tech., Inc., Stibee, Inc., Channel Corp. | Send texts and emails |
| kt alpha Co., Ltd., CJ OLIVENETWORKS, Channel Corp. | KakaoTalk notification service |
| 11Street Co.,Ltd., kt alpha Co., Ltd., | Gifticon delivery service |
| The White Communication, Inc. | Customer service tasks |
3) If the contents of the entrusted business or the consignee are changed, it will be disclosed through this Privacy Policy.
4) When signing a consignment contract, the company specifies matters related to liability such as prohibition of personal information processing, technical and administrative protection measures, re-entrustment restrictions, management and supervision of the trustee, and compensation for damages under the ‘Personal Information Protection Act’, and supervise whether the trustee handles personal information safely.
5) Users may not agree to the consignment of processing of personal information, and may withdraw their consent to consignment of processing at any time. Even if consent is refused, some services can be used, but the use/provision of related services based on processing consignment may be restricted.
10. Overseas provision and processing of personal information
1) The company provides the user's personal information to provide services as follows.
| Recipient (Contact) | Country | Purpose | Information | Date and method of transfer | Retention and usage period of the recipient |
|---|---|---|---|---|---|
| EAN (Expedia Affiliate Network, 407 St John Street, London, EC1V 4EX) (expediaaffiliates. support@ partnerize.com) | United Kingdom | Accommodation reservation service use contract fulfillment and related customer support | Reservation information (e-mail), guest information (English name of the guest, mobile phone number), and information that the guest agreed to provide for customer support | Transmission through the network at the time of service use | Until the purpose of use of personal information is achieved. However, if there is a need to preserve it in accordance with the relevant laws and regulations, it will be destroyed without delay after being preserved until that point. |
| HotelsCombined Pty Ltd (boskim@ kcllaw.com) | Austrailia | Service partnership, cost settlement, provision of user convenience | Reservation information (reservation number, encrypted Hotels Combine ID (customers purchasing after logging in to Hotels Combine), reservation status), product information (reservation date, check-in/out date, hotel name), payment information (payment amount, status, and date) | Transmission through the network at the time of service use | Until the purpose of use of personal information is achieved. However, if there is a need to preserve it in accordance with the relevant laws and regulations, it will be destroyed without delay after being preserved until that point. |
3) If the contents of the entrusted business or the consignee are changed, it will be disclosed through this Privacy Policy.
4) When concluding a consignment contract, the company specifies in documents such as contracts in accordance with the ‘Personal Information Protection Act’ about responsibilities such as prohibition of processing personal information other than for the purpose of performing duties, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of trustees, compensation for damages, etc. The company also supervises whether the consignee handles personal information safely.
5) Users may not agree to the consignment of processing of personal information, and may withdraw their consent to consignment of processing at any time. Even if consent is refused, some services can be used, but the use/provision of related services based on processing consignment may be restricted.
11. Rights and obligations of users and legal representatives
1) Users and legal representatives can view or modify their registered personal information or the personal information of children under the age of 14 at any time, and may request cancellation of membership.
2) To view/modify/withdraw personal information of customers or children under the age of 14, click 'Personal Information Management - Change' (or 'Member Information - Edit'), and to cancel membership (withdrawal of consent), click "Member Withdrawal," users and legal representatives can view, modify, or withdraw after going through the identity verification process. Or, if a request is made to the person in charge of personal information management in writing, on the phone or by e-mail, we will take action without delay.
3) If a user requests correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if wrong personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that the correction can be made.
4) The company handles personal information that has been canceled or deleted at the request of the user or legal representative as specified in the personal information processing policy and prevents it from being viewed or used for any other purpose.
5) Users have an obligation to keep their information up to date and to protect their personal information. Users are responsible for accidents caused by inaccurate information and failure to prevent leakage of personal information.
6) Users have an obligation not to infringe on other people's information, such as stealing other people's information. Users who provide false information may lose their membership, and in the event of such a situation, they may be punished under the Act on Promotion of Information and Communications Network Utilization and Information Protection and the Personal Information Protection Act.
12. Company policy for ensuring the safety of personal information
1) User's personal information is protected by password, masking, etc., and important data is protected through a separate security method (based on encrypted communication with AWS through international authentication).
2) The company adopts and operates a security device (SSL) that can safely transmit personal information on the network through encryption.
3) The company operates the service by limiting the access rights of business-related persons to the necessary minimum.
4) Continuous education on personal information protection is provided to all employees, information leakage is prevented through a security pledge, and internal guidelines for personal information protection are prepared and followed.
5) The company prepares for emergencies by preparing related policies so that it can respond quickly and appropriately to accidents related to personal information.
6) The company is not responsible for the user's individual mistakes or the basic risks of the Internet.
13. Consent to collection of personal information and provision to third parties
1) In order to protect users' personal information and handle complaints related to personal information, the company has designated the relevant department and personal information manager as follows.
| Chief Information Security Officer | Person in charge of personal information management |
|---|---|
| Junsik, KIM (CSO) Position: CSO Contact No.: 02-711-6880 e-mail: junsikk@tripbtoz.com | Yunseo, KIM (CX team director) Department: CX Innovation team Contact No.: 02-711-6880 e-mail: yunseok@tripbtoz.com |
3) If you need to report or consult about personal information infringement, please contact the following organizations.
a. Personal Information Infringement Report Center (http://privacy.kisa.or.kr / 118 without an area code)
b. Supreme Prosecutor’s Office Cyber Investigation Division (http://spo.go.kr / 182 without area code)
c. National Police Agency Cyber Investigation Bureau (http://ecrm.cyber.go.kr / 182 without an area code)
d. Personal Information Dispute Mediation Committee (http://www.kopico.go.kr / 1833-6972)
14. Revision and Notice of Privacy Policy
If the company changes its personal information processing policy, it will be posted on the company's homepage at least 7 days prior to the effective date and explained to users through announcements, etc.
Effective date: April 1, 2016 (1st)
Revision Date: October 1, 2020 (2nd)
Revision Date: November 22, 2021 (3rd)
Revision date: September 27, 2022 (4th)
Revision date: October 24, 2022 (5th)
Revision date: March 2, 2023 (6th)