PRIVACY POLICY

privacy

Only applicable to hotels in Korea.

Click here for the our privacy policy for other countries.

SOTETSU INTERNATIONAL KOREA., LTD (hereinafter referred to as “Company”) is handling all collected personal information with care, and strictly follows “Personal Information Protection Act”

This policy contains matters regarding the processing of personal information. It is subject to change due to the enactment・amendment of laws or the company's operating policy.
The company's privacy policy includes the following
  • 1.General Provisions
  • 2.Purpose of processing personal information
  • 3.Way of collection and items being collected
  • 4.Duration of process and storage of personal information
  • 5.Access to personal information by the third party
  • 6.Discard of personal information and its method
  • 7.Consignment of personal information processing work
  • 8.Rights and obligations of data subject and legal representative & how to exercise it.
  • 9.Securement of personal information
  • 10.Policy regarding install, operation, refuse of automated collection of personal information
  • 11.A person responsible for personal information & infringement of rights and its remedy
  • 12.Change in the privacy policy

1. General Provision

"Personal Information" refers to information of living individual, (i) information that allows an individual identifiable by name, Resident Registration number, video, etc., (ii) not discernable by the given information, but easily combined with other information to identify someone, and information that cannot be recognized without the use or combination of additional information to restore (i) or (i) to its original state by aliasing information.

The "Personal Information Protection Act" provides general norms for the processing of personal information, and the company shall treat personal information collected, retained, and processed in accordance with the provisions of the "Personal Information Protection Act" legally and appropriately to protect the rights and interests of data subjects.

2. Purpose of processing personal information

The company processes personal information for the following purposes. The processed personal information shall not be used for any other than the following purposes.

(1) Reservation via website, Registration to SOTETSU HOTELS

  • ・Reservation via website, registration to SOTETSU HOTELS through dedicated application, delivering information forwarding services
  • ・Securing communication channels for related services such as identification, cancellation, refund, etc.

(2) Room Accommodation Information

  • ・Identification and verification of the person according to the room reservation.
  • ・Securing smooth communication channel for the delivery of announcements, handling complaints, etc.
  • ・Service delivery

(3) Employee Recruitment

  • ・Support, selection, certificate verification, test performance verification of applicants, aptitude test, medical examination, answers, and guidance on inquiries from candidates for employment, etc.
  • ・Process of staff recruitment.

3. Items and collection methods for processing personal information

To the minimum extent necessary to achieve the purpose of collection and use, the company collects personal information by the website, written form, fax, telephone, email, etc.

(1) Reservations made through the website, membership in SOTETSU HOTELS.

  • ・Required Items: Mail address, name, phone number, credit card information

(2) Room Accommodation Information

  • ・Required Items: Name, phone number, date of birth, email address, gender, passport number, nationality, credit card information
  • ・Optional: Workplace name

(3) Employee Recruitment

  • ・Required Items: Photo, name, date of birth, phone number, email address, address, educational background, career, foreign language skills, military service, qualification, self-introduction, health information.

4. Duration of process and storage of personal information

When collecting personal information, the company shall promptly destroy the personal information when the period of retention and use of personal information has expired or where the purpose of collecting and using personal information is no longer required. The personal information of users who have not used the service for a year shall be separately stored and managed regardless of whether the purpose is achieved or not. However, if it is necessary to preserve users' personal information under the provisions of related Acts and subordinate statutes, the company shall protect personal information for a certain period prescribed by the relevant statutes as follows and shall not use it for any purpose other than the purpose under such statutes.

When the company collects personal information from uses, the retention period and use of personal information agreed by the company shall be as follows.
  • (1) Reservation made through the website and personal information on membership of SOTETSU HOTELS: 3 years
  • (2) Personal information related to room accommodation: 3 years
  • (3) Personal information collected at the time of recruitment: 6 months
The period during which the company holds and uses personal information in accordance with the relevant statutes is as follows.

① Records of withdrawal of contracts or subscriptions, etc.

  • ・Retention period: 5 years
  • ・Reasons for preservation: The Consumer Protection Act in Electronic Commerce, etc.

② Records of payment and supply of goods, etc.

  • ・Retention period: 5 years
  • ・Reasons for preservation: The Consumer Protection Act in Electronic Commerce, etc.

③ Records on the handling of consumer complaints or disputes.

  • ・Retention period: 3 years
  • ・Reasons for Preservation: The Consumer Protection Act in Electronic Commerce, etc.

④ Website visit history

  • ・Retention period: 3 months
  • ・Reason for Preservation: Communication Secret Protection Act

5. Access to personal information by the third party

(1) The company shall not provide personal information to any third party without the consent of the data subject.

However, exceptions are made in the following cases.

  • ① Where the data subject agrees in advance
  • ② Where there is a special provision in the Act

(2) With the consent of the data subject, the company provides personal information to third parties as follows.

The name of the recipient of the personal information. SOTETSU INTERNATIONAL KOREA., LTD
SOTETSU HOTEL MANAGEMENT., LTD
Purpose of the recipient’s use The contents are explained by direct and monthly leave reports only when responding to customer complaints or emergencies.
Items in the personal information provided Name, Nationality, Phone Number
Period of retention and use of recipients. 3 years

6. Discard of personal information and its method

(1) Destruction procedure

If personal information becomes unnecessary, such as the lapse of the personal information retention period and the achievement of the processing purpose, the personal information shall be destroyed promptly. Personal information shall not be used for purposes other than those under the Act.

(2) Destruction method

Destroy personal information printed on paper through shredder or incineration, and delete personal information preserved in electronic file form using non-replayable technical methods.

7. Consignment of personal information processing work

The company entrusts the processing of personal information to an external specialized institution to implement the service as follows. We impose a contractual obligation on the consignee to manage the customer's personal information as appropriate as the company does.
[Domestic trustee]
Entrusted work: Hotel Management System
Trustee: SANHA

[Overseas Trustee]
Entrusted work: Reservation management system on the website
Trustee: D-Edge Hospitality Solutions Pte Ltd
Transferring privacy item Name, email, phone number, guarantee credit card information
Country to be transferred United States, United Kingdom, France, Ireland, Germany, Singapore, Japan (Server management in 7 countries)
Date and method of transfer Upon acquisition, it is kept on a server managed by the seven countries above
Contact information of the trustee in charge of information management Phone +33 (0) 1 44 71 05 05
Retention and use period Credit Card information: automatically delete within 10 days of checkout
Keep other customer information for one year

Entrusted work: Member management system
Trustee: CREANSMAERD
Transferring Privacy Items Name, address, contact phone number, email
Date of birth (any), gender (any), area of use (any)
Country to be transferred Japan
Date and method of transfer Archive on Cloud Server Upon Acquisition
Contact information of the trustee in charge of information management; Takeshi Tsukamoto 81-428-23-3120
Retention and use period Until the end of the customer registration period

8. Rights and obligations of data subject and legal representative & how to exercise it.

(1) Rights and obligations of data subjects

The data subject and his/her agent may exercise the following rights for personal information protection at any time in relation to the personal information of the data subject or the person under the age of 14 processed by the company.

  • ① Request for the perusal of personal information
  • ② Request for correction and deletion of personal information
  • ③ Request for suspension of personal information processing
  • ④ Request for withdrawal of consent for personal information

If there is a request for correction or deletion of personal information, such as an error in personal information from the data subject and its representative, the company shall not use or provide the relevant personal information until the correction or deletion is completed.

(2) How to request perusal, correction, deletion, suspension of processing, and withdrawal of consent of personal information

If the data subject or his/her agent intends to request perusal, correction or deletion of personal information, suspension of processing, or withdrawal of consent, please contact the person in charge of personal information protection by phone, email or fax. Upon receipt, we will respond to the request faithfully and deal with it immediately. In addition, where a request is made through an agent of the data subject (a court agent, a delegated person, etc.), a power of attorney under attached Form 11 shall be submitted.

9. Securement of personal information

(1) Formulation and implementation of an internal management plan for the safe processing of personal information

An internal management plan is prepared and managed for the safe processing and management of personal information. In addition, by restricting the person who processes personal information, we are implementing personal information management measures such as limiting the number of people who handle personal information and minimizing the number of people in charge.。

(2) Control of access to personal information and restrictions on access rights

By granting, altering, and erasing access to databases that process personal information, we take necessary steps to restrict access to personal information and use intrusion prevention systems to prevent hacking from outside.

(3) Measure of encryption technology that can safely store and transmit personal information or corresponding measures

Personal information is stored and managed encrypted, and it is managed safely by using separate security functions.

(4) Keeping access records and preventing forgery and tampering to cope with personal information infringement incidents

It keeps and manages access records to the personal information processing system for at least a year, so it uses security functions to prevent access records from being forged, tampered with, stolen, or lost.

(5) Installing and updating security programs for privacy

To prevent leakage, loss, or damage of personal information due to hacking or computer viruses, a security program is introduced to conduct regular updates and inspections. A system is installed in areas with limited access from outside to monitor and block technically.

(6) Physical measures, such as preparing storage facilities or installing locks for the safe storage of personal information

Documents containing personal information, auxiliary storage media, etc., are stored safely with locks.

10. Policy regarding install, operation, refuse of automated collection of personal information

The company uses "cookies" that store and retrieves user information frequently. Cookies are tiny text files sent to your browser by servers operating your company's website, stored on your computer's hard disk.

(1) Purpose of use of cookies

It is used to provide optimized information to users by identifying the frequency of access, type of use, popular search terms, security access, etc.
The cookie information can identify the user's computer but not the user's individual.

(2) How to reject cookie settings

The user has the option of installing cookies. Therefore, by changing the options settings on the Tools>Internet Options menu at the top of your web browser, you can accept all cookies, display a warning when cookies are received or refuse to receive cookies.
However, if you refuse to receive cookies, you may not be able to use all or part of the services provided by the company on the website.

11. A person responsible for personal information & infringement of rights and its remedy

(1) Person in charge of personal information protection

To protect personal information and deal with complaints related to personal information, the company shall designate a person in charge of personal information protection and a person in charge as follows.

  • ① Person in charge of personal information protection
    • ・Name: Yoshizawa Koji
    • ・Phone number: 02-2095-4950
    • ・Email address: [email protected]
  • ② Person in charge of personal information protection
    • ・Department in charge: Management department
    • ・Name: Lee Hyeon-kwon
    • ・Phone number: 02-2198-1254
    • ・Email address: [email protected]

(2) How to remedy infringement of rights and interests

To receive remedy for infringement of personal information, an information entity may apply for dispute resolution, counselling, etc., to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Report Center. For other personal information infringement reports and counselling, please contact the institution below.

  • ① Report Center for Personal Information Infringement (Operated by the Korea Internet Agency)
    • ・Jurisdiction: Report of infringement of personal information and application for counselling.
    • ・Home page: privacy.kisa.or.kr
    • ・Phone number: (without country number) 118
    • ・Address: (58324) 3rd-floor personal information infringement report center, Jinheung-Gil 9 (Bitgaram-dong 301-2), Naju-si, Jeollanam-do
  • ② Personal Information Dispute Mediation Committee
    • ・Jurisdiction: Application for mediation of personal information disputes, mediation of collective disputes
    • ・Home page: www.kopico.go.kr
    • ・Phone number: (without country number) 1833-6972
    • ・Sddress: (03171) 4F, Sejong-daero 209, Jongno-gu, Seoul, Republic of Korea
  • ③ Supreme Prosecutors' Office Cybercrime Investigation Unit.
    • ・Home page: www.spo.go.kr
    • ・Phone number: 02-3480-3573
  • ④ Cyber Security Bureau of the National Police Agency
    • ・Home page: cyberbureau.police.go.kr
    • ・Phone number: (without country number) 182

12. Change in privacy policy

This Privacy Policy applies from the effective date.

Announcement date: October 1, 2019
Effective date: October 1, 2019

SOTETSU HOTELS CLUB Great Value Cashback Membership ProgramNumerous Benefits!

More value with the SOTETSU HOTELS CLUB app

  • App Store
  • Google Play
  • QRコード

イメージ:SOTETSU HOTELS CLUBアプリ

SOTETSU HOTELS CLUB
See the details

If Safari′s Content Blocker is enabled on iOS devices such as iPhone and iPad, some content may not be displayed properly.
We apologize for the inconvenience, but please try again after temporarily disabling the content blocker settings on your device.
The inability to display content has been confirmed with TREND MICRO′s "Virus Buster Mobile." However, even if you use other ad blocking apps, you can resolve the issue through the same procedure.

Setting Procedure