skip to main content

Privacy Policy

Able Hyundai Hotel & Resorts Co., Ltd. (the “Company”) establishes and discloses the “Privacy Policy” of the Company pursuant to Article 30 of the Personal Information Protection Act (the “Act”) and Article 31 of Enforcement Ordinance of such Act in order to make persons subject to the Privacy Policy clearly and easily understand the purpose and contents of Privacy Policy.

Article 1 (Purpose)

The Company processes personal information for the following purposes. The Company agrees and undertakes that the personal information to be processed by the Company shall not be collected and used for the purpose other than the following purposes and, if either any of such purposes is modified or it is used for the purpose other than its original purpose, the Company will take necessary actions including, but not limited to, obtaining consent of the person subject to the personal information at issue in accordance with Article 18 of the Act:

  • 1. Entering into hotel membership agreement and post-management
    • checks out whether transaction between the Company and the person to become a member is formed through such person’s identification and confirmation of such person’s intent; establishes, maintains, executes and manages hotel membership;
  • 2. Providing hotel service products and carrying out such services
    • provides special customized services, contents; processes payment of service fee; sends various invoices and notification; provides user authentication and financial service; and process payment of membership fee, annual fee, returns;
  • 3. Hotel service products information and marketing
    • conducts hotel service promotion and marketing activities such as sales talk; provides information of free gift and user appreciation event; conducts user satisfaction survey, users classification, service products development and statistic analysis;
  • 4. Management of person of information
    • Authenticate the person, his or her ID; confirms of the person’s intent to become a member of the Company; and confirms of whether legal representative consents for the case of collecting personal information of children under 14; and
  • 5. Maintaining record for dispute resolution; Handling with users’ complaints; Sending various notification; and conducting other obligations required by laws and regulations

Article 2 (Items)

  • 2.1 Items

    The items to be processed by the Company for hotel membership and various services are as follows and the Company collects and uses minimum items of personal information for the purposes of processing of personal information (the “Processing”);

    • 2.1.1 Required information
      • Personal authentication information:
        Name, resident registration number, ID information, nationality, occupation, address, email address, contact number including telephone numbers
      • Membership information:
        Membership type, terms and conditions of membership agreement (execution date, deposit, annual fee and membership period), issuance of receipts and membership card (certificate), or report of acquisition tax or transfer income tax
      • Information of hotel facilities use:
        Information of driving range, swimming pool, sauna, fitness center, kids club and place for F & B
      • Other information created through consultations for establishing, maintaining, executing and managing hotel membership

        ※ Users may reject to give a consent for information collection, use and disclose but please be informed that, if users do not consent to such regarding required information and ID information, any establishment or maintenance of transactions between the Company and users may not be available.


    • 2.1.2 Optional information
      • Information filled out in transaction application or other information provided by users
      • Birth date, anniversaries, family matters, marriage status or hobby

        ※ Users may reject to give a consent for collection, use and disclose of such optional information but please be informed that, if users do not consent, some parts of services or accommodations may be restricted.

  • 2.2 Method
    • The company collects personal information with the following method.
    • The application form that you fill out when you join the Banyantree Club and Spa Club as a member.
    • The application form that you fill out when you reserve hotel facilities.

Article 3 (Term)

  • 1. The Company will maintain personal information collected from users until the purpose of collection and use is accomplished and upon such accomplishment date, such personal information will be destroyed in principle: Provided, however, that, even in the event that the purpose of collection and use is accomplished, if preservation of such information is required by laws including but not limited to, contract, Tourism Promotion Act and other relevant tax laws, the Company may maintain or use such information within the period set forth in such laws.
  • 2. In case of hotel members, their personal information will be maintained and used until their membership is cancelled.

Article 4 (Disclosure)

  • 1. The Company, in principle, shall process personal information of its hotel users within the scope set forth in the Paragraph 1 and it shall not process such information beyond such scope nor disclose such information to a 3rd party without consent of such users.
  • 2. The Company may disclose users’ personal information to a 3rd party without prior consent of such users if the case falls in one of followings:
    • 2-1. Where either special provision allowing such disclosure exists in any other Act or such disclosure is unavoidable in order to comply with legal obligation;
    • 2-2. Where either special provision allowing such disclosure exists in any other Act or such disclosure is unavoidable in order to comply with legal obligation;
    • 2-3. Where personal information is necessary for compiling statistics, or scientific research purposes, etc., and the personal information is provided in a form by which such users cannot be identified;
  • 3. Except for the cases set forth in the foregoing Paragraph 4.2, when the Company discloses users’ personal information to any 3rd party, the Company will go through the process of obtaining consents of such users by giving the following notice to them respectively:
    • 3-1. name of person receiving such information;
    • 3-2. purpose of use of such information;
    • 3-3. items of such information;
    • 3-4. period of maintenance and use of such information; and
    • 3-5. the fact that users have the right to rejection and, if there exist any disadvantages from such rejection, details of such disadvantages.

Article 5 (Assignment)

  • 1. In order to improve hotel management and services, the Company assigns parts of its business and personal information processing to specialized firms.
  • 2. Names of such firms which the Company assigns or makes partnership with for the Company’s work of personal information processing are as follows:
    개인정보 처리 위탁 및 업무제휴 업체 목록
    Name of Assignee (firms) Contents of assignment Items given
    Banyantree Hotel & Resorts Hotel management Name, resident registration No., membership type and ID information including contact number
    Troon (Hong Kong) Driving range Name, resident registration No., membership type and ID information including contact number
    Basic9 Corporation Member management system Information of hotel members
    Hotel Association Membership registration Information of hotel members
  • 3. In case of assigning the Processing to any firm, in accordance with Article 25 of the Act, the Company expressly describes the matters of prohibition of the Process for any purpose other than those of assignment, technical and managerial protective measures, restriction on sub-assignment and the Company’s responsibilities including controlling, supervising and obligation for damage. The Company also supervises whether such firm conducts the Process safely.
  • 4. If either the contents of assigned works are modified or the firms conducting assigned works are changed, the Company will inform it by either uploading in its homepage or indicating in its business place.

Article 6 (Rights, Obligation and Method of Exercise)

  • 1. With respect to their personal information, users may exercise the following rights to the Company at any time;
    • 1-1. Request of access to personal information;
    • 1-2. Request of correction or deletion of such information if there exist a mistake; and
    • 1-3. Request of stopping the Processing.
  • 2. If users exercise their rights under the Paragraph 6.1 and request any of the things set forth in the foregoing Paragraph 6.1, the Company will take actions for that with no delay.
  • 3. If users exercise their rights under the Paragraph 6.1 and request any of the things set forth in the foregoing Paragraph 6.1, the Company will not use or disclose any personal information of such users until such information is either corrected or deleted.
  • 4. The exercise their rights under the Paragraph 6.1 may be made by legal representatives or agents authorized by the users. In such case, a power of attorney complying with the form of Appendix 11 of the Enforcement Regulations of the Act shall be submitted

Article 7 (Destruction of Personal Information)

  • 1. In the event that the personal information becomes unnecessary for the reasons of lapse of maintenance period and achievement of the Processing, the Company will destroy such personal information.
  • 2. Notwithstanding lapse of maintenance period and achievement of the Processing, if the Company is required to preserve such information by laws and regulations, the Company will either move such information into separate Data Base (DB) or preserve such information in a separate place.
  • 3. The destruction process of personal information by the Company is as follows:
    • 1-1. Destruction process: the Company selects the personal information to be destroyed and destroy such information with consent of the person in charge of such destruction in the Company.
    • 1-2. Destruction method: the Company destroys the personal information, which is recorded and stored in a form of electronic file, by using ways such as Low Level Format in order to make such destroyed information not regenerated. In case of such information recorded and stored in hard copy, the Company will destroy that information by either shredding it with shred machine or incinerating it.

Article 8 (Actions for Security)

The Company takes the following actions to secure safety of personal information;

  • 1. managerial actions: makes and executes privacy protection rules (internal management plan), carries out regular staffs’ education and self investigation.
  • 2. technical actions: controls authority of access to personal information processing system, installs access control system, encodes uniform resource name, installs security program, takes technical measures against hacking, keeps access record and prevent forgery.
  • 3. physical actions: not allows unauthorized person to access to computer room and data archive, uses locking mechanism for document security.

Article 9 (Person in Charge)

  • 1. The Company is responsible for the works of the Process and designates following person in charge of protecting personal information in order to deal with users’ complaint and remedy damage:
  • 2. In order to make all the inquiries about personal information protection, customer service and remedies, users may contact the person or division in charge of personal information protection. In such case, the Company will answer and respond to such inquiries with no delay.
    개인정보 처리 책임자 정보
    Name Title Contact No. Fax No. Email address
    Kim, Ki-Yeon Deputy general manager 82-2 2250 8032 82-2 2250 8032 tom.kim@banyantree.com

Article 10 (Remedies)

Users may have consultation on and gain remedies for infringement of their personal information through the following institutions:

  • 1. Privacy Information Protection Portal (operated by the Ministry of Security and Public Administration)
    • Responsibilities: receiving privacy infringement report, consultation application/ providing materials
    • Home page : www.privacy.go.kr
    • Telephone: 82-2-2100-3394
  • 2. Privacy Information Infringement Report Center (operated by the Korea Internet & Security Agency)
    • Responsibilities: receiving privacy information infringement report and consultation application
    • Home page : privacy.kisa.or.kr
    • Telephone : (without a telephone exchange number) 118
    • Address : (138-950) 135 Jungdae-ro, Songpa-gu, Seoul (Korea Internet & Security Agency)
  • 3. Personal Information Dispute Mediation Committee (operated by the Korea Internet & Security Agency)
    • Responsibilities: receiving application of personal information dispute mediation/Conducting collective dispute mediation (civil resolution)
    • Home page : privacy.kisa.or.kr
    • Telephone: (without a telephone exchange number)118
    • ddress : (138-950) 135 Jungdae-ro, Songpa-gu, Seoul (Korea Internet & Security Agency)
  • 4. National Police Agency Cyber Terror Response Center
    • Responsibilities : receiving inquiries and report on criminal cases regarding personal information infringement
    • Home page : www.netan.go.kr
    • Telphone : (cyber crime) 82-2-393-9112, (National Police Agency) 1566-0112

Article 11 (Effects)

This Privacy Policy shall be effective on November 1, 2012