I Love Seoul Tour complies with the personal information protection regulations under relevant laws that information and communications service providers must adhere to, such as the Protection of Communications Secrets Act, the Telecommunications Business Act, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. We have established a personal information handling policy based on relevant laws and are committed to protecting users’ rights. The privacy policy of I Love Seoul Tour is as follows: 

1. Items of Personal Information Collected and Method of Collection Firstly, we collect the following personal information to provide smooth customer service and travel services: 

• Mandatory items: Name, phone number, email address, nationality 
• IP address, cookies, visit time, service usage records, records of misuse 
  
  2. Purpose of Collection and Use of Personal Information a. Providing services and content b. Verification of identity according to the limited identification system for travel service use, personal identification, prevention of misuse by problematic members and unauthorized use, confirmation of subscription intent, record preservation for dispute resolution, handling of complaints such as customer service issues, delivering notifications c. New service development and marketing – Developing new services and providing tailored services, providing services based on statistical characteristics, verifying the effectiveness of services, understanding access frequency, and statistics on member service usage 
  
  3. Sharing and Provision of Personal Information I Love Seoul Tour uses users’ personal information within the scope specified in “Purposes of Collection and Use of Personal Information” and does not use it beyond that scope or disclose personal information externally without prior consent from users, except in the following cases: 

• When users have consented in advance to disclosure 
• When required by law or by investigative authorities following prescribed procedures for investigative purposes 
  
  4. Retention and Use Period of Personal Information Users’ personal information is destroyed without delay once the purpose of its collection and use has been achieved. However, if there is a need to preserve information as stipulated by laws such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, etc., the information will be retained for a period set by relevant laws. 
  
  5. Procedures and Methods of Destroying Personal Information Users’ personal information is destroyed without delay once the purpose of its collection and use has been achieved. The procedures and methods of destruction are as follows: 

a. Destruction Procedures 

• Information entered by users for travel services, etc., is transferred to a separate DB after the purpose has been achieved and stored for a certain period according to internal policies and other relevant legal reasons, and then destroyed. 
• Personal information is not used for any other purpose except as legally required. 

b. Destruction Methods 

• Personal information printed on paper is destroyed by shredding. 
• Personal information stored in electronic file format is deleted using technical methods that make the records unrecoverable.
  
  6. Technical/Administrative Measures for Protection of Personal Information To ensure the security of users’ personal information and prevent it from being lost, stolen, leaked, altered, or damaged, the following technical/administrative measures are being implemented: 

a. Password Encryption The I Love Seoul Tour website is encrypted, stored, and managed so only the individual knows their password, and personal information can only be confirmed or changed by the individual who knows the password. 

b. Measures Against Hacking The association is doing its best to prevent members’ personal information from being leaked or damaged by hacking or computer viruses. If you need to report or consult about personal information infringement, please contact the following institutions: 

• Personal Information Infringement Report Center (toll-free) 118 (privacy.kisa.or.kr) 
• Personal Information Dispute Mediation Committee 1833-6972 (www.kopico.go.kr) 
• Supreme Prosecutors’ Office Cyber Investigation Department (toll-free) 1301 (www.spo.go.kr) 
• National Police Agency Cyber Security Bureau (toll-free) 182 (cyberbureau.police.go.kr) 
  
  7. Duty of Notification If there are additions, deletions, or modifications to the content of the current personal information processing policy, we will notify through the homepage at least 7 days before the amendment