Privacy policy

Privacy policy

KCCT (hereinafter referred to as “our company”) attaches great importance to your personal information processing policy and complies with the personal information protection regulations of the 『Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.』 and the 『Personal Information Protection Act』 enacted by the Personal Information Protection Commission.

Through our personal information processing policy, we inform you of the purpose and method of use of the personal information you provide and what measures are taken to protect your personal information.

*You have the right not to consent to the collection, provision, and use of your personal information. If you do not consent, membership registration and travel service provision will be restricted.

Personal information collection method and items

We collect only the minimum personal information necessary to provide travel services.

1. When registering as a member
- [Required] Email, name, mobile phone number, ID, password: User identification, provision of membership services, membership benefits, and information on various events

2. When reserving a travel product

- Name (Korean, English), date of birth, gender, passport information, visa possession, email, phone number: Travel product reservation and consultation, confirmation of departure

- Name, date of birth, gender, passport number: Travel insurance subscription

- Name, credit card number, expiration date, account number: Payment, settlement, refund

3. When requesting a quote

- [Required]: Name, phone number, email, request details

- [Optional]: Group name

Personal information collection method

We collect personal information through our website, phone, fax, etc., product reservation (purchase), and other methods such as identity verification, and provision to us from affiliates.

Purpose of collection and use of personal information

We use the collected personal information for the following purposes.

1. Contract performance and fee settlement for service provision: travel product reservation, travel insurance subscription, airline ticket/hotel reservation, confirmation and consultation of reservation details, content provision, purchase and fee payment, identity verification and financial services, purchase and fee payment, refund, determination of possibility of departure, etc.

2. Customer management: Customer management and service use, identity verification, personal identification, prevention of fraudulent use by bad members and prevention of unauthorized use, confirmation of intent to subscribe, restrictions on use and number of uses, age verification, confirmation of consent of legal representative when collecting personal information of children under 14 years of age, record preservation for dispute resolution, complaint handling, etc. civil complaint handling, notification, etc.

3. Use for new services and marketing, advertising: service provision and advertisement posting according to demographic characteristics, delivery of advertising information such as events and new products and provision of participation opportunities, determination of access frequency, statistics on service use, provision of services related to new and affiliated businesses, various marketing activities, etc. The above information includes not only the information at the time of subscription, but also information changed by information modification.

Use, retention period, and destruction of personal information

When the purpose of collection or provision of personal information is achieved, or when withdrawal is requested according to the procedure stated by the customer, or when the customer's qualification is restricted or suspended due to the stated reason for loss of membership, the personal information of the customer is deleted through a non-reproducible technical method and destroyed so that it cannot be viewed or used for any purpose. However, in cases where preservation is necessary according to the provisions of relevant laws and regulations, the company retains member information for a certain period of time as specified in the relevant laws and regulations as follows.

A. Records on contracts or withdrawal of subscription, etc.: 5 years (Consumer Protection in E-commerce, etc. Act)

B. Records on payment and supply of goods, etc.: 5 years (Consumer Protection in E-commerce, etc. Act)

C. Records on consumer complaints or dispute resolution: 3 years (Consumer Protection in E-commerce, etc. Act)

D. Records on display and advertisement: 6 months (Act on Consumer Protection in E-commerce, etc.)

Destruction method

- Personal information printed on paper: Shredded using a shredder

- Personal information stored in electronic file format: Personal information is not retained, and records are deleted using a method that makes it impossible to reproduce the records

Viewing, correction, and withdrawal of consent to personal information

To view and correct our customers' personal information, you can click on the member information modification on the My Page of the website to view or correct it. We will respond in good faith to requests for viewing or correction of personal information.

Rights of users under the age of 14 and legal representatives and methods of exercising them

Children under the age of 14 (including legal representatives) may request to view or correct personal information or withdraw consent to the collection, use, consignment, or provision of personal information at any time.

Conclusion and cancellation of contracts regarding transactions with minors

If we wish to conclude a contract regarding transactions with minors for goods, etc., if the legal representative does not consent to the contract, the minor or the legal representative may cancel the contract.

Matters regarding the installation, operation, and refusal of automatic personal information collection devices

We operate ‘cookies’, etc., which store and retrieve customer information from time to time. Cookies are very small text files that the server used to operate our website sends to the customer’s browser and are stored on the customer’s computer hard disk. We use cookies for the following purposes:

Purpose of use of cookies, etc.

Target marketing and provision of personalized services through analysis of the frequency of access and visit times of customers and non-members, identification of user preferences and areas of interest, tracking of traces, identification of the degree of participation in various events and number of visits, etc.

Customers have the option to install cookies. Therefore, customers can allow all cookies, confirm each time a cookie is stored, or refuse to store all cookies by setting options in their web browsers.

How to reject cookie settings

Example: To reject cookie settings, you can select the option of the web browser you use to allow all cookies, confirm each time a cookie is saved, or reject all cookie storage.

Example of setting method (for Internet Explorer): Tools at the top of the web browser > Internet Options > Privacy

However, if you reject cookie installation, there may be difficulties in providing services.

Technical and management measures for personal information protection

A. Technical measures
- Your personal information is protected by a password, and important data is protected through a separate security function by encrypting files and transmission data or using the file lock function.

- We take measures to prevent damage from computer viruses by using antivirus programs. Antivirus programs are updated periodically, and in the event of a sudden virus outbreak, we provide the vaccine as soon as it is released to prevent personal information from being infringed.

- We adopt a security device that can safely transmit personal information on the network using an encryption algorithm.

- In order to prepare for external intrusions such as hacking, we are doing our best to ensure security by using intrusion prevention systems and vulnerability analysis systems for each server.

B. Management Measures
We limit access to your personal information to a minimum number of people. The minimum number of people is as follows:

- Those who perform marketing work directly with users

- Those who perform personal information management work such as personal information management managers and managers

- Others who inevitably handle personal information for work-related reasons

- We provide regular in-house and external training on new security technologies and personal information protection obligations to employees who handle personal information.

- We have established internal procedures to prevent information leaks in advance through security pledges from all employees upon joining the company and to audit the implementation of the personal information processing policy and the compliance of employees.

- The handover of work of those who handle personal information is thoroughly carried out while maintaining security, and we clearly define the responsibility for personal information accidents after joining and leaving the company.

- Personal information and general data are not stored together, but are stored separately on separate servers.

- We are not responsible for any incidents that occur due to the user's mistakes or basic internet risks. Each customer must properly manage their ID and password to protect their personal information and take responsibility for this.

- In addition, if personal information is lost, leaked, altered, or damaged due to an internal manager's mistake or a technical management accident, we will immediately notify the customer of the fact and take appropriate measures and compensation.

Personal Information Complaint Service

The personal information manager is identified as the personal information manager or representative at the bottom of our homepage.