The AURA Hotel has enacted and adhered to its Privacy Policyin order to comply with the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., the Personal Information Protection Act and other relevant statutes as it highly values the personal information of its customers. It maintains the Privacy Policy at business spaces of Hotel Shilla and publishes it on its website (http://www.aurahotel.co.kr) so that the customers may easily refer it at any time.
The AURA Hotel Privacy Policy may be revised based on the enactment of or amendment to pertinent law, changes in government policies, or the company's internal policies. The AURA Hotel Privacy Policy shall be maintained in the business spaces of AURA Hotel or published on its representative website through public notices (or notified individually) when the Policy is revised.
The individual Privacy Policy of each business unit will prevail if the Policy differs from the individual unit policies. You may check the Policy by visiting the Hotel Shilla representative website as required.
The AURA Hotel Privacy Policy includes the below-listed:
Date implemented: 2007-06-25
Last updated date: 2015-08-10
1. General Rules
2. Purposes of collecting or>using personal information
3. Personal information items collected
4. Method for collecting personal information
5. Collection of personal information using cookies
6. Retention and destruction of personal information
7. Provision or sharing of collected personalinformation to or with third parties
8. Rights and duties of users and their exercise methods
9. Administration of personal information of non-member customers
10. Measures for securing the safety of personal information
11. Persons in charge of protection of personal information
12. Protection of personal information of children less than 19 years old
13. Transmission of advertising information or messages
14. Linked sites
15. Articles displayed
16. Obligation to notify
1. General Rules
(1) Personal information shall refer to information concerning living individuals that enables their identification by using a name in full contained in such information (including information that enables identification by easily combining it with other information if individuals may not be identified with the relevant information alone).
(2) AURA Hotel complies with the provisions on protection of personal information under the Act on Protection of Personal Information as it highly values the personal information of its customers.
AURA Hotel states how and for what purposes the personal information its customers provide is used and what actions are taken to protect the personal information through its Privacy Policy.
(3) AURA Hotel has developed a procedure for updating its Privacy Policy in order to steadily improve its Policy. It also provides the version number of any amendments made to its Policy for easily discernment.
2. Purposes of collecting or using personal information
a. AURA Hotel collects the customers' personal information in order to provide the users with customized services and better quality services through its membership services.
Classification Purposes of use
Member administration
- User authentication and verification for membership services
- Prevention of illegitimate or unauthorized use by delinquent members
- Identification of minors
- Customer counseling, handling of customer complaints, and records retention for dispute settlement
- Notification of updated information
Performing service contract billing for services provided
- Payment of bills for regular and value-added services
- Provision of contents, announcement of event/lottery awardees, and delivery of goods
- User authentication for financial services
- Invoice transmittal, purchases and payments, reimbursements etc.
Utilization for marketing and advertising
- Information concerning new services, products or events
- Provision of customized services
- Utilization of data for providing individually customized services and conducting marketing
- Provision of services and advertising based on demographic attributes
- Survey of visits to websites
- Statistics of service usage
- Distribution of regular publications and information concerning new products and services
- Planning of Web services and events satisfying customer interest
- Customer questionnaire survey
3. Personal information items collected
a. AURA Hotel collects only essential information required for providing basic services. It obtains a separate agreement from customers on collecting information for providing customized services to individual customers. By failing to enter optional information items, services may be limited.
b. AURA Hotel collects and uses personal information as follows:
(1) Personal information items collected when membership is subscribed
- Essential Items collected : Name in full, date of birth, Contact address (wired, mobile phone etc.), E-mail address
- Purposes of use : User identification and authentication, User authentication, public announcements, handling of complaints, Provision of information concerning products and services
- Retention and use period : Until membership is withdrawn
- Optional Items collected : Anniversaries, purpose of hotel use etc.
- Purposes of use : Provision of information concerning products and services based on anniversaries or preferences
- Retention and use period : Until membership is withdrawn
(2) Other information generated in processes of service use or business processing
- Records of service use, access logs, cookies, access IP information, and record of service suspension
c. AURA Hotel does not collect delicate personal information that is believed to infringe the basic human rights of the users (race or ethnic origins, ideologies or credos, origin or place of birth, political orientations, criminal records, health conditions, sexual life etc.). AURA Hotel will obtain advance agreement by the users if required to collect such personal information for unavoidable causes. And, the Hotel shall not use information the customers enter for purposes other than those announced in advance and shall not disclose such information to any third parties under any circumstances.
4. Method for collecting personal information
a. AURA Hotel collects personal information using the below-listed means:
- Membership subscription through website, given forms, phone or fax, bulletin board for customer counseling, and participation in lottery events
- Collection using software tools generating information
b. AURA Hotel considers that when customers check "Agree" to the Agreement to its Collection or Use of Personal Information or "Agree" to each of the questions in the Terms of Service, they are agreeing to the collection of their personal information.
5. Collection of personal information using cookies
a. Cookie?
AURA Hotel uses software cookies that store and search specific customer information. Cookies are part of a small program that the AURA Hotel website transmits to the customer's browsers (Internet Explorer, Chrome etc.)
The AURA Hotel computer may provide your desired information without any additional information like name in full being entered by you for access to the AURA Hotel computer as the computer reads the cookie details on the customer's browser and locates such additional information on the customer computer.
b. Cookie operation by AURA Hotel
AURA Hotel operates the cookies for the users' convenience. AURA Hotel collects only the ID of its members using the cookie. It does not collect any other information. The member ID AURA Hotel collects using cookies are used for the below-listed purposes: (The cookies are deactivated when the browser is exited or the member logs out of the website.)
- CONTACT US, 1:1 counseling, upload articles on bulletin board
c. How to set up your computer to reject cookies
You may set up your computer to allow cookies, require your confirmation for saving cookie details, or reject all cookies by selecting the option menu on your web browser. If you reject cookies, your services may be limited.
6. Retention and destruction of personal information
a. AURA Hotel destroys personal information of its members without delay when the purpose of collection or provision of such personal information is accomplished. The specific destruction time is as follows:
(1) Information concerning membership subscription: When membership is withdrawn or expelled
(2) Information concerning shipment or distribution: When the goods or services are delivered
(3) Information concerning questionnaire surveys or events: When the questionnaire survey or events are completed
(4) User authentication information: When the user is authenticated
b. Personal information is retained for given periods to check administrative obligations related to transactions pursuant to pertinent statutes or internal policies despite the rule of immediate destruction for personal information collection as follows:
(1) Records concerning the contracting or withdrawal of subscription: Two years
(2) Records concerning the handling of consumer complaints or dispute settlement: Two years
(3) Information for user identification for provision of revisit services: Immediately upon withdrawing membership
c. Destruction methods
(1) Personal information printed on paper: Shredded or incinerated
(2) Personal information stored on digital media: Deletion using technical methods disabling regeneration or retrieval
7. Provision or sharing of collected personal information to or with third parties
a. AURA Hotel does not use or disclose the customers' personal information in excess of the "Purposes of Collection of Use of Personal Information" under any circumstances, except for cases where the customer agrees or the pertinent statute requires it. AURA Hotel uses or provides personal information with attention in the below-listed cases, however:
(1) The AURA Hotel will always inform the customers of legitimate causes and procedures in advance when the rights and obligations of the service provider is fully inherited or transferred through business sales or M&A. The AURA Hotel will also provide the customer with options to withdraw their agreement to collection of use of their personal information.
(2) In addition, when the AURA Hotel provides or shares personal information with third parties, it will always undergo a procedure of seeking agreement by informing the individual customers in writing or through an e-mail as to who the alliance partners are, what personal information items are provided or shared, and how their information will be protected or managed. If the customer does not give his consent, the Hotel will not provide or share his personal information to or with allied partners. The Hotel will also inform or seek agreement under the same procedure when any changes arise in the alliance or the alliance comes to an end.
b. The AURA Hotel is allowed to provide personal information without the consent of the customer, pursuant to the pertinent statutes:
(1) Performing contracts concerning service provisions
(2) When it is required under pertinent statutes or requested by law-enforcement authorities for an investigation according to the procedure and methods provided under the statutes
(3) When personal information is provided in a form or manner that disables identification of specific individuals through the processing of data, for the purpose of preparing statistics, academic research or a market survey.
8. Rights and duties of users and their exercise methods
a. The customers may, at any time, request the viewing, correction, deletion or suspension of their registered personal information or for the withdrawal of their agreement. To view, correct, delete, suspend or withdraw agreement of personal information collection or use from the Hotel without delay, after authentication of the user, the customer may directly view or correct personal information by clicking "Member information," contact the AURA Hotel by phone (031-415-0060) or submit a request to the person in charge of personal information protection in writing, by phone or e-mail.
b. When the customer requests for a correction of errors in his personal information, the Hotel will not use or provide the personal information before the correction is finished. The AURA Hotel will also ensure the correction is made by speedily informing third parties of the correction details if incorrect personal information has already been provided to any third parties.
c. AURA Hotel ensures that the personal information whose deletion has been requested by a customer is treated according to the Hotel's policy concerning retention or use period of personal information it collects or as provided under statutes and further that such information is not viewed or used for purposes other than those stated.
d. We hope the customers will prevent unexpected mishaps by accurately entering their personal information. The customer will be held responsible for any mishaps that arise because of incorrect information he enters. His membership may be revoked if false information is entered.
e. The customers are obliged to protect themselves and not to infringe information belonging to others as they are entitled to protection of their personal information. Customers should not disclose their personal information or tamper with personal information belonging to others, including articles uploaded on the website. Punishment according to the pertinent statute may result if a customer fails to discharge his obligations or misuses personal information or the dignity of others.
9. Administration of personal information of non-member customers
a. Non-member customers may also use the company's services. The company requests only necessary personal information when non-member customers use its services.
b. When a non-member customer uses the company's services, the company does not use the information entered by the customer for purposes other than for payment of service bills and shipment of goods.
10. Measures for securing the safety of personal information
AURA Hotel takes the below-listed technical, administrative and physical measures to secure safety in handling the personal information of its customers to prevent loss, theft, leakage, forgery or tampering:
(1) Minimization and education of staff members handling personal information
AURA Hotel appoints a minimum number of staff members who are allowed to handle personal information and conducts periodic education.
(2) Periodic internal audit
In-house audits are performed regularly to secure the safe handling of personal information.
(3) Development and implementation of internal management plans.
Internal management plans are developed and implemented to ensure the safe handling of personal information.
(4) Encryption of personal information
The personal information of the users is encrypted before storing or management of it. Only the user himself may access his personal information. All files and transmitted data are also encrypted while important data are protected using additional security functions.
(5) Technical measures against hacking
AURA Hotel installs and periodically updates and checks security programs in order to prevent leakage or tampering of any personal information from hacking or computer viruses. All systems are installed in access-controlled areas and monitored and blocked technically and physically.
(6) Restriction of access to personal information
AURA Hotel takes necessary measures to control access to personal information through assignments and the update or deletion of access authority to database systems that handle personal information.
(7) Storage and prevention of forgery or tampering of access records
The access records concerning personal information processing systems are kept for six or more months, and security functions are used to prevent their forgery, tampering, theft or loss.
(8) Locking devices used for document security
Documents and auxiliary storage media containing personal data are kept in safe places where locking devices are installed.
(9) Control of access by unauthorized personnel
Separate physical storage areas are maintained to store personal information whose access control procedures are developed and implemented.
11. Persons in charge of protection of personal information
a. AURA Hotel appoints the department and persons responsible for protecting personal information as follows to protect the personal information of its customers and to collect their comments and handle their complaints:
¨ç Person in charge of protection of personal information - Full Name: Kyoung-Seok Lee / Organization: HD / Position: Executive Vice President
¨è Personal information protection manager - Full Name: Seung-Pal Yang / Organization: S&M / Position: Director
¨é Persons responsible for protection of personal information - Full Name: Yong-Jin Park / Organization: S&M / Position: Assistant manager
Email: aurahotel@naver.com
b. You may contact the below-listed agencies for reporting or counseling on the infringement of personal information:
- Private Information Interference Report Center (www.118.or.kr / 118)
- Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
- Internet Crime Investment Center, Supreme Prosecutors' Office (www.spo.go.kr / 02-3480-2000)
- Cyber Terror Response Center of National Police Agency (www.ctrc.go.kr / 02-392-0330)
12. Protection of personal information of children less than 19 years old
AURA Hotel implements the below-listed in order to protect personal information of membership applicants who are younger than 19 years of age:
- The Hotel does not accept membership subscription by those who are younger than 19 years of age
- As a rule, membership is not permitted for persons under 19 years of age. Membership will be withdrawn from anyone found to be under 19 years old.
13. Transmission of advertising information or messages
a. AURA Hotel does not transmit any advertising information for commercial purposes against the customer's clear refusal.
b. AURA Hotel ensures that the following are indicated in the title and body of its e-mail messages for easy reading when advertising information is sent using e-mail for product information or other online marketing purposes:
- E-mail title line: "Advertisement" may not be indicated in the title line. It usually indicates the key content of the body message.
- E-mail body text: The AURA Hotel indicates The name, E-mail address, phone number and address of The sender so that The users or recipients may express their refusal to such messages. Specific methods are indicated so that The users may easily express their refusal.
c. The Hotel also indicates the sender name and takes other necessary actions when it sends advertising information for business purposes by means other than e-mails, including faxes and SMS, to the customers who have agreed to receipt of such advertising messages.
14. Linked sites
a. AURA Hotel may provide its customers with links to websites or information of other companies. In such cases, the AURA Hotel is not responsible for or cannot warrant the usefulness of services or information provided by such external sites on which it has no control.
b. When you move to pages of other sites by clicking links included in the Hotel website, you should check the Privacy Policy of the other sites as AURA Hotel is not responsible for their policy. 
15. Articles displayed
a. AURA Hotel does its utmost to protect the articles uploaded by its customers on its website from being tampered with, damaged or deleted. However, this does not apply to the below-listed:
- Spam messages (ex: Chain letters, advertisement of specific sites etc.)
- Articles that defame others by disseminating false information to maliciously slander others
- Articles that divulge privacy related personal information of others without their consent, that infringe copyrights or other rights of third parties, or that are irrelevant to the themes of the bulletin board
- AURA Hotel may display such articles after deleting or correcting certain parts that disclose The privacy of others without agreement in order to promote healthy bulletin board culture.
- AURA Hotel will prevent misunderstanding or confusion by providing The path to a related article when an article contains links to bulletin boards handling other themes.
- The AURA Hotel may delete other malicious articles after giving specific or individual warnings.
b. The author is responsible for his articles, as a rule. Customers should give serious consideration to disclosing any information as information disclosed voluntarily through such articles can hardly be protected.
16. Obligation to notify
The AURA Hotel will notify or publish details through its website at least seven days in advance when any changes, including addition, deletion or correction, made in statutes, government policies, internal policies of the Hotel or security related technologies.
Version number of Privacy Policy: v05
Enforcement date: 25 June 2007
Amended date: 10 August 2015
The above Privacy Policy of the AURA Hotel website will go into effect on 10 August 2015.