Personal Information Processing Policy
TourGajago Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses the following personal information processing policy in order to protect the personal information of users and to promptly and smoothly process complaints related thereto. The Company considers that you have agreed to the personal information processing policy below, including the collection and use of personal information, by clicking the "Agree" button.
Article 1 Personal Information Collection Items
If you wish to use the Company's services, you must enter the following required information. There are no restrictions on using the service even if you do not enter the optional items.
|
Category |
Purpose of collection and use |
Collected and used |
Retention and use period |
|
|
Information collected when signing up |
sign-up and use |
[Required] |
Name (Korean, English), email, password, mobile phone number |
Until membership withdrawal, consumer identification information, payment, cancellation, refund information is stored for 5 years to preserve transaction records (Act on Consumer Protection in E-Commerce, etc.) |
|
Sign up through SNS |
[Required] |
Kakao, Naver, Google, Apple: Name (Korean, English), email, mobile phone number |
||
|
[Optional] |
Profile information (nickname/profile photo) |
|||
|
Consent to use marketing |
[Optional] |
Name (Korean, English), email, mobile phone number |
||
|
Information collected when using service |
Consultation purpose |
[Required] |
Name (Korean, English), email, password, mobile phone number, SNS ID |
|
|
Purchase of reserved products |
[Required] |
Common: Name (Korean, English), email, password, mobile phone number, SNS ID When using pickup service: Hotel name, flight information, etc. When using products requiring passport information: Passport number, etc. |
||
Article 2 Purpose of collection and use of personal information
The company uses the collected personal information as follows: It is used for the purpose.
① Travel product sales and brokerage service implementation and fee settlement according to service provision - travel product reservation, content provision, purchase and fee payment, product delivery or billing, etc., financial transaction identity verification and financial services, fee collection, etc.
② Customer management - identity verification, personal identification, prevention of unauthorized use by bad members and prevention of unauthorized use, confirmation of intent to join/withdraw, age verification, confirmation of consent of legal representative when collecting personal information of children under 14 years of age, complaint processing and civil affairs processing, notification delivery, etc.
③ Other - Securing a smooth communication channel such as notification, confirmation of intent, complaint processing, etc., and providing information on new services/new products or events
Article 3 Use and retention period of personal information
Customer's personal information is processed and retained within the personal information retention/use period stipulated by law or the personal information retention/use period agreed upon by the company when collecting personal information from the customer. However, in cases where it is necessary to retain it for a certain period of time due to reasons such as confirmation of rights and obligations related to transactions, etc., or pursuant to the provisions of relevant laws and regulations, it may be retained for a certain period of time. •Membership registration and management records: 1 year, however, if a creditor/debtor relationship remains, until the creditor/debtor relationship is settled
•Records on contracts or withdrawal of subscription, etc.: 5 years,
•Records on payment and supply of goods, etc.: 5 years
•Records on consumer complaints or dispute resolution: 3 years
•Records on display/advertisement: 6 months
Article 4 Personal information processing and provision
① The company uses the customer's personal information within the scope notified in the "Purpose of collection and use of personal information" of the service terms and conditions and personal information processing policy or within the scope specified in the service terms and conditions, and does not use it beyond this scope or provide it to a third party. In particular, the company will use and provide personal information with caution in the following cases.
② The company provides personal information to affiliates as follows in order to provide higher quality services to customers. The company does not disclose the customer's personal information to other companies or organizations unrelated to the company's services. However, the following cases apply when providing the customer's personal information, and if the customer refuses to provide the information as described below, the service cannot be used.
|
Provider |
Provided Items |
Purpose of Use |
Provision Period |
|
Local Affiliate [View Details] |
Name (Korean, English), Email, Mobile Phone Number, When using tour reservation service: Hotel name, flight information, SNS ID, etc. When using products requiring passport information: Passport number, etc. |
Personal information provided for personal identification and reservation, consultation, local event management, and customer management |
purposes from the time of provision until the purpose of provision is achieved |
|
Expedia,
Inc., |
③ In order to provide better service, the company may provide the customer's personal information to an affiliate in addition to Article 2, and when personal information is provided accordingly, the company will individually notify the customer in advance in writing or by email about who the affiliate is, what personal information items are provided, why such personal information must be provided, and how long it will be protected and managed. If the customer does not consent, the information will not be provided to the affiliate. The same procedure will be followed when there is a change in the affiliate relationship or when the affiliate relationship is terminated.
④ The company may also provide the customer's personal information to a third party in the following cases. - When there is a request from a relevant agency for investigative purposes in accordance with relevant laws and regulations
- When providing information to advertisers, partners, or research organizations in a form that does not identify specific individuals for statistical research or market research
- When there is a request in accordance with other procedures stipulated in relevant laws and regulations
- When necessary for billing for service provision
- When there is a request from a relevant agency regarding excellent products certified by the Ministry of Culture and Tourism
- When the company's terms of use or operating principles posted on the website are violated
- When there is sufficient grounds to believe that personal information is being provided in order to take legal action against others who have caused mental or material damage to others through the use of the service
- Information may be provided to a contracted company for services such as campaign promotions and prize winnings from various events or special exhibitions, and in this case, the type of information required, the purpose of use, the period, etc. are specified and prior consent is obtained from the customer -
⑤ Even when information is provided in accordance with relevant laws and regulations or at the request of an investigative agency, we operate on the principle of notifying the parties. Notification may not be possible due to legal grounds. We will do our best to ensure that information is not provided indiscriminately in violation of the original collection and use purposes.
⑥ The company may provide users' personal information for the purpose of developing new technologies or providing better services. In this case, we will inform users of who the organization or group is providing the personal information to, why the information is needed, and how and until when it will be protected and managed, and obtain their consent before providing the information. If users do not consent, we will not arbitrarily collect or provide additional information.
Article 5 Customer Rights and Methods of Exercising Them
① Customers may exercise the following rights related to personal information protection against the company at any time, and if the customer is a child under the age of 14, the child's legal representative may request access to, correction of, deletion of, and suspension of processing of the child's personal information.
- Request to access personal information
- Request for correction in case of errors, etc.
- Request for deletion
- Request for suspension of processing
② If the customer requests deletion of personal information, we will follow the provisions of Article 3, the processing and retention period of personal information, and Article 7, the destruction procedure and method of personal information. ③ Members may terminate the service agreement (request withdrawal of membership or withdrawal of consent) at any time by notifying the company of their intention to terminate, and the company shall process this in accordance with the regulations on membership withdrawal.
A. The service agreement shall be terminated when the member's intention to terminate reaches the company. The same shall apply in the case of withdrawal of consent to personal information, and shall be processed in the same manner as membership withdrawal.
B. Members who have terminated in accordance with this clause (members who have withdrawn) may re-register as members in accordance with the membership registration procedures and related provisions stipulated in these terms and conditions.
C. However, re-registration may be restricted for a certain period of time in order to protect the information of previously registered accounts.
D. Benefits such as events applied upon membership registration shall not be applied even if re-registered after termination (membership withdrawal) in accordance with this clause.
E. Events and various policies that assume membership shall not be applied after termination in accordance with this clause.
F. In the event of termination under this clause, the member must use all remaining coupons before the end of the service agreement (withdrawal of membership), and the remaining coupons will be canceled and not refunded upon termination of the service agreement.
Article 6 Handling of Personal Information
① In order to smoothly process personal information, the company may entrust some of the personal information processing tasks to an external party as follows, and will ensure that personal information is safely managed when entering into a contract for entrustment in accordance with relevant laws and regulations.
Personal Information Entrustment Status
|
Entrustee's |
Entrusted Work |
Retention and Use Period |
|
Toss Payments |
Electronic Payment Agency |
Until the purpose of personal information use is achieved and membership is withdrawn, and the end of the contract for entrustment |
|
KCP |
Electronic Payment Agency |
|
|
Popbill |
Cash Receipt Issuance |
② When entering into a contract for entrustment, the company shall state in writing the purpose and scope of the entrusted work, prohibition of processing personal information other than for the purpose of performing the entrusted work, restrictions on re-entrustment, management, supervision, stability assurance measures, and responsibilities of the entrustee in accordance with Article 26 of the Personal Information Protection Act, and supervise whether the entrustee safely processes personal information.
Article 7 Procedures and methods for destroying personal information
① When personal information becomes unnecessary, such as when the retention period for personal information under Article 3 expires, the purpose of collection or use is achieved, or the business is closed, the company destroys the relevant personal information without delay.
② The company destroys personal information using the following methods.
- Electronic files: Permanently deleted in a way that makes restoration impossible
- Paper documents: Shredding or incineration
Article 8 Protection measures for personal information
The company is taking the following measures to ensure the security of personal information. - Administrative measures: Establishment and implementation of an internal management plan including matters related to the organization and operation of the personal information protection organization, such as the designation of a personal information protection officer, and matters related to the education of personal information handlers.
- Technical measures: Establishment and implementation of standards for granting, changing, and deleting access rights to a database system systematically organized to process personal information, installation and operation of an intrusion prevention system and an intrusion detection system for the personal information processing system, storage and confirmation and supervision of the access time and processing details, etc. when a personal information handler accesses the personal information processing system and processes personal information, backup and storage of access records for the personal information processing system in a separate storage device, storage of one-way encryption of passwords, establishment of a security server when transmitting and receiving personal information and authentication information of users through an information and communications network, installation and periodic update and inspection of antivirus software so that the personal information processing system and information devices used by the personal information handler to process personal information can be checked and treated for computer viruses, spyware, and other malicious programs.
However, the company is not responsible for any problems caused by leakage of personal information such as ID and password due to the user's own negligence or problems on the Internet.
Article 9 Installation, operation, and refusal of Internet access information files and automatic personal information collection devices
① The company uses cookies to find and store member information when necessary for website operation. Cookies are very small text files that the server used to operate the website sends to the member's browser and are stored on the hard disk of the member's terminal (PC, smartphone, tablet PC, etc.) and expire when the web browser is closed or when the member logs out.
② Members may refuse to install the company's cookies. However, if cookie installation is refused, it may be difficult to use some services that require login.
(Setting method, IE standard) Tools at the top of the web browser > Internet options > Personal information > Site blocking
Article 10 Personal information protection officer
The company is responsible for the overall management of personal information processing and has designated the personal information management officer as follows to handle complaints and damage relief from information subjects related to personal information processing. - Personal Information Manager
Name: Senior Manager Taewoong Kim
Phone: 070-7775-0307
Email: help@tripcoupon.com
Article 11 Request to View Personal Information
Customers may request to view their personal information by submitting a request to view personal information, indicating the items and contents of personal information, the purpose of collection and use of personal information, the period of retention and use of personal information, the status of provision of personal information to third parties, and the fact and content of consent to personal information processing, to the Personal Information Protection Manager in the preceding paragraph in accordance with Article 35 of the Personal Information Protection Act. The Company will endeavor to process the information subject's request to view personal information within 10 days. However, if there is a legitimate reason why the information cannot be viewed within 10 days, the Company will notify the customer of the reason and postpone the viewing, and if the reason is eliminated, the information will be viewed without delay.
Article 12 Changes and Notification of Personal Information Processing Policy
① The Company's personal information processing policy may be changed in accordance with revisions to the laws of the Republic of Korea and changes in the Company's internal policies.
② In the event of a revision to the company's personal information processing policy, the company will notify the changes in advance via email 7 days prior to implementation. If prior notice is difficult, the company will notify without delay, and this policy will be implemented from the date of notification. However, if important matters such as the purpose of collection and use of personal information, the target of third-party provision, etc. are added, deleted, or modified, prior notice will be provided 30 days prior and implementation will take place after 30 days. In addition, if the company adds or changes matters related to matters that require separate consent from customers in accordance with relevant laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., such as the collection and use of personal information, third-party provision, etc., the company will obtain separate consent from customers in accordance with relevant laws.
Article 13 Remedies for infringement of rights
Users may inquire about remedies for damages and consultations regarding infringement of personal information to the following institutions. <The following organizations are separate from the company. If you are not satisfied with the company's own personal information complaint handling, damage relief, results, or need more detailed assistance, please contact us.>
- Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
> Responsibilities: Reporting personal information infringement, requesting consultation
> Website: privacy.kisa.or.kr
> Telephone: (without area code) 118
> Address: (58324) 3rd floor, Personal Information Infringement Report Center, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)
- Personal Information Dispute Mediation Committee
> Responsibilities: Application for personal information dispute mediation, collective dispute mediation (civil resolution)
> Website: www.kopico.go.kr
> Telephone: (without area code) 1833-6972
> Address: (03171) 4th floor, Government Seoul Building, 209 Sejong-daero, Jongno-gu, Seoul
- Supreme Prosecutors' Office Cybercrime Investigation Division: 02-3480-3573 (www.spo.go.kr)
- National Police Agency Cyber Terror Response Center: 1566-0112 (www.netan.co.kr)
[Supplementary Provisions]
1. These terms and conditions apply from May 27, 2025.
This personal information processing policy may be changed according to changes in laws, policies, or security technologies, and in the event of additions, deletions, or modifications to the content, it will be notified without delay through the personal information processing policy page of the Trip Coupon site (www.tripcoupon.com) or via email.