Privacy statement
Article 1 (Purpose)
These terms and conditions are for the purpose of the regulation on the collection, use, and handling of the customer's personal information in the use of Internet-related services (hereinafter referred to as "services") provided by the site http://www.beans-tour.com/( operated by BeansTour (hereinafter referred to as "company").
In accordance with the Personal Information Protection Act, the company has the following treatment policies to protect users' personal information and rights and to handle users' grievances related to personal information smoothly.
If the company revises its personal information processing policy, it will be notified through a website notice (or individual notice).
Article 2 (Purpose of Processing Personal Information)
The company handles personal information for the following purposes. The processed personal information will not be used for purposes other than the following, and prior consent will be sought if the purpose of use is changed.
(1)Service provision and management of the site: Personal information is processed for the purpose of identifying and authenticating customers according to service provision, maintaining and managing customer qualifications, identifying by implementing a limited identification system, preventing fraudulent use of the service, various notices and notices, handling grievances, and preserving records for dispute mediation.
(2)Complaint handling: Process personal information for the purpose of identifying the complainant and verifying the complaint.
(3)Providing goods or services: Process personal information for the purpose of providing services, sending bills, providing content, providing customized services, self-certification, age certification, payment and settlement.
(4)Use in marketing and advertising: Process personal information for the purpose of providing events and advertising information, providing opportunities to participate, and verifying the validity of the service.
(5)Personal image information: Process personal information for the purpose of preventing and investigating crimes, facility safety, and fire prevention.
Article 3 (Status of Personal Information File and Purpose of Processing)
The purpose of processing personal information files registered and disclosed by the company pursuant to Article 32 of the Personal Information Protection Act is as follows.
(1)Personal Information File Name: Personal Information File
(2)Personal information items: email, mobile phone number, password, login ID, date of birth, name, credit card information, bank account information, service usage record, access log, payment record, driver name, driver mobile phone number, driver email, driver birth date
(3)Collection Method: Method of website membership registration procedure, consultation procedure, partnership, etc
(4)Grounds for holding: Consumer Protection in Electronic Commerce, etc. Act
(5)Retention period: 5 years
(6)Records on the collection/processing and use of credit information: 3 years
(7)Record of consumer complaints or disputes: 3 years
(8)Record of contract or withdrawal of subscription: 5 years
※ Administrative proposal for disclosure of personal information file registration in other (company)All of them are Personal Information Protection Comprehensive Support Portal (www.privacy.go.kr ) → Complaints about personal information → Request for access to personal information → Please use the Personal Information File List Search menu.
Article 4 (Processing and Retaining Period of Personal Information)
The company processes and holds personal information within the period of holding and using personal information or the period of use when collecting personal information from the data subject according to laws and regulations.
The processing and retention periods of each personal information are as follows in accordance with the relevant laws and regulations.
(1) Records on the collection/processing and use of credit information: 3 years
(2) Record of consumer complaints or disputes: 3 years
(3) Record of contract or withdrawal of subscription: 5 years
(4) Matters concerning the provision of personal information to third parties
The company provides personal information to third parties only if they fall under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the data subject and special provisions of the law.
The company provides personal information to third parties as follows.
(1)Person who is provided with personal information: Travel agencies affiliated with the company (airways, accommodations, rental cars, etc
(2)Purpose of using the personal information of the recipient: mobile phone number, login ID, gender, date of birth, name
(3)the possession of a recipient.Period of use: 5 years
(4)In accordance with Article 25 of the Personal Information Protection Act, the company will specify in documents such as contracts and other responsibilities such as prohibition of personal information processing, technical and administrative protection measures, restriction of re-entrustment, management, supervision, and compensation for damages to the trustee, and supervise whether the trustee handles personal information safely.
If the details of the consignment work or the trustee changes, we will disclose it through this personal information processing policy without delay.
Article 5 (Rights and obligations of data subjects and legal representatives, and methods of exercise)
(1)The customer may exercise the following rights as a personal data subject.
(2)The customer may exercise the right to view, correct, delete, or suspend processing of personal information to the company at any time.
(3)In accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, the exercise of rights can be done in writing, e-mail, and fax, and the company will take action without delay.
(4)The exercise of rights can be done through an agent, such as a legal representative of the data subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with attached Form 11 of the Enforcement Regulations of the Personal Information Protection Act.
(5)Requests to view and suspend processing of personal information may limit the rights of the data subject under Articles 35 (5) and 37 (2) of the Personal Information Protection Act.
(6)A request for correction and deletion of personal information cannot be requested to be deleted if the personal information is specified as a collection target in other laws.
(7)The company checks whether the person who made the request, such as request for permission to view, request for correction and deletion, and request for suspension of processing, is the person who made the request or a legitimate agent.
Article 6 (Items of Personal Information)
The company is handling the following personal information items. Required items: email, mobile phone number, password, login ID, gender, date of birth, name
Article 7 (Destruction of Personal Information)
After the purpose of use of the collected personal information is achieved, the company immediately destroys the information according to the storage period and the period of use. The procedure, method, and timing of the destruction are as follows.
(1)Destruction procedure and timing: Once the purpose of use is achieved, such as termination of the service, the personal information entered by the customer shall be deleted or destroyed after the retention period has passed due to the internal policy and other relevant laws and regulations (refer to the retention and usage period of the personal information above).
(2)How to destroy: Crush or incinerate personal information printed on paper or dissolve it with chemicals and destroy it, and delete personal information stored in electronic file form using a technical method that cannot recover or reproduce the record.
Article 8 (Matters concerning the installation, operation, and refusal of automatic personal information collection devices)
The company does not use "cookies" that store information about the use of the data subject and call it up from time to time.
Article 9 (Preparation of Privacy Officer)
The company is responsible for the processing of personal information, and designates a person in charge of personal information protection to handle complaints from the data subject and remedy damage related to the processing of personal information as follows.
Privacy Manager: Employment type 064-713-9978
Article 10 (Measures to ensure the safety of personal information)
In accordance with Section 29 of the Personal Information Protection Act, the company takes the following technical/managing and physical measures to ensure safety.
- Regular self-audit: We conduct regular (once a quarter) self-audit to ensure stability related to the handling of personal information.
- Minimize and educate employees handling personal information: We designate employees who handle personal information and minimize them by limiting them to those in charge.
- Technical countermeasures against hacking: In order to prevent leakage and damage of personal information by hacking or computer viruses, the company installs security programs, periodically updates and inspections, installs systems in areas with restricted access from outside, and monitors and blocks technically and physically.
Article 11 (Request for access to personal information)
The data subject may request the following departments to view personal information pursuant to Article 35 of the Personal Information Protection Act. <Department name: Suseong Travel Agency>
In addition to the request for access under paragraph 1, the data subject can request access to personal information through the "Comprehensive Personal Information Protection Portal" website (www.privacy.go.kr ) of the Ministry of Public Administration and Security.
Ministry of Public Administration and Security Comprehensive Support Portal for Personal Information Protection → Complaints about personal information → Request for reading personal information (I-PIN must be present for self-verification)
Article 12 (Method of remedy for infringement of rights and interests of data subjects)
Center for Reporting Personal Information Infringement (Operation of Korea Internet & Security Agency)
- Tasks in charge: Report personal information infringement and request for counseling
- Home page: privacy.kisa.or.kr
- Phone: 118 (without country number)
- Address: (58324) Personal Information Infringement Reporting Center, 3rd floor, Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)
Personal Information Dispute Mediation Committee
- Tasks in charge: Application for dispute mediation of personal information, collective dispute mediation (civil resolution)
- Home page: www.kopico.go.kr - Phone: (without a country code)) 1833-6972
- Address: (03171) 4th floor of the Seoul Government Complex, 209 Sejongdae-ro, Jongno-gu, Seoul
Article 13 (Enforcement and Change of Policy)
This personal information processing policy will take effect from the effective date of February 1, 2023, and if any changes are added, deleted, or corrected in accordance with laws and policies, we will notify you through a notice seven days before the change takes effect.