Kt Tourist Reward

  • 회원가입

개인정보취급방침

  • Home >
  • Privacy Policy
Chapter 1 General Provisions
KT Corporation (hereinafter referred to as “Company”) values the personal information of customers and makes best efforts to safely protect and effectively manage the personal information of customers. Company complies with the Personal Information Protection Act, Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., and various laws relating to personal information protection. In addition, Company enacted and complies with the Personal Information Handling Policy, and discloses this Policy on the website so that customers may easily view it at any time.
1. Personal information means information on the physical characteristics, image, sound, voice, letters, and signs (including that which is discernible by easily combining with other information, even when the concerned information itself does not allow to identify a particular individual) allowing to identify a concerned individual based on the name or resident registration number (passport number), as information on a living individual.
2. Company values the personal information of customers and complies with laws such as the Personal Information Protection Act and Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
3. Company notifies of the use and method of use of the personal information provided by customers and the measures that are being taken for personal information protection through the Personal Information Handling Policy.
4. The Personal Information Handling Policy of Company may be modified depending on the change of related laws or internal operation policies. In the event that the Personal Information Handling Policy becomes modified, the reason and the modified contents will be notified without delay.
5. In the event of transferring rights and obligations due to inheritance, merger, or transfer of business, in part or in whole, customers will be individually notified through writing or electronic mail, or the fact shall be alerted for thirty (30) days or more by noticeably providing notice on the homepage of the website of Company (www.koreataxfree.com).
6. In the event of revising the Personal Information Handling Policy, the revision shall be announced through notice on the website of Company (www.koreataxfree.com).
Chapter 2 Objective of Collection and Use of Personal Information
Company uses the collected personal information for the following objectives.
1. Formation of contract to provide the kt tourist reward service (personal identification and personal opinion confirmation, etc.)
2. Performance of the kt tourist rewards service (service history search, and delivery of handling and announcements, etc.)
3. Supply of individually customized service, construction and operation of a server necessary to supply the service, analysis of the usage type and preference, and demographical analysis (age, gender, region analysis, etc.) to enhance the quality of service, improve the quality of service, and supply contents
4. Collection of consent for personal information regarding all goods and services provided by Company, or affiliated service providers and goods that are result of Company’s service being in partnership with services provided by kt or kt group companies/cooperative companies/affiliated companies, and other marketing activities and customer management, such as providing information on customer events
5. Consignment of work necessary to perform the agreement, such as outsourcing supply of service to a consignee specified in the Personal Information Handling Policy
Chapter 3 Items of Personal Information Collected and Collection Method
Company collects the minimum amount of personal information needed as below to provide the service and to allow joining as a member, and does not collect personal information may substantially infringe the human rights of customers, such as information on health condition, criminal record, political orientation, legal domicile, hometown, principles, ideology, ethnicity, and race. However, an exception shall apply when the customer consents to the collection.
1. Items of personal information collected
   a. Mandatory items: Nationality, passport number, passport expiration date, last name, first name, date of birth, and gender
   b. Optional items:
      ㅇ General information (when processing VOC): Email address, phone number
      ㅇ Credit card information (when processing main refunds): Customer name on the credit card, foreign card brand, and credit card number
      ㅇ Refund information (when refunded by Alipay): Alipay ID, name, and email address
   c. Information that may be generated and collected during the course of handling business or using the service
   Service use time or use records, access logs, use contents, cookies, access IP information, and use suspension records
2. Company collects personal information through the following methods.
   a. Website, mobile application, unattended automatic machine (hereinafter referred to as “Kiosk”), written document form, phone, fax, email, public board, etc.
   b. Collection such as through collection tools of generated information, supply from affiliated companies, or creation during the process of handling business or using the service
Chapter 4 Consent Method for Collection and Use of Personal Information
1. The objectives of the collection and use of personal information and the fact of consigning the handling of and providing the personal information to a third party are notified through the Personal Information Handling Policy or are requested for consent by informing customers pursuant to the regulations of related laws, when collecting the personal information of customers.
2. Customers may provide consent by selecting one of the following methods, such as for the collection of unique identification information, consignment of the handling of information and provision of the information to a third party, and collection and use of the personal information of customers pursuant to the ‘Personal Information Handling Policy’ and ‘Service Use Terms and Conditions’ of Company.
   a. By signing on the consent form after becoming fully aware of the details of the consent form attached to the ‘membership, use, and modification application form’ of the service.
   b. By clicking on the ‘consent’ button after checking the details of consent posted on the mobile app or website (www.koreataxfree.com).
   c. By submitting a consent form after affixing his or her sign or seal on the consent form (details of consent) provided through mail, email, or fax.
   d. By clicking on the ‘consent’ button after checking the details of consent by using Kiosk.
Chapter 5 Retention and Use Period of Personal Information
1. Company retains and utilizes the personal information of customers limited to the periods of providing service to customers (use period) or dispute settlement periods (retention period).
However, the information is retained pursuant to related laws in the event that there is a special regulation in laws.
   a. Use period: During the period of joining the service (service join date ~ service withdrawal date) or a dispute period
   b. Retention period: Until six (6) months after withdrawal for A/S and to respond to customer complaints, and until resolving a dispute, when there is a cost-related dispute.
   (However, dormant accounts will be retained up to one (1) year based on the last log-in date, excluding cases when there is a special regulation in laws.)
2. The information in the following items from the personal information of customers that had withdrawn are retained pursuant to the regulations of Article 85-3 of the Framework Act on National Taxes, and are used limited to situations based on laws.
   a. Retention items: Nationality, passport number, passport expiration date, last name, and first name
   b. Retention period: Five (5) years
3. Others
   a. Records on advertisements and markings: Six (6) months (Act on Consumer Protection in Electronic Commerce Transactions, Etc.)
   b. Records on contracts or subscription withdrawal, etc.: Five (5) years
   (Act on Consumer Protection in Electronic Commerce Transactions, Etc.)
   c. Records on supply of goods and payment: Five (5) years
   (Act on Consumer Protection in Electronic Commerce Transactions, Etc.)
   d. Records on dispute settlement or consumer complaints: Three (3) years
   (Act on Consumer Protection in Electronic Commerce Transactions, Etc.)
   e. Records on the collection, handling, and use of credit information: Three (3) years
   (Act on Use and Protection of Credit Information)
Chapter 6 Destruction Procedures and Methods of Personal Information
After achieving the objective of the collection and use of personal information, Company destroys the pertaining information without delay. The destruction procedures and methods are as follows.
1. Destruction procedures
   a. The information provided by customers, such as to join the service, are transferred to a separate database (a separate record file for paper documents) after the objective of the collection and use is achieved, which is destroyed after being saved for a certain period pursuant to the grounds for information protection (refer to Retention and Use Period) based on the internal policies or other related laws.
   b. Personal information transferred to a separate database is not used for any other objective other than when required by laws.
   c. Objects of destruction: Customer information which has an expired retention period pursuant to the retention period and related laws
2. Destruction method
   a. Personal information prepared and printed on paper (document): Destroyed by methods such as shredding or incineration
   b. Personal information saved in an electronic file form, such as a database: Deleted through a technical method that prevents from reproduction
Chapter 7 Sharing and Provision of Personal Information Collected
Company uses the personal information of customers within the scope specified in the ‘Personal Information Handling Policy’ or the ‘Service Use Terms and Conditions,’ and does not provide or share the information with a third party exceeding the specified scope. However, there shall be exceptions when there is prior consent by a customer for providing the information as below, when there is a special regulation in related laws (Communications Privacy Act, Telecommunications Business Act, Framework Act on National Taxes, etc.), or when the information is provided pursuant to procedures and regulations designated by laws.
※ However, the following cases shall be excluded.
a. In the event that a customer provided prior consent or it is substantially difficult, economically or technically, to obtain consent for personal information necessary to perform the agreement relating to providing the service
b. In the event that it is necessary to settle bills pursuant to providing the service
c. Information may be provided under due process when based on regulations of laws orthere is a demand by an investigatory agency pursuant to the procedures and methods designated by laws for the purpose of investigation
Chapter 8 Consignment of Handling of Personal Information
Company consigns the business of handling personal information for management and provision of customer convenience, such as the handling of the Service Use Terms and Conditions and incidental business, and regulates and manages the compliance with related regulations and guidelines, information protection and confidentiality, prohibition of provision to third parties, assuming of responsibility upon occurrence of accident, and obligation to immediately return and destroy personal information after termination of the consignment period, such as through a “consignment agreement” for consignees.
ConsigneeDetails of Work
Oniontech Ltd.Operation of kt tourist reward service (collection, handling, management, etc.)
Oniontech, eSum Technologies, TmaxSoft, kt engcore, Bitek Information & Communication, Global Technology Solutions, BA Solutions, HIC NetworksRepair and maintenance of kt tourist reward system
Korea Customs ServiceProcessing of digitalization of tax refund service
Korea National Tax Service
Cuberefund Co., Ltd.Preparation of electronic sales confirmation document to apply for tax refund
Korea Information & Communications Co., Ltd.
Taegyung Easy Taxfree Co., Ltd.
Global Blue Korea Co., Ltd.
Global Taxfree Co., Ltd.

Chapter 9 Rights and Obligations of Users
Customers may demand for access to or correction of personal information, as below, at any time and may withdraw consent on the provision, consignment, or collection and use of personal information and membership withdrawal. Customers may directly view, correct, or withdraw after undergoing the identification procedure by clicking on ‘membership withdrawal’ at the website (www.koreataxfree.com) or preparing and submitting a ‘withdrawal application’ to Company for withdrawal of membership (consent withdrawal) and a ‘personal information revision (or customer information modification) application’ to view and correct their personal information.
Customers are requested to prevent sudden accidents by accurately entering their latest personal information. Members shall be responsible for accidents occurring due to inaccurate information that they may have entered, and members may be disqualified by entering false information, such as by illegally using the information of others. Customers have a right to be protected of their personal information while having the obligation to protect themselves and to refrain from infringing the information of others. Customers are requested to use proper caution so that their personal information, including passwords, are not leaked, and to refrain from damaging the personal information of others including posts on bulletins. When damaging the dignity and information of others by failure to fulfill such responsibilities, customers may be punished by laws such as the "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc."

1. Viewing or correcting personal data and correction of personal information
   a. Customers may demand for viewing or correcting personal data on personal information through phone or email or by directly visiting Company.
   b. In the event a customer demands for viewing or correcting personal data on the personal information of himself or herself, the identification of the customer will be checked by requesting to present an identification method (copy), such as a passport, to prove his or her identity.
   c. In the event that an agent of a customer demands for viewing or correcting personal data, the status of the agent will be checked by requesting to present evidence of proof, such as the identification card of the agent, seal certificate of the customer with title, and a power of attorney showing the relationship of the agent and the customer.
   d. In the event that a customer requests for correction of an error of personal information, the concerned personal information will not be used or provided until the correction is made.
   In addition, when erroneous personal information has already been provided to a third party, the corrected result will be immediately notified to the third party after making the correction.
2. Withdrawal of Consent to Provision, Use, and Collection of Personal Information
   a. Customers may consent to the provision, consignment, and use and collection of personal information by visiting Company or a branch office of Company by bringing their identification card specified in Clause 1(b) above, or may selectively withdraw their consent.
   b. Company will take measures without delay when customers contact Company such as through the email consultation available at the customer center of the website (www.koreataxfree.com) or through telephone.
   ※ However, consent withdrawal on the collection and use of mandatory information necessary for providing the service shall be excluded.
   c. Company handles personal information cancelled or removed by the request of customers pursuant to the “Retention and Use Period of Personal Information Collected,” and handles matters so that such information cannot be viewed or used for any other use.
Chapter 10 Personal Information Protection of Minors
Pursuant to Article 31 of the "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.,” prior consent of a legal representative must be obtained when a customer that is under the age of 14 wishes to join as a member. However, the kt tourist service collects information restrictively, which allows to identify customers under the age of 14.
Thus, Company restricts those under the age of 14 from joining as a member, and does not provide regular service to those under the age of 14.
Company will not bear legal responsibility in the event that a person joins as a member by breaching the above notification.
Chapter 11 Installation and Operation of Automatic Personal Information Collection Device and Matters on Refusal
Company operates a cookie, which locates and saves the information of customers when necessary for the operation of the website. A cookie is a very small text file which the server, used in operating the website of Company, sends to the browsers of customers, and is saved in the hard disk of the computers of customers. Customers may decide to refuse to permit information collection by cookies through the security policy of the web browser.
1. Information collected by cookies and objective of use
   a. Information collected: Service use information, such as ID, access IP, access log, and use contents
   b. Usage objective
      ㅇ To provide differentiated information pursuant to the customers’ fields of interest
      ㅇ To utilize in target marketing by understanding the fields of interest and tastes of users by analyzing the access frequency and visit time of members and non-members (provision of individually customized service for subsequent shopping by tracing the tracks of items viewed with interest and information on the items purchased, provision of information on the use period upon using a charged service, and analysis of habits of customers, etc.) and to utilize as a criterion for service reformation
2. Customers have the right to choose whether or not to install cookies. Thus, customers may adjust the selection of the level of information collected by cookies through setting the option on the web browser.
   a. The level of information collection based on cookies may be determined by selecting [Internet Option] ? [Security] ? [User-Defined Level] at the [Tools] menu of the web browser.
   b. Customers may refuse to save all cookies, or may check whenever a cookie is saved through the menu suggested above. However, there may be difficulties in receiving service upon a customer refusing to install cookies.
Chapter 12 Technological and Administrative Protection of Personal Information
Company prepares technical and administrative measures as follows to procure safety, in order to prevent the personal information of customers from becoming lost, stolen, leaked, falsified, or damaged.
[Technological Protection Measures]
1. Personal information is protected by passwords, and important data is protected through a separate security function, such as by using a file lock or encrypting files or transmission data.
2. Measures to prevent damage by computer viruses are being taken by using a vaccine program. The vaccine program is updated periodically, and prevents personal information from becoming invaded by immediately adopting and applying a vaccine as soon as it becomes available, in the event that a virus appears.
3. A security certification (SSL) system is being selected to allow safe transmission of personal authentication information and personal information on the network.
4. An intrusion blocking device is used and a system is installed in an area controlling access from the outside to prevent the personal information of customers from becoming leaked by methods such as hacking, and moreover, an intrusion detection system is installed to monitor any intrusions for 24 hours a day.
[Administrative Protection Measures]
1. Company prepares the procedures necessary for management and access to the personal information of customers, so that officers and employees may become fully aware of and comply with such procedures, and periodically examines the status of compliance.
2. Company limits the number of people that may handle the personal information of customers to a minimum and manages access authorities, and enables them to comply with the laws and policies through regular internal training and outsourced training on the obligations on personal information protection and acquisition of new security technologies. The people handling the personal information of customers are as follows.
   a. Employees engaging in marketing work by directly and indirectly dealing with customers
   b. Employees in charge of personal information protection functions and personal information management, such as personal information directors or personal information managers
   c. Any other employees that must necessarily handle personal information for business
3. Company has prepared and is implementing internal procedures to inspect the status of compliance by frequently reminding employees of the personal information protection obligations and preventing the leakage of information (including personal information) by employees in advance by requiring all officers and employees to sign on an information protection written oath at the time of recruitment and once a year.
4. The change-over process of an employee handling personal information is thoroughly undertaken under a situation of maintaining security, and the responsibilities imposed for personal information infringement accidents after starting work and after leaving work are clearly regulated.
5. Company controls access by setting the data processing room and data storage room as restricted areas.
6. Company does not bear responsibility for incidents occurring due to the basic risks of the internet or personal negligence of customers. Customers must thoroughly manage and take responsibility for his or her own ID and password to protect his or her personal information.
Chapter 13 Personal Information Managing Division and Contact Information
Company designates and operates a relevant division as follows to handle inquiries and complaints relating to personal information and to protect the personal information of customers. In addition, Company highly values the opinions of its customers. Company will ensure prompt and accurate responses when customers make inquiries to the personal information managing division or call center or visit a branch office of Company, when having an inquiry.
1. Personal information managing division and contact information
   a. Personal information director: ktis, Media market business senior vice president, Lee Byung Woog
      ㅇ Tel: (02)3215-2098
      ㅇ Email: kttr@ktis.co.kr
   b. Personal information manager: TR Planning Division, Yong-Woon Kim
      ㅇ Tel: (02)3215-2098
      ㅇ Email: kttr@ktis.co.kr
2. Roles of personal information director
   a. Establishment and implementation of key guidelines, policies, and systems relating to personal information protection
   b. Construction of an internal control system to prevent misuse, abuse, and leakage of personal information
   c. Examination, supervision, and inspection over the management status of the personal information protection field
   d. Establishment and implementation of personal information protection training plans
   e. Establishment and revision of personal information handling policies
   f. Establishment of measures and preventive measures for personal information infringement accidents
   g. Other duties necessary for personal information protection
3. Please make inquiries to the following agencies when needing consultation or reporting an incident of personal information infringement.
   a. Korea Information Security Agency(KISA) www.118.or.kr / 118
   b. Supreme Prosecutors’ Office Internet Crime Investigation Center: www.spo.go.kr / 02-3480-2000
   c. National Police Agency Cyber Terror Response Center: www.netan.go.kr / 02-393-9112
Chapter 14 Notification of Personal Information Handling Policy
Company takes measures so that members may always easily view the details of personal information protection, including this Personal Information Handling Policy, by disclosing the details on the homepage of the website (www.koreataxfree.com).
When there is any addition, removal, or revision of contents pursuant to the change of security technologies or policies of the government, necessary procedures will be taken, such as providing prior notice to customers in a method designated by the Service Use Terms and Conditions of the website, at least seven (7) days in advance of the enforcement date.
※ Enforcement date of the Personal Information Handling Policy: January 12, 2016

Site Map

QUICK MENU
  • 환급금계산기
  • 문의하기