PRIVACY POLICY  
VISITKOREA thoroughly protects users' personal information. This Privacy Policy is subject to changes according to the laws of the Republic of Korea and the policy of VISITKOREA. Users can review the most current version of the Privacy Policy at any time.   

VISITKOREA is a website for global netizens interested in Korean tourism. All personal information from users is collected and used according to VISITKOREA Privacy Policy.  

VISITKOREA Privacy Policy was in effect since April 12, 2008 and revised on July 28, 2023.   

1) Collecting Personal Information  
VISITKOREA collects personal information provided by social media services when users access VISITKOREA services through social log-in. VISITKOREA may also collect specific information on user's access device and browser information, such as browser settings, IP addresses, search history, time of access, Internet protocol address, cookies, and GPS. Collected information is used in order to manage VISITKOREA, increase the service quality, and make general statistics about VISITKOREA users.   

2) Keeping and Disuse of Personal Information  
While you access VISITKOREA as a member, VISITKOREA uses your collected personal information to provide the following services.   

- Personalized services  
- Update current services and develop new services  
- Analyze user data and provide related services  
- Provide other services allowed by users such as marketing, etc.   
VISITKOREA will ask for a consent if personal information needs to be used other than the services listed above.  

3) Disclosure of Personal Information  
VISITKOREA does not expose users' personal information to third parties or other companies unless the user agrees or VISITKOREA is required to do so by law or authorities in the process of legal inspection.  

4) Third party Operation  
VISITKOREA uses third party to maintain VISITKOREA website. VISITKOREA oversees personal information protection of the third party to prevent any disclosure. VISITKOREA will notify the users when the role of the third party changes or a different party takes the role.  

Entrusted party: Uniess INC.  
Entrusted Task: Manage VISITKOREA website  

5) Use of Cookies  
VISITKOREA saves users' information and uses cookies on occasion for providing services adapted to the users. Cookies are text files installed in user's hard disk by website's server. Types of cookies include necessary cookies, performance cookies, functionality cookies and advertising cookies.  
You can accept or refuse to saving cookies by changing your web browser settings. Please note that in the case you refuse to save cookies, you may not be able to fully utilize all the features of this website.  

- Cookies setting instructions: https://ico.org.uk/your-data-matters/online/cookies/  

6) User Rights  
VISITKOREA provides rights for users including the following:  

- Rights to access personal information  
- Rights to edit personal information  
- Rights to delete personal information  
- Rights to limit access to personal information  
- Rights to move personal information  
- Rights to refuse the collection of personal information  

To exercise any of these rights, contact VISITKOREA   
management or Privacy Policy manager for proper action. However, VISITKOREA has the rights to deny the request if reasonable cause is met or required by law to preserve information.  

7) Protection  
VISITKOREA enforces various methods to protect users’ information including the following:  

- Limited number of employees in charge of managing personal information  
- Organize and execute internal management plans to ensure security  
- Password-protected personal information  
- Technical countermeasures for hacker and other cyber attacks  
- Limited access to personal information  
- Save access log and prevent forgery and alteration  
- Documents kept in protective storage  
- Security enforced for protective documents  

8) Children  
As a general rule, VISITKOREA does not collect information of anyone under the age of thirteen. All services provided by VISITKOREA is targeted to the general public.  
In the case VISITKOREA must collect personal information of anyone under the age of thirteen, an additional consent is required from a legal guardian.  

9) Third Party Site and Services  
VISITKOREA website may include products and services linked to third party website, products or services. Privacy Policy of the third party website may differ from VISITKOREA. Please check the Privacy Policy of the respective party website for details.  


10) Privacy Policy Manager and Department If you have opinions or complaints about the VISITKOREA Privacy Policy, contact us at the following address. (Personal Information Protection Act Article 31 (1) Designation of Privacy Officer)  

Head of Privacy Policy  
Name: Jeong Seonhee  
Title: Executive Director of Digital Transformation Department  
Privacy Policy Management Division  
Department: Digital Infrastructure Team  
Name: Seo Seung Yeon  
Contact: +82-33-738-3527, [email protected]  

11) Questions and Suggestions  
If you have questions or want to update user information collected by VISITKOREA, contact us at the following address.  

International Digital Marketing  
Team E-mail: [email protected]  

12) Changes in Privacy Policy  
This Privacy Policy is effective from the date stated, and any changes or deletion due to law and policy will be posted on the website.  

[2008.04.12 ~ 2023.07.27. Privacy Policy]  
[2023.07.28 ~ Current Privacy Policy]  
This revised Privacy Policy of VISITKOREA will be effective from July 28, 2023.

This Privacy Policy discloses how the Korea Tourism Organization (hereinafter “KTO”) processes your, or the user’s, personal information in accordance with the Personal Information Protection Act (hereinafter “Protection Act”) and relevant laws to provide a better understanding of your rights and handle related disputes in a swift and convenient manner.  

This policy has been in effect since April 12, 2008 and was last updated on February 29, 2024. Further revisions and updates will be notified through the VISITKOREA website and/or app (hereinafter “VISITKOREA”).  

01. Purpose of Collection and Use of Personal Information  
02. Period of Retention and Use of Personal Information  
03. Collected and Processed Personal Information  
04. Provision of Personal Information to Third Parties   
05. Entrustment of Processing Your Personal Information  
06. Destruction of Personal Information  
07. Your Rights, Legal Representation, and Exercising Your Rights   
08. Safeguards to Protect Personal Information  
09. Automatic Collection of Personal Information and Your Rights to Refuse  
10. Privacy Officers  
11. Access to Personal Information  
12. Changes to the Privacy Policy  

Article 1. Purpose of Collection and Use of Personal Information  
① The KTO collects and processes the minimum amount of personal information required for the purposes below. Collected information is not used for any other purposes than what is stated in this Privacy Policy.   
② In accordance with Article 32 of the Protection Act, the KTO collects and processes personal information data for the following purposes:  
 Personal Information Data File Name: VISITKOREA Member Information   
 Purpose: Manage and provide VISITKOREA membership services  

Article 2. Period of Retention and Use of Personal Information  
① The KTO processes and retains your personal information according to the Protection Act with your consent upon collecting your personal information.  
② Collected personal information is processed and retained as below:  
 Basis for processing and retention: Your consent  
 Retention period: From the day of consent to the time of membership termination  

Article 3. Collected and Processed Personal Information  
The KTO collects and processes the following personal information:   
① VISITKOREA Membership Registration and Service  
 (Mandatory) Email address, password, gender, date of birth, country/region, social media account for identity verification (applies to social login members)   

 (Optional) Mailing address   
② The following information may be automatically generated and collected when using VISITKOREA online services.  
 IP address, cookies, user history, visited pages, location information based on GPS and IP address   

Article 4. Provision of Personal Information to Third Parties  
The KTO does not disclose your personal information to third parties except under the following events:  
① Where a separate consent has been obtained  
② When it is deemed necessary by other regulations or laws   

Article 5. Entrustment of Processing Your Personal Information  
① In accordance with Article 26 of the Protection Act, the KTO thoroughly monitors the entrusted party to safely manage and protect your personal information when processing and to only process your personal information for the entrusted task.  
② Your personal information is entrusted as below:  
 Entrusted party: Uniess Inc.   
 Entrusted task: VISITKOREA operation and management   
③ Change of the entrusted party or entrusted task will promptly be announced through this Privacy Policy.  

Article 6. Destruction of Personal Information  
① The KTO will promptly dispose of all personal information upon expiration of the retention period, achieving the intended purpose, or in any event the collected personal information is deemed unnecessary.  
② In the event when processing your personal information is deemed necessary even after the retention period or achieving the intended purpose due to other laws, your personal information, or its data file, will be moved and kept in a separate database or storage.  
③ Personal information is disposed according to the following procedure and method:  
1. Procedure  
Personal information deemed no longer necessary will be relocated to a separate database (or document if obtained in a written form). It will then be stored for a certain period of time established by internal policy or other laws before the complete destruction.  
2. Method  
Personal information recorded and saved electronically will be destroyed and become inaccessible. Personal information recorded in non-electronic forms will be destroyed by shredding or incinerating.   

Article 7. Your Rights, Legal Representation, and Exercising Your Rights  
① You have the right to request KTO to access, modify, delete, or suspend from processing your personal information at any time.  

* Children under 14 can exercise their rights through a legal representative only. Minor individuals who are 14 years or older can exercise their rights directly or through a legal representative.  

② In accordance with Paragraph 1 of Article 41 of the Enforcement Decree of the Personal Information Protection Act, you may exercise your rights to the KTO by submitting a request through email or in writing and the KTO will process it in a timely manner.  

③ You may exercise your rights through a legal representative or a person delegated by yourself. To do so, you must submit an Annexed Form No. 11 of the Enforcement Regulations of the Protection Act.  

④ Your request to access your personal information or suspend from processing your personal information may be limited or denied in accordance with Paragraph 4 of Article 35 and Paragraph 2 of Article 37 of the Protection Act.  

⑤ As for your rights to request to modify or delete your personal information, you may not request to delete if other laws prescribe your personal information should be collected.  

⑥ Upon your request to access, modify, delete, or suspend from processing your personal information, the KTO shall verify if it is a request from self or from a legally authorized entity.  

Article 8. Safeguards to Protect Personal Information  

The KTO has established administrative, technical and physical measures necessary for ensuring the safety of your personal information according to Article 29 of the Protection Act as follows:  

1) Minimize and train personnel  
The minimum required number of personnel is designated and trained to handle personal information.  

2) Establish and enforce internal management system  
An internal management system is established and planned to ensure safety while processing personal information.  

3) Encrypt personal information  
Personal information is saved and transferred as encrypted data or the equivalent thereof.   

4) Technical measures against cyberattacks  
The KTO uses security programs and regularly performs update maintenance to prevent from leak and damage of personal information due to virus, malware, and cyberattacks. The system server is installed and monitored technically and physically in a controlled area.   

5) Limited access to personal information  
Measures are taken to control access to the personal information database by limiting authorization to access, modify, and terminate personal information from the database. A firewall system is used to restrict unauthorized access to the database.  

6) Keep access log and prevent from unauthorized modification  
Personal information database access records are logged and archived for at least one year. Access logs are protected by a security function to prevent from unauthorized modification, theft, and loss.  

7) Safeguard data in a secured storage  
Documents and data with personal information are stored in a password-secured or locked storage.  

8) Restrict unauthorized access  
Personal information is stored in a physically separated location that is restricted from unauthorized access.  

Article 9 Automatic Collection of Personal Information and Your Rights to Refuse  
① The KTO uses cookies to save and recall user information in order to provide a more personalized service.   
② Cookies are very small information files that are sent to your browser and saved on your device by the website’s http server.  

 Purpose of cookies: To provide personalized services based on your preference, visited pages, browsing patterns, search history, security, and more.   

 Cookie settings: You can use the browser option to allow or block cookies.  

 Personalized services may not be available if you block cookies.  

See cookies used by VISITKOREA  

Article 10 Privacy Officers  
The KTO designates privacy officers and working-level staff to protect personal information and handle complaints related to personal information processing as follows:  

Chief Privacy Officer  
 Name: Ko Bongkil   
 Department/Position: Digital Cooperation Department / Executive Director  

Privacy Protection Supervisor   
 Department: Digital Infrastructure Team  
 Name: Seo Seung Yeon  
 Contact: +82-33-738-3527, [email protected]  

Service Staff   
 Department: International Digital Marketing Team  
 Email: [email protected]  

Article 11 Access to Personal Information  
In accordance with Article 35 of the Protection Act, you can request to access your personal information to the following person in charge. The KTO will administer to your request as swiftly as possible.  
 Department: International Digital Marketing Team  
 Admin: Kim So-dam  
 Contact: +82-33-738-3494, [email protected]  

Article 12 Changes to the Privacy Policy  
① This Privacy Policy is in effect from February 29, 2024.  
② Previous versions of the Privacy Policy can be read from below:  
[2021.09.08 - 2024.02.29 Privacy Policy]  
[2008.04.12 - 2021.09.08 Privacy Policy]