top of page

Privacy Policy

Sierraenter (hereinafter referred to as the "Company") establishes this Privacy Policy to protect the personal information of internet members using the Company's website and to ensure the stability of the information and communications network. The Company's Privacy Policy is subject to change in accordance with amendments to government laws and guidelines, as well as changes in the Company's site policies. Members are advised to check this policy frequently when visiting the Company's site.

Personal Information Collection Items and Methods

The personal information items the Company receives to provide travel and related services are as follows:

 Items Collected

  • For member registration and travel product reservations: English name and Korean name (due to the nature of the travel industry).

  • For confirming reservation details and consultation: Phone number, E-mail address, mobile phone number, KakaoTalk ID, and other contact information.

  • For airline/overseas hotel reservations: Date of birth, gender, passport number, and passport expiration date.

 Collection Method

  • The personal information provided to the Company is retained along with the reservation records while receiving the reservation service and is used solely for the purpose of providing the reservation service.

Purpose of Collection and Use of Personal Information

The Company utilizes the collected personal information for the following purposes:

1. Fulfillment of Contract for Service Provision and Fee Settlement

  • Travel product reservation, confirmation and consultation of reservation details, content provision, member privileges when using travel services, mileage accumulation/inquiry/use and related guidance, purchase and fee payment, identity authentication and financial services, etc.

2. Member Management

  • Identity verification for membership services, personal identification, prevention of unauthorized or fraudulent use by bad members, confirmation of intent to join, restriction on use and number of uses, age verification, confirmation of legal representative's consent when collecting personal information of children under 14, record preservation for dispute resolution, handling complaints and civil affairs, delivery of notices, etc.

3. Utilization for Marketing and Advertising

  • Information delivery on products and advertising such as events of the Company and its affiliates, statistics on members' service use, and various marketing activities targeting members.

Provision and Sharing of Personal Information (To Third Parties)

As a rule, the Company does not disclose your personal information to companies or institutions unrelated to the travel service industry. However, cases where your personal information is shared in connection with services are as follows:

  1. Provided to domestic and foreign airlines, shipping companies, car rental companies, and hotel operators for boarding flights, boarding ships, renting cars, and hotel accommodations.

  2. The Company provides customized travel, shopping mall, community, mobile E-mail, telemarketing, and reservation confirmation services for customers using traveler's personal information.

  3. We share information with agencies to provide convenient travel services to customers. The management system (ERP) provided by the Company is shared on a limited basis only with agencies contracted with the Company to process customer travel product consultations and reservations.

Consignment (Outsourcing) of Personal Information Processing

For services such as events and sweepstakes, information may be provided to an outsourcing company. In this case, the types of information required, the purpose of use, and the period will be specified to obtain prior consent from the customer (detailed information regarding outsourcing is provided by the "Sierraenter Customer Satisfaction Department").

Furthermore, the Company may share users' personal information to provide better services. Even in this case, prior to information collection or provision, we will notify users of who the institutions or organizations sharing personal information are, what information is needed and why, and how long and how it will be protected and managed, going through a procedure to seek consent. If users do not consent, additional information will not be arbitrarily collected or shared.

Retention and Use Period of Personal Information

Your personal information will be destroyed once the purpose of collection or the purpose of provision is achieved. However, if it is necessary to retain it for a certain period to confirm rights and obligations related to transactions in accordance with the provisions of related laws such as the Commercial Act, it will be retained for a certain period as follows:

  • Records regarding contracts or withdrawal of subscription, etc.: 5 years

  • Records regarding payment and supply of goods, etc.: 5 years

  • Records regarding consumer complaints or dispute resolution: 3 years

Destruction Procedure and Method of Personal Information

When a customer requests it or when the purpose of collection or provision of personal information has been achieved, Sierraenter safely manages the destruction of data in the following ways:

  1. Personal information printed on paper: Shredded using a shredder.

  2. Personal information stored in electronic file formats: Deleted using technical methods that do not leave personal information behind and make the records unrecoverable.

However, the following are exceptions:

  • When preservation is necessary according to the provisions of other laws such as the Commercial Act.

  • When preservation is necessary as evidence in a lawsuit or dispute.

  • Other cases where individual consent has been obtained from the user.

  • When preservation is necessary for a certain period according to Sierraenter's internal regulations. (Even in these cases, the exact period for which personal information is retained will be notified in advance with valid grounds, and it will be completely destroyed thereafter according to the destruction management method.)

Privacy Protection and Management Rights

1. Consent to Personal Information Collection The Company deems that you have consented to the collection of personal information when you check "Agree" to the privacy policy during membership registration and fill out the travel contract.

2. Withdrawal of Consent If you wish to request the withdrawal of your provided personal information and your consent, please contact the personal information management representative via phone or E-mail. We will take necessary measures such as deleting the personal information after verifying your identity.

3. Matters Concerning the Operation of Cookies The Company uses 'cookies' that store and frequently retrieve your information. You have the option to accept all cookies, send a notification when a cookie is installed, or reject all cookies by adjusting the options in your web browser.

4. Access and Correction of Personal Information

  • Customers can view or correct their registered personal information at any time. If you wish to view or correct your personal information, click to do it directly, or contact the personal information management officer by E-mail, and we will take action.

  • If a customer requests correction of errors in personal information, the personal information will not be used until the correction is completed

Security Measures to Protect Personal Information

a. Technical Measures

  • Your personal information is protected by a password, and important data is protected through separate security functions by encrypting files and transmission data or using a file lock function.

  • We take measures to prevent damage from computer viruses using antivirus programs.

  • The Company uses a security device (SSL or SET) that can safely transmit personal information on the network using encryption algorithms.

  • To prevent your personal information from being leaked by hacking, etc., devices that block external intrusions are used, and intrusion detection systems are installed on each server to monitor intrusions 24 hours a day.

b. Managerial Measures

  • The Company limits access to your personal information to a minimum number of authorized personnel (e.g., marketing staff, personal information management officers).

  • Regular in-house and outsourced security education is conducted for employees handling personal information.

  • Through a security pledge signed by all employees upon joining the company, we proactively prevent information leakage by individuals and establish internal procedures to audit compliance with the privacy policy.

  • The handover of duties by personal information handlers is carried out thoroughly while security is maintained, and responsibilities for personal information accidents after joining and leaving the company are clearly defined.

  • Personal information and general data are not stored together but are separated and stored on separate servers.

  • Computer rooms and data storage rooms are designated as special protection zones, and access is strictly controlled.

 

Note: The Company is not responsible for incidents that occur due to a user's personal mistakes or the inherent risks of the internet. Each member must properly manage their ID and password to protect their own personal information and take responsibility for it.

Other Policies

1. User's Rights and Obligations Please input your personal information accurately to prevent accidents. Users are entirely responsible for accidents caused by inaccurate information they enter. Entering false information, such as stealing another person's information, will result in the requested reservation processing being denied, and you may be punished according to relevant laws.

2. Protection of Children's Personal Information When collecting personal information from children under the age of 14, consent must be obtained from a legal representative. The legal representative can request access, correction, or withdrawal of consent regarding the child's personal information, and the Company will take necessary action without delay.

3. Measures for Stolen Personal Information If it is discovered that a customer has registered by stealing another person's resident registration number or other personal information, the Company will immediately take necessary measures, such as suspending service use or withdrawing membership for the account. Similar actions will be taken if a victim reports the theft and requests account suspension/withdrawal. 

4. Other Consultations and Complaint Handling Sierraenter is actively collecting opinions from users regarding personal information protection and has prepared all procedures and methods to handle complaints. You can report complaints by phone or email to the "Sierraenter Personal Information Management Officer and Representative" listed below. 

5. Duty of Notice When there is any addition, deletion, or modification to the content of the Privacy Policy, the Company will notify users through the 'Notices' section of the website at least 7 days before the revision takes effect.

  • Announcement Date: September 20, 2021

  • Effective Date: September 20, 2021

bottom of page