Lotte Property&Development Inc considers customer’s privacy important and does its best to protect the personal information the customers provide it online while they use its service. The company abides by the relevant guideline and jurisdiction of 「the Personal Information Protection Regulations」 such as 「Act on Promotion of Information and Communication Network Utilization and information Protection, etc」(or 「Information and Communication Network Act」) and 「Act on the Protection of Personal Information」.
The company has developed this privacy policy according to the provision of Article 30 of 「Act on the Protection0 of Personal Information」 and Article 27 No.2 of 「Information and Communication Network Act」. Based on this policy, the company informs the customers the purpose and method of using their personal information and the measures it takes to protect their privacy.
The company encourages the customers to read this policy whenever they want by making it public on its website and mobile service.
This policy can be changed anytime due to the changes in the relevant guideline and jurisdiction of 「the Personal Information Protection Regulations」 or the company’s inside policy. Based on this policy any changes will be informed to the customers, so they are recommended to check the policy when visiting the web/mobile service.
1. Collection and Use of Personal Information
The company collects customer’s personal information to provide various convenient internet services.
The company collects and uses personal information based on the policy. For other purpose, it does not use or provide the information to the third parties without the customer’s consent.
-
A. Purpose of Collecting and Using Personal Information
- 1) To identify user and self-check
- 2) To provide customized information service such as event, exhibition, performance, coupon, new arrivals notice and etc.
- 3) To provide mobile payment service for using parking lot
- 4) To provide location-based and customized service
- 5) To provide inside location positioning service such as facility location guide and route guide, and etc.
- 6) To provide service of sharing personal location with friends.
- 7) To send messages based on the settings environment of application alarm such as event and friends request, and etc.
- 8) To communicate with customers about notice, complaints, and etc.
- 9) To write, use, and provide statistics such as distribution, interest, and behavior pattern of demographic and geographical factors that cannot identify a person.
- 10) To prevent corrupted use and unauthorized use of members.
-
. What personal information the company collects
- 1) In case of general member
-
- - Requirements :
- E-mail ID, password, name, address, cell phone number, date of birth, e-mail / SMS receiving selection, name and contact of a legal representative for children under age of 14
- 2) In case of simple member
-
- - Requirements :
- E-mail ID, password, name, phone number, date of birth, e-mail/SMS receiving selection
- 3) In case of foreign member
-
- - Requirements :
- E-mail ID, password, name, phone number, e-mail, SMS, e-mail receiving selection, nationality, date of birth, gender
4) In case of payment : Number and expiry date of credit card or cell phone number which are to be used to make payment.
5) In case of agreeing to providing location information : GPS information, Wifi AP information, Beacon
6) Information created while using service : Service access log, cookies, login IP information, payment records, terminal information(MAC address)
-
C. How to collect personal information
The company collects personal information as followed.
- 1) Member registration through homepage and mobile application, and counseling board
- 2) By using creation information collection tool
-
D. How long the company uses and holds personal information
As a rule, the information will immediately be destroyed when the purpose of collection or providing personal information are achieved. However, when the information is required by relevant jurisdiction to be hold, it will be hold for a certain period of time and the company will use the information only for the retention purpose.
- - Registration information will be destroyed when customer withdraw or is expelled from membership
- - Information collected for survey and event will be destroyed when the relevant survey and event is closed.
- - Information about customer’s complaints and disputes settlement
- Retention reason : Consumer Protection Act on environment like e-commerce
- Retention period : 3 years
- - Information about payment and goods supply
- Retention reason : Consumer Protection Act on environment like e-commerce
- Retention period : 5 years
-
E. Use of personal information
The fundamental purpose of collecting customer’s personal information is to provide various, optimized service and encourage better Lotte members service. In order to provide better service based on the collected information, the company provides service related information in various ways such as notice, email, and telephone. However, if customers express their intention that they do not want to receive those service information, the company has to exclude them from the information provide list and it does not take responsibility for the relevant disadvantage the customers can get by refusing to receive information.
2. Provide and Share Personal Information to/with the Third Parties
Lotte Property&Development uses customer’s personal information within the range determined in 「Collection and Use of Personal Information」 and does not use more without the customer’s prior consent or provide the information to the third parties. However, followings are exceptions.
- 1) When the customer previously has revealed and agreed to provide to the third parties.
- 2) When the investigative agency and supervisory authority require for the information for the purpose of investigation based on the process and method of the relevant jurisdiction
- 3) When the information is provided to the third parties like cooperative companies in the form of unidentifiable state for making statistics, academic research or market research.
When it is necessary to provide the personal information to the third parties, the information can be available for the third parties after the appropriate process is taken and customer consent is obtained. Until now, none of the third parties have received personal information by obtaining customer’s consent.
3. Consign personal information to the agent
Lotte Property&Development consigns the agent to deal with the personal information task in order to provide better service.
The company consigns the personal information task to the agent as below and takes necessary measure to make sure the information to be safely managed according to the relevant jurisdiction. The consigned information is limited to the minimum amount necessary to provide better service.
Followings are the purpose of consignment.
the purpose of consignment.
Agent |
Task |
Lotte Members, Inc., |
Operate L.POINT membership |
Lotte Data Communication Company |
Operate computing system |
4. Personal Information Destroy
The customer’s personal information will immediately be destroyed when the purpose is achieved. Paper printed information is destroyed by pulverizing or incinerating while electronically stored information is deleted permanently so it cannot be restored. However, when we delete the file to prevent it from being restored, we use the socially accepted method of the current technology level with reasonable price. When the information disposal is consigned to the third parties, the company prevents them from dealing with the information.
5. Use and Refusal of Cookie
- A. Purpose of using cookie
- A. Lotte Property&Development uses cookie which stores and brings the customer’s information whenever needed in order to provide customized service. Cookie is a small amount of information transferred to the customer’s browser by the company’s website server and stored in the hard disk of customer’s computer.
- B. The company can provide certain customized service which cookie encourages.
- C. The company can use cookie to identify customers and maintain customer’s log-in state.
- B. Install/Operate and Refuse Cookie
- - Customers have the right choose whether or not to install cookie. They can permit or refuse all the cookies or check whenever cookie is about to be stored by adjusting option setting in the web browser.
- - When cookie is refused to be stored, some service provided by the company such customized service may not easily be used.
- - How to adjust cookie installing setting on Internet Explorer
- ① In [Tool] menu, select [Internet Option].
- ② Click [Personal Information Tab].
- ③ In [Internet Setting], select cookie permission level.
- - How to adjust cookie installing setting on Internet Explorer
- ① In [Tool] menu, select [Internet Option].
- ② Click [Personal Information Tab].
- ③ In [Internet Setting], select cookie permission level.
- - How to adjust cookie installing setting on Safari
- ① In upper right menu bar on Mac OS, select [Safari] -<[Settings].
- ② From [Settings], move to [Security] to select whether or not to permit cookie.
6. Customer’s Rights
- A. Customers can view, correct, and delete own personal information on the website. For the request delivered to the personal information manager through email or written paper, the company will view, correct and delete after identifying customers. However, there can be a limitation when certain information is prohibited or limited for correction and deletion according to other jurisdiction. Also, when customers request for correcting personal information, the information is not used or provided before finishing correction unless the information is requested to be disclosed according to other jurisdiction. If false personal information has already been provided, the company will make sure the third party to correct the data.
- B. Customers can request the company to stop dealing with the personal information whenever they want. However, the company can refuse the request for the following cases.
- - When it is inevitable due to the special regulations on jurisdiction or in order to abide by the legal obligation
- - When there is a worry to damage other people’s life or body, or to unrightfully violate other’s benefits.
- - When the main agent of the information does not clearly express to terminate agreement and it is difficult to fulfill the service agreed between the agent and company unless dealing with personal information.
- C. Customers can always withdraw the agreement of collection, use, and provide of personal information that is made at the time of registration. The company will take measures to fulfill the request immediately after customers express intention to withdraw agreement by clicking “membership withdrawal” on website or contacting the relevant manager through letter, email, or telephone. However, when the company is forced to preserve customer’s information by jurisdiction or agreement rules, the request can be limitedly fulfilled. In this case, customers must reveal one’s ID and self-check identifying information, and can have limited access to the service due to withdrawal.
- D. A legal representative can withdraw the agreement to collection, use, and provide of personal information of children under 14 and has a right to request for viewing or correcting the relevant information.
7. Customer Obligations
- A. Customer shouldn’t yield or lend ID, passwords, and access material. When personal information is disclosed due to customer’s carelessness such as losing ID or leaving website without log out, browser’s weakness, or unexpected hacking beyond the technical and operational measures defined by relevant jurisdiction while the company takes all kinds of measures to protect hacking as a responsible manager, the company is not responsible for the damage customers suffer.
- - Customer should maintain his/her personal information up to date and they are responsible for all the problems caused by false information.
- - Customer can lose membership qualification when they use other person’s personal information.
- - Customer is responsible for maintaining security of ID and passwords and he/she cannot yield or lend them to the third parties. Customer has a duty to cooperate to periodical passwords changing in order to mange privacy policy.
- - Customer should log out and close the web browser program after using the company’s service.
- - Customer should abide by the personal information-related jurisdictions such as "「Information and Communication Network Act」", “「Act on the Protection of Personal Information」”, and "Resident Registration Act”.
- B. When children under age of 14 apply for membership, the company must obtain a consent from a legal representative(parents) to protect personal information of children. Therefore, when children under 14 want to join membership, their legal representative should join membership at the same time. When their legal representative does not agree, children cannot be a member. According to the relevant jurisdiction, children’s legal representative should identify themselves by credit card, cell phone, or certificate to allow their children under the age to join membership.
8. Technical/Operational/Physical Measures to Protect Personal Information
The company considers following technical, operational, and physical measures to protect personal information from being lost, stolen, disclosed, distorted, or damaged when dealing with customer’s personal information.
- A. Personal Information Encryption
Customer’s passwords are stored and managed through one way encryption and only the owner of the accounts who knows the passwords can view and change personal information. In prevent the third person from conjecturing passwords with the date of birth or telephone number of the customers, the system forces the customer not to use easy-to-guess passwords with the encryption rules. Personal information like resident registration, foreign registration number, bank account, and credit card number is stored and managed with safe encrypting algorithm.
- B. Preparation for hacking
To prevent the customer’s personal information from being disclosed due to hacking or violation of the company’s information and communication network, the company operates 24 hours violation blocking system and makes sure the sensitive personal information safely delivered on the network by encrypted communication.
- C. Minimization and Education of the People with Access to Personal Information
The company restricts the number of person dealing with personal information and educates them the importance of protecting those information.
- D. Physical Inspection and Block
The company physically inspects and blocks the personal information from access by installing computer room and archive in the remote area where outer access is impossible.
9. Managers in charge of Personal Information
The company does its best to make sure customers can safely use its service. The customers can reports any kinds of complaints related to personal information protection of service to those managers below. The company will respond quickly and sincerely to them.
Managers in charge of Personal Information
|
Person in charge of Personal Information |
Person in charge of Personal Information Protection |
Name |
Young Choi |
Mi-hyun Lee |
Team |
Marketing Team |
Marketing Team |
Position |
Team Leader |
Manager |
Email |
funnyowl@lotte.net |
mihyun_lee@lotte.net |
Telephone |
02-3213-5820 |
02-3213-5702 |
Fax |
02-6234-3092 |
02-6234-3092 |
Please refer to the organizations below when reporting or counseling are needed to resolve other Personal information violation problem.
- Personal Information Violation Report Center (http://www.118.or.kr / 118)
- Information Protection Mark Certification Committee (http://www.eprivacy.or.kr / 02-550-9531~2)
- High-Tech and Financial Crimes Investigation Division of Supreme Prosecutor’s Office (http://www.spo.go.kr / 02-3480-2000)
- National Police Agency Cyber Terror Response Center (http://www.ctrc.go.kr / 02-393-9112)
Guidelines for closed circuit television(CCTV)
Lotte Property&Development Inc inform you about the usage and management of the video information processed by guidelines for closed circuit televsion.
A. Installation basis and purpose of CCTV
Lotte Property&Development Inc install CCTV to prevent accident like fire and enact a provision named 'Guidelines for closed circuit television' based on article 25 of 「Act on the Protection of Personal Information」
and article 25 of enforcement ordinance of 「Act on the Protection of Personal Information」to ensure rights & interests of information subject and to promote business property by prescribing point of information security that
company must follow.
B. Present condition of CCTV
Below are number of installations, locations and range of filming
- · Number of installations : 1,600 tatal
- · Location : entrance of parking area, entrance foor, shop, office
- · Range of filming : entrance and path of office, entrance and path used by shopper, parking area.
- · Consignment company : S-Tec Inc
- · The persion in charge : Woo-Gil park(Head of department) / Phone number : 02-3213-0112
C. Designate of CCTV administrator
Below are chief manager of processing video information, department and person in charge of who deal with video information for safety supervision.
- · Chief Manager : Lotte Property&Development Inc Sang- Cheon Kim(Team leader) / Phone number : 02-3213-5408
- · Consignment Manager.
- a Lotte World Tower ProScom Inc(Security) Yun-Suk Lee(Head of Department) / Phone number : 02-3213-9112
- b. Lotte World Mall S-tec system Inc(Security) Woo-Gil Park Head of Department) / Phone number : 02-3213-0112
- c. Lotte World Mall The-Man Inc(Parking) Sung-Won Kang(Manager) / Phone number : 02-3213-0251
Guidelines for closed circuit television(CCTV) of Lotte Property&Development Inc