Privacy Policy of interpark global

Nol Universe Co., Ltd. (the “Company”) complies with all applicable laws and regulations to protect your personal information, and makes its best efforts to protect your personal information. The Company informs you of the purpose and method of using your personal information and of the measures taken to protect your personal information by disclosing this Privacy Policy. This Privacy Policy may be modified by amendments to applicable laws and regulations or the Company’s internal policy. Please check this Privacy Policy from time to time when you sign up for membership or use our website.

1. Personal Information to be Collected

The Company collects and processes the minimum personal information necessary for the usage of the services from users (including members and non-members).

When signing up for membership

ID (e-mail address), password, and name (nickname) are collected as mandatory items, and photographic information (including meta information) is collected as optional item; provided, however, that if you sign up for membership by using another service account such as Google, LINE, Apple, instead of using our own service, ID and name (nickname) of the relevant account are collected as mandatory items, public profile information (photo and e-mail address) is collected as optional item. When a child under 14 years of age signs up for membership, a consent must be obtained from his/her guardian regarding the processing of the child’s personal information. The Company shall collect the name, date of birth, and e-mail address of his/her guardian for the purpose of confirming the consent.

When using the services

Terminal information (model name, information on mobile carrier, OS information, language, country, screen size, advertising identifier), IP address, cookies, date and time of visit, location information, records of fraudulent use, and records of service use may be generated and collected.

Specifically, in the course of using the services, the information about users is generated in an automated manner and collected, or the unique information of the users’ devices is safely converted and collected so that the original value cannot be identified. Location information may be collected in the course of using the services, and the location-based service provided by the Company interpark global is specified in detail in the “Terms and Conditions of Use for Location-Based Service.”

As the Company collects the minimum amount of information in the course of membership sign-up or non-members’ use of the services, additional personal information may be collected only from the users of the relevant services in the course of using individual services, joining events and applying for prizes. When collecting additional personal information, the Company informs users of the “items of personal information to be collected, purpose of collection and use of personal information, and retention period of personal information” at the time of collection of such personal information and obtains consent from them.

When consulting with customers

Personal information (e-mail, nickname) and details of consultation may be collected for customer consultation, receipt and processing of complaints.

When using paid services

The following information may be collected in the course of reserving products and using services:

Items of Personal Information to be Collected	Purpose
Name, Mobile phone number, E-mail	Consultation on products, confirmation of reservations, major changes in terms and conditions, and provision of other marketing information
Person making reservation and traveler, Name, Date of birth, Gender, Contact information (mobile phone number), E-mail address, Passport information (passport number, passport expiration date, nationality, country of issuance), IMEI, Health information (allergies) Recipient information (name, phone number/mobile number, address)	Reservation of products
Name of legal representative, Relationship, Date of birth, Contact information, Copy of document evidencing family relation	Reservation of products by a child under 14 years of age
Credit card number, Expiry date, CVS number	Payment by credit card

2. Method of Collection of Personal Information

The Company collects the minimum personal information necessary in the course of signing up for membership and using the services by way of direct input from users, and collects additional information in the course of using paid services such as product reservation. Such information may also be collected through webpage, e-mail, fax, phone call, etc. in the process of consulting with the customer center.

In the event of collection of personal information, the Company obtains the user’s prior consent to “collection and use of personal information”; provided, however, that IP address, cookies, device information, etc. may be automatically generated and collected in the process of using the services via PC web or mobile web/app.

3. Use of Personal Information Collected

The Company uses personal information only for the following purposes, including membership management, development, provision and improvement of services, and establishment of safe environment for use of services:

Personal information is used for the purpose of confirming intention to join membership, verifying age, obtaining consent from legal representative, verifying identity of the user and his/her legal representative, identifying the user, confirming intention to withdraw from membership and managing members.
In addition to the provision of content and services (including advertising), personal information is used to analyze demographics, analyze service visits and usage records, create user-to-user relationship based on personal information and interests, provide customized services based on acquaintances and interests, identify new service elements and improve existing services.
Personal information is used for protection of users and operation of services, by means including measures to restrict use against users who violate the laws and regulations and interpark global Terms of Service, prevention of and sanctions against acts that interfere with smooth operation of services, including fraudulent use, prevention of account theft and fraudulent transactions, communication of notices such as amendment of the terms and conditions, record preservation for dispute resolution and handling of complaints.
Personal information is used to perform contracts on the provision of services and settle fees for the provision of services, reserve travel products, provide content, make purchases and payments, send notices of reservation details, verify identity for financial transactions and provide financial services.
Personal information is used for marketing and promotion purposes such as provision of event information and opportunities to participate and provision of advertising information.
Personal information is used for analysis of service usage records and access frequency, statistics on service usage, provision of customized services and advertising based on service analysis and statistics.
Personal information is used to establish a service usage environment where users feel at ease when using in terms of security, privacy and safety.

4. Installation, Operation and Refusal of Automatic Personal Information Collecting Device

The Company uses “cookies” that frequently store and retrieve the user’s information to provide personalized and customized services.
Cookies are very small text files sent from a server used to operate a website to the user’s browser and stored on the hard disk of the user’s computer. If the user visits the website again, the website server reads the contents of the cookies stored in the user’s hard disk to maintain the user’s settings and provide customized services.
Cookies do not collect personally identifiable information automatically or actively, and users can refuse or delete the storing of cookies at any time.

Purposes for which the Company uses cookies

The Company stores settings, etc. preferred by the user through cookies to support a faster web environment for users and to improve the service for convenient use.
The Company uses cookies to analyze the records of service usage, such as access frequency, visit time and number of visits, to identify the user’s preferences and interests, and to use them for providing the services.

Installation, operation and refusal of cookies

Users may refuse to store cookies through web browser settings; provided, however, that if users refuse to store cookies, they will be required to enter member ID and password again when using services that require log in.
Please refer to [5. Matters Concerning Collection, Use, Provision, Refusal, etc. of Behavioral Information] for methods to determine whether or not to allow the installation of cookies.

5. Matters Concerning Collection, Use, Provision, Refusal, etc. of Behavioral Information

Behavioral information refers to information on online user activities that enables the identification and analysis of the user’s concern, interest, preferences, preferences, etc., such as website visit history, app use history and purchase and search history.
The Company collects and uses behavioral information as follows:

Items of Behavioral Information Collected	User’s history of visits to and use of web/app services, search history, purchase history, and advertisement identifiers
Method of Behavioral Information Collection	Automatically collected through log information analysis tool (Google Analytics, Firebase) at the time of user’s usage of the services
Purpose of Collection of Behavioral Information	Development of products and services, improvement of products and services, and provision of customized advertising and services
Period of Retention and Use and Method of Data Processing Thereafter	Retained and used until membership withdrawal, and retained and used only for statistical purposes by taking de-identification measures after the expiration of the retention period

Users have an option to block the Company’s collection and use of behavioral information, which can be done in the following methods:
- The menu or the methods may vary depending on the mobile OS version.

[Web browser]

Edge: Settings > Site permissions > Cookies and site data
Chrome: Menu > Settings > Privacy and security > Cookies
Safari: Settings > Privacy > Cookies and website data

[Smartphone]

Android: Settings > Google > Ads > Delete advertising ID
iOS: Settings > Privacy > Tracking > Allow Apps to Request to Track OFF
Inquiry method and damage relief with respect to behavioral information
- If you have any inquiries or complaints regarding the processing of behavioral information, please contact us below and we will actively respond.

[Complaint Handling Center]

E-mail: global@nol-universe.com
Tel: 02-3483-0224

6. Provision and Entrustment of Personal Information

The Company provides personal information only (i) if the user directly consents to the provision of personal information in order to use services of an external partner, (ii) if interpark global is obliged to submit personal information under applicable laws and regulations, or (iii) to eliminate any imminent risk to the user’s life or safety that has been identified.

Recipient	Items of Personal Information to be Provided	Purpose of Use by Recipient	Period of Retention and Use
Tour partners	Person making reservation and traveler: Name, name in English, date of birth, gender, age, contact information (mobile phone number), Mobile messenger ID (WhatsApp, LINE, KakaoTalk, WeChat, Facebook), e-mail address, passport information (passport number, passport expiration date, nationality, country of issuance) Airline name, Arrival flight number, Return flight number, Pickup location and time, Drop-off location and time, Arrival date and time, Hotel name Hotel address, IMEI Health information (allergies)	Reservation and confirmation of products, use of reserved product, delivery, operation of handling of complaints and consulting	Until the purpose of using the personal information is attained (in case of partners, until the termination of the partnership agreement) and until the retention period under applicable laws and regulations
Ticket partners	English name, Mobile messenger ID (WhatsApp, LINE, KakaoTalk, WeChat, Facebook) Address, mobile phone number, order information Recipient information (name, phone number/mobile phone number, address)

Recipient

Items of Personal Information to be Provided

Purpose of Use by Recipient

Period of Retention and Use

Tour partners

Person making reservation and traveler:

Name, name in English, date of birth, gender, age, contact information (mobile phone number), Mobile messenger ID (WhatsApp, LINE, KakaoTalk, WeChat, Facebook), e-mail address, passport information (passport number, passport expiration date, nationality, country of issuance)

Airline name, Arrival flight number, Return flight number, Pickup location and time, Drop-off location and time, Arrival date and time, Hotel name

Hotel address, IMEI

Health information (allergies)

Reservation and confirmation of products, use of reserved product, delivery, operation of handling of complaints and consulting

Until the purpose of using the personal information is attained (in case of partners, until the termination of the partnership agreement) and until the retention period under applicable laws and regulations

Ticket partners

English name, Mobile messenger ID (WhatsApp, LINE, KakaoTalk, WeChat, Facebook)

Address, mobile phone number, order information

Recipient information (name, phone number/mobile phone number, address)

TRAVELBID, MEDIANART, ADMAX, ehwagyobok, HANATOURITC, PREMIUMPASS, LECIRT, TMONETWALKERHILL, TMONETJEJU, FRIP, KTOURSTORY, MOVV, DAESUNG TRAVEL, SEOULCITYTOUR, VIRTUALIVE, REDTABLE, MYTOUR KOREA, PPTECH KOREA, EBRIDGE, DALLALANETWORK, LOCALTRAVELLAB, NATUREMOBILITY, WIDEMOBILE, JANGTOFU Company, DESIGNYOURTOUR, HOLIDAYTOUR, OURLINE, INTOUR, SWTOUR, VREDU, ILOVESEOUL, GOTOUR, TRAVOLUTION, PLACEM, SEOULGUNWILD, MINAMI Aesthetic

Recipient	Items of Personal Information to be Provided	Time and Method of Transfer	Purpose of Use by Recipient	Period of Retention and Use
KLOOK (Hong Kong), BeMyGuest (Singapore)	Person making reservation and traveler: Name, name in English, date of birth, gender, contact information (mobile phone number), e-mail address, passport information (passport number, passport expiration date, nationality, country of issuance)	Transfer via network used at the time of reservation	Reservation of travel products, operation such as handling of complaints	Until the purpose of using the personal information is attained (in case of partners, until the termination of the partnership agreement) and until the retention period under applicable laws and regulations

In order to provide convenient and better services, the Company delegates part of the work to a third party.
The Company delegates part of the work required for the provision of the services to a third party, stipulates the required matters to ensure that the delegated entity processes personal information in a safe manner in accordance with the Personal Information Protection Act, and performs management and supervision thereof.

Delegatee	Delegated Work
Amazon Web Services Inc. (Seoul)	Use of AWS services

Contact Information of Transferee and Information Managerasdf	MongoDB, Inc privacy@mongodb.com
Country of Transfer	Singapore (AWS Singapore region), Korea (AWS Seoul region)
Date, Time and Method of Transfer	Personal information collected while using the services
Items to be Transferred	Transfer via network at the time of service use
Purpose of Use	Data storage
Retention Period	Until the withdrawal of membership or the change in the use of cloud services used by the Company

7. Retention Period and Destruction of Personal Information

The Company processes the user’s personal information until membership withdrawal or within the period of retention and use as consented at the time of collection of personal information from the user.
The Company will destroy the personal information without delay when it becomes unnecessary due to the expiration of the retention period, attainment of the purpose of processing, etc.
- However, if the Company obtained separate consent from the user for the retention period of the personal information, or is obliged to store such information for a certain period under applicable laws and regulations, the Company will retain the personal information safely for such period.
The Company obtains separate consent from the user for the retention period of the personal information in the following cases:
- In order to prevent unauthorized membership and use, the Company retains the records of unauthorized membership and disciplinary actions for six (6) months from the date of collection and destroys them.
Relevant laws and regulations, including the Act on the Consumer Protection in Electronic Commerce, the Electronic Financial Transactions Act, and the Protection of Communications Secrets Act, stipulate the requirements to retain information for a certain period as follows. The Company will retain personal information for such period in accordance with the laws and regulations, and will never use it for any other purposes.
- Act on the Consumer Protection in Electronic Commerce
  - Records on contracts or withdrawal of subscription: to be retained for five (5) years
  - Records on payments and supply of goods, etc.: to be retained for five (5) years
  - Records on handling of consumer complaints or disputes: to be retained for three (3) years
- Electronic Financial Transactions Act
  - Records on electronic finance: to be retained for five (5) years
- Act on Promotion of Information and Communications Network Utilization and Information Protection
  - Records on identity verification: to be retained for six (6) months
- Protection of Communications Secrets Act
  - Log-in records: to be retained for three (3) months
The Company destroys personal information in an irreproducible manner when the purpose of collection and use of personal information has been achieved, including by membership withdrawal, service termination, and the expiration of the retention period of personal information consented by the user.
The Company will destroy without delay the information required to be retained by the applicable laws and regulations in an irreproducible manner after the expiration of the relevant period.
- Electronic files will be safely deleted by using technical methods that render them irrecoverable and irreproducible, and printouts, etc. will be destroyed through shredding or incineration.

8. Rights of Users and Legal Representatives and Exercise Methods

Users may inspect or modify their personal information at any time at “My Information > Settings.”
Users may withdraw their consent to the collection and use of personal information at any time by means of withdrawal from membership, etc., and the collected personal information will be destroyed immediately upon such withdrawal.
- Users may withdraw from membership at “My Information [≡] > [Settings] > [Service Withdrawal].”
In case of a child under the age of 14, his/her legal guardian has the right to inspect or modify the child’s personal information and to withdraw his/her consent to the collection and use of the child’s personal information, and the collected personal information will be destroyed immediately upon withdrawal.
If the user requests for correction of any error in his/her personal information, the relevant personal information will not be used or provided until the correction is completed. In addition, if any incorrect personal information has been already provided to a third party, the correction processing result will be notified to the third party without delay so that the correction can be made.

9. Information on Personal Information Protection Officer and Person in Charge

In order to handle inquiries and complaints related to personal information of users, the Company has designated a Personal Information Protection Officer and person in charge as follows:

Personal Information Protection Officer
Name: Dong-Hyun Lee Contact information: 02-3483-0224, global@nol-universe.com

For any other reporting or consulting on infringement of personal information, please contact the institutions provided below:

Personal Information Infringement Report Center: (https://privacy.kisa.or.kr / 118 without exchange code)
Cyber Crime Investigation Department of the Supreme Prosecutors Office (www.spo.go.kr / 1301 without exchange code)
Cyber Investigation Bureau of National Police Agency (https://ecrm.police.go.kr/minwon/main 182 without exchange code)
Personal Information Dispute Mediation Committee (https://www.kopico.go.kr / 1833-6972 without exchange code)

10. Processing of Personal Location Information

The Company protects the user’s personal location information in compliance with the Act on the Protection and Use of Location Information. Details of the processing of personal location information are specified in the Terms and Conditions of Use for Location-based Service.

The Company provides the following location-based service, and destroy without delay when the purpose of processing has been achieved.
- Geo Tagging service: the location information of the personal location information principal or mobile device included in a post is stored along with the post.
- Search result and location recommendation services based on location information: when requesting information search or providing location information of the personal location information principal or mobile device, the search result and nearby location result (popular restaurants, neighboring businesses, means of transportation, etc.) are presented based on such location information.
- Sharing of location information: location between users is shared for the purpose of facilitating user communication by using the location of the personal location information principal or mobile device.
- Provision of travel convenience services: convenience services, such as traffic information, road guidance, and weather depending on the location, are provided by using the location of the personal location information principal or mobile device.
- Provision of advertising information by using user location: in the process of using search results or other services, advertising materials are presented by using the location of the personal location information principal or mobile device.
- User protection and prevention of unauthorized use: the location of the personal location information principal or mobile device is used to block abnormal service use attempts, etc. made by unauthorized persons.
Pursuant to Article 16, Paragraph 2 of the Act on the Protection and Use of Location Information, the Company will automatically record the evidentiary materials for the use and provision of location information of the personal location information principal in the location information system, and retain them for at least six (6) months.
The Company will safely destroy personal location information in an irreproducible manner when the purpose of processing personal location information has been achieved. Electronic files will be destroyed through technical methods that render them irrecoverable and irreproducible, and printouts, etc. will be destroyed through shredding or incineration.
The Company will not provide personal location information to a third party without the consent of the personal location information principal, and if the Company provides personal location information to a third party designated by the personal location information principal, the Company will immediately notify, on each occasion, the personal location information principal of the recipient, the date and time of provision and the purpose of provision via the relevant communication terminal device from which the personal location information was collected.
If the legal guardian of any of the following persons (the “Child Aged 8 or Younger, etc.”) consents to the use or provision of the personal location information for the protection of the life or body of the Child Aged 8 or Younger, etc., the Company will deem that the Child Aged 8 or Younger, etc. consents thereto. A legal guardian who intends to consent to the use or provision of personal location information shall submit a written consent to the Company, together with the document certifying that he/she is a legal guardian, and if he/she consents to the use or provision of personal location information, he/she may exercise all of the rights of the personal location information principal.
- Child aged 8 or younger,
- A person under adult guardianship,
- A person with a mental disability under Article 2, Paragraph 2, Item 2 of the Act on Welfare of Persons with Disabilities, who falls under a person with a severe disability under Article 2, Item 2 of the Act on the Employment Promotion and Vocational Rehabilitation of Persons with Disabilities (limited to a person who has registered as a person with a disability under Article 32 of the Act on Welfare of Persons with Disabilities).
In order to protect the rights of the personal location information principal as well as to handle complaints that arise in the course of using the services, the Company has designated a location information manager as follows:
- Location Information Manager: CPO Dong-Hyun Lee
- Tel.: 02-3483-0224
- E-mail address: global@nol-universe.com

11. Measures to Ensure Security of Personal Information

The Company takes the following measures to ensure the safety of personal information:
- Managerial measures: Establishment and implementation of internal management plan, regular employee training, etc.
- Technical measures: Management of access rights to the personal information processing system, installation of access control system, encryption of unique identification information, installation of security programs
- Physical measures: Control of access to the computer room, data storage room, etc.

12. Applicability of this Privacy Policy

This Privacy Policy applies to “interpark global,” one of the Company’s brands, and all related services (including mobile web/app) and separate privacy policies may apply to the services provided under different brands.
If the personal information is collected on another company’s website linked to interpark global, this Privacy Policy will not apply after the personal information is provided with the user’s consent.

13. Amendment of Privacy Policy and Notification thereof

The Company will notify any addition, deletion, or modification to this Privacy Policy through a notice on our website, and will disclose such change so that the users can easily recognize it at any time.

Effective Date: March 11, 2025

Below is the previous version of Privacy Policy.