www.ketago.kr (hereinafter ‘ketago’) values users’ personal information and complies with relevant laws such as the “Personal Information Protection Act” and the “Act on Promotion of Information and Communications Network Utilization and Information Protection”. ‘ketago’ sets and manages the personal information processing policy as follows for the operation of the website and the execution of the K-ETA application agency.
 
“This privacy policy applies to all pages of ketago and contains various policies and other regulations related to the protection of personal information of the internet website provided by ketago (hereinafter referred to as ‘this site). It also aims to disclose the personal information processing policy on the ketago website or service so that users can easily check it at any time in accordance with the provisions of laws and regulations.”

Article 1 Purpose of processing personal information
‘ketago’ uses personal information for the following purposes and is not used for purposes other than those specified. When using the service provided by ‘ketago’, we prepare a procedure for consenting to the service terms of use and personal information processing policy, and if the user selects “agree”, it is regarded as consenting to the collection and use of personal information, and personal information is collected and used. Please read this privacy policy before visiting ‘ketago’ and providing information. ‘ketago’ will process the privacy policy with the customer’s consent before receiving customer information.
– Processing of electronic travel authorization agency services received and provided through this site (application and provision of results, etc.)

Article 2 Period of retention and use of personal information
① ketago collects and retains personal information in accordance with the provisions of laws and regulations and the consent of the information subject, and the personal information is as follows.
Electronic travel authorization processing information
Purpose of retention – Receiving and preserving results for electronic travel authorization (K-ETA) applications
Grounds for retention – Article 7-3 of the Immigration Control Act (Advanced Travel Permission), Article 101 of the Enforcement Decree of the Immigration Control Act (Processing of Sensitive Information and Unique Identification Information)
Collection method – Online service application form (consent of information subject)
Retention period – 2 years
Record items – face photo, passport photo, e-mail information, nationality, gender, full name, date of birth, passport information (passport number, passport issuance date, passport expiry date, issue country, etc.) country of residence, multiple nationality information, mobile phone number, contact information, past visits to Korea, the purpose of entry and travel agency information, sojourn information, occupation, disease information, criminal history information, payment records for the period of stay, etc.
(※ In the process of using Internet service, personal information items such as IP address, cookie, MAC address, service use record, and visit record may be automatically created and collected.)
② The personal information files collected and held in Paragraph 1 above are managed and stored on the ketago server for 2 years regardless of whether or not there is a payment for service use.
After two years have elapsed (ETA validity period), user information is completely deleted and ketago does not retain any personal information. However, if the service user requests the deletion, it will be completely deleted immediately after the request, making it impossible to view or use it later.

Article 3 Provision of personal information to third parties
① ketago does not disclose or distribute personal information collected or held to a third party without the consent of the user, except in the cases falling under the following exceptions.
In case the user himself discloses the personal information provided to this site by himself/herself
When this site has processed a specific individual so that it cannot be identified
When this site obtains prior consent from the user
When it is necessary for the settlement of fees for the provision of services on this site
In case it is necessary for the performance and operation of the site’s system maintenance, operation, management, etc.
When it is necessary to provide other administrative agencies with related information such as personal information related to user information between this site and the site of an administrative agency
When there is a request according to the due process stipulated in the relevant laws and regulations
When there is a request for disclosure by an investigation agency in accordance with the procedures and methods stipulated in laws and regulations for the purpose of investigation
However, despite the fact that ketago has fulfilled its obligations to protect personal information, ketago will not be liable for any damage not attributable to ketago, such as the user’s negligence or accidents in areas not managed by ketago. take no responsibility.

Article 4 Rights and obligations of information subjects and minors and how to exercise them
① The subject of service use information can exercise the following rights. However, in the case of minors visiting this site, ketago reserves the right to refuse service requests.
Request for deletion of personal information
Personal information held by ketago may be requested to be deleted in accordance with Article 36 of the 「Personal Information Protection Act」. However, if the personal information is specified as a collection target in other laws, deletion cannot be requested.
The information subject may request the deletion of personal information from ketago by visiting, writing, telephone, e-mail, fax, etc. in the form of Attachment No. 8 of the 「Enforcement Rules of the Personal Information Protection Act」.
When the legal representative of the information subject or the person who has been delegated requests the deletion of personal information, he/she must submit a power of attorney in accordance with the Form 11 of the 「Enforcement Regulations of the Personal Information Protection Act」 to ketago.
ketago reserves the right to verify whether the person making the request is the person or a legitimate agent when requesting deletion of personal information according to the rights of the information subject.
Personal information deleted at the request of the information subject or legal representative will be processed according to the terms and conditions of ketago, and will not be viewed or used for any other purpose.

Article 5 Destruction procedure and method of personal information
① In principle, ketago destroys the personal information without delay when the retention period has elapsed or the purpose of processing has been achieved. However, if personal information must be continuously preserved according to other laws, the relevant personal information (or personal information file) is moved to a separate database (DB) or stored in a different storage location.
Destruction Procedure
Unnecessary personal information and personal information files are handled as follows in accordance with ketago internal policy procedures.
– Destruction of personal information
Personal information whose retention period has elapsed will be destroyed without delay from the end date.
– Destruction of personal information files
When the personal information file becomes unnecessary, such as the achievement of the purpose of processing the personal information file, the abolition of the service, or the termination of the business, the personal information is destroyed without delay from the date on which the processing of the personal information is recognized as unnecessary.
How to destroy
– Personal information printed on paper is shredded with a shredder or destroyed through incineration.
– Personal information stored in electronic file format will be deleted using a technical method that cannot reproduce the record.

Article 6 Measures to ensure the safety of personal information
① In accordance with Article 29 of the 「Personal Information Protection Act」, ketago takes the following technical, managerial, and physical measures necessary to ensure safety under the responsibility of the representative.
Minimization and training of personnel handling personal information
Employees who handle personal information are designated and managed only by the necessary number of people, and training for safe management is provided for employees handling personal information.
Restricting access to personal information
Necessary measures are taken to control access to personal information by granting, changing, and canceling access rights to the personal information processing system that processes personal information, and unauthorized access from outside is controlled using the management system.
Establishment and implementation of internal management plan
In accordance with the standards for measures to ensure the safety of personal information (notice by the Personal Information Protection Committee), an internal management plan is established and implemented.
Installation of security and vaccine programs and periodic inspection and update
In order to prevent leakage and damage of personal information caused by hacking or computer viruses, security programs are installed and periodically updated and inspected.
Access control for unauthorized persons
We establish and operate access control procedures in a separate physical storage location for servers that store personal information.
② ketago always emphasizes compliance with the user’s privacy policy. In addition, we check the implementation of the personal information processing policy and the compliance of the person in charge, and if any problems are found, we are working hard to correct them immediately. However, we are not responsible for any damages not attributable to ketago, such as problems caused by leakage of personal information due to the user’s own negligence or problems on the Internet, or accidents in areas not managed by ketago.

Article 7 Matters concerning the installation, operation and rejection of automatic personal information collection devices
① ketago uses ‘Cookies’ to store and retrieve usage information from time to time to provide services to users.
② Cookies are a small amount of information that the server (http) used to operate the website sends to the user’s computer browser and is also stored on the hard disk of the user’s PC computer.
– Purpose of use of cookies: It is used to provide optimized information to users by identifying the types of visits and usage of each service and website visited by the user, popular search terms, and whether or not secure access is available.
– Installation, operation, and rejection of cookies: You can refuse to save cookies by setting options in the Tools > Internet Options > Personal Information menu at the top of the web browser.
– If you refuse to store cookies, there may be difficulties in using the service.

Article 8 Civil service related to personal information
① In addition to regular education, ketago is continuing its efforts to improve internal guidelines and systems to prevent infringement of personal information. We designate a person in charge of personal information protection and a person responsible for managing personal information.
② Subjects of personal information can inquire about all personal information protection-related complaints that occur while using ketago’s services through the contact information below. ketago will provide sincere answers to users’ inquiries.
 
Management Responsibility: Insight25
Personal Information Protection Officer: Yoon-Dam Jo (CEO)
E-Mail : [email protected]
Address: 525, Gonghang-daero, Gangseo-gu, Seoul, Republic of Korea
Tel: 02-2088-3576
Article 9 Remedies for Infringement of Rights
Subjects of personal information may apply for consultation or dispute resolution to the Personal Information Infringement Report Center of the Korea Internet & Security Agency, the Personal Information Dispute Mediation Committee, etc.
Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
– Responsibilities: Report personal information infringement, apply for counseling
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
– Responsibilities: Personal information dispute mediation application, collective dispute mediation (civil resolution)
Supreme Prosecutors’ Office Cyber Investigation Division: (without area code) 1301 [email protected] (www.spo.go.kr)
National Police Agency Cyber Security Bureau: (without area code) 182 (cyberbureau.police.go.kr)
Korea Travel Authorization (K-ETA) application agency: www.ketago.kr
Contact: [email protected]
 
This personal information processing policy is effective from July 01, 2022.