Personal information Policy | Customer Center | Jeju Air

Jeju Air Co., Ltd. (the “Company”) highly values its users’ personal information, and handles all personal information in accordance with applicable laws and regulations or upon obtaining users’ consent.
In this Privacy Policy, the Company will explain how and for what purpose the users’ personal information is used and which measures are taken by the Company to protect the users’ personal information.

1. Items to be Collected and Method of Collection
2. Purpose of Collection and Use of Personal Information
3. Delegation of Personal Information Processing
4. Transfer of Personal Information to a Third Party
5. Period of Retention and Use of Personal Information
6. Procedures and Method of Destruction of Personal Information
7. Rights of Users/Legal Representatives and Method of Exercising such Rights
8. Matters Relating to Installation, Operation and Refusal of Automatic Personal Information Collection Devices
9. Measures to Ensure Security of Personal Information
10.Contact Information of Chief Privacy Officer and Responsible Department
11.Company’s Duty to Notify
12.Details of Changes to this Privacy Policy

※ Effective date of the current version of Privacy Policy: May 11, 2018


1. Items to be Collected and Method of Collection

1) Items to be Collected

The Company collects the following items of personal information for membership, service using of members.
Mandatory Items : ID, password, name, date of birth, country of residence, nationality, e-mail address, telephone number (mobile or home telephone number), address, gender, connection information (CI), duplication information (DI), information pertaining to legal representative (for children under age of 14)
Optional Items : Information pertaining to affiliates (name of affiliate, department, title, fax number), passport number, home address, passenger name, frequent route, profile photo

In the course of providing additional or tailored services, including flight ticket reservation for non-members, response to service-related inquiries, participation in events, etc., the following information may be collected from users using such services.
Mandatory Items : Passenger name, e-mail address, phone number (mobile or home telephone number)

The following information may be collected to transportation services for musical instruments / pets / firearms and swords, and consulting services for members, etc.
Mandatory Items : Passenger name, date of birth, contack number (mobile or home telephone number, , e-mail address), address, nationality, passport number

The following information may be collected to perform payment settlement for charged services, provide compensation for damage claims and compensation for loss, etc.
Credit card payment: card number, card verification information, etc.
Real-time account transfer payment: account number, bank code, etc.
Payment of damage compensation: Name, e-mail address, contact information, address, account information at financial institution (account holder, account number, etc.)

2) Method of Collection of Personal Information
Passenger name, date of birth, contack number (mobile or home telephone number, , e-mInternet website, service consulting, participation in events, off-line forms, provision from partners, etc.il address), address, nationality, passport number


2. Purpose of Collection and Use of Personal Information

1) Performance of Contract Relating to Provision of Services and Payment Settlement
Provision of contents, reservation and ticketing of flights, delivery of various products including flight tickets, refund of flight tickets, issuance of invoices, purchase and settlement of charges, collection of charges, compensation for damage claims and compensation for loss, transportation services for musical instruments / pets / firearms and swords, etc.

2) Member Management
Provision of Membership services, personal verification for using Membership services, personal identification, prevention of fraudulent use by delinquent members and unauthorized use, confirmation of intention to subscribe, restriction of subscription and numbers of subscription, confirmation of consent from legal representatives in case of collecting personal information of children under age of 14, preservation of records for dispute resolution, complaint handling and other customer services, notice of announcement, passenger management for safe navigation of aircraft etc.

3) Development of New Services and Utilization for Marketing and Advertisement
Development of new services, statistical analysis on users’ use of services, delivery of advertising information, such as events, offering opportunity for participation, etc.

3. Delegation of Personal Information Processing
To facilitate the provision of services, the Company delegates processing of users’ personal information as follows.


Delegatee :

Details of Delegated Services :


Delegatee : AKIS Co., Ltd.
Details of Delegated Services : Internet website and system management

Delegatee : AD Mission Co., Ltd. and Clex Co., Ltd. , and SOCIALMC
Details of Delegated Services : Delivery of advertising information such as events

Delegatee : NICE Information Service Co., Ltd.
Details of Delegated Services : Real name authentication and personal verification

Delegatee : Sharp Co., Ltd., ATS Co., Ltd. and Hangukdosim Air Terminal Service Co., Ltd. , ASIANA AIRPORT, INC. and Withus Airport Service Co., Ltd. , JAS Co., Ltd. , AIRPORT RAILROAD Co., Ltd. , Korea Railroad corp. , AQ Co., LTD.
Details of Delegated Services : Boarding procedures services

Delegatee : Sharp Co., Ltd. and ATS Co., Ltd. , JAS Co., Ltd. , AQ Co., LTD.
Details of Delegated Services : Collection of offline forms (“FORM OF INDEMNITY FOR” pledge, pledge on musical instruments, pledge on pet transportation, application for claim for compensation, form for account transfer of compensation, power of attorney for application for flight ticket refund)

Delegatee : Metanet MCC Co., Ltd. , kt cs
Details of Delegated Services : Settlement services, operation of reservation center and handling of user complaints

Delegatee : The White Communication Co., Ltd.
Details of Delegated Services : Customer center quality assurance

Delegatee : KICC Co., Ltd., FDK Co., Ltd., KR Partners Co., Ltd. , LG CNS Co., Ltd. and LG UPlus Corp. , Galaxia Communications Co.,Ltd.
Details of Delegated Services : Settlement of payment for flight tickets

Delegatee : SITA Co., Ltd.
Details of Delegated Services : Provision of services necessary for air travel, such as reservation of flight tickets

Delegatee : Ticket Monster Inc.
Details of Delegated Services : Services to flight ticket purchasers through Ticket Monster’s services

Delegatee : Pollex Zone Co., Ltd.
Details of Delegated Services : Telemarketing to assist alliance card services

Delegatee : LG CNS Co., Ltd.
Details of Delegated Services : Transmission of Kakao Talk notice talks and SMS/LMS/MMS

Delegatee : Zeus Corporation , IAM Corporation HANA GOLF CO. LTD, Travelstar&marketing Co., Ltd YOOHAN World Network co.. Ltd, TOURBAKSA Co., Ltd Hanatour Hongkong Co., Limited
Details of Delegated Services : Jeju Air’s travel lounge operation for providing travel information and acting flight reservation

Delegatee : Overseas branch partners (See overseas branch partners homepage)
Details of Delegated Services : Reservation, ticketing, boarding procedures services

4. Transfer of Personal Information to a Third Party
In principle, the Company will not transfer users’ personal information to a third party or share it with a third party without obtaining consent, unless otherwise required by law. However, the Company may transfer users’ personal information to a third party to facilitate the provision of alliance services and settlement of charges as follows.

Transferred Information : Membership number, details of Refresh Point
Transferee Partners : KB Kookmin Card, Shinhan Card
Purpose of Use of Transferred Information : Provision of tailored services to customers using alliance cards, accumulation and use of Refresh Points
Period of Use of Transferred Information : Until the termination of alliance services

Transferred Information : Membership number, details of Refresh Point
Transferee Partners : Kt M mobile, AK MALL, SPC
Purpose of Use of Transferred Information : Accumulation and use of Refresh Points for customers using alliance services
Period of Use of Transferred Information : Until the termination of alliance services

Only for customer who purchase overseas location item, the Company will obtain consent from users if they buy items and may transfer users’ personal information to a third party as follows.

Those who received personal information : Zeus Corporation
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)

Those who received personal information : IAM CORPORATION
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)

Those who received personal information : HANA GOLF CO. LTD
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)

Those who received personal information : Travelstar&marketing Co., Ltd
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)

Those who received personal information : YOOHAN World Network co.. Ltd
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)

Those who received personal information : TOURBAKSA Co
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)

Those who received personal information : Hanatour Hongkong Co., Limited
Purpose of Use of personal information: Conclusion of a contract and fulfillment for service offer etc
Provided personal information lists : name, e-mail address, mobile telephone number, itinerary information, date of birth
Personal information possess and use of period : When service offer is complete(only possible preservation for the retention period of relational statute)


5. Period of Retention and Use of Personal Information
In principle, the Company will destroy a member’s personal information immediately when such member cancels his/her Membership or the purpose of collection and use of personal information is achieved.
However, even when a member has cancelled his/her Membership or the Company has achieved the purpose of collection and use of personal information, the Company may continue to retain relevant personal information if (i) required to preserve personal information pursuant to applicable laws and regulations, including the Korean Commercial Code and the Act on the Consumer Protection in Electronic Commerce, etc., or (ii) the Company notifies relevant user of a specific retention period and obtains consent from the user in advance. Also, as for users who do not use the Company’s services for the period prescribed under the Act on Promotion of Utilization of Information and Communication Network (the “Networks Act”), the Company may manage their personal information separately from other users’ personal information. Such personal information under separate management will not be used or transferred, unless otherwise specifically required by law.

1) Records on cancellation of contracts or subscription, and records on payment settlement and supply of goods, etc.
Legal basis: Act on the Consumer Protection in Electronic Commerce, etc.
Period of preservation: 5 years

2) Records on consumer complaints or dispute handling
Legal basis: Act on the Consumer Protection in Electronic Commerce, etc.
Period of preservation: 3 years

3) Records on electronic financial transactions
Legal basis: Electronic Financial Transactions Act
Period of preservation: 5 years

4) Records on website visits
Legal basis: Protection of Communications Secrets Act
Period of preservation: 3 months

6. Protection of Personal Information Transferred Abroad
Only for customer who service offer of reservation ticketing and purchase overseas location item, the personal information transferred abroad for conclusion of a contract and fulfillment are as follows.

[service offer of reservation ticketing]
1) Items of personal information transferred :
- Airline booking requirement: name, telephone number (mobile or home telephone number), e-mail address, gender, date of birth, passport number(only for abroad customers)
- Payment method: card number, card verification period, Real-time account transfer payment’s approval number
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: US
- Date of transfer: when booking and payment are completed
- Way to transfer: by using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : SITA INC N.V (psl.servicedesk@sita.aero)
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: to provide necessary service of travel by plane which include plane ticket etc
- Period of using personal information possession: 3years

[purchase overseas location item]
1) Items of personal information transferred : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: US(Guam)
- Date of transfer: when purchase overseas location item
- Way to transfer: bby using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : Zeus Corporation (webmaster@zeusrentcar.co.kr)
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: Conclusion of a contract and fulfillment
- Period of using personal information possession: When service offer is complete (only possible preservation for the retention period of relational statute)


2) Items of personal information transferred : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: US(Saipan)
- Date of transfer: when purchase overseas location item
- Way to transfer: bby using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : IAM CORPORATION (jb1799@hanmail.net)
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: Conclusion of a contract and fulfillment
- Period of using personal information possession: When service offer is complete (only possible preservation for the retention period of relational statute)

3) Items of personal information transferred : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: US(Guam), Indonesia, Vietnam
- Date of transfer: when purchase overseas location item
- Way to transfer: bby using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : Travelstar&marketing Co., Ltd
- US(Guam):webmaster@jejuair-guam-lounge.com
- Indonesia:webmaster@jeju-kk-lounge.com
- Vietnam:webmaster@jejuair-danang-lounge.com
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: Conclusion of a contract and fulfillment
- Period of using personal information possession: When service offer is complete (only possible preservation for the retention period of relational statute)

4) Items of personal information transferred : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: Philippines
- Date of transfer: when purchase overseas location item
- Way to transfer: bby using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : YOOHAN World Network co.. Ltd (ysdog98@hotmail.com, yoohantravel@nate.com)
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: Conclusion of a contract and fulfillment
- Period of using personal information possession: When service offer is complete (only possible preservation for the retention period of relational statute)

5) Items of personal information transferred : name, e-mail address, mobile telephone number, itinerary information, gender, date of birth
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: Japan
- Date of transfer: when purchase overseas location item
- Way to transfer: bby using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : TOURBAKSA Co(spjapan@tourbaksa.co.kr)
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: Conclusion of a contract and fulfillment
- Period of using personal information possession: When service offer is complete (only possible preservation for the retention period of relational statute)

6) Items of personal information transferred : name, e-mail address, mobile telephone number, itinerary information, date of birth
Nation to which personal information is to be transferred, the date and time, and methods of transfer :
- Transferred nation: China(Hongkong, Macao)
- Date of transfer: when purchase overseas location item
- Way to transfer: bby using internet network with SSL(Security protocol) settled or internet cable
The name of the person to whom personal information is to be transferred : Hanatour Hongkong Co., Limited (inquiry@jejuair-hkmc-lounge.com​)
The purposes of the use of the person to whom the personal information is to be transferred, and the period of time for possession and use of the personal information :
- The purpose of using personal Information: Conclusion of a contract and fulfillment
- Period of using personal information possession: When service offer is complete (only possible preservation for the retention period of relational statute)


7. Procedures and Method of Destruction of Personal Information
In principle, the Company will destroy users’ personal information immediately when the purpose of collection and use is achieved. The Company’s procedures and method of destruction of personal information are as follows.

1) Destruction Procedures
Any personal information for which the purpose of use has been achieved will be moved to a separate database, stored for a certain period pursuant to applicable laws and regulations, and then destroyed.
After being moved to a separate database, the personal information will not be used for any purpose other than the purpose of retention unless otherwise required by law.

2) Destruction Method
Personal information which is stored in the form of an electronic file will be destroyed by using technical methods so that the records cannot be regenerated.
Meanwhile, any paper documents containing personal information will be shredded or incinerated.

8. Rights of Users/Legal Representatives and Method of Exercising such Rights
A customer, as the information principal, may exercise the following rights.

1) Users and legal representatives may at any time access, review or suspend processing of their personal information as well as personal information of children under age of 14, and may withdraw consent or request cancellation of Membership if they do not agree to the Company’s processing of personal information. However, the Company may refuse a request for correction or deletion if the personal information at issue is explicitly required to be collected pursuant to applicable laws and regulations.

2) Users may review and correct their personal information by clicking the “Modify Member Information” menu and may withdraw from Membership by clicking the “Withdraw from Membership” menu. Also, users may take such actions by reaching to the contact information provided in the Contact Information of Chief Privacy Officer and Responsible Department section below.

3) If a user requests the Company to correct or delete any factual errors in his/her personal information, the Company will not use nor provide the information until correction or deletion of the error is completed.

4) The exercise of the foregoing rights can be done by the legal representative or delegatee of relevant user. In such case, a power of attorney of the user in the form prescribed by laws should be submitted to the Company.

9. Matters Relating to Installation, Operation and Refusal of Automatic Personal Information Collection Devices

1) The Company utilizes a “cookie”, etc. to frequently store and search for users’ information. Cookies are very small text files that a server used for operating a website sends to a user’s browser and are stored at the user’s computer hard disk driver. The Company uses cookies for the following purposes.
Analyze frequency and time of users’ visits. Understand users’ preferences and interested areas and tracking trails. Understand users’ participation in and the number of visits to various events. Provide targeted marketing and personally tailored services based on the foregoing.

2) Users have an option to install cookies. In other words, users may accept all cookies, instruct the web browser to send notice every time a cookie is stored, or refuse to accept all cookies by setting options in the web browser. However, if a user rejects the installation of cookies, he/she may experience difficulties in using our services.

Example of installation method (in the case of Internet Explorer):
Tool button on the upper part of the web browser ▶ Internet Option ▶ Personal Information Tab ▶ Change level of privacy

10. Measures to Ensure Personal Information Security
In processing users’ personal information, the Company has established the following technical and managerial protective measures to prevent from any loss, theft, leakage, falsification or destruction and ensure that the personal information remains secure.

1) Establishment and Implementation of the Internal Management Plan
The Company has established and implemented the internal management plan to prevent any threat of misuse, destruction, falsification, leakage, etc. and to protect personal information in a secure manner.

2) Minimizing Designation of Personal Information Handlers and Training
The Company will minimize the number of personal information handlers and provide regular trainings.

3) Restriction of Access to Personal Information
The Company controls access to personal information by granting, changing or canceling access rights to the personal information processing system. Any unauthorized access from the outside is controlled by using a firewall system and an intrusion detection system. Also, personal information handlers are required to use virtual private networks (VPN) when accessing to the personal information processing system from the outside through networks. Further, the Company keeps records on the grant, change or cancellation of access rights and retains such records for at least five (5) years.

4) Retention of Access Records and Prevention of Falsification
The Company retains and manages access records on the personal information processing system (web logs, summary information, etc.) for at least six (6) months, and takes care to prevent any falsification, theft or loss of such records.

5) Encryption of Personal Information
The Company encrypts users’ personal information (passwords, unique identification information, bio information, card numbers and account numbers) to be stored and managed. Also, the Company takes security measures such as encryption before storage and transmission of important data.

6) Technical Measures in Preparation for Hacking, etc.
In order to prevent leakage or destruction of personal information by hackers or computer viruses, the Company has installed security programs and is conducting updates and inspection of such programs on a regular basis. Also, the Company keeps its security systems in a restricted area and takes technical and physical measures to observe and block the systems.

7) Access Control against Unauthorized Person
The Company keeps the physical storage of the personal information processing system in a separate place, and has established and is operating procedures to control access thereto.


11. Contact Information of Chief Privacy Officer and Responsible Department

1) The Company has appointed a responsible department and the Chief Privacy Officer to protect users’ personal information and handle personal information-related complaints as follows.

Responsible Department for Handling Grievances Regarding Personal Information
Reservation center
Tel: 1599-1500

Chief Privacy Officer
Name: Gyeong-Pyo Koh, Marketing Head
Address: #366, International Cargo Terminal, 150, Gonghang-dong, Gangseo-gu, Seoul
Tel: 1599-1500

Users may report any personal information-related complaints arising in relation to the use of the Company’s services to the Chief Privacy Officer or the responsible department for grievance handling as above. The Company will promptly provide its response to any complaints raised by users.

2) For other reports on privacy infringement or counseling services, please contact the following organizations:
Personal Information Infringement Report Center: (without pressing any area codes) 118
Personal Information dispute mediation committee: 02-2100-2499 (www.kopico.go.kr)
High-tech Crime Investigation Department of the Supreme Prosecutors’ Office: 02-3480-3571 (www.spo.go.kr)
National Police Agency Cyber Bureau: (without pressing any area codes)182 (http://cyberbureau.police.go.kr/)

12. Company’s Duty to Notify

1) The Company will notify any change to this Privacy Policy, together with the reason for change and effective date, via its website.

2) A user will be deemed to have agreed to change to this Privacy Policy if such user does not explicitly express his/her refusal and continues to use the Company’s services notwithstanding the Company’s notification on change pursuant to Paragraph 1) above.

3) The Company will obtain separate and additional consent from users if it plans to collect additional personal information or transfer personal information to a third party.


13. Details of Changes to this Privacy Policy

1 November 5, 2007
Amended items on the use for non-prescribed purposes and the handling of personal information-related complaints


2 January 6, 2010
Amendment due to amendment to the Networks Act

3 March 1, 2011
Amended the name of Membership (to JJ Club)
Added delegatees of personal information processing
Added new items on the transfer of information to a third party


4 November 30, 2011
Amendment due to enforcement of the Personal Information Protection Act (“PIPA”)


5 February 5, 2013
Amended items relating to prohibition of collection of resident registration numbers pursuant to the amended Networks Act

6 October 16, 2014
Amended the items in “3. Delegation and Transfer to a Third Party of Personal Information”


7 June 25, 2015
Added/deleted items to be collected
Deleted entities with which the personal information processing delegation agreement has been terminated
Deleted entities with which alliance business has been terminated


8 August 16, 2015
Added delegatees in “3. Delegation of Personal Information Processing”

9 March 28, 2016
Added items to be collected in “1. Items to be Collected and Method of Collection”
Amended delegatees in “3. Delegation of Personal Information Processing”

10 June 13, 2016
Amended delegatees in “3. Delegation of Personal Information Processing”
Added transferees in “4. Sharing and Transfer of Personal Information”

11 July 1, 2016
Added delegatees in “3. Delegation of Personal Information Processing”

12 August 5, 2016
Added items to be collected in “1. Items to be Collected and Method of Collection”
Amended delegatees in “3. Delegation of Personal Information Processing”

13 February 3, 2017
Incorporated existing Privacy Policy pursuant to PIPA and Privacy policy pursuant to the Networks Act
Changed Chief Privacy Officer
Added delegatees in “3. Delegation of Personal Information Processing”

14 July 1, 2017
Added delegatees in “Delegation of Personal Information Processing

15 August 14, 2017
Added use of collection of Personal Information
Made current by deleting committee and change contact number of Infringement Report Center
Added delegatees in “Delegation of Personal Information Processing

16 November 15, 2017
Added Purpose of Collection and Use of Personal Information
Added Protection of Personal Information Transferred Abroad
Added Transfer of Personal Information to a Third Party

17 January 5, 2018
Added delegatees in “Delegation of Personal Information Processing

18 February 26, 2018
Modified delegatees in “Delegation of Personal Information Processing
Added delegatees in “Delegation of Personal Information Processing

19 May 11, 2018
Added delegatees in “Delegation of Personal Information Processing

Notice

Notice