Important Notice
The original version of this Privacy Policy was written in Korean, and the translated version is provided for reference only. If there is any discrepancy in interpretation, the Korean version shall prevail.
Korean original: https://tourcast.co.kr/ko/privacy-policy
TourCast ("tourcast.co.kr", hereinafter referred to as "TourCast") establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to promptly and smoothly handle related complaints, as follows.
○ This Privacy Policy is effective from April 4, 2025.
Article 1 (Purpose of Processing Personal Information)
TourCast ("tourcast.co.kr", hereinafter referred to as "TourCast") processes personal information for the following purposes. The personal information being processed will not be used for purposes other than those stated below. If the purpose of use changes, TourCast will take necessary measures, such as obtaining separate consent, in accordance with Article 18 of the Personal Information Protection Act.
1. Website Membership Registration and Management
Personal information is processed for the purposes of confirming the intent to register, identifying and authenticating the user for membership-based services, maintaining and managing membership status, and preventing fraudulent use of services.
2. Provision of Goods or Services
Personal information is processed for the purposes of providing services, providing content, and providing customized services.
3. Use for Marketing and Advertising
Personal information is processed for the purposes of developing new services (products) and providing customized services, providing event and promotional information and opportunities to participate, providing services and displaying advertisements based on demographic characteristics, verifying service effectiveness, identifying access frequency, or compiling statistics on members’ service usage.
Article 2 (Processing and Retention Period of Personal Information)
① TourCast processes and retains personal information within the retention and use period prescribed by applicable laws, or within the retention and use period agreed to by the data subject at the time of collection.
② The processing and retention periods for each category of personal information are as follows.
1. Website Membership Registration and Management
Personal information related to website membership registration and management is retained and used for the above purposes from the date of consent to collection and use until the user requests account deletion/withdrawal.
Basis for retention: Service provision
Related laws: 1) Records on contracts or withdrawal of subscription, etc.: 5 years
2) Records on payment and supply of goods, etc.: 5 years
3) Records on consumer complaints or dispute resolution: 3 years
4) Records on the collection/processing and use of credit information, etc.: 3 years
Exceptions: None.
Article 3 (Items of Personal Information Processed)
① TourCast processes the following items of personal information.
1. Website Membership Registration and Management
Required: Email
Optional: None.
Article 4 (Provision of Personal Information to Third Parties)
① TourCast processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information), and provides personal information to third parties only in cases that fall under Articles 17 and 18 of the Personal Information Protection Act, such as when the data subject consents or when there are special provisions of law.
② TourCast provides personal information to third parties as follows.
1. Not applicable.
Recipients of personal information: Not applicable.
Purpose of use by recipients: Not applicable.
Retention/use period by recipients:
Article 5 (Outsourcing of Personal Information Processing)
① To ensure smooth processing of personal information-related tasks, TourCast outsources personal information processing as follows.
1. Not applicable
Service provider (processor): Not applicable
Outsourced tasks: Not applicable
Outsourcing period: Not applicable
② When entering into an outsourcing contract, TourCast specifies in documents such as contracts, in accordance with Article 26 of the Personal Information Protection Act, matters including the prohibition of processing personal information beyond the purpose of performing outsourced tasks, technical and administrative safeguards, restrictions on re-outsourcing, management and supervision of the processor, and liability for damages, and supervises whether the processor processes personal information safely.
③ If the outsourced tasks or the processor changes, TourCast will disclose such changes without delay through this Privacy Policy.
Article 6 (Procedures and Methods for Destruction of Personal Information)
① TourCast destroys personal information without delay when the personal information becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose.
② Even after the retention period agreed to by the data subject has expired or the processing purpose has been achieved, if personal information must be retained in accordance with other laws, such personal information will be transferred to a separate database (DB) or stored separately in a different location.
③ The procedures and methods for destroying personal information are as follows.
1. Destruction procedure
TourCast selects the personal information for which a reason for destruction has occurred, and destroys it upon approval by TourCast’s Chief Privacy Officer.
2. Destruction method
Information in electronic file form is destroyed using technical methods that make the records irrecoverable.
Article 7 (Rights and Obligations of Data Subjects and Legal Representatives, and How to Exercise Them)
① Data subjects may exercise rights such as requesting access to, correction of, deletion of, or suspension of processing of personal information at any time with respect to TourCast.
② The exercise of rights under Paragraph 1 may be made to TourCast in writing, by email, by facsimile (FAX), etc. in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act, and TourCast will take measures without delay.
③ The exercise of rights under Paragraph 1 may be made through a legal representative or an authorized agent. In such cases, a power of attorney in the form prescribed in Appendix Form No. 11 of the “Public Notice on Personal Information Processing Methods (No. 2020-7)” must be submitted.
④ Requests for access to personal information and suspension of processing may be restricted under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
⑤ Requests for correction or deletion of personal information cannot be made if the personal information is specified as a collection target under other laws.
⑥ TourCast verifies whether the person making a request for access, correction, deletion, or suspension of processing is the data subject or a duly authorized representative.
Article 8 (Measures to Ensure the Security of Personal Information)
TourCast takes the following measures to ensure the security of personal information.
1. Establishment and implementation of an internal management plan
An internal management plan is established and implemented for the safe processing of personal information.
2. Minimization and training of personnel handling personal information
TourCast designates personnel who handle personal information and limits such handling to assigned staff to minimize access and strengthen management.
3. Regular internal audits
TourCast conducts regular internal audits (once per quarter) to ensure stability related to the handling of personal information.
4. Restriction of access to personal information
TourCast takes necessary measures for access control by granting, changing, and revoking access rights to database systems that process personal information, and uses intrusion prevention systems to control unauthorized access from outside.
5. Retention of access logs and prevention of forgery/alteration
TourCast retains and manages access logs to personal information processing systems for at least one year. However, in cases where personal information is additionally processed for 50,000 or more data subjects, or where unique identification information or sensitive information is processed, logs are retained and managed for at least two years.
TourCast also uses security functions to prevent access logs from being forged, stolen, or lost.
6. Encryption of personal information
Users’ passwords are encrypted for storage and management so that only the user can know them. For important data, additional security functions are used, such as encrypting files and transmitted data or using file-lock features.
7. Technical measures against hacking, etc.
TourCast ("TourCast") installs security programs, performs periodic updates and inspections, and installs systems in areas with controlled external access to prevent leakage or damage of personal information due to hacking or computer viruses, and monitors and blocks such threats technically and physically.
8. Access control for unauthorized persons
TourCast designates separate physical storage locations for personal information and establishes and operates access control procedures.
9. Use of locking devices for document security
Documents and auxiliary storage media containing personal information are stored in secure locations equipped with locking devices.
Article 9 (Installation/Operation of Automatic Data Collection Devices and the Right to Refuse)
TourCast does not use "cookies" to store and retrieve usage information of data subjects.
Article 10 (Collection/Use/Provision of Behavioral Information and Refusal, etc.)
Matters related to the collection, use, provision, and refusal of behavioral information
TourCast does not collect, use, or provide behavioral information for online customized advertising, etc.
Article 11 (Criteria for Determining Additional Use/Provision)
In accordance with Article 15(3) and Article 17(4) of the Personal Information Protection Act, TourCast may additionally use or provide personal information without the data subject’s consent by considering matters set forth in Article 14-2 of the Enforcement Decree of the Personal Information Protection Act. Accordingly, TourCast considered the following matters in order to additionally use or provide personal information without consent.
▶ Whether the purpose of additional use/provision is related to the original purpose of collection
▶ Whether additional use/provision is predictable in light of the circumstances of collection or processing practices
▶ Whether additional use/provision unfairly infringes on the interests of the data subject
▶ Whether necessary measures to secure safety, such as pseudonymization or encryption, have been taken
※ The criteria for determining considerations in additional use/provision are prepared and disclosed based on the autonomous judgment of the business/entity.
Article 12 (Matters Regarding Pseudonymized Information When Processed)
TourCast processes pseudonymized information for the following purposes.
▶ Purpose of processing pseudonymized information
- Personal information is processed for the purpose of distinguishing users on message boards, etc.
▶ Processing and retention period of pseudonymized information
- Retained and used for the above purposes until the user requests account deletion/withdrawal.
▶ Provision of pseudonymized information to third parties (only if applicable)
- Not applicable.
▶ Outsourcing of processing of pseudonymized information (only if applicable)
- Not applicable.
▶ Items of personal information that are pseudonymized
- Users may directly enter a nickname (alias).
▶ Measures to ensure the security of pseudonymized information under Article 28-4 (Duty to take security measures for pseudonymized information, etc.)
- The nickname is entered directly by the user.
Article 13 (Chief Privacy Officer)
① TourCast is responsible for overall 업무 related to personal information processing, and in order to handle complaints and provide remedies related to personal information processing, TourCast designates a Chief Privacy Officer as follows.
▶ Chief Privacy Officer
Name: Junhwa Kim
Title: CEO
Position: CEO
Contact: 070-5101-9618, tourcast.help@gmail.com
※ Connected to the privacy 담당 department.
▶ Privacy 담당 department
Department name: Privacy 담당 department
Person in charge: Junhwa Kim
Contact: 070-5101-9618, tourcast.help@gmail.com
② Data subjects may contact the Chief Privacy Officer and the 담당 department regarding any inquiries, complaints, or remedies related to personal information protection arising from using TourCast’s services (or business). TourCast will respond and process without delay.
Article 14 (Department Receiving and Processing Requests for Access to Personal Information)
Data subjects may request access to personal information under Article 35 of the Personal Information Protection Act through the following department.
TourCast will endeavor to ensure that requests for access are processed promptly.
▶ Department receiving/processing access requests
Department name: Privacy 담당 department
Person in charge: Junhwa Kim
Contact: 070-5101-9618, tourcast.help@gmail.com
Article 15 (Remedies for Infringement of Rights and Interests of Data Subjects)
To obtain remedies for personal information infringement, data subjects may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Personal Information Infringement Report Center of the Korea Internet & Security Agency (KISA), etc. For other reports or consultations regarding personal information infringement, please contact the following organizations.
1. Personal Information Dispute Mediation Committee: 1833-6972 (without area code) (www.kopico.go.kr)
2. Personal Information Infringement Report Center: 118 (without area code) (privacy.kisa.or.kr)
3. Supreme Prosecutors’ Office: 1301 (without area code) (www.spo.go.kr)
4. National Police Agency: 182 (without area code) (ecrm.cyber.go.kr)
A person whose rights or interests have been infringed due to a disposition or omission by the head of a public institution in response to requests under Articles 35 (Access to Personal Information), 36 (Correction/Deletion of Personal Information), and 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act may file an administrative appeal in accordance with the Administrative Appeals Act.
※ For details on administrative appeals, please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr).
Article 15 (Changes to this Privacy Policy)
① This Privacy Policy is effective from April 4, 2025.
② Previous versions of this Privacy Policy can be found below.
August 1, 2023