Article 1 (Personal Information to be Collected and Method of Collection)

1. 1. Personal information to be collected
   1. A) Required items: Name, date of birth, nationality, firm name, job title, gender, phone number (ex: mobile phone) number, address, email
   2. B) Optional items: Marital status, wedding anniversary, fax number, license plate No., family information, credit card information
2. 2. Collection method
   1. A) Through the MAYPLACE membership application form at MAYPLACE SEOUL
   2. B) Through the application form and payment information after using MAYPLACE SEOUL services
   3. C) Through the website of MAYPLACE SEOUL (www.mayplace.co.kr)
3. 3. The MAYPLACE members shall guarantee that the information they entered is true and lawful. If false information is entered through various unjust manners such as other’s information theft, MAYPLACE SEOUL may report the member
   1. according to the related laws and regulations. If necessary, it may sign him out by force.

Article 2 (Collection and Use of Personal Information)

1. 1. MAYPLACE SEOUL collects its customers’ personal information only to the extent necessary for the satisfactory provision of services as follows:
   1. A) Required items:
      1. - Name, date of birth, nationality, firm name, job title, gender: Used in authentication process for member services
      2. - Phone number (ex: mobile phone, etc.): Used in authentication for member services; channel for smooth communication to handling various matters such as notice and complaint, service & new products, information on events
      3. - Address, email: Accurate address information for Direct Marketing (DM, EDM), Mayplace lottery gift and membership magazine
   2. B) Optional items:
      1. - Marital status, wedding anniversary: Member service and direct marketing (DM, EDM); marketing for alliance event and service advertisement; used for SMS and telemarketing (TM)
      2. - Fax number: Channel for smooth communication on notification and claim handling; information on new products or events
      3. - License plate No.: To provide free parking services
      4. - Family information: To issue a credit card for a spouse and be prepared against emergency situations
      5. - Credit card information: To use for the payment of annual fee and payment settlement
2. 2. Please note that MAYPLACE SEOUL does NOT collect any sensitive information relating to race, national origin, ideological or political beliefs, place of birth, criminal records, health or sex life which may result in violation of the human rights.

Article 3 (Provision and Sharing of Personal Information)

1. 1. 1. Unless a customer’s consent is given or unless stipulated otherwise in the applicable laws and regulations, MAYPLACE SEOUL shall neither use any of his or her personal information nor provide such personal information to persons, corporations or organizations for purposes other than those stipulated in Article 2 (Collection and Use of Personal Information) herein. MAYPLACE SEOUL obtains the consent of its customers after sending an e-mail notification or serving a prior written notice specifying the details of the proposed recipient of their personal information, the purpose of the proposed use, the information proposed to be shared, the customers’ right to withhold consent, and the implications of withholding consent, if any. The supply of Mayfield Hotel’s personal information is aimed to provide unique and differentiated services. Unless agreed, services may NOT be provided properly.
   2. 2. The personal information of a customer may be provided to a third party without his or her consent in accordance with the applicable laws and regulations if:
      1. A) Rate discount and product delivery;
      2. B) the personal information in question is to be used for the purpose of conducting a study, market survey or statistical analysis and will not result in identification of any individual; or
      3. C) the information is requested by a government agency for the purpose of conducting an investigation in accordance with the applicable laws and regulations.

Article 4 (Retention/Use Period and Destruction of Personal Information)

1. 1. 1. After fulfilling its objectives of collection and/or use of its customer’s personal information, MAYPLACE SEOUL shall dispose of the information immediately. The specific destruction time shall be as follows:
      1. A) Subscription information: When giving up or cut off from membership;
      2. B) Delivery information: When goods or services are delivered or provided;
      3. C) Collected for the purpose of questionnaire survey or certain event: When the event of event is over; or
      4. D) Authentication information: When the member is authenticated
   2. 2. Notwithstanding the foregoing, MAYPLACE SEOUL may retain certain personal information of its customers for the period permitted under the applicable law in the event that MAYPLACE SEOUL is required to do so for the purpose of verifying certain details of certain transaction, pursuant to the applicable laws and regulations including the Commercial Code (Korean) or pursuant to its internal policies.
      1. A) Records related to contract or revocation of application: 5 years
      2. B) Records related to payment and supply of goods: 5 years
      3. C) Records related to consumer’s complaint and resolution of disputes: 3 years
      4. D) Authentication information to provide revisit services: 2 years since the membership is given up
   3. 3. Procedures for disposal Means of disposal
      1. A) Any hard copies of personal information: Shredding or burning
      2. B) Any electronic files of personal information: To be destroyed irretrievably using appropriate technological means

Article 5 (Personal Information Viewing, Editing, Cancellation and Termination Methods)

1. 1. 1. Members can view or edit registered personal information or terminate membership at any time.
      1. A) Visit to MAYPLACE SEOUL in person: Viewing, editing and cancelation of personal information
      2. B) Contact the personal information manager in writing or by email. A necessary action shall be taken right away.
         1. - Email: maymaster@mayplace.co.kr
         2. - Telephone: 02-2660-9162
         3. - Fax: 02-2660-9155
         4. - Address: Banghwadae-ro 94, Gangseo-gu, Seoul
   2. 2. In case a member makes a request for editing personal information errors, such personal information shall NOT be used or provided until editing is complete. In case of having provided incorrect personal information to a third party, MAYPLACE SEOUL shall forward edited information to the third party to enable editing.
   3. 3. The personal information which is agreed to be provided to a third party by a member can be checked on the website of MAYPLACE SEOUL. The agreement can be withdrawn anytime.
   4. 4. MAYPLACE SEOUL shall handle the personal information cancelled or deleted upon a member’s request according to the Retention and Use Period of Personal Information. It shall NOT be viewed or used for any other purposes. However, if needed to comply with legal obligations, there are particular provisions, or there is a possibility of causing casualties or property damage, the request may be rejected. In case related causes occur, they shall be informed immediately.
   5. 5. Procedures for disposal Means of disposal
      1. A) Any hard copies of personal information: Shredding or burning
      2. B) Any electronic files of personal information: To be destroyed irretrievably using appropriate technological means

Article 6 (Outsourcing of the Processing of Personal Information)

For the purposes of providing better customer services, MAYPLACE SEOUL outsources the processing of personal information as follows. MAYPLACE SEOUL stipulates related matters for keep personal information secure and safe at outsourcing agreement. It provides a member’s information as follows:

• - Introduction and collection of the benefits of Castle membership: MG Credit Information CO., LTD. (ex: Name, phone number, email)
• - Website maintenance: Gabia CO., LTD. (ex: ID, name, email, date of birth, gender, phone number, address, access log)
• - Email forwarding services: Mailing link with NETPATHY (ex: Name, email)
• - Management of room & banquet reservation system: SANHA IT (ex: Name, email, mobile phone number, contents)

Article 7 (Operation and Use of Cookies)

MAYPLACE SEOUL has run ‘Cookies’ which frequently search and save a member’s information. Cookies are very small-sized text files that are sent to your browser from an operating server of MAYPLACE SEOUL’s website, and they are saved in your computer’s hard disk. MAYPLACE SEOUL uses cookies for the following purposes:

1. 1. Target marketing and customized services through analysis on members’ and nonmembers’ access frequency and visit time, users’ propensity and interests and frequency of participating in various events and visit frequency
2. 2. Members shall have the right of choice for cookie installation. And all cookies will be accepted by setting options in your Web browser, verify the process whenever cookies are saved, or reject all saved cookies.
   1. Configuring Cookies [for the Internet Explorer 6.0]
   2. 1. Select [Internet Option] from [Tools] menu.
   3. 2. Please click [Personal Information Tab]
   4. 3. Please set [Personal Information Protection Level]

회원께서 쿠키 설치를 거부하셨을 경우 조선호텔 서비스 제공에 어려움이 있습니다.

Article 8 (Personal Information Manager or Personal Information Management Department)

Any complaints or questions relating to MAYPLACE SEOUL’s handling of the personal information of its customers shall be directed to the following department and personnel:

1. Any report or questions relating to the infringement of any personal information may be directed to the following organizations:
   1. - Personal Information Infringement Reporting Center (www.118.or.kr / 118)
   2. - Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533-4)
   3. - Internet Crime Investigation Center of the Supreme Prosecutors’ Office (www.spo.go.kr / 02-3480-2000)
   4. - Cyber Terror Response Center of the National Police Agency (www.ctrc.go.kr / 02-392-0330)

Article 9 (Technical and Administrative Measures for Protection of Personal Information)

MAYPLACE SEOUL takes the following technical and administrative measures to protect its customers’ personal information from loss, theft, leakage, falsification or damage:

1. 1. 1. A member’s password is encrypted for the member’s use only. The personal information can be viewed and edited by the member with the password only.
   2. 2. Anti-hacking measures
      1. - MAYPLACE SEOUL strives to prevent any leakage of or damage to its customer’s personal information caused by hacking or a computer virus.
      2. - MAYPLACE SEOUL takes necessary actions to prevent computer virus using a vaccine program. The vaccine program is updated periodically. If a virus occurs, the vaccine program takes care of it right away, preventing a member’s personal information hacked.
   3. 3. Minimization of the personnel handling personal information and training & education
      1. The management of customers’ personal information is limited to the personal information manager and personal information management staff. They are trained and educated regularly to observe the Privacy Policy all the time.
   4. 4. Operation of the personal information protection organization
      1. - MAYPLACE SEOUL oversees the protection of all personal information in its possession and ensures compliance all related procedures by its Personal Information Managers. In the event that a problem is found, MAYPLACE SEOUL takes appropriate corrective measures immediately.
      2. - Notwithstanding the foregoing, MAYPLACE SEOUL shall not be liable for matters arising from the leakage of any personal information (ex: ID, password, etc.) caused by its customer’s negligence or any technical problems.

Article 10 (Personal Information Protection for Children Under 14)

MAYPLACE SEOUL knows that it is critical to protect personal information for children under 14. Furthermore, it prohibits minors (under 19) from joining the membership. In other words, those under 19 are NOT qualified to get membership services at MAYPLACE SEOUL.

MAYPLACE SEOUL does NOT collect any personal information on children under age 14. If it is necessary to collect personal information of children under age 14, MAYPLACE SEOUL shall comply with applicable laws and notification provisions.

Article 11 (Transmission of Advertising Information)

1. 1. 1. MAYPLACE SEOUL does NOT send to its customers any information of an advertising nature for commercial purposes against the express will of its customers.
   2. 2. When sending any information of an advertising nature (ex: Newsletter, etc.) by email for the purpose of online marketing, MAYPLACE SEOUL shall take the following measures:
      1. A) Subject line of e-mail: ‘Advertisement’ may NOT be stated, and the details shall be explained in the text.
      2. B) Main text of e-mail:
         1. - It clearly states the name, e-mail address, phone number, and address of the sender so that the recipient can indicate his or her wish to unsubscribe any future emails.
         2. - It explains the method for indicating the wish to unsubscribe in two languages (Korean, English). .
   3. 3. If the following harmful information is transmitted to adolescents, ‘(ADULT ONLY)’ should be phrased:
      1. A) If one of the following categories is expressed in the form of sign, letter, video or sound (including the contents which can be easily confirmed by the receiver even though the message ix explicitly expressed), ‘(ADULT ONLY)’ should be lined on the title:
         1. 1) Abusive and obscene contents for minors under 19
         2. 2) Contents which can motivate adolescents to be aggressive or commit a crime
         3. 3) Contents which stimulate or beautify various assaults including sexual assault and drug abuse
         4. 4) Those categorized as ‘hazardous materials for the youth’ in accordance with Juvenile Protection Act
      2. B) If the Internet website which covers one of the said four categories in the advertising materials is informed, ‘(ADULT ONLY)’ should be lined on the title.

Article 12 (Obligation of Notification)

1. 1. 1. Any addition, removal or modification to the Privacy Policy with changes to relevant laws and regulations and government policies or MAYPLACE SEOUL’s policy will be announced on the website of MAYPLACE SEOUL at least seven (7) days prior to the revision.
   2. 2. The Privacy Policy becomes effective on April 1, 2012. The new policy shall substitute for the old privacy policy.