Privacy Policy

CONCONTOWN Privacy Policy

Privacy Protection Policy

Manager Scarlett (hereinafter referred to as "the Company") respects customer privacy and strives to meet the expectations and trust of the Company by ensuring that all executives and employees comply with laws and internal regulations related to the protection of personal information, particularly regarding the information and services provided by the Company (hereinafter referred to as "Company Activities"). In accordance with this, the Company has established this policy (hereinafter referred to as "This Policy") to handle personal information in compliance with relevant laws and regulations for privacy protection.

Regarding the Processing of Personal Information

■ Provision of Personal Information
When it is necessary to collect personal information from customers, the Company will inform customers in advance of the purpose for which their personal information will be used and obtain their consent for that purpose.

■ Use of Personal Information
The Company will not use personal information for purposes other than those agreed upon by the customer.

■ Provision of Personal Information to Third Parties
The Company will not provide personal information to third parties unless the customer has given their consent, or unless a request is made by a judicial or administrative authority under legal obligations.

Furthermore, even when the customer’s consent is obtained, if personal information is disclosed, entrusted, or provided to a third party other than the Company, the Company will enter into a contract regarding personal information protection with the third party to ensure strict protection measures.

The Company will never disclose registered personal information to third parties without the customer’s permission. However, in certain cases, personal information may be entrusted to a third party for tasks such as sending emails. In such cases, a confidentiality agreement will be signed with the entrusted party to ensure that customer information is not leaked or re-entrusted. Additionally, after the completion of the task, all personal information provided will be completely deleted and discarded, and protection measures will be implemented to prevent any leakage to third parties.

■ Security Measures for Protecting Personal Information
The Company has established internal regulations and reasonable security measures to protect personal information provided by customers from loss, damage, unauthorized external disclosure, alteration, and illegal access. Furthermore, if the purpose of use is fulfilled and it is deemed unnecessary to retain personal information continuously, the Company may delete the customer’s personal information.

Address: 448, 4F, 186 Yanghwa-ro, Mapo-gu, Seoul, South Korea

Company Name: Manager Scarlett

CEO: Lee Jun

1. Definition of Personal Information
In this policy, personal information refers to any information that can identify an individual, such as name, address, phone number, email address, and other information that, when combined with other data, can easily identify an individual.

2. Purpose of Collecting and Using Personal Information
The Company may collect personal information when customers register an account or when it is necessary to provide services. Additionally, the Company uses the collected customer information for the following purposes. Except as required by law, the Company will not provide personal information to third parties without obtaining prior consent from the customer.

(1) To provide and improve the quality of Company activities
(2) To respond to inquiries related to products and services
(3) To provide information regarding Company activities and other important updates
(4) To provide identity verification and certification services
(5) To conduct marketing activities such as statistics, analysis, and surveys
(6) For billing purposes

(7) To respond to disputes, lawsuits, etc.
(8) To send prizes and provide event-related information
(9) To prevent fraudulent or illegal activities and to respond to issues in case of emergencies
(10) To achieve the purposes set for individual products and services offered by the Company
(11) If the Company succeeds its business due to a merger, division, business transfer, etc., to fulfill the purposes for which the customer previously consented to before the succession
(12) To perform other necessary tasks related to the Company’s activities

The collected information is transmitted to servers operated by the Company or third parties with appropriate records in managing personal information, and it is used only within the scope of the stated purposes.

3. Personal Information Items Used

(1) The Company collects personal information for purposes such as member registration, product reservation, and payment processing.

We collect personal information for the following purposes:

Membership Registration: Name (in English) and email are required to sign up for app membership. This data is retained until membership is withdrawn or the service contract ends.
Package Reservation and Payment: We collect name (in English), date of birth, gender, contact details, address, email, and payment information to process reservations and payments.
Contact: Name and email are collected to respond to inquiries and manage related information.

(2) Collection of Personal Information for Non-Members Using Products and Services

We do not provide reservation or payment services for products and services to non-members.

(3) Personal Information Input for Membership Services
The Company requests users to input essential information for providing services when registering for membership services. Additionally, during surveys or events conducted within the service, users may be asked to provide personal information voluntarily for purposes such as statistical analysis or prize giveaways.

(4) Collection Policy for Sensitive Personal Information
The Company does not collect sensitive personal information that may infringe upon basic human rights—such as data related to race or ethnicity, political opinions, or religious beliefs—unless explicit consent is obtained in advance.

3. Provision of Personal Information to Third Parties
The Company collects personal information in a lawful and fair manner, and clearly defines the purpose of use at the time of collection. Additionally, the collected personal information will not be processed beyond the defined purpose, and appropriate measures will be implemented to prevent its use for purposes other than those specified. Personal information will not be provided to third parties, except in the following cases:

(1) When the customer has given consent
(2) When required by law
(3) When the customer violates the Company's terms of use, and there is sufficient evidence that providing personal information is necessary to protect the Company’s rights, property, or services
(4) When it is necessary to protect a person’s life, body, or property, and it is difficult to obtain consent from the individual
(5) When requested by a court, police, or administrative agency based on law or regulations
(6) When the Company's business is succeeded, including the provision of personal information, due to merger, division, or business transfer.

However, personal information will be provided only to companies directly related to the service, under limited conditions, and the details are as follows:

Hotels: Name, nationality, and gender are provided for reservation purposes and retained until fulfillment. Overseas transfer varies by company.
Travel Agencies: Name, nationality, and gender are shared to confirm reservations, with data retained until the purpose is achieved. Foreign transfers depend on the agency.
Event Management: Information such as Weverse email, member number, WID, and name may be provided to SM Entertainment, WEVERSE COMPANY Inc., and SMEJ Plus for fan club registration. Retention and overseas transfer policies vary by company.

4. Regarding the Safe Management of Personal Information
To protect personal information, the Company implements appropriate management measures for internal staff and external service providers to prevent incidents such as unauthorized access, loss, damage, alteration, or leakage of personal information.

Additionally, to provide better services to members, the Company may outsource certain personal information processing tasks within the scope of legitimate purposes.

Service Area: Online Payments

Commissioned Providers: PayPal, Toss Pay

Purpose: Processing purchases and payments

Retention Period of Personal Information: Until membership withdrawal or contract termination

In such cases, the Company selects outsourcing vendors that meet the standards for ensuring proper protection of personal information. The Company establishes essential provisions through contracts to ensure proper management, confidentiality, and prevention of information leakage, and implements necessary measures. The Company also performs thorough supervision of outsourcing vendors.

Furthermore, the personal information that is outsourced is limited to the minimum required for performing the relevant tasks, and the scope of use is also restricted to the necessary range for performing those tasks.

5. Regarding the Joint Use of Personal Information
To provide comprehensive services, the Company may allow businesses within the corporate group to jointly use personal information collected by each company within the scope of the purposes specified in Section 1 (Purpose of Use of Personal Information).

Address: 448, 4F, 186 Yanghwa-ro, Mapo-gu, Seoul, South Korea

Company Name: Manager Scarlett

CEO: Lee Jun

Group Companies for Joint Use
Companies within the scope of the parent company and subsidiaries.

6. Regarding the Provision of Personal Information to Overseas Entities
(1) Personal Information Transfer Based on the EU Adequacy Decision
The European Union (EU) has determined that the level of personal information protection in South Korea is adequate. Therefore, personal information of EU users can be transferred to South Korea without additional procedures.

(2) Personal Information Transfer for Contract Fulfillment and User Convenience (Provision, Outsourcing, Storage)
The Company may transfer (provide, outsource, store) personal information abroad for the fulfillment of contracts and the convenience of users.
If a user does not wish to have their personal information transferred abroad, they may refuse it through the Company's data protection officer or the responsible department.
In the case of refusal to transfer information abroad, the user's personal information will not be provided overseas.
However, since the overseas transfer of personal information is essential for services such as hotel reservations, the use of certain services may be restricted.

In accordance with the Personal Information Protection Act (Article 28-8, Section 1, Item 3(a)), personal information including name, date of birth, gender, and phone number may be transferred overseas to fulfill service-related contracts.

The following overseas recipients may receive this data upon reservation completion via a secure network:

Tour Study (USA)
Hikari Global (Japan)
KEPIN Travel Agency (Singapore)
Yomo Labs (Taiwan)
Landmark China (China)
RS Shinwa Travel (Thailand)
G-One Tour (Philippines/Vietnam)
Spirit Tour (Indonesia)
AJ Tour (Hong Kong/Macau)

The purpose of use is to retain reservation records in our internal system. Personal information is stored only until the purpose is fulfilled. However, if longer retention is required by relevant laws, the data will be retained accordingly and then immediately destroyed.

7. Transfer of Business
The Company may transfer business segments related to services due to business needs. In such cases, information related to customers will generally be considered part of the transferred business assets. The Company may transfer some or all of the user's personal information in order to continue providing services or to achieve other business objectives.

8. Collection and Use of Attribute Information in Web Services
In order to improve service quality, the Company may collect attribute information, device information, location information, behavior logs, etc., for login management and statistical analysis purposes.

(1) Use of Cookies
The Company's web service uses cookies to identify users' computers and enhance convenience by transmitting cookie information to the user's computer.

If cookie usage is not allowed, some of the Company’s services may not be accessible.
The cookie usage setting can be changed in the user's browser settings.
Cookies do not store personal information and are not used to identify individuals.

(2) SSL Security Application
To protect users' personal information, the Company applies SSL (Secure Socket Layer) technology.
Personal information, such as names, addresses, and phone numbers, is automatically encrypted when entered and transmitted, ensuring that it is protected even if intercepted by external parties.
The Company strictly manages personal information and has implemented firewalls, virus-blocking systems, etc., to prevent unauthorized access, leakage, alteration, or tampering of personal information.

(3) Access Log Recording
The Company’s web service records users' access information in the form of access logs.

Collected items: domain name, IP address, browser type, access time, etc.
These logs are used for website management and usage statistical analysis and are not used for other purposes.

(4) Use of Google Analytics
The Company uses Google Analytics to analyze web service usage and improve service quality.

Google Analytics uses cookies to collect visitor information, but only anonymous information is stored, and it is not linked to personal information.
For the purpose of using the collected information and details, please refer to Google Analytics' Terms of Use and Privacy Policy.

9. Changes to the Privacy Policy
The Company may revise this privacy policy to reflect changes in laws, service content, or user requests.

If there are significant changes, the Company will notify users via the website or other appropriate methods.

10. Compliance with Laws and Regulations
The Company thoroughly complies with relevant laws, government guidelines, and other regulations related to privacy protection.

11. Disclaimer
The Company is not responsible for any personal information leaks resulting from the following cases:

Leaks due to users voluntarily providing personal information on the internet (email, chat, bulletin boards, communities, use of illegal tools, etc.)

12. Requests for Access, Correction, and Deletion of Personal Information

When a user deletes their account after using the service, their personal information will be processed appropriately according to relevant laws and internal regulations.
If the retained personal information is inaccurate or if the user requests correction or deletion, the Company will take the necessary actions promptly based on personal data protection laws upon request from the individual or their authorized representative.

13. Designation of a Personal Information Protection Officer

(1) The Company shall bear overall responsibility for the processing of personal information and, in accordance with relevant laws and regulations, designates the following individual as the Personal Information Protection Officer. This officer shall be responsible for supervising the handling of personal information, addressing user complaints, and providing remedies related to the processing of personal data.

Personal Information Protection Officer

Name: Lee Jun

Position: CEO

Telephone: +82-2-6237-0050

Email: hello@concontown.com

(2) Users may contact the Personal Information Protection Officer regarding all inquiries, complaints, or requests for remedies related to the protection of personal information arising from the use of the Company's services. The Company shall respond to and handle such inquiries without delay.

14. Inquiries
If you have any questions about this privacy policy or need inquiries, complaints, or consultations related to personal information processing, please contact us using the details below.

Phone number: +82 2 6237-0050

Date of Establishment: 01 Apr 2025