Skip to main content

Privacy Policy

Amorepacific Corporation (hereinafter “the Company”) establishes and discloses the following privacy policies to protect personal information pursuant to Article 30 of the Personal Information Protection Act and handle related grievances promptly and smoothly.

Article 1 - Purpose of Processing Personal Information

The company is doing its best to protect personal information as well as the rights and interests of the information subject(including all customers, suppliers, etc.), and collects and uses personal information based on the relevant statutes or the consent of information subject for business processes. Outside of this, personal information is not processed for secondary purposes.

Article 2 - Processing and Retention Period of Personal Information

The company processes and retains personal information within the period of possession and use of personal information under the relevant statutes or agreed by information subject(including all customers, suppliers, etc.).

Article 3 - Providing Personal Information to Third Parties

The company shall provide the information to a third party only if the information subject(including all customers, suppliers, etc.) agrees or if the Personal Information Protection Act permits, such as for the provisions of the law. Otherwise, the company cannot use or provide the customer’s personal information to third parties beyond the notified scope. Outside of this, personal information is not processed for secondary purposes.

Article 4 - Entrusting Personal Information Processing

The company entrusts the processing of personal information to a specialized institution for smooth personal information processing, wherein the company clearly stipulates compliance with the relevant laws, the prohibition of providing personal information to third parties, as well as liability, and strives to protect personal information by signing and securing the details of the contract.

Article 5 - Rights, Duties, and Exercise Methods of the Information Subject and Legal Representatives

The information subject(including all customers, suppliers, etc.) may exercise his/her right to view, correct, delete, or stop the processing of personal information from the company at any time by himself/herself, his/her legal representative, or a delegated person. Then, the company will take immediate action against the request for rights, except as otherwise provided for by law.

The information subject(including all customers, suppliers, etc.) and a legal representative may exercise their rights by contacting the company using the Internet, telephone, or written documents in relation to personal information, and the company shall take the necessary measures without delay.

Article 6 - Items of Personal Information to Process

The company processes personally identifiable information, address, contact, etc. with the consent of the information subject(including all customers, suppliers, etc.) or under the law for Amorepacific Group’s business, such as providing services to customers and managing its executive personnel and employees.

Article 7 - Destroying Personal Information

When personal information becomes unnecessary, such as the expiration of the period of personal information retention or the achievement of processing purposes, the company shall destroy such personal information without delay so that it cannot be reproduced or restored. If the law requires preservation, the information should be moved to a separate DB to minimize access.

Article 8 - Measures to Secure the Safety of Personal Information

To ensure the safety of personal information, the company implements the following measures and manages it strictly.

① Administrative measures: Establishment and implementation of internal management plans, regular training of employees, etc.
② Technical measures: Management of access authority of the personal information processing system, installation of the access control system, encryption of unique identification information, periodic inspection of access records, installation of security programs, etc.
③ Physical measures: Access control of computer rooms, archives, etc.

Article 9 - Matters Concerning the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices

The company uses “Cookie,” which stores information and frequently calls to provide users with personalized service and convenience. Moreover, the user can set/stop of cookies on the web browser.

Article 10 - Matters Concerning Personal Information Security Officer

The company is in charge of handling personal information and appoints a person in charge of personal information protection as follows to handle complaints and damage relief related to personal information processing as well as respond to and handle inquiries from the information subject(including all customers, suppliers, etc.) without delay.

* Personal Information Security Officer: Information Security Center Seung-il Oh (CISO)
* Department in charge of personal information protection : Information Security Center

Article 11 - Changing the Privacy Policy

When the company changes its privacy policy, it continuously discloses the timing of the change and the changed contents and compares the changes before and after so that the information subject can easily check them.

Addendum

• 2022.04.25 (Enforcement Date) This policy will take effect on 20 April 2022.
• 2021.06.10 (Enforcement Date) This policy will take effect on 10 June 2021. View previous privacy policy >
• 2020.07.10 (Enforcement Date) This policy will take effect on 10 July 2020. View previous privacy policy >