[Cheil eBidding System] Privacy Policy


Cheil Worldwide Inc. (the “Company”) values your personal information, and complies with the applicable laws and regulations including the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. This Privacy Policy informs you of the purposes and method of use of the personal information you provide to us, and also provides information on what measures are being taken for the protection of your personal information.



■ Purposes of Collection and Use of Personal Information

The Company collects and uses your personal information for the following purposes:

Personal information is handled for the purposes of ensuring security during your visit, personal authentication, grievance handling, etc.



■ Types of Personal Information Collected and the Method of Collection

The Company collects the following personal information for the purposes of enabling your participation in the Event and sending of the prize. The following personal information is the minimum personal information required to fulfill the above purposes. You may choose not to consent to providing your personal information, but in that case, your participation in the Event and sending of the prize may be restricted.

① Types of personal information collected

1. information provided by the User: Company Name, Employee Name, Employee No, Tel No, E-mail

2. Information collected while the users use services: IP Address, Log Data.

② Method of collecting personal information

By filling out a format during your visit or filling out an online form



■ Period of Retention and Use of Personal Information

① The Company will retain and use your personal information until the “Purposes of Collection and Use of Personal Information” outlined above have been fulfilled. However, in a case falling under any of the following reasons, your personal information will be retained and used until such reason has been terminated:

1. If there is any investigation or inspection in progress for a breach of applicable laws: until the close of such investigation or inspection;

2. If any claim-obligation relationship remains with respect to the Event: until the time such claim-obligation relationship has been settled.



■ Rights and Obligations of Customers and Legal Representatives and the Method of Exercise Thereof

① As customers or the legal representatives of customers under the age of 14 (collectively referred to as “customers”), you may request to view your personal information (or the personal information of the customers under the age of 14, in the case of legal representatives) handled by the Company. To this end, you may contact the Chief Privacy Officer specified under the “■ Chief Privacy Officer and Responsible Department” section of this Privacy Policy in writing, by telephone or by email, to which the Company will take immediate action. Unless there are special circumstances, the Company will provide a reply without delay on whether or not access to the requested personal information can be provided. In the event that the Company declines or postpones access to such information, it will notify you the reason thereof. The Company may restrict or decline access by notifying you the reason thereof in case of any the following:

1. If the access is prohibited or restricted by law;

2. If it may damage the life or health of another person, or unduly infringe on the properties or other interests of another person.


② Customers who have accessed their personal information may request the Company to correct or delete any personal information that is inaccurate or cannot be confirmed. To this end, you may contact the Chief Privacy Officer specified under the “■ Chief Privacy Officer and Responsible Department” section of the Privacy Policy in writing, by telephone or by email, to which the Company will take immediate action. However, you may not request deletion of any personal information whose collection is mandated by law.


③ The Company will notify you without delay from the date of receiving the correction or deletion request as under paragraph ② above that (i) the requested action has been taken, if the correction or deletion has been performed as per your request; or that (ii) the correction or deletion request has been declined and the reason thereof, along with how the you can raise an objection.


④ You may request the Company to discontinue handling of your personal information. To this end, you may contact the Chief Privacy Officer specified under the “■ Chief Privacy Officer and Responsible Department” section of the Privacy Policy in writing, by telephone or by email, to which the Company will take immediate action. However, in a case falling under any of the following, or if there is otherwise a justifiable reason, the Company may decline your request for suspension of handling your personal information after notifying you the reason thereof:

1. If there are special provisions prescribed by law or if it is otherwise inevitable to comply with legal obligations;

2. If it may damage the life or health of another person, or unduly infringe on the properties or other interests of another person;

3. If suspension of handling personal information is likely to undermine fulfillment of the contract including the provision of services promised to you, where you have not expressly stated your intent to terminate the contract


⑤ The Company will notify you without delay from the date of receiving your request for suspension as under paragraph ④ above that (i) the requested action has been taken, if the handling of personal information has been suspended as per your request; or that (ii) the request for suspension has been declined and the reason thereof, along with how you can raise an objection.



■ Process and Method of Destroying Personal Information

Once the “Purposes of Collection and Use of Personal Information” outlined above have been fulfilled, the Company will proceed with the following process and method of destroying personal information within five days of achieving the said purposes, in principle:

○ Destruction process

Your information will be moved to a separate database after fulfillment of the above “Purposes of Collection and Use of Personal Information” and stored for a certain period before it is destroyed for reasons of information protection in accordance with the internal policy and other related laws.

The personal information moved to the separate database will not be used for any purposes other than for retention except as otherwise prescribed by law.

○ Destruction method

Personal information stored in an electronic file format will be deleted using a technological method that prevents reproduction of the records

Personal information printed on paper will be destroyed by shredding using a shredder or by incineration.



■ Measures to Ensure Safety of Personal Information

The Company takes technological, managerial and physical measures necessary to ensure safety of personal information as follows:

○ Establishment and implementation of internal management plan

The Company establishes and implements internal management plan for safe handling of personal information.

○ Access control and restriction of access rights

The Company takes necessary measures to control access to your personal information by granting, modifying and deleting access rights to the database system processing your personal information, and controls any unauthorized access from the outside by using an intrusion prevention system.

Also, the Company manages your personal information by minimizing the access to only a limited number of personnel designated to handle the personal information of customers.

○ Application of encryption technology for safe storage and transmission

Your personal information is password protected, and the files and transmission data are encrypted or stored and managed using a file lock function. Important data are further protected by a separate security function.

○ Storage of log records and prevention of forging and alternation

The Company stores and manages the log records of access to the personal information processing system that handles your personal information for a minimum of six months, and uses a security function to prevent forging, alternation, theft or loss of the log records.

○ Installation and operation of a security program

To prevent leakage or damage of your personal information by any hacking attempts or computer virus, among others, the Company has installed a security program, which is periodically updated and checked. Also, the system is installed in an area with restricted access from the outside, and is monitored and blocked from access through technological and physical means.

○ Prevention of physical access

The Company keeps documents, auxiliary storage media, etc. containing your personal information in a safe place with locks.



■ Provision of Personal Information to a Third Party

The Company will not disclose your personal information to an external party, in principle. However, an exception will apply in the following cases:

○ If you have provided a prior consent;

○ If prescribed by law, or if required by an investigation agency in accordance with the procedures and methods set forth by law for investigation purposes.



■ Entrustment of Handling of the Personal Information Collected

The Company entrusts the handling of your personal information to a specialized outside company as follows:

○ Name of company: Cheil Worldwide Inc.,

○ Entrustment period: Personal information will be destroyed immediately upon withdrawal from the Cheil Worldwide Inc.,

○ The above company will use your personal information it has been entrusted with solely for the purposes of service providing related with online bidding and for no other purposes.



■ Matters related to Installation and Operation of Automatic Personal Information Collection Device and the Refusal Thereof

○ What are cookies?

- To provide personalized and customized services, the Company uses “cookies” to save information about you and to retrieve such information as needed.

- Cookies are very small bits of text file that are sent to the user’s browser by a server used to operate a website. These cookies are saved in the hard disk of your computer, and then retrieved by the website when you make subsequent visits to the website in order to maintain your configurations and offer customized services.

- Cookies do not automatically or actively collect personal identification information, and you can always refuse to save cookies or delete them.

○ Purpose of the Company’s use of cookies

The cookies are used to identify the services of the homepage visited by customers and to analyze the website visit and usage patterns, preferred search words, secure access settings, news editing, user size, etc. in order to offer you customized information that has been optimized to your needs including advertisements.

○ Installation/operation of cookies and refusal thereof

- You reserve the right to choose whether to install cookies. Thus, you can allow saving of all cookies, check a cookie each time it is saved, or refuse to save cookies altogether by selecting an option on your web browser.

- However, if you refuse to save cookies, you may experience difficulties in the use of certain services that require log-in.

- You can choose settings on whether to allow installation of cookies as follows (in case of Internet Explorer):

① Under the [Tools] menu, choose [Internet Options].

② Click the [Privacy] tab.

③ Adjust the settings for [Privacy Level] settings.



■ Chief Privacy Officer and Responsible Department

The Company's Chief Privacy Officer and responsible department are as follows:

○ Chief Privacy Officer: Sang-Moo LEE

○ Department of the Chief Privacy Officer: Human Resources Group

○ Contact information of the Chief Privacy Officer: 0082-2-3780-2281

○ Email address of the Chief Privacy Officer: sm70.lee@samsung.com


○ Privacy Contact Person: Jung-Eun Lee

○ Department of the Privacy Contact Person: Corporate Communications Team

○ Contact information of the Privacy Contact Person: 0082-2-3780-2220

○ Email address of the Privacy Contact Person: jepr.lee@samsung.com



■ Amendment to the Privacy Policy and Duty of Notice

In the event that the Company amends its Privacy Policy, it will provide notice through the “Notices” section on its homepage on when the amendment will be made and when it will take effect, as well as the details of the amendment, at least seven days prior to the amendment. However, for any material changes to user rights including the collection and use of personal information and provision of such information to a third party, the notice will be given at least thirty days in advance.


○ Announcement date: 2019.05.13

○ Effective date: 2019.05.13