IFC MALL

Search Form

PERSONAL INFORMATION PROCESSING GUIDLINES

SIFC Retail Mall Development Limited (the "Company") observes the personal information protection regulations that must be observed by information communications service providers under the Act on Promoted Use of Information Communications and Information Protection (the "Information Communications Network Act") and follows its Personal Information Handling Policies to protect the benefits of users.

Chapter 1 Purpose of Collecting and Using Personal Information

Personal information is the information of living entities that can identify companies, members, or individuals by registered name, etc (including information that can be combined with other information to identify individuals). The personal information collected by the Company is used for the following purposes.

[Member Management]

To verify identity, identify individuals, prevent fraudulent use of faulty members and unauthorized use, verify intention to subscribe, process subscription, and limit the number of subscription for its membership services.

[Use for Marketing and Advertising]

Development and specialization of new services (products), service provision and advertising according to demographical characteristics, analysis of logon frequency, statistics on members' use of services, and dissemination of advertising information on events, etc. (Members' personal information will not be provided for individual or organizational advertisers.)

Chapter 2 Items of Personal Information Collected and Method of Collection

[ Items of Personal Information Collected ]

  1. The following information is collected at the time of initial subscription for member identification and to provide optimal services.
    • Required Items: ID (e-mail), password, name, address, phone, mobile phone, name/address in English (if subscribing on English version of Homepage).
    • Optional Items: Anniversary, place of birth
  2. The following information may be created and collected while using services or processing transactions.
    • Records on service history, connection logs, cookies, connection IP information, records on faulty use, user's status information, date of visit, sex, date of birth, occupation, company name

[ Method of Subscription ]

The Company collects personal information using the following measures.

  1. Subscription on Homepage, bulletin board, or subscription for gifts.
  2. Collection through information collecting tools
  3. Voluntary provision of users while using services.

Chapter 3 Term of Retention and Use of Personal Information

In principle, the Company immediately abolishes personal information after achieving the purpose of collecting and using personal information.
The following information shall be retained for the indicated period for the following reason

Personal information preserved at the time of withdrawal

  • Items preserved: Name, ID, e-mail address, address, phone number, etc provided by members.
  • Purpose: Prevention of reinstatement of faulty users, cooperation with disputes or investigations concerning violation of rights, including compromise of dignity.
  • Term of preservation: 1 year from withdrawal

When needed to preserve certain information under related laws, including the Commercial Code and the Act on Consumer Protection in Electronic Commerce, the Company preserves members' information for the certain period designated by law. In this purpose, the Company uses the information only for the purpose of preservation for the following period of time.

  1. Records on agreement or withdrawal
    • Grounds : Act on Consumer Protection in Electronic Commerce
    • Preservation Period : 5 years
  2. Records on payment and supply of merchandises
    • Grounds : Act on Consumer Protection in Electronic Commerce
    • Preservation Period : 5 years
  3. Records on consumer claims or disputes
    • Grounds : Act on Consumer Protection in Electronic Commerce
    • Preservation Period : 3 years
    • Grounds : Communications Secret Protection Act
    • Preservation Period : 3 months

Chapter 4 Personal Information Abolition Process and Method

In principle, the Company immediately abolishes personal information after achieving the purpose of collecting and using personal information or after the term of retention or use has elapsed.
The following states the process and method of abolition.

Process of Abolition

The information members enter for subscription are abolished after a certain period of time (refer to the term of preservation and use) in accordance with the information protection requirements of the Company's internal policies and the relevant laws. The personal information of members is not provided for any other purposes unless required by law or members' consent has been obtained.

Method of Abolition

Any personal information printed on paper shall be shredded using a shredder or incinerated. Any personal information saved in an electronic format shall be deleted using a technical measure that is not reversible.

Chapter 5 Providing and Sharing Personal Information

In principle, the Company uses members' personal information only for the stated purpose of collection and use and does not disclose it to others or other companies/organizations, except for the following cases.

If agreed by users

  1. Before collecting information, the Company shares with its members the information about its business partners, which information is needed, and how and until when it will be protected/managed to ask for their consent. When not agreed by members, additional information is not collected or shared by its business partners.
  2. When required by law or requested by investigation authority by legal procedures or methods for the purpose of investigation.
  3. Use and provision of personal information required for the purpose of use
    • If applicant's information is provided to the registered domain provider to register the domain name;
    • If provided for the WHOIS service of the domain name;
    • If arbitration organization or court requires the contact information of domain user involved in the dispute;
    • If the personal information data (member's ID and password, domain name without ID number, name server info, expiration date, owner's name, address, and e-mail address) of international domain user are required to be stored with an international escrow service as agreed with the Internet Corporation for Assigned Names and Numbers (ICANN);
    • If a government office requests domain name, name server info, etc to process its task required by law;
    • If member information (name, address, and/or phone) is used for business correspondence;
    • Member's information is provided without identification data for statistics, promotions, academic research or market survey.

Chapter 6 Personal Information Processing Services

The Company hires personal information processing service providers to improve its services and establishes regulations for safe management of personal information as required by law. The following personal information processing services are hired for the corresponding services.

[Personal Information Processing Services]

  • Tubman Asia Management Limited
  • IBS Industries Co., Ltd
  • Korea Information Communications Co., Ltd
  • Laypix Co., Ltd
  • Serve-One Co., Ltd
  • Nice Information Communications Co., Ltd
  • Gabia Co., Ltd
  • Standard Networks Co., Ltd
  • Shinsegye I&C Co., Ltd
  • Georyong Information Technology
  • Korea Electronic Certification Authority
  • Darae Parktech Co., Ltd

[Purpose of personal information receiver]

  • Providing IFC Mall services and event information (SMS/e-mail/DM/TM, etc)
  • Marketing for partnership events and service promotions
  • Commissioned service for verification of real name
  • Processing customers' complaints, etc

[Personal Information Provided]

  • Name
  • Address
  • Phone (mobile/home)
  • E-mail (address)
  • IFC Mall membership card number and parts of transaction info

Chapter 7 Installing, Operating, or Refusing Automatic Collecting Device for Personal Information

In order to provide personalized and customized services to each member, the Company uses cookies to save and call up members' information. Cookies are a small package of data which the server that operates the Website send to users' browsers and saves on the hard disks.

  1. Purpose of Cookies - To analyze members and non-members' connection frequency or visiting time, to identify and trace users' taste and field of interest, and to analyze participation in various events and number of visits for target marketing and personalized services.
  2. How to refuse cookies - You have the choice to accept or refuse cookies. Therefore, you may set the option on your Web browser to allow all cookies, open a pop-up each time cookies are saved, or refuse all cookies.

    * Example of settings (Internet Explorer) : Tools on top of Web browser > Internet Options > Personal Information , If you have refused to install cookies your access to certain services that require logging in may be limited.

Chapter 8 Technical/Management Measures for Personal Information Protection

[Technical Measures]

  1. Each member's personal information is protected by password and the personal information data are separately coded for protection..
  2. Each individual member's password is managed by password setting rules so users or personal information processors cannot use easily traced numbers as password, such as birthdates or phone numbers.
  3. The Company uses vaccine programs and malignant code blocking software to prevent the attack of computer viruses and the software is updated daily.
  4. The Company uses expensive equipment with embedded anti-intrusion and intrusion detecting features to construct a dual network for safe protection of personal information.
  5. The Company also uses a separate Firewall system to operate a triple personal information protection system..
  6. The Company codes and saves personal information on the personal information protection system and the personal information processing and management departments install and operate data anti-leak programs so that members' personal information cannot be brought outside the Company's information communications network.

[Management Measures]

  1. In addition to our efforts, each member is strongly recommended to keep their password in a safe place where it is not disclosed to third parties. Always use caution so your password or personal information is not leaked through public PCs. Your ID and password must not be shared with anyone else and change your password frequently.
  2. The Company has separate computer system management regulations to observe the following.
    • Appointment of personal information management officer to organize and operate a personal information protection organization
    • Training of personal information processors
    • Maintaining connection records of personal information processing systems and regular supervision
    • Protection measures when printing and copying personal information
    • Other items needed to protect personal information

Chapter 9 Rights of Users and Their Legal Proxy and the Method of Exercise

  • Users [or legal proxy (if user is under 14 years of age)] may view and modify their personal information at any time and request withdrawal. To view/modify personal information, users [or legal proxy (if user is under 14 years of age)] may click "Modify Information" on the main page of Homepage, or "Modify Information>Withdraw" to withdraw, and verify identity to view or modify information or withdraw from membership.
  • Or contact our personal information management officer in writing, by phone, or via e-mail and we will process your request immediately.
  • If you have requested correction of errors with your personal information, we will not use or provide your personal information until it is corrected. Also, we will immediately notify third parties for correction if we have already shared incorrect personal information with third parties.
  • The Company processes personal information withdrawn or deleted as requested by users or their legal proxy in accordance with "the term of retention and use of personal information collected by the Company" so that it cannot be viewed or used for any other purposes.

Chapter 10 Personal Information Management Officer and Counseling/Reporting

The Company appoints a personal information management officer to protect customers' personal information and process claims related to personal information. If you have any inquiries concerning your personal information, please contact our personal information management officer or personal information management processor.

  • Customer Service Department : IFC MALL Customer Service Center
  • Phone : 6137-5001 (The phone number is subject to change.)
  • Personal Information Management Officer Name : Manager Woo Young Kim
  • Phone : 6137-5017 (he phone number is subject to change.)
  • E-mail : wooyoungkim@ifcmallseoul.com

You may report to our personal information management officer or department any claims pertaining to personal information protection while using our services. The Company will answer any questions you might have about your claims. If you need any information or resources about personal information violation, please contact the following authorities.

  • Personal Dispute Arbitration Board (www.1336.or.kr / 1336)
  • Information Protection Mark Authorization Board (www.eprivacy.or.kr / 02-580-0533~4)
  • Supreme Public Prosecutor's Office, Online Crime Investigation Center (http://icic.sppo.go.kr / 02-3480-3600)
  • National Police Agency, Cyber Terror Center (www.ctrc.go.kr / 02-392-0330)

Chapter 11 Notices

In case there is any addition or deletion according to the changes to the law, policies, or security technology, we will post notices on our Homepage from 14 days in prior to the execution of changes.

Additional Term 1. (Execution) The Personal Information Handling Policies herein are executed from 30.8.2012

View previous guidelines