Korea Privacy Policy

(Concerning Customers’ Personal Information)

1. General Provisions

Federal Express Korea LLC and Federal Express Corporation Korea Branch (collectively, the “Company”) endeavor to protect personal information of their customers (“Customers”) and comply with all applicable privacy related laws and regulations, including the Personal Information Protection Act and the Act on the Promotion of Information and Telecommunications Network Use and Information Protection, Etc. The Company’s privacy policy for Customers’ personal information (this “Privacy Policy”) may be amended pursuant to applicable laws and regulations, regulatory instructions and the Company’s internal policy.

2. Purposes of Processing Personal Information and Items of Personal Information to be Processed

The Company will/may collect some or all of Customers’ personal information listed below in the course of business with them:

[General Personal Information]

Classification

Purposes of Processing Personal Information

Items of Personal Information to be Processed

Mandatory

‣ Business: goods delivery, pack service, bill issue, payment (shipment, warehouse storage fee, etc.), import and export shipment custom declaration, provision of packing materials, etc.
‣ Customer registration
‣ With respect to establishment and maintenance of business transaction for service provision, check customer’s default information with credit assessment companies or credit information concentration institution
‣ Marketing and promotion: provision of service related information and Company’s news via telephone, SMS and e-mails, provision of the benefit (invitation, tickets) of the events which are organized or sponsored by the Company, My FedEx Rewards (MFR) Promotion, etc.
‣ Settlement of disputes: handling of customers’ claims, Q&A, dispute resolution
‣ Facility security and prevention of unauthorized access
‣ Credit assessment (check default information),

‣ Name (Korean, English), company name, telephone number (office, home, mobile), fax number (office, home), address (city, state/province, country), postcode, bank account number, credit card information (card company, card type, card number, expiry date), ID, nickname, FedEx account number
‣ (In case of a business operator) business registration number, representative name, contact person name (Korean, English), company address, postcode, email address
‣ (for purpose of sponsorship marketing) Region, title category, job title, customer's area of responsibility, customer's level of influence over shipping, company address, guest, guest type, business / personal identification of each guest, guest e-mail address, insurance information for the event if needed
‣ (In case of claims) information of sender/shipper, recipient/consignee and applicant (name, contact, address, company, address, state, country, postcode), phone number, fax number, e-mail address, tracking or freight bill number, details of claims (information related to sending, damage, claim amounts)

3. Method of Collection

Customers may use this website without providing the Company with their personal information; however the provision of certain services requires Customers to provide FedEx with certain personal information. The Company collects the above personal information via this website, e-mail, fax and/or personal contact.

4. Processing/Retention Period and Destruction of Personal Information

A.  Processing/retention period of personal information

In principle, when the purposes of collecting and using personal information are achieved, such information will be destroyed in a timely manner, as described in the following paragraph. In the event that Customers give FedEx notice that they withdraw their consent to the collection of personal information or request the deletion thereof, the personal information will be destroyed in a timely manner. However, if any personal information is required to be retained under applicable laws and regulations, including the Korean Commercial Code and the Act on the Consumer Protection in Electronic Commerce, etc., the personal information will be retained and used for the period and purpose as prescribed under such laws and regulations.

B.  Destruction of personal information

  1. When destroying personal information, the Company will take commercially reasonable and technically possible measures to make the personal information irrecoverable or irreproducible as follows:
    1. Electronic files which contain personal information will permanently be deleted using a technical method which makes the files irrecoverable; and
    2. Any other records, print-outs, documents or any other recording media will be shredded or incinerated.
  2. In the event that the processing/retention period has expired, but personal information is required to be retained continuously for reasons including those described in Section 4.A above, the relevant personal information and personal information files will be stored/maintained separately from other personal information, to the extent technically possible.

5. Provision of Personal Information to a Third Party

The Company will/may transfer some or all of Customers’ personal information listed below to a third party in the course of business with Customers:

[General Personal Information]

<Mandatory>

Recipient Name
(Contact information)

Country where Recipient is Located

Recipient’s Purpose of Using the Personal Information

Items of Personal Information to be Transferred

Period of Retention and Use by Recipient

National Tax Service (126)

Korea

Imposition, exemption, and collection of various taxes, including V.A.T.

Name, telephone number (office, home, mobile), fax number (office, home), address (office, home), bank account number

Until the purposes of using the personal information are attained

Korean Customs Service (1577-8577)

Korea

Imposing/collecting duties and tax, control of consignment

Name, telephone number (office, home, mobile), fax number (office, home), address (office, home)

Same as above

Federal Express Corporation and worldwide affiliates

 

U.S.A, etc.

Overseas delivery and customer management

Name (Korean, English), company name, telephone number (office, home, mobile), fax number (office, home), address (city, state/province, country), bank account number, credit card information (card company type, card type, card number, expiry date), ID, nickname, FedEx account number, business registration number, representative name, contact person name (Korean, English), company address, postcode

Same as above

 

6. Delegation of the Processing of Personal Information

The Company will/may delegate the processing of personal information of Customers as described below (including for purpose of promoting and marketing the Company’s services), and the delegatees may process personal information according to the purposes of the delegation. If there is any change in the details and service provider of the delegated services, the Company will announce the changes through this Privacy Policy in a timely manner.

  1. Status of delegation of the processing of personal information
  2. <General Delegation of the Processing of Personal Information>

    Delegatee Descriptions of Delegated Services

    Sky Bridge Customs & Trade Service Company

    Customs brokerage service

    Korea Computer Form Co., Ltd

    Customer invoice printing and mailing

    Nice Credit Information Service Co., Ltd.

    Collection of debt

    Nice Information Service Co., Ltd

    Credit evaluation for the business maintenance and establishment (verification default information)

    First Data Korea Ltd.

    Providing of electronic financial transaction service (credit card payment, etc.)


    Delegation for Marketing Purpose

    Delegatee Descriptions of Delegated Services

    SureM

    Mobile message service (SMS, LMS)

    Anyffice Ltd.

    Direct Mail(DM)/email DM management

    Naegagrin Giringrim Co., Ltd

    Direct Mail(DM)/email DM management

    Brion Co., Ltd

    Event management

    SI Innovation

    Event management

    Soulkit Communications

    Event management

    Taylor Nelson Sofres Korea Ltd.

    Market research, Consulting

    Ipsos Korea

    Market research, Consulting

    DGR Service Co., Ltd.

    Dangerous goods packing service

    E3TS Co., Ltd.

    Telesurvey, telemarketing

    IB Worldwide

    Event management

    FROMM research

    Market research

    Fireball Co., Ltd

    MFR, marketing promotional items purchase/mailing

    Grandios Co, Ltd

    Online FedEx account opening page development/maintenance, other IT supports for marketing campaigns

    KoreaDM Co., Ltd

    Customer Service Innovation (CSI) campaign, marketing promotional items purchase/mailing

    Bridge2Solutions Inc.

    MFR reward catalog management

    Salesforce.com Inc

    Customer Service Innovation (CSI) campaign, email marketing

    Edenred Pte Ltd

    MFR rewards purchase/storage/mailing

    Epsilon Data Management, LLC

    MFR program management, email marketing


  3. Management and supervision of the delegatee
    When entering into the relevant services agreement with a delegatee, the Company will make commercially reasonable efforts to require the delegatees to comply with applicable privacy related laws and regulations in relevant documents.

7. Rights and Obligations of Customers and the Method of Exercising thereof

A Customer may make the following requests as an information principal: (i) access to his/her personal information, (ii) correction or deletion of his/her personal information, or (iii) suspension of processing of his/her personal information. The legal representative of a child under 14 may make the foregoing request on behalf of such child.

When requested as above, the Company will check whether the requesting party is the information principal or an authorized representative. The Company may reject such request if there exists a justifiable reason for rejection under applicable laws or a reason equivalent thereto

8. Measures to Ensure the Security of Personal Information

  1. Managerial measures for the protection of personal information
    1. The Company will designate a Chief Privacy Officer (“CPO”) to ensure that Customers’ personal information is processed according to the law, and will establish and implement an internal management plan for doing so.
    2. The Company will establish and implement personal information protection education plans for its employees, delegatees and others who are directly in charge of processing personal information.
    3. The Company will periodically conduct an internal audit to verify personal information protection, in accordance with the internal management plan.
  2. Technical measures for the protection of personal information
    1. The Company will control access to personal information, and will restrict and manage the access right.
    2. The Company will record the details of the management of access right to personal information, and will retain such records for a certain period of time.
    3. The Company will install and operate an intrusion blocking/prevention system to prevent any unauthorized access to personal information. In addition, a safe access measures, including a virtual private network, will be applied to control the access from the outside.
    4. The Company will establish and apply password generation rules to enable Customers to set up and use a secure password. Upon designating a password to access a certain area of this website, Customers are obligated to keep the password confidential and must not disclose it to a third party.
    5. At the time of transmitting, receiving and saving personal information, including sensitive information and unique ID information, the Company will take encryption measures required under applicable laws and regulations.
    6. The Company will install and periodically update programs to fix security defects in software, including operating systems.
    7. The Company will keep the records of access to the personal information processing system in a safe manner for a certain period of time.
  3. Physical measures for the protection of personal information
    The Company will take physical access prevention measures, including restrictions on access and placing locks, to store personal information kept by way of hard copy in a safe manner.

9. Link to Other Websites

The Company may provide a link of another website which is not controlled by the Company. The Company will not be held liable for such linked websites. In the event that Customers move away from this website, the Company will not be liable for protection and privacy of the information provided by Customers. Customers should carefully review the rules on protection of personal information which applies to the relevant websites. When providing a link, the Company will make commercially reasonable efforts to inform that Customers are transferred from this website to other sites.

10. Cookies

The Company may use cookies, including but not limited to session/persistent cookies and web beacons, for a certain website of the Company. A cookie is a file which saves the history of Customers’ having visited this website from their computer and informs the Company of the history. A cookie may help the Company identify Customers’ website preferences, adjust this website according to their preferences and measure the degree of usage of this website.

Once Customers access this website, the Company may use cookies to provide targeted marketing services or personalized services, etc. by analyzing frequency of access, visit time, etc., tracing Customers, and obtaining information on event participation and frequency of visit, etc.

Customers have an option to install cookies. Customers may accept all cookies, or instruct the web browser to send notice at the time of installation of cookies, or refuse to accept all cookies by adjusting the relevant function in the web browser of their own computer. However, if refusing the installation of cookies, there may be a problem in providing services.

An example of the installation method (in the case of Internet Explorer): The tool button on the upper part of the web browser > Internet Option > Personal Information 

11. Remedy for Infringement on Rights

Customers may file an application for resolution of disputes, consultation, etc. with the Personal Information Dispute Mediation Committee, the Korea Information Security Agency and other agencies as a remedy for personal information infringement.

To report on any other personal information infringement and consultation, Customers may contact the Personal Information Dispute Mediation Committee, E-Privacy, High-Tech Crime Investigation Division, Supreme Prosecutors’ Office and/or Cyber Terrorism Response Center, National Police Agency.

12. Handling of Customers’ Complaints regarding their Personal Information of Customers

The Company’s Customer Services Department will be in charge of collecting the opinions of its Customers regarding protection of personal information and handling complaints related to their personal information. The country manager of the Customer Services Department is designated as CPO for purposes of Customers’ personal information.  Customers may file any complaints related to protection of their personal information which may arise in the course of using the Company’s services to the CPO or the Customer Services Department at the following contact.

Contact Person: Senior Manager, Customer Services Department, Korea
Telephone Number: 080-023-8000
E-mail: krcsl@fedex.com

13. Amendments to this Privacy Policy

If the Company makes any amendment to this Privacy Policy, the Company will inform the contents and effective date of such amendments on this website in a timely manner.

Effective date: April 1, 2017
Notice date: March 24, 2017