Federal Express Korea LLC – Privacy Notice
(Concerning Customers’ Personal Information)
1. General provisions
2. Principles and methods of collecting personal information
3. Collection items and processing purposes of personal information
4. Personal information processing and retention period
5. Destruction of personal information
6. Provision of personal information to third parties (domestic)
7. Delegation status of personal information processing (domestic)
8. Overseas transfer of collected personal information (delegation of personal information processing to a foreign third party)
9. Customer rights and obligations and how to exercise them
10. Measures to ensure the safety of personal information
11. Links to other websites
12. Installation, Operation, and Refusal of Devices Automatically Collecting Personal Information
13. Matters Regarding the Collection, Use, and Refusal of Behavioral Information
14. Additional Use and Provision
15. Remedies for infringement of rights
16. Personal information protection and customer complaint handling department
17. Policy on the Operation and Management of Fixed Video Information Processing Devices
18. Amendments to this Privacy Policy
Federal Express Korea LLC (Federal Express Korea Limited) (the “Company”) actively protect the personal information of customers (“Customers”) and comply with all relevant laws, including the Personal Information Protection Act etc. The Company's Privacy Policy contains the following information.
(1) In order to provide services, the Company collects personal information necessary only for the following purposes and only to the extent permitted by law, through the website, phone, fax, email, written form, consultation, face-to-face application, or receipt from delegation companies. The items of personal information collected and the purpose of collection and use are set forth in Section 3 below:
(2) In the event the purpose of processing personal information changes, we will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
(3) You have the right to refuse consent to the collection and use of personal information, and there is no disadvantage if you refuse the consent. However, if you refuse the consent to the mandatory consent items, you may not be able to use the service, or there may be restrictions on the provision of services that the Company offers, depending on the purpose of service use.
The Company processes personal information for the following purposes:
(1) Processing Purposes of Personal Information
(a) Customer Registration (Membership Enrollment) and Management
To confirm the customer’s intent to enroll as a member on the FedEx website and mobile app; identify and authenticate members; issue Customer account numbers; maintain and manage membership status; prevent fraudulent use of services; block unauthorized access; verify the consent of legal representatives; provide notices regarding updates to various terms and services; and handle customer inquiries and complaints.
(b) Express Services and Execution/Performance of Transportation Contracts
To provide international and domestic express services; execute and perform transportation contracts; manage shipping reservations and arrange pickups; issue Air Waybills; provide shipment tracking services; settle transportation charges; bill and collect fees; handle cargo accidents; and process refunds and compensations.
(c) Import/Export Customs Clearance and Customs Affairs
To file import/export declarations in accordance with the Customs Act and relevant laws and regulations; execute customs clearance procedures; settle customs duties and taxes; process duty drawbacks (refunds); and handle related civil complaints.
(d) Service Improvement and Analysis
To analyze service usage status; conduct customer satisfaction surveys; improve service quality; and enhance operational efficiency.
(e) Marketing Communications and Promotion Management
Subject entirely to obtaining the separate consent of the customer, to provide guidance on new services and products; dispatch newsletters; operate events and promotions; and deliver event rewards.
(f) Compliance with Domestic and International Laws and Regulatory Obligations
To fulfill legal obligations prescribed by tax laws, the Customs Act, sanctions and export control regulations (including OFAC), and other domestic and international laws; and respond to lawful requests from relevant authorities.
(g) Facility Security and Risk Management
To manage access control for offices, logistics facilities, and bonded areas; prevent security incidents; protect facility and information assets; and fulfill obligations under relevant laws such as the Counter-Terrorism Act.
(2) Items of Personal Information Processed
The Company processes personal information based on the processing grounds under relevant laws (such as the Personal Information Protection Act) or the consent of the data subject, the details of which are as follows:
| Category | Legal Basis | Purpose of Collection and Use | Items Collected | Retention Period |
|
Customer Registration |
Article 15 (1) 4 of the Personal Information Protection Act (Execution and Performance of a Contract) |
Customer identification, age verification, creation of Customer account number and User ID, service provision, notice related to shipment delivery and transportation tracking information, delivery of notices. |
[Individual Customers] [Mandatory]: Name (Korean, English), email, phone number (home/company, mobile phone), address (city/province/country, zip code) (Korean, English), credit card information (card company name, card type, card number, expiration date), FedEx.com/TNT.com User ID, Customer account number. [Optional]: Company fax number.
[Corporate Customers] [Mandatory]: Name of the person in charge (Korean, English), company email, company name (Korean, English), business registration number, phone number (company, mobile phone), CEO name (Korean, English), company address (Korean, English), credit card information (card company name, card type, card number, expiration date) (for business customers who pay for the service with credit card), User ID, Customer account number. [Optional]: Company fax number. |
Destroyed promptly upon withdrawal of membership. |
|
Express Shipment Delivery / Reservation |
Article 15 (1) 4 of the Personal Information Protection Act (Performance of a Contract) |
Customer identification, cargo delivery, provision of additional services, payment and settlement of charges, billing, debt collection, notice related to shipment delivery/transportation tracking information, delivery of notices. |
[Individual Customers] [Mandatory]: Customer account number, Air Waybill number, name (sender, recipient), phone number (home/company, mobile phone), email, address, destination country.
[Corporate Customers] [Mandatory]: Customer account number, Air Waybill number, name (sender, recipient), phone number (company, mobile phone), email, address, destination country. |
Until the completion of the service and resolution of debts/credits disputes. (Provided, however, that records on consumer complaints or dispute handling under the Act on Consumer Protection in Electronic Commerce shall be retained for 3 years). |
|
Shipping and Transportation Information |
Article 15 (1) 4 of the Personal Information Protection Act (Performance of a Contract) |
Customer identification, express shipment (import/export) reservation and notice related to delivery, transportation and delivery of express shipment, quotes, costs (fare, customs duty, tax, customs clearance fee), delivery of settlement notices. |
[Individual Customers] [Mandatory]: Customer account number, Air Waybill number, name (consultation client), name (sender, recipient), bill number, phone number (home/company, mobile phone), email, address.
[Corporate Customers] [Mandatory]: Customer account number, company name, Air Waybill number, name (consultation client), name (sender, recipient), bill number, phone number (company, mobile phone), email, address. |
Until the completion of the service and resolution of debts/credits disputes. (Provided, however, that records on consumer complaints or dispute handling under the Act on Consumer Protection in Electronic Commerce shall be retained for 3 years). |
|
Additional Transportation (Quick) Service |
Article 15 (1) 4 of the Personal Information Protection Act (Upon Request by User) |
Customer identification, provision of shipment transportation service (by quick service), delivery of notices. |
[Mandatory]: Air Waybill number, name (recipient), phone number (home/company, mobile phone), address. |
Until the completion of the service and resolution of debts/credits disputes. |
|
Customs Clearance (Import) |
Article 15 (1) 2 of the Personal Information Protection Act (Compliance with Legal Obligations), Article 241 of the Customs Act, etc. |
Customer identification, import shipment customs clearance, shipment delivery, customs payment, tax refund processing in case of refund or breach of contract, delivery of notices. |
[Individual Customers] [Mandatory]: Personal customs clearance code or unique identification information (passport number or foreigner registration number) or date of birth (list clearance), name (recipient), address, mobile phone number, email, bank account information for a tax refund in case of breach of contract (account holder, bank, account number).
[Corporate Customers] [Mandatory]: Business customs clearance code, business registration number, name (recipient/representative), address, mobile phone number, email, bank account information for a tax refund in case of breach of contract (account holder, bank, account number). |
Retention period in accordance with the Customs Act (Import declaration certificates, etc.: 5 years from the date of acceptance. For details, please refer to Article 4 below.) |
|
Customs Clearance (Export) |
Article 15 (1) 2 of the Personal Information Protection Act and Local Customs Regulations |
Customer identification, export shipment customs clearance, cargo delivery, cargo accident handling and compensation, delivery of notices. |
[Mandatory]: Name (sender, recipient), phone number (home/company, mobile phone), address, email, recipient's passport number or TAX NUMBER (if necessary for local customs import clearance procedures). |
Retention period in accordance with the Customs Act (Export declaration certificates, etc.: 5 years from the date of acceptance / Export/Return: 3 years. For details, please refer to Article 4 below) |
|
Transportation Charge, Additional Service Charge |
Article 15 (1) 4 of the Personal Information Protection Act and Credit Information Use and Protection Act |
Customer identification, information and notification for fare and fee payment/cancellation/refund, issuance of bills, cash receipts, and tax invoices, credit information inquiry (inquiry of Customer default information to credit inquiry companies or credit information collection agencies in relation to maintaining the establishment of commercial transactions according to service provision). |
[Mandatory]: Name (sender), Customer account number, Air Waybill number, address, email, phone number (home/company, mobile phone), account information for payment/cancellation/refund (credit card information, bank account information). |
Retention period in accordance with relevant laws and regulations (10 years for major documents under the Commercial Act / 5 years for slips and tax invoices. For details, please refer to Article 4 below) |
|
Cash Receipts |
Income Tax Act and Restriction of Special Taxation Act |
Issuance of transaction evidence. |
[Mandatory]: Customer account number, Air Waybill number, name or company name, email, mobile phone, business registration number. [Optional]: Phone number (home/company). |
Retention period under tax laws and relevant regulations: • Commercial ledgers and supporting documents related to transactions: 5 years. |
|
Tax Bill |
Section 32 (1) of Value-Added Tax Act, etc. |
Imposition, reduction, and collection of various taxes (such as value-added tax) and issuance of transaction evidence. |
[Individual Customers] [Mandatory]: Customer account number, Air Waybill number or invoice number, email, resident registration number (collected only when mandated by law). [Optional]: Name, address, phone number (home/company, mobile phone).
[Corporate Customers] [Mandatory]: Customer account number, business registration number, Air Waybill number or invoice number, email. [Optional]: Company name, name of CEO, name of a person in charge, phone number (company, mobile phone), address, business category and item. |
Retention period under tax laws and relevant regulations: • Tax invoices and transaction evidence: 5 years. |
|
Accident Handling |
Article 15 (1) 6 of the Personal Information Protection Act (Legitimate Interests) |
Customer identification, shipment claim handling, checking transaction and delivery information, contact for fact-checking, fee payment/cancellation/refund processing, information on processing details. |
[Mandatory]: Customer account number, name (consultation client), Air Waybill number, name (sender, recipient), phone number (home/company, mobile phone), email, address, bank account information (account holder, bank name, bank account number). |
Until completion of services and resolution of disputes (However, for statutory retention periods under the Commercial Act, E-Commerce Act, etc., please refer to Article 4. below) |
|
Customer Inquiry (General Consultation) |
Article 15 (1) 4 and 6 of the Personal Information Protection Act |
Customer identification, shipment tracking information, guidance on processing quotes and consultations. |
[Individual Customers] [Mandatory]: Name, mobile phone number. [Optional]: Customer account number, phone number (home/company), address, email, country (shipment destination).
[Corporate Customers] [Mandatory]: Company name, name (sender, recipient), phone number (company, mobile phone), address, email, country (shipment destination). |
3 years after resolution of inquiries/complaints (For details, please refer to Article 4 below) |
|
FedEx Customer Voice |
Article 15 (1) 6 of the Personal Information Protection Act (Legitimate Interests) |
Identification of the Customer Voice user, handling of complaints, information on processing details, provision of international delivery and related information. |
[Mandatory]: Name, email, additional email address, phone number, Customer account number, postal code, Air Waybill tracking number, FedEx invoice number, company name, address (1 & 2), city, zip code, additional information. |
3 years after the resolution of inquiries/complaints. |
|
Records Automatically Created During Service Use |
Article 15 (1) 6 of the Personal Information Protection Act (Legitimate Interests); Article 15-2 of the Protection of Communications Secrets Act and Article 41 of the Enforcement Decree |
Preservation of service use records, stable operation and security management of services, prevention of fraudulent use, website performance analysis, statistical analysis of user usage, response to user inquiries and disputes. |
[Mandatory]: Service use time, service use record, fraudulent use record, login information (IP address). |
• Login records under the Protection of Communications Secrets Act (IP address, timestamp of access): 3 months. • Fraudulent use records and service use records under internal corporate policies: 3 years. (Reason: Service operation, security management, fraud prevention, statistical analysis, handling of inquiries and disputes) ※ Please refer to Articles 12 and 13 below regarding the collection and use of cookies and behavioral information. |
|
Consent to Receive Marketing Information |
Article 15 (1) 1 of the Personal Information Protection Act (Separate Consent for Marketing) |
Providing tailored service product guidance, surveys, event-related information, and participation opportunities using phone, SMS, email, and mail; market research; and consulting. |
[Mandatory]: Name, email, mobile phone number. [Optional]: Customer account number, address, business registration number, phone number (home/office), fax number. |
Until the withdrawal of marketing consent or membership withdrawal. (Consent renewal required up to every 2 years) |
|
Participation in Seminars and Events |
Article 15 (1) 1 of the Personal Information Protection Act (Consent of Data Subject) |
Invitations to seminars and events, My FedEx Rewards (MFR) promotion. |
[Mandatory]: Name, email, mobile phone number. [Optional]: Customer account number, address, business registration number, phone number (home/office), fax number. |
Immediately after the end of the event or until the withdrawal of consent. |
|
Sending FedEx Newsletters |
Article 15 (1) 1 of the Personal Information Protection Act (Consent of Data Subject) and Article 50 of the Act on Promotion of Information and Communications Network Utilization and Information Protection |
Notice and announcement related to service information, reception of advertisements for commercial purposes, provision of company news. |
[Mandatory]: Email. [Optional]: Mobile phone number. |
Until the withdrawal of consent (opt-out) or membership withdrawal. |
|
Sending and Managing Rewards |
Article 15 (1) 4 of the Personal Information Protection Act (Performance of Contract/Service) |
Event reward delivery. |
[Mandatory]: Customer account number, name, mobile phone number, email, address. |
Destroyed immediately after the completion of reward dispatch and settlement. |
(1) Unless the Company has an obligation to preserve your personal information in accordance with relevant laws and regulations, each collected item in paragraphs 3.-(1) and 3.-(2) will be retained until you choose to withdraw your membership. However, information related to reservations and inquiries will be kept for a period of 3 years from the completion of the reservation or the processing of the inquiry, while automatically generated records will be retained and used for 2 years from their date of collection.
(2) On the other hand, if it is necessary to preserve personal information in accordance with relevant laws and regulations, such as the Customs Act, Framework Act on National Taxes, Commercial Act, Protection of Communications Secrets Act, the Act on Consumer Protection in Electronic Commerce, etc., and the Credit Information Use and Protection Act, the Company retains customer information for the period set by the relevant laws and regulations, in principle. In this case, the Company uses the information only for the purpose of preservation. The grounds for preservation, the items to be preserved, and the preservation period are as follows:
|
Grounds for preservation |
Items to be preserved |
Preservation period |
|
Commercial Act Article 33 |
Commercial ledgers and material documents and slips related to business |
10 years – material documents / 5 years - slips |
|
Framework Act on National taxes Article 85-3(1) , Corporate Tax Act Article 112, Value- Added Tax Act Article 71(3). |
Ledgers, tax invoices or receipts, and supporting documents related to transactions |
5 years |
|
Customs Act Article 12, Enforcement Decree Article 3 |
Import declaration certificate, contracts related to import transactions or equivalent documents, documents concerning the determination of the price of imported goods, and contracts or equivalent documents related to transactions involving intellectual property rights as referred to in any subparagraph of Article 235(1) of the Customs Act — applicable to express import/export clearance |
5 years
|
| Export declaration certificate, return declaration certificate, documents concerning the determination of the price of export or returned goods, and contracts or equivalent documents related to export or return transactions; | 3 years | |
| documents related to bonded cargo entry/exit, documents concerning the cargo manifest, and documents related to bonded transportation. | 2 years | |
| Act on Consumer Protection in Electronic Commerce Article 6. Enforcement Decree Article 6, |
Records on contract or subscription withdrawal, etc. |
5 years |
|
Records on payment and supply of goods, etc. |
5 years |
|
|
Records on consumer complaints or dispute handling |
3 years |
|
|
Records on display or advertising |
6 months |
|
|
Credit Information Use and Protection Act Articles 20(2) and 37 |
Records on the collection/processing and use of credit information |
3 years |
|
Protection of Communications Secrets Act Article 15(2) |
Login records under the Protection of Communications Secrets Act (IP address, timestamp of access) |
3 months |
|
Act on Promotion of Information and Communications Network Utilization and Information Protection Article 50 and Enforcement Decree 62-3 |
The fact of consent to receive advertisements for commercial purposes and the date of consent |
When membership is withdrawn or consent is withdrawn |
(1) The Company shall destroy the personal information without delay when the personal information becomes unnecessary, such as the expiration of the personal information retention period and the achievement of the purpose of processing.
(2) When destroying personal information, the company shall take measures to prevent it from being restored or reproduced, through economically reasonable and technically feasible methods, as follows:
-
Electronic files in which personal information is recorded must be permanently deleted using irreversible technical methods.
-
In addition, in the case of records, printed materials, written materials, and other recording media, they should be shredded or incinerated.
(3) The Company selects the personal information that requires destruction and destroys the personal information with the approval of the company’s personal information protection manager. If the processing/retention period of personal information has expired, but personal information is kept for reasons such as those in Paragraph 4, Subparagraph 1 above, the personal information and personal information files should be stored and managed separately from other personal information to the extent technically possible.
The Company may provide all or part of the following customer information to third parties in the course of transactions with the Customer.
In such cases, personal information may be provided only with the data subject’s consent pursuant to Articles 17 and 18 of the Personal Information Protection Act or when otherwise specifically permitted by applicable laws.
However, where the provision of personal information to a third party is permitted without the data subject’s consent under applicable laws (e.g., for tax assessment or investigative purposes), such information may be provided in accordance with the procedures and methods prescribed by law. For details regarding the provision of personal information to third parties located overseas, please refer to Article 8.
| Relevant law |
Recipient |
Purpose of using the personal information of the recipient |
Items of personal information provided |
Personal information retention and use period of the recipient |
| Article 17(1)(ii) of the Personal Information Protection Act, Article 32(1) of the Value-Added Tax Act, Article 85-3 of the Framework Act on National Taxes, and Article 121 of the Corporate Tax Act |
National Tax Service (126) |
Imposition, reduction, and collection of various taxes, such as value-added tax |
(For both corporate customers and individual customers) the tracking number or shipment bill number, name, e-mail address, phone number (home/company, mobile phone)
(Individual customer) Resident registration number (The resident registration number is collected and used only when necessary pursuant to the law. Value-added Tax Act Article 32 Paragraph 1))
(Corporate customers) Name of representative or business, business registration number, business type, category, item
|
Until the legal retention period |
| Article 17(1)(ii) of the Personal Information Protection Act and Article 241 of the Customs Act |
Korea Customs Service (1577-8577) |
Customs charge and collection, and cargo management |
Personal or corporate customs clearance code (however, if there is no customs clearance or it has not been submitted, an alien registration number or passport number is provided in lieu pursuant to paragraph 4), date of birth, name (recipient), address, phone number(home/company, mobile phone), e-mail, bank account information in case of a duty drawback when there is a breach of contract (account holder name, bank name, account number) |
Same as above |
In order to provide smooth and efficient service, personal information processing tasks are delegated as follows: The current delegation status of the processing of personal information for persons located abroad is as in Paragraph 8.
(1) Delegation of processing of general personal information
|
Scope of Entrusted Processing |
Entrusted Service Provider (Processor) |
Entrustment Period |
Sub-processor |
Scope of Sub-processing |
|
Customs clearance services |
Star Joint Customs Brokers |
Until termination of the entrustment agreement |
Ready Korea; Login Networks |
Maintenance of import/export declaration program |
|
Cargo transportation services |
Wooil Joint Customs Brokers |
Until termination of the entrustment agreement |
Ready Korea; Login Networks |
Maintenance of import/export declaration program |
|
J&L Logistics |
Until termination of the entrustment agreement |
Not applicable |
Not applicable |
|
|
H Logistics |
Until termination of the entrustment agreement |
Move Logistics Co., Ltd. |
Import/export cargo transportation |
|
|
Transam |
Until termination of the entrustment agreement |
Gongdan Joint Freight; Yes Quick Service; Nationwide 24-Hour Call Freight |
Import/export cargo transportation |
|
|
Lotte Global Logistics |
Until termination of the entrustment agreement |
World Hub Logistics Co., Ltd. |
Import/export cargo transportation |
|
|
GoGoVan Korea |
Until termination of the entrustment agreement |
Not applicable |
Not applicable |
|
|
Deoksu Enterprise |
Until termination of the entrustment agreement |
Not applicable |
Not applicable |
|
|
Shina Air |
Until termination of the entrustment agreement |
Not applicable |
Not applicable |
|
|
Wooden packaging |
Hyundai Export Packaging |
Until termination of the entrustment agreement |
Not applicable |
Not applicable |
|
Century Export Packaging |
Until termination of the entrustment agreement |
Not applicable |
Not applicable |
|
| Dangerous goods packaging | DGR Service Co., Ltd. | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Quick delivery services | BC Top Co., Ltd. | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Myungsung Quick Nationwide Freight | Until termination of the entrustment agreement | Not applicable | Not applicable | |
| Daemyung Quick Service | Until termination of the entrustment agreement |
Not applicable |
Not applicable Not applicable | |
| System development and maintenance | Yuhan Technos | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Ready Korea | Until termination of the entrustment agreement | Not applicable | Not applicable | |
| Printing and dispatch of customer invoices | Postopia | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Debt collection | NICE Credit Information Co., Ltd. | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Credit evaluation for maintaining and establishing commercial transactions (verification of default information) | NICE Information Service Co., Ltd. | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Provision of electronic financial transaction services (e.g., credit card payments) | Korea Payment Networks LLC | Until termination of the entrustment agreement | Not applicable | Not applicable |
| Credit card authentication during membership registration | NHN KCP Corp. | Until termination of the entrustment agreement | Not applicable | Not applicable |
(2) Delegation for marketing purposes
| Scope of Entrusted Processing | Entrusted Service Provider (Processor) | Entrustment Period | Sub-processor | Scope of Sub-processing |
| Direct mail (DM)/email DM management | Anyffice Ltd. | Until the end of the delegation contract | Not applicable | Not applicable |
| Marketing-related event management | Humming IMC Co., Ltd., KODMA Inc. | Until the end of the delegation contract | Not applicable | Not applicable |
| Mobile message delivery service | SureM, Happy Talk | Until the end of the delegation contract | Not applicable | Not applicable |
(3) Management and supervision of trustee
In accordance with Article 26 of the Personal Information Protection Act, when concluding a delegation contract, the Company specifies the prohibition of the processing of personal information for purposes other than for delegated services, technical and administrative protection measures, restrictions on re-delegation, management and supervision of the trustee, and matters related to liability such as compensation for damages, etc. in a document such as a contract, and supervises whether the trustee handles personal information safely. When concluding the delegation contract with the trustee, the Company will make reasonable efforts to ensure that the trustee complies with laws and regulations related to personal information protection in the contract.
The Company provides and entrusts the processing of personal information collected from customers to overseas recipients as set forth below, in accordance with Article 28-8(1)(i) (data subject’s consent) and (iii) (outsourcing for contract performance and storage) of the Personal Information Protection Act.
In addition, pursuant to Article 28-8(2) of the Personal Information Protection Act, the following information is provided regarding such overseas transfer.
The Company may provide personal information to overseas third parties as described in Paragraph (1) below only when necessary, such as overseas delivery and customer management.
In addition, the Company may delegate the processing of the Customer's personal information to an external professional company as described in Paragraph (2) below only when necessary, such as providing company services, and promotion and marketing. The trustee entrusted with the processing of personal information shall manage the information according to the purpose of delegation. If the contents of the delegated works or the trustee are changed, the change will be notified in a timely manner through this Privacy Policy or individually notified by email, written notice, telephone, SMS, etc.
(1) Provision of personal information to third parties (overseas)
Recipient (contact information): Federal Express Corporation headquarters and affiliates in each country (https://www.fedex.com/en-us/trust-center.html) (dataprivacy@fedex.com)
Country where the recipient is located: US ( 942 South Shady Grove Road, Memphis, Tennessee 38120,US) For affiliates in other countries and contact point, please check ((https://www.fedex.com/global/choose-location.html?location=home for a list of recipients, countries, and contact information)
Purpose of using the personal information of recipients: overseas delivery and customer management
Items of personal information to be transferred: name (Korean, English), company name, phone number (home/company, mobile phone), fax number, address, Customer account number, business registration number, invoice/Air Waybill number (including related information), email, credit card information (card company name, card type, card number, expiry date, installment information), bank account number, User ID, name of CEO, (Korean, English)
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of recipients: Up to 3 years from the last use of the service (when delivery is completed in the case of delivery information)
(2) Delegation of the processing of personal information (overseas)
The Company re-entrusts the following personal information processing tasks to external third-party companies through the Federal Express Corporation headquarters and affiliates in each country. If there are changes to the subcontracted trustee or the details of the re-entrusted work, we will notify you through this processing policy.
All or part of the personal information collected by the Company may be transferred to overseas affiliates or overseas trustee listed below for delegation management in order to provide services and enhance customer convenience. In accordance with Article 26 of the Personal Information Protection Act, when concluding the delegation contract, the Company specifies the prohibition of the processing of personal information for purposes other than for delegated works, technical and administrative protection measures, restrictions on re-delegation, management, and supervision of the trustees, and matters related to liability, such as compensation for damages, etc. in a document such as a contract, and supervises whether the trustee manages the personal information safely. When concluding the delegation contract with the trustees, the Company will make reasonable efforts to ensure that the trustees complies with laws and regulations related to personal information protection in the contract.
Trustee (contact information): Federal Express Corporation headquarters and affiliates in each country (https://www.fedex.com/en-us/trust-center.html) (dataprivacy@fedex.com)
Country where the trustee is located: US (942 South Shady Grove Road, Memphis, Tennessee 38120,US). For affiliates in other countries and contact point, please check ((https://www.fedex.com/global/choose-location.html?location=home for a list of recipients, countries, and contact information)
Purpose of using the personal information: Complaint handling, inquiry handling, fee payment (including invoices and bills), and processing of customer numbers (for accounting and billing purposes), management of marketing and related events, and market research
Items of personal information to be transferred: name (Korean, English), company name, phone number (home/company, mobile phone), fax number, address, Customer account number, business registration number, invoice/Air Waybill number (including related information), email, credit card information (card company name, card type, card number, expiry date, installment information), bank account number, User ID, name of CEO, (Korean, English)
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of recipients: until termination of delegation contract
Subcontracted trustee (Contact): CapGemini (dpocapgemini.global@capgemini.com)
Countries where the subcontracted trustee is located:
-
China (28F, SML Center, No. 610, Xujiahui Road, Shanghai 200025, China)
-
India (No. 14, Rajiv Gandhi Infotech Park, Hinjawadi Phase-III, MIDC-SEZ, Village Man, Taluka Mulshi, Pune-411 057, Maharashtra, India)
Delegated works: complaint handling, inquiry handling, fee payment (including invoices and bills)
Purpose of use by the person to whom personal information is transferred: performance of delegated works
Items of personal information to be transferred: name (Korean, English), company name, phone number (home/company, mobile phone), fax number, address, postal code, Customer account number, business registration number, invoice/Air Waybill number(including related information),, email address, card information (payment amount, credit card company, credit card type, credit card number, expiry date, installment information).
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of transferee: until termination of redelegation contract
Subcontracted trustee (contact): Accenture (dataprivacyofficer@accenture.com)
Countries where the subcontracted trustee is located:
-
China (21F West Tower, World Financial Center, No.1 East 3rd Ring Middle Road, Chaoyang District, Beijing, 100020, China)
-
India (Prestige Technopolis, 1/8, Dr.MH Maregowda Road, Audugodi, Bengaluru, Karnataka, 560029, India)
Delegated works: processing of Customer numbers (for accounting and billing purposes)
Purpose of use by the person to whom personal information is transferred: performance of delegated works
Items of personal information to be transferred: name (Korean, English), company name, phone number (home/company, mobile phone), fax number (company, home), address, bank account number, User ID, Customer account number, business registration number, name of CEO, name of a person in charge (Korean, English), fax number, email address
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of transferee: until termination of redelegation contract
Subcontracted trustee (contact): Epsilon Data Management, LLC (https://www.epsilon.com/us/consumer-information)
Countries where the subcontracted trustee is located: US (4401 Regent Boulevard, Irving, Texas 75063-2404, US)
Delegated work: management of marketing-related events
Purpose of use by the person to whom personal information is transferred: performance of delegated works
Items of personal information to be transferred: Name(Korean, English), company name, phone number(home/company, mobile phone), address, email address, Customer account number
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of transferee: until termination of redelegation contract
Subcontracted trustee (contact): Salesforce.com Inc. (dszola@salesforce.com)
Countries where the subcontracted trustee is located: US (Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, US)
Delegated work: management of marketing-related events and CE customer consultation management
Purpose of use by the person to whom personal information is transferred: performance of delegated works
Items of personal information to be transferred: Name(Korean, English), company name, phone number(home/company, mobile phone), address, email address, Customer account number
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of transferee: until termination of redelegation contract
Subcontracted trustee (contact): Carlton One Engagement Corporation (privacy@carltonone.com)
Countries where the subcontracted trustee is located: Canada (60 Columbia Way, 9th Floor, Markham, ON L3R 0C9, Canada))
Delegated work: management of marketing-related events
Purpose of use by the person to whom personal information is transferred: performance of delegated works
Items of personal information to be transferred: Name(Korean, English), company name, phone number(home/company, mobile phone), address, email address, Customer account number
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of transferee: until termination of redelegation contract
Subcontracted trustee (contact): Publicis Worldwide (Hong Kong) Limited trading as Epsilon Hong Kong (DPOfficer@epsilon.com)
Countries where the subcontracted trustee is located: Hong Kong (Suites 3301-4, 33rd Floor, AIA Kowloon Tower, 100 How Ming Street, Kwun Tong, Kowloon, Hong Kong SAR China)
Delegated work: management of marketing-related events
Purpose of use by the person to whom personal information is transferred: performance of delegated works
Items of personal information to be transferred: Name(Korean, English), company name, phone number(home/company, mobile phone), address, email address, Customer account number
Timing and method of transfer of personal information: if necessary, from time to time through an information and communication network
Retention and use period of personal information of transferee: until termination of redelegation contract
You may refuse the provision of general personal information as stated above to oversee third party. In case you refuse to agree, you may contact our customer service center (02-3496-7777). However, in case you refuge to agree, we may not be able to conclude or maintain a contract and receive the benefits provided by the Company.
(1) As a subject of information, a Customer may request (i) access to their personal information, (ii) correction or deletion of their personal information, and (iii) suspension of processing of their personal information. The legal representative of a child under the age of 14 may make the above request on behalf of the child.
(2) The exercise of rights can be done by a Customer in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, through written communication, email, facsimile (FAX), and the company will promptly take action on this.
(3) The exercise of rights can also be carried out through a legal representative of a Customer or a delegated person. In this case, you must submit a power of attorney in accordance with the format in Attachment 11 of the Enforcement Rule on the Methods of Personal Information Processing.
(4) Requests for viewing personal information and requesting a halt to processing may be limited in accordance with Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.
(5) Requests for correction and deletion of personal information may not be possible when such information is specified as subject to collection by other laws.
(6) When receiving the above requests, the Company verifies whether the request was made by the Customer themselves or their legitimate representative. The Company may reject the request if there is a reason prescribed by law or a legitimate reason equivalent thereto.
(1) Administrative measures to protect personal information
(a) The Company appoints a Chief Privacy Officer (CPO) for the lawful processing of personal information, and establishes and implements an internal management plan for this purpose.
(b) The Company establishes and implements a personal information protection training plan for its employees and trustees who directly process personal information.
(c) The Company conducts regular self-audits to check the protection of personal information according to the internal management plan.
(2) Technical measures to protect personal information
(a) The Company controls access to personal information, and restricts and manages access rights.
(b) The Company records the management of access rights to personal information and keeps the records for a certain period of time.
(c) The Company installs and operates an intrusion prevention system to block unauthorized access to personal information. In addition, it applies secure access methods such as virtual private networks (VPNs) to control external access.
(d) The Company establishes and applies password creation rules so that Customers can set and use safe passwords. If the Customer has set a password to access certain parts of the Company's website, the Customer is responsible for keeping the password confidential and not disclosing it to others.
(e) The Company takes encryption measures required by relevant laws and regulations when sending, receiving and storing personal information, including sensitive information and unique identification information.
(f) The Company installs programs for fixing security vulnerabilities of software, such as operating systems, and periodically updates them.
(g) The Company keeps the access records of the personal information processing system safe for a period of time.
(3) Physical measures to protect personal information
The Company implements measures to prevent physical access, such as access control and locking devices, for the safe storage of personal information in the form of documents.
The Company may provide links to other websites that are not controlled by the Company. The Company assumes no responsibility for such websites. If the Customer leaves the company website, the Company is not responsible for the protection and privacy of the information provided by the Customer. The Customer should carefully review the privacy regulations applicable to those websites. When a link is provided, we will make every reasonable effort to inform the Customer that they are going from our website to another site.
(1) The Company uses cookies for certain websites of the Company, including but not limited to session cookies, persistent cookies, and web beacons. Cookies are small pieces of information stored on the user's computer or mobile device that are used to provide a more convenient website environment and to analyze the usage status of the website. Cookies may be utilized to tailor the website to the user’s preferences and to measure website usage statistics.
(2) When a customer accesses the Company’s website, the Company uses cookies to analyze the frequency of access, visit time, the number of visits, and service usage patterns, as well as to track event participation information , in order to provide website functionalities, improve service quality, analyze usage statistics, and enhance user convenience.
(3) Customers have the option to allow cookies or not. Customers can adjust their browser settings to accept all cookies, receive notifications when cookies are downloaded, or refuse all cookies. However, if a Customer refuses to allow cookies, there may be difficulties in using services.
(4) Examples of allowing/rejecting cookies
1. Chrome
- How to Block Third-Party Cookies in Your Web Browser
✓ In Chrome, click the “⋮” icon in the upper-right corner and select “Settings.” On the left side of the Settings page, click “Privacy and Security,” then select “Third-Party Cookies” and choose whether to block third-party cookies.
- How to Block the Storage of All Cookies in Your Web Browser
✓ Alternatively, in Chrome, click the “⋮” icon in the upper-right corner and select “New Incognito Window.” In Incognito mode, browsing history, cookies and site data, and information entered into forms are not saved on your device.
2. Edge
- How to Block Third-Party Cookies in Your Web Browser
✓ In Edge, click the “⋯” icon in the upper-right corner and select “Settings.” On the left side of the Settings page, click “Privacy, Search, and Services,” then select whether to enable Tracking Prevention and choose a level (Balanced or Strict). Alternatively, click “Privacy, Search, and Services,” select “Cookies,” and choose “Block Third-Party Cookies.”
- How to Block the Storage of All Cookies in Your Web Browser
✓ In Edge, click the “⋯” icon in the upper-right corner and select “New InPrivate Window.” In InPrivate mode, browsing history, cookies and site data, and information entered into forms are not saved on your device.
(1) The Company collects and uses behavioral information to provide customers with enhanced services, optimized personalized content, and benefits during the service usage process.
(2) The Company collects behavioral information as follows:
|
Items of collected behavioral information |
Method of collecting behavioral information |
Purpose of collecting behavioral information |
Retention, use period, and subsequent information processing method |
|
Website browsing history, page view history, click history, service usage patterns, and online identifiers generated through cookies and similar technologies. |
Automatically collected when users visit/run the website and app. |
Settle and analyze service usage status, improve service quality, analyze website operations and usage statistics, and analyze marketing effectiveness. |
3 years from the date of collection or until the purpose of collection has been achieved. Destroyed without delay upon expiration of the retention period or achievement of the processing purpose. |
(1) In accordance with Article 15, Paragraph 3, and Article 17, Paragraph 4 of the Personal Information Protection Act, the Company may use and provide personal information without the Customer's consent, considering the matters specified in Article 14-2 of the Enforcement Decree of the Personal Information Protection Act.
(2) Accordingly, the Company has considered the following matters in order to use and provide personal information without the Customer's consent:
-
Whether the additional use or provision of personal information is relevant to the original collection purpose.
-
Whether there is predictability in the additional use or provision of personal information, based on the circumstances of collection or processing practices of personal information.
-
Whether the additional use or provision of personal information unduly infringes upon the customer's interests.
-
Whether measures necessary for ensuring security, such as pseudonymization or encryption, have been taken.
Data subjects may inquire with or apply to relevant authorities, such as the Personal Information Dispute Mediation Committee and the Personal Information Infringement Report Center of the Korea Internet & Security Agency, for dispute resolution, consultation, and relief from personal information infringement. If you require separate reporting or consultation regarding other personal information infringements, please contact the institutions listed below.
(1) Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
(2) Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
(3) Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr)
(4) National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)
The Company's customer service department listens to Customers' opinions on personal information protection and handles complaints related to personal information. The national manager of the customer service department is designated as the responsible person. Customers can report all complaints related to personal information protection that occur while using the Company's services to the person in charge of handling inquiries and complaints related to customer personal information below or to the customer service department.
Personal Information Protection Officer (Privacy Officer)
Name: Jee-Hwan Ko
Manager, APAC IT Tech Planning
Phone: 02-3496-7777
Email: krcsl@fedex.com
Personal Information Protection Manager (Privacy Manager)
Privacy Manager, Korea Customer Service Team
Phone: 02-3496-7777
Email: krcsl@fedex.com
Customers may contact the Company’s Personal Information Protection Officer and the relevant department for any inquiries, complaints, or requests for relief related to the protection of personal information arising from the use of the Company’s services (or business). The Company will respond to and handle such inquiries without delay.
Customers may also submit a request to access their personal information pursuant to Article 35 of the Personal Information Protection Act by contacting the department in charge of personal information protection as noted above. The Company will make every effort to ensure that such requests are processed promptly.
The Company hereby informs customers, through this Policy on the Operation and Management of Fixed Video Information Processing Devices, of the purposes and methods by which video information processed by the Company is used and managed.
(1) Legal Basis and Purpose of Installation of Fixed Video Information Processing Devices
The Company installs and operates fixed video information processing devices pursuant to Article 25(1) of the Personal Information Protection Act for the following purposes:
- Safety and management of facilities and fire prevention
- Crime prevention
- Prevention of safety accidents within business premises and verification of facts in the event of an accident
- Prevention of theft or loss of goods and protection of assets
(2) Number of Devices Installed, Installation Locations, and Recording Scope
| Number of Devices | Installation Locations and Recording Scope |
| 650 | Inside and outside major facilities operated and managed by the Company, including building lobbies, entrances, emergency exits, and similar areas |
(3) Responsible Manager and Authorized Personnel
In order to protect customers’ personal video information and to address complaints related to such information, the Company designates a Personal Video Information Manager and authorized personnel/handlers as set forth below.
Access to personal video information is limited to the minimum number of personnel necessary for the performance of their duties, including designated personnel from the Security Team and the facility operations manager of each business site.
The Company manages the granting, modification, and revocation of access rights and implements necessary measures for the secure management of personal video information, including maintaining relevant records.
|
Business Site |
Responsible Manager |
Department |
Contact |
Authorized Personnel / Handler |
Department |
Contact |
|
Hapjeong Headquarters |
Security Team Director |
Security |
010-3227-0113 |
Security Team Director |
Security |
010-3227-0113 |
|
Sangam Office |
Office Manager |
Ground Operations |
010-3224-4502 |
Office Manager |
Ground Operations |
010-3224-4502 |
|
Busan Office |
Office Team Leader |
Ground Operations |
010-9170-2533 |
Office Team Leader |
Ground Operations |
010-9170-2533 |
|
Gyeongin Office |
Office Manager |
Ground Operations |
010-4307-0426 |
Office Manager |
Ground Operations |
010-4307-0429 |
|
Suwon Office |
Office Manager |
Ground Operations |
010-9880-8378 |
Office Manager |
Ground Operations |
010-4307-8783 |
|
Gangnam Office |
Office Manager |
Ground Operations |
010-7302-4728 |
Office Manager |
Ground Operations |
010-7302-4728 |
|
Gwangju (Gyeonggi) Office |
Office Manager |
Ground Operations |
010-9938-4913 |
Office Manager |
Ground Operations |
010-9938-4913 |
|
Daegu Office |
Office Team Leader |
Ground Operations |
010-2565-6676 |
Office Team Leader |
Ground Operations |
010-2565-6676 |
|
Ilsan Office |
Office Manager |
Ground Operations |
010-2825-0376 |
Office Manager |
Ground Operations |
010-2825-0376 |
|
Ulsan Office |
Office Team Leader |
Ground Operations |
010-5489-4823 |
Office Team Leader |
Ground Operations |
010-5489-4823 |
|
Daejeon Office |
Office Team Leader |
Ground Operations |
010-5252-8368 |
Office Team Leader |
Ground Operations |
010-5252-8368 |
|
Cheonan Office |
Office Manager |
Ground Operations |
010-7724-6712 |
Office Manager |
Ground Operations |
010-7724-6712 |
|
Gunpo Office |
Office Team Leader |
Ground Operations |
010-4663-7727 |
Office Team Leader |
Ground Operations |
010-4663-7727 |
|
Yangjae Office |
Office Manager |
Ground Operations |
010-9569-4172 |
Office Manager |
Ground Operations |
010-9569-4172 |
|
Myeongdong Office |
Office Team Leader |
Ground Operations |
010-3512-7704 |
Office Team Leader |
Ground Operations |
010-3512-7704 |
|
Gyeongnam Office |
Office Team Leader |
Ground Operations |
010-4702-5709 |
Office Team Leader |
Ground Operations |
010-4702-5709 |
|
Gwangju (Jeolla) Office |
Office Manager |
Ground Operations |
010-2967-7492 |
Office Manager |
Ground Operations |
010-2967-7492 |
|
Incheon Airport Office |
Office Manager |
Security |
010-3227-0113 |
Assistant Manager |
Security |
010-3192-9800 |
|
Gimpo Office |
Office Manager |
Ground Operations |
010-2550-3026 |
Office Manager |
Ground Operations |
010-2550-3026 |
|
Namyangju Office |
Office Manager |
Ground Operations |
010-7282-1792 |
Office Manager |
Ground Operations |
010-2916-4670 |
|
Gimpo Healthcare |
Site Manager |
KR LSC |
010-2620-7210 |
Site Assistant Manager |
KR LSC |
010-9671-0588 |
|
Gimpo Cisco |
Site Team Leader |
Ground Operations |
010-5243-3047 |
Site Team Leader |
Ground Operations |
010-5243-3047 |
(4) Recording Time, Retention Period, Storage Location, and Processing Method of Video Information
- Recording Time: 24 hours
- Retention Period: Considering the nature of the Company's business, personal video information is retained for a period not exceeding 90 days from the date of recording, within the minimum scope necessary to achieve the purpose of retention. However, where applicable laws prescribe a different retention period, such laws shall prevail.
- Storage Location: Access-controlled areas designated at each business site
- Processing Method: Matters concerning use for purposes other than the intended purpose, provision to third parties, destruction, and requests for access are recorded and managed. Upon expiration of the retention period, the information is permanently deleted using methods that make recovery impossible (or shredded/incinerated in the case of printed materials).
(5) Method and Location for Accessing Personal Video Information
- Method: Request to the designated responsible manager at each business site
- Location: The relevant business site
(6) Requests by Data Subjects for Access to Personal Video Information
Customers may request access, confirmation of existence, or deletion of their personal video information from the operator of the fixed video information processing devices at any time. However, such requests are limited to personal video information in which the requesting individual appears.
Customers who wish to verify personal video information should contact the Customer Service Department below in advance and visit the relevant site after consultation with the responsible department.
Telephone: +82-2-3496-7777
Email: krcsl@fedex.com
Where a request for access, confirmation of existence, or deletion is made, the Company will take necessary measures without delay. In such cases, the Company will verify whether the requesting party is the individual concerned or a duly authorized representative.
Required documents are as follows:
- Individual request: Identification card and the Company’s request form for access to personal video information
- Request by representative: Identification cards of both the data subject and the representative, a power of attorney, and the Company’s request form
- Public authorities (e.g., prosecutors, police, customs, National Tax Service): Official request letter or warrant
- Courts: Court order for submission of documents
(7) Grounds for Restricting or Refusing Requests
The Company may restrict or refuse requests for access, confirmation of existence, or deletion of personal video information only in the following cases. In such cases, the Company will notify the customer within 10 days from the date of the request in writing (including electronic documents), clearly stating the reasons for such refusal or restriction.
- Where access is prohibited or restricted by laws or administrative guidelines issued pursuant to laws, or where access is restricted under the Company's security or operational policies established in accordance with such laws or guidelines
- Where disclosure is likely to harm the life or physical safety of another person or unjustly infringe upon another person's property or other rights and interests
- Where disclosure is likely to seriously interfere with criminal investigations, prosecution, court proceedings, or similar processes
- Where the relevant personal video information has already been destroyed due to expiration of the retention period
(8) Measures to Ensure the Security of Personal Video Information
Video information processed by the Company is securely managed through measures such as encryption.
In addition, the Company implements administrative safeguards, including differentiated access rights to personal video information. To prevent falsification or alteration of personal video information, the Company records and manages information such as the date and time of creation, the purpose of access, the identity of the person accessing the information, and the date and time of access.
Furthermore, physical safeguards such as locking devices are installed to ensure secure storage of personal video information.
(9) Changes to the Policy on the Operation and Management of Fixed Video Information Processing Devices
This Policy on the Operation and Management of Fixed Video Information Processing Devices became effective on the date specified below. If any additions, deletions, or modifications are made due to changes in relevant laws, policies, or security technologies, the Company will notify customers through its website at least seven (7) days prior to the implementation of such changes.
If the Company revises this Privacy Policy, it will notify the contents of the revision and the time of enforcement through this website in a timely manner.
Privacy Policy enforcement date: July 6, 2026
Privacy Policy change notice date: June 22, 2026
Privacy Policy enforcement date: June 15, 2026
Privacy Policy change notice date: May 28, 2026
Privacy Policy enforcement date: June 30, 2025
Privacy Policy change notice date: June 20, 2025
Privacy Policy enforcement date: March 15, 2024
Privacy Policy change notice date: March 13, 2024
Privacy Policy enforcement date: December 5, 2023
Privacy Policy change notice date: November 3, 2023
Privacy Policy enforcement date: May 11, 2023
Privacy Policy change notice date: May 4, 2023
Privacy Policy enforcement date: September 7, 2021
Privacy Policy change notice date: August 31, 2021
Privacy Policy enforcement date: May 18, 2018
Privacy Policy change notice date: May 11, 2018