Samsung SDS Privacy Policy

[V 7.2] Oct 24, 2024

Select

[V 7.2] Oct 24, 2024 [V 7.1] Jun 5, 2024 [V 7.0] February 7, 2024 [V 6.2]December 22, 2023 [V 6.1] April. 26. 2023 [V 6.0] March 7, 2023 [V 5.1] October 14, 2022 [V 5.0] April 8, 2022 [V 4.1] August 30, 2021 [V 4.0] April 30, 2021 [V 3.7] May 19, 2020 [V 3.6] January 16, 2020 [V 3.5] January 14, 2020 [V 3.4] August 1, 2018 [V 3.3] July 15, 2018 [V 3.2] April 5, 2018 [V 3.1] JUL 12, 2017 [V 3.0] DEC 31, 2016 [V 2.1] MAR 18. 2016 [V 2.0] JAN 14. 2016 [V 1.9] NOV 16. 2015 [V 1.8] JUL 2. 2015 [V 1.7] NOV 27. 2014 [V 1.6] OCT 15. 2014 [V 1.5] SEP 4. 2014

Samsung SDS Co., Ltd. (including its subsidiaries, hereinafter referred to as "Samsung SDS", or “we”) lawfully processes and securely manages personal data to protect the freedom and rights of data subjects in compliance with applicable laws and regulations of personal data, such as the 「Personal Information Protection Act」 of Korea. We hereby inform of the procedures and standards for handling personal data related to https://www.samsungsds.com and relevant websites (hereinafter collectively referred to as the “Services”), which is also in accordance with Article 30 of the 「Personal Information Protection Act」 of Korea. And, in order to handle the grievances related to this quickly and smoothly, we establish and disclose the following Samsung SDS Privacy Policy (hereinafter referred to as “Privacy Policy”)

  1. Samsung SDS’s Privacy Policy specifies the following:
  2. 1. PURPOSE OF PROCESSING YOUR PERSONAL INFORMATION
  3. 2. TYPES OF YOUR PERSONAL INFORMATION TO BE PROCESSED
  4. 3. PROCESSING OF YOUR PERSONAL INFORMATION AND RETENTION PERIOD
  5. 4. PROCESSING OF PERSONAL INFORMATION OF CHILDREN UNDER THE AGE OF 14
  6. 5. PROCEDURE AND METHOD OF DESTROYING YOUR PERSONAL INFORMATION
  7. 6. PROVIDING YOUR PERSONAL INFORMATION TO THIRD PARTIES
  8. 7. ENTRUSTMENT OF PERSONAL INFORMATION PROCESSING
  9. 8. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
  10. 9. MEASURES TO ENSURE THE SAFETY OF YOUR PERSONAL INFORMATION
  11. 10. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices
  12. 11. YOUR PRIVACY RIGHTS AND EXERCISE METHOD
  13. 12. HOW TO CONTACT US
  14. 13. REMEDIES FOR INFRINGEMENT OF YOUR PRIVACY RIGHTS
  15. 14. UPDATES

This Policy takes effect on Oct 31, 2024.

1. PURPOSE OF PROCESSING YOUR PERSONAL INFORMATION

We process your personal information for the following purposes. Your personal information will not be used for any purpose other than the following purposes, and if the purpose of processing is changed, necessary measures will be taken, such as obtaining separate consent, which is also in accordance with Article 18 of the 「Personal Information Protection Act」 of Korea.

  • 1) Providing responses to customer inquiries and manage inquiry status
  • 2) Providing resource materials
  • 3) Providing feedback and managing inquiries on event attendance and meeting requests
  • 4) Processing and responding to reports of fraud, scams, and bad business practices
  • 5) Processing and responding to security reports, and privacy breach reports
  • 6) Providing feedback and managing newsletter subscription inquiries
  • 7) Providing feedback and managing inquiries on EBC visits
  • 8) Sending marketing materials such as news on latest releases of Samsung SDS solutions, events, and newsletters via email, and gifts

※ We will not collect, use, or share behavioral information for online customized advertisements.
※ We will not use profiling or automated decision-making processes. A human decision maker will always be involved when a decision is made regarding you.
※ We will not sell any personal information of users.

2. TYPES OF YOUR PERSONAL INFORMATION TO BE PROCESSED

We collect and use your personal information within the minimum necessary scope to provide the Services.

1) Your personal information processed without consent
There are no personal information processed without consent.

2) Types of your personal information processed with your consent
We are processing the following your personal information with the consent, which is also in accordance with Article 15, Paragraph 1, Subparagraph 1 and Article 22 Paragraph 1, Subparagraph 7 of the 「Personal Information Protection Act」 of Korea

  • (1) Providing responses to customer inquiries and manage inquiry status
    - Required information: Name, Email, Contact Number, Job Title, Company, Industry, Company Size
  • (2) Providing resource materials
    - Required information: Name, Email, Contact Number, Job Title, Company, Industry, Company Size
  • (3) Providing feedback and manage inquiries on event attendance and meeting requests
    - Required information: Name, Email, Contact Number, Job Title, Company, Industry, Company Size
  • (4) Processing and responding to reports of fraud, scams, and bad business practices
    - Required Information: Name
    - Optional Information: Email, Contact Number
  • (5) Processing and responding to security reports, and privacy breach reports
    - Optional Information: Name, Contact Number, Email
  • (6) Providing feedback and manage newsletter subscription inquiries
    - Required Information: Name, Email, Contact Number, Job Title, Company, Industry, Company Size
  • (7) Providing feedback and manage inquiries on EBC visits
    - Required Information: Name, Email, Contact Number, Company, Job Title
  • (8) Sending marketing materials such as news on latest releases of Samsung SDS solutions, events, and newsletters via email, and gifts
    - Required Information: Name, Email, Contact Number, Job Title, Company, Industry, Company Size

3) In addition, the following information may be automatically generated and collected during your use of the Services.

  • (1) Service Usage Records: Access Logs, IP Address Information, Service Usage History
  • (2) PC Environment Information: OS Version, Browser Version
  • (3) For Mobile Device Usage: Device Identification Number, Device OS Information

4) Your options
You have the right to refuse to provide us with certain types of information. In particular cases, this may limit your access to and use of certain functions/parts of the Services. We will explain these limitations so that you can make an informed decision.

Notwithstanding the foregoing, your use of the Services will not be limited even if you do not provide Optional information.

※ We will not collect “sensitive information”, such as racial or ethnic origin opinions, political opinions, religious or philosophical beliefs, trade-union membership, genetic and biometric data processed solely to identify a human being, a person’s sex life or sexual orientation.

3. PROCESSING OF YOUR PERSONAL INFORMATION AND RETENTION PERIOD

We will retain your personal information for the period which you have consented at the time of collection or as otherwise required by applicable laws and regulations.

The processing and retention periods for each category of personal information is as follows:

  • (a) Providing responses to customer inquiries and manage inquiry status: Until withdrawal of consent
  • (b) Providing resource materials: Until the withdrawal of consent
  • (c) Providing feedback and manage inquiries on event attendance and meeting requests: Until the withdrawal of consent
  • (d) Processing and responding to reports of fraud, scams, and bad business practices: 2years
  • (e) Processing and responding to security reports, and privacy breach reports: 2years
  • (f) Providing feedback and manage newsletter subscription inquiries: Until the withdrawal of consent
  • (g) Providing feedback and manage inquiries on EBC visits: Until the withdrawal of consent
  • (h) Sending marketing materials such as news on latest releases of Samsung SDS solutions, events, and newsletters via email, and gifts: Until the withdrawal of consent

However, in the case of the following reasons, until the end of the relevant period.

  • If an investigation is in progress due to a violation of the law: Until the end of the investigation

4. PROCESSING OF PERSONAL INFORMATION OF CHILDREN UNDER THE AGE OF 14

We recognize the particular importance of protecting privacy where children are involved. We do not knowingly collect personal information online from children under the age of 14.

5. PROCEDURE AND METHOD OF DESTROYING YOUR PERSONAL INFORMATION

We destroy your personal information without delay when it is no longer needed, such as when the retention period for your personal information has expired or the purpose for which it was collected has been achieved.

The procedures and methods of destroying your personal information are as follows:

  • 1) Destruction Procedure
    We select the personal information of users whose personal information is subject to destruction and destroy the personal information according to the internal destruction policy.
  • 2) Destruction Methods
    We destroy user’s personal information recorded and stored in electronic file format in such a way that the record cannot be reproduced, and user’s personal information recorded and stored in paper documents is shredded with a shredder or destroyed by incineration.

6. PROVIDING YOUR PERSONAL INFORMATION TO THIRD PARTIES

1) We process your personal information only to the extent specified for the purposes for which the personal information is processed, and we do not provide your personal information to third parties except with your consent and in accordance with the laws and regulations, which is also in accordance with Articles 17 and Articles 18 of the 「Personal Information Protection Act」 of Korea.

2) In order to effectively provide Services, we obtain the consent of the data subject in the following cases and only provides them to the minimum extent necessary, obtain the consent of the data subject in the following cases and only provides them to the minimum extent necessary, which is also in accordance with Article, Paragraph 1, Subparagraph 1 of the 「Personal Information Protection Act」 of Korea.

  • Recipient: Samsung SDS overseas branches (SDSA, SDSC, SDSE, SDSLA, SDSI, SDSVN, SDSAP)
  • Purpose of providing: Smooth business operations and communication among executives and employees of Samsung SDS domestic/overseas offices who use Internet-related services provided on the Samsung SDS official website (www.samsungsds.com)
  • Types of personal information provided: Name, Email, Contact Number, Job Title, Company, Industry Sector, Company Size
  • Retention period: Until withdrawal of consent

3) We may provide your personal information to the government without your consent in the event of an emergency, such as a disaster, infectious disease, an incident or accident that poses an imminent risk to life or body, or an imminent loss of property.

4) Overseas processing of your personal information is described in “8. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION”

7. ENTRUSTMENT OF PERSONAL INFORMATION PROCESSING

In order to effectively process your personal information, we are outsourcing personal information processing work as follows:

  • 1) Oracle Corporation
  • Recipient: Oracle Corporation
  • Purpose of outsourcing: Processing personal information for the purposes of providing resource materials downloading and viewing services, responding to general inquiries on Samsung SDS, preparing, hosting, reviewing, and managing events matching customers’ needs and to check identification for event participation
  • 2) Diamond Ogilvy Group
  • Recipient: Diamond Ogilvy Group
  • Purpose of outsourcing: Refining Eloqua marketing solution DB and sending out eDM

However, we do not outsource "Processing and responding to reports of fraud, scams, and bad business practices”, and “Processing and responding to security reports, and privacy breach reports" to third parties.

When we enter into an outsourcing contract, we specify in the contract the responsibilities such as prohibition of processing personal information for purposes other than the performance of the entrusted work, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and compensation for damages, and supervise whether the outsourcing company safely processes personal information, which is also in accordance with Article 26, Paragraph 6 of the 「Personal Information Protection Act」 of Korea.

If the outsourcing company re-entrusts the personal information processing work, the outsourcing company must obtain our consent, which is also in accordance with Article 26, Paragraph 6 of the 「Personal Information Protection Act」 of Korea.

If the content of outsourced work or the outsourcing company changes, we will disclose it through this Privacy Policy without delay.

Overseas processing of your personal information is described in “8. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION”.

8. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

We will transfer your personal information to third party entities outside Republic of Korea as follows:

  • 1) Outsourcing (international transfer)
  • Legal basis: Article 28-8, Paragraph 1, Subparagraph 3, Item (a) of the 「Personal Information Protection Act」 of Korea
  • Country: Australia
  • Recipient: Oracle Corporation Data Center (Australia)
  • Contact information: Oracle Corporation Global Data Protection Officer (Willis Tower, 233 South Wacker Drive, 45th Floor Chicago, IL 60606, U.S.A.)
    https://www.oracle.com/legal/privacy/services-privacy-policy.html
  • Transfer date and transfer method: Transfer through network at the time of using internet related service provided via Samsung SDS website
  • Purpose of transfer:
    • Providing and managing feedback on customer inquiries such as company, services/products, investments, recruitment, and website
    • Providing and managing feedback on event attendance and meeting inquiries, email marketing activities
  • Types of personal information transferred: Same as “TYPES OF YOUR PERSONAL INFORMATION TO BE PROCESSED”
    ※ However, we do not outsource "Processing and responding to reports of fraud, scams, and bad business practices”, and “Processing and responding to security reports, and privacy breach reports" to Oracle Corporation.
  • Retention period: Until withdrawal of consent
  • How to refuse the transfer of your personal information, procedures and effects of refusal: You have the option to refuse the transfer of your personal information to these outsourcing companies by withdrawing the consent, please contact us at (contact.sds@samsung.com). However, please note that this will prevent you from using the Services, as the systems related to the Services are operated and maintained by the outsourcing company.
  • 2) Provision of personal information to third parties (international transfer)
  • Legal basis: Article 17, Paragraph 1, Subparagraph 2 and Article 28-8, Paragraph 1, Subparagraph 1 of the 「Personal Information Protection Act」 of Korea
  • Country: United States, China, UK, Brazil, India, Vietnam, Singapore
  • Recipient: Samsung SDS overseas subsidiaries (SDSA, SDSC, SDSE, SDSLA, SDSI, SDSVN, SDSAP)
  • Contact information:
    https://www.samsungsds.com/en/company/global_offices/about_global_offices.html
  • Transfer date and transfer method: Transfer through network at the time of using inquiry service related to Samsung SDS’s overseas corporations.
  • Purpose of transfer: For seamless business operation and close communication between employees of Samsung SDS overseas subsidiaries who use internet-based services provided on the Samsung SDS official website (www.samsungsds.com)
  • Types of personal information transferred: Name, Email, Contact Information, Job Title, Company Name, Industry Sector, Company Size
  • Retention period: Until withdrawal of consent
  • How to refuse the transfer of your personal information, procedures and effects of refusal: You have the option to refuse the transfer of your personal information to these outsourcing companies by withdrawing the consent, please contact us at (contact.sds@samsung.com). However, please note that this will prevent you from using the Services, as international transfer of personal information is required for communication and response to inquiries related to the overseas branch business.

9. MEASURES TO ENSURE THE SAFETY OF YOUR PERSONAL INFORMATION

We are taking the following measures to ensure the security of your personal information.

  • 1) Administrative Measures: Establishment and implementation of internal management plans, operation of a dedicated organization, and regular employee training.
  • 2) Technical Measures: Management of access rights to personal data systems, installation of access control systems, encryption of your personal information, installation and update of security programs
  • 3) Physical Measures: Access control to computer rooms, data storage rooms, etc.

10. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices

We use 'cookies' to store and frequently retrieve usage information in order to provide personalized Services and convenience to users.

A cookie is a small piece of information that a server (http) operating a website sends to the data subject's browser and is stored on the data subject's PC or mobile device.

There are a number of different types of cookies, however, we collect and use cookies as follows:

Installation, Operation, and Rejection of Automatic Personal Information Collection Devices (table)
Classification Name Purpose
Auto ID save upon visit Customer Guid Identify the visitor without log-in
Activity response Total conversation To serve better interactions, these cookies track web behaviors of email subscribers and web for submitters.
Total pages
Total time
Total visits
Most recent search query
Most recent search engine
Most recent referrer
Most recent marketing campaign
Most recent form submitted
Last visit date and time
Last page in visit
First visit date and time
First page in visit
IP address based information City To serve better interactions, this cookie assumes regions and companies of email subscribers and web for submitters.
Company
Country DNS name
Country (from DNS)
Country (from IP)
Latitude
Longitude
State/Province
Time zone
Time zone offset from GMT
Zip code

You can set the options to allow or block cookies through your web browser settings. However, if you choose not to allow cookies, you may not be able to use certain personalized Services.

  • < How to allow / block cookies >
  • ▶ Allow/block cookies in your web browser
  • Chrome: Go to Settings > Privacy and security > Delete browsing data
  • Edge: Go to Settings > Cookies and site permissions > Manage and delete cookies and site data
  • ▶ Allow/block cookies in your mobile browsers
  • Chrome: Go to Settings > Privacy and security > Clear browsing data on mobile browser
  • Safari: Go to Settings > Safari > Advanced > Block all cookies on a mobile device
  • Samsung Internet: Go to Settings > Delete browsing data > Clear all browsing data
  • Menu and method may be slightly different depending on OS version.

11. YOUR PRIVACY RIGHTS AND EXERCISE METHOD

You have the right to access, correct, delete, transfer and restrict the processing of your personal information at any time (hereinafter referred to as “Privacy Rights”).
※ Requests to exercise Privacy Rights of children under the age of 14 must be made by parent or legal guardian, and data subjects who are minors over the age of 14 may exercise their Privacy Rights by themselves or through their parent or legal guardian.

The exercise of Privacy Rights can also be done through an agent, such as a legal guardian or authorized person. In this case, a power of attorney must be submitted.

The right to access and the right to restrict the processing of your personal information may be limited in accordance with applicable laws and regulation, including Article 35, Paragraph 4 and Article 37, Paragraph 2 of the 「Personal Information Protection Act」 of Korea

If other laws and regulation require the collection of your personal information, you may not exercise the right to delete your personal information.

When you or your agent exercise Privacy Rights or submit a request to us, we will verify your identity via our internal authentication procedures.

You can exercise Privacy Rights or submit a request to us, and we will respond and handle your inquiries without delay. Please contact us at the following contact details:

  • ▶ Service Department
  • Department: Digital Marketing Group
  • Address: 125, Olympic-ro 35-gil, Songpa-gu, Seoul, Republic of Korea
  • Contact: +82-2-6155-8640, contact.sds@samsung.com

12. HOW TO CONTACT US

  • 1) Chief Privacy Officer
  • Chief Privacy Officer: Legal service team leader
  • Tel: +82-2-6155-1118
  • 2) Service Department
  • Department: Digital Marketing Group
  • Contact: +82-2-6155-8640, contact.sds@samsung.com

You can contact Chief Privacy Officer and Service Department for any inquiries related to your personal information protection, complaints, and damage relief that occurred while using the Services, and we will respond without delay.

13. REMEDIES FOR INFRINGEMENT OF YOUR PRIVACY RIGHTS

If you are not satisfied with the results of complaint handling or damage relief by us or if you need to report or consult on additional your personal information infringement, please contact the following government

  • Personal Information Dispute Mediation Committee: 1833-6972 (without area code) (www.kopico.go.kr)
  • Personal Information Infringement Report Center: 118 (without area code)(privacy.kisa.or.kr)
  • Supreme Prosecutors' Office: 1301 (without area code) (www.spo.go.kr)
  • National Police Agency: 182 (without area code) (ecrm.cyber.go.kr)

We guarantee Privacy Rights and strives to provide advice and remedy for damages that occurred while using the Services. If you need to report or consult, please contact us at:

14. UPDATES

Samsung SDS shall notify users at least 7 days prior to any additions, deletions or changes are made to this Privacy Policy via notice board. In the event of a security breach caused by hacking or computer virus, Samsung SDS shall immediately notify all users affected.

Privacy Policy Version: V.7.2
Privacy Policy Effective Date: Oct 31, 2024
Latest Update to Privacy Policy: Oct 24, 2024