Tupperware Brands Korea Privacy Policy (2024)
Tupperware Brands Korea Co., Ltd. ( hereinafter referred to as the “ Company ”) establishes and discloses the following personal information processing guidelines in order to protect the personal information of data subjects and to promptly and smoothly process complaints related thereto in accordance with the Personal Information Protection Act of the Republic of Korea .
Article 1 Purpose of processing personal information
The company processes personal information for the following purposes . Personal information being processed will not be used for purposes other than the following , and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act .
1. Membership registration and management
We process personal information for the purposes of confirming membership registration , self-identification and authentication , maintaining and managing membership qualifications , preventing unauthorized use of services , and various notifications and notices .
2. Service Provision
We process personal information for the purposes of providing services ( including monitoring members' use of services ), providing content , and providing customized services .
3. Contacting members
We process personal information for the purpose of contacting members using email , phone , text message or other forms of communication related to the supply of goods or services .
4. Complaint Handling
Personal information is processed for the purposes of verifying the identity of the complainant, confirming the complaint , contacting and notifying for fact-finding , and notifying the processing results .
5. In case a creditor-debtor relationship remains due to use of services and supply of goods, performance of creditor-debtor relationship
6. Re-registration verification and exclusion of fraudulent use
7. Restrictions on registration of fraudulent users
Article 2 Processing and retention period of personal information
① The company processes and retains personal information within the retention and use period of personal information stipulated by law or within the retention and use period of personal information agreed upon by the information subject at the time of collection of personal information .
②The processing and retention period for each personal information is as follows .
1. Membership registration and management , complaint handling : Until membership withdrawal
However , in the following cases, until the end of the relevant reason:
A. In the case where an investigation or inquiry is in progress due to a violation of relevant laws and regulations, until the end of the investigation or inquiry.
B. Until settlement of claims and debts arising from use of the service
2. Provision of service usage data , application usage mobile device type and unique device ID, device IP address , and other related records services : Deleted without delay after membership withdrawal
3. Performance and payment for provision of goods or services : Until the completion of the provision of goods and services and payment of fees and settlement.
However , in the following cases or in cases where there is a basis in relevant laws and regulations, until the end of the relevant period:
A. Records of transactions such as display/advertisement , contract contents and performance according to the Act on Consumer Protection in Electronic Commerce, etc.
- Records of display and advertising : 6 months
- Records of contract or subscription withdrawal , payment , supply of goods, etc .: 5 years
- Records of consumer complaints or dispute resolution : 3 years
B. Storage of communication fact confirmation data pursuant to Article 41 of the Enforcement Decree of the Communication Secrets Protection Act
- Subscriber telecommunication date and time , start and end time , other party subscriber number , number of uses , transmitter base station location tracking data : 1 year
- Computer communication , Internet log records , access location tracking data : 3 months
4. Re-registration verification and exclusion of fraudulent use : Up to 90 days from the date of membership withdrawal or loss of qualification
5. Restriction on registration of fraudulent users : 1 year from the date of termination of fraudulent activity
Article 3 Provision of personal information to third parties
The company processes users' personal information within the scope notified in ' Article 1 Purpose of processing personal information ' and does not use it beyond the scope of consent or provide it to third parties in principle .
However , personal information may be provided to third parties in the following cases :
1. When providing information in a form that does not allow the identification of specific individuals for the purpose of compiling statistics , academic research, or market research.
2. If users have agreed in advance
3. In cases where there is a request from an investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods stipulated by law for investigative purposes.
② When concluding a consignment contract, the company states in a contract or other document matters related to prohibition of processing personal information for purposes other than the performance of the consigned work , technical and administrative protection measures , restrictions on re-consignment , management and supervision of the consignee , and liability for damages, etc., in accordance with Article 26 of the Personal Information Protection Act , and supervises whether the consignee safely processes personal information .
Article 5 International transfer of personal information
In order to provide users with stable service provision and the latest technology, the company transfers personal information overseas as follows .
Article 6 User’s rights , obligations and exercise methods
①Users may exercise their rights to view, correct, delete, or request suspension of processing of their personal information at any time .
② The rights under Article 1 may be exercised against the Company in writing , by e-mail, etc. in accordance with relevant laws and regulations , and the Company will take action on this without delay .
③The exercise of rights under Paragraph 1 may be done through a proxy, such as the data subject's legal representative or an authorized person . In this case, a power of attorney in the format of Appendix 11 of the Enforcement Regulations of the Personal Information Protection Act must be submitted .
④Requests to view or suspend processing of personal information may restrict the rights of the data subject according to relevant laws ( Article 35 , Paragraph 4 , Article 37 , Paragraph 2 of the Personal Information Protection Act, etc. ) .
⑤ Requests for correction or deletion of personal information cannot be made if the personal information is specified as a collection target in other laws .
⑥When requesting access , correction / deletion , or suspension of processing in accordance with the information subject's rights, the company verifies whether the person making the request is the information subject or a legitimate agent .
Article 7 Items of personal information processed
The company processes the following personal information items :
1. When signing up for membership
A. Common : Name , mobile phone number , email address , address , date of birth , CI
B. When signing up as an online seller : Bank account information
2. When using the service
Service usage history
3. Information automatically generated when using the service
Service usage history , OS information , hardware information , IP address , browser type and version , time and date of service page visit , time spent on that page , device unique identifier and other diagnostic information , and other information transmitted by the browser
4. Payment and debt collection
Name , date of birth , mobile phone number , account information
5. Re-registration verification and exclusion of fraudulent use , restriction of registration of fraudulent users
CI
Article 8 ( Separate storage policy for personal information of long-term non-members )
The company does not separately store personal information of members who have not used the service for more than one year .
Article 9 Destruction of personal information
① When personal information becomes unnecessary, such as when the retention period for personal information expires or the purpose of processing is achieved, the company destroys personal information without delay .
② In cases where the retention period for personal information agreed upon by the user has expired or the purpose of processing has been achieved, but personal information must be retained in accordance with other laws and regulations, the personal information will be transferred to a separate database (DB) or stored in a different location .
③ The procedures and methods for destroying personal information are as follows .
1. Destruction Procedure
The company selects personal information for which a reason for destruction has arisen and destroys the personal information after receiving approval from the company's personal information protection officer .
2. Destruction method
The Company records and stores personal information in electronic file formats using technical methods that render the records unrecoverable . Personal information recorded and stored in paper documents is destroyed by shredding .
Article 10 Measures to ensure the safety of personal information
① When processing users’ personal information, the company takes the following technical, managerial, and physical measures to ensure the safety of personal information and prevent it from being lost, stolen, leaked, altered, or damaged.
|
division |
Action details |
|
Administrative Action |
- Establishment and implementation of personal information internal management plan - Minimize and educate the designation of personal information handlers - Management of new and returning employees |
|
Technical measures |
- Restrict access to personal information - Password encryption - Access log storage and prevention of forgery / alteration - Measures against hacking, etc. |
② The company is not responsible for any incidents that occur due to the user's own mistakes or basic internet risks . Each member must properly manage his or her ID and password to protect his or her personal information and take responsibility for this .
Article 11 Matters concerning the installation and operation of automatic personal information collection devices and their refusal
① The company uses cookies and similar tracking technologies to identify users, maintain member login status , and store and periodically retrieve user information in order to provide personalized services to each user . The tracking technologies used by the company are signals , tags, and scripts that collect and track information and improve and analyze services, and are also stored in the storage device of the user's computer .
② Users have the option to install cookies . Users can allow / reject all cookies or request confirmation each time a cookie is saved through the settings of their web browser . However , if they reject the storage of cookies, they may have difficulty using some of the services provided by the company, such as personalized services .
③ How to reject cookie settings :
1. Internet Explorer: Select [ Internet Options ] from the web browser [ Tools ] menu > Select the [ Privacy ] tab > Select the desired option in [ Advanced ]
2. Chrome: [ Settings ] menu on the right side of the web browser > [ Privacy and Security ] menu > [ Cookies and other site data ] > Select desired option
Article 12 Personal Information Protection Officer
① The company is responsible for overall management of personal information processing , and has designated a personal information protection manager and practitioner as follows to handle user complaints and provide remedies for damages related to personal information processing .
Personal Information Manager
Name : Yang Seong-gyu
Position : Director
Phone : 02-3270-1700
Email : CustomerCareKor@tupperware.com
Personal Information Practitioner
Name : Park Chang-ho
Affiliation : IDT
Position : Manager
Phone : 02-3270-1700
Email : CustomerCareKor@tupperware.com
② Users may inquire about all personal information protection-related matters , including complaints , damage relief, etc. that arise while using the company's services to the personal information protection officer and the department in charge . The company will respond to and process user inquiries without delay .
Article 13 Processing of pseudonymized information
The Company does not process pseudonymized information for the following purposes :
Article 14 Request for access to personal information
The company protects and values the personal information of users , and users have the right to receive honest answers to their questions at all times . The company operates a customer center to ensure smooth communication with users, and the contact information is as follows .
- Department name : Customer Service Center
- Phone : 1588-6866
- Email : CustomerCareKor@tupperware.com
Article 15. Remedies for infringement of rights
If your rights to personal information have been violated , you may contact the Personal Information Infringement Report Center , the Supreme Prosecutors' Office Cyber Investigation Department , or the National Police Agency Cyber Safety Bureau .
- Personal Information Infringement Report Center / privacy.kisa.or.kr / 118 without area code
- Supreme Prosecutors' Office Cyber Investigation Department / www.spo.go.kr / 1301 without area code
- National Police Agency Cyber Security Bureau / police.go.kr / 182 without area code
Compliance with Article 16 GDPR
① The company complies with the General Data Protection Regulation of the European Union and the laws of each member state . When providing services to users within the European Union , the following may apply .
1. The company uses the collected personal information only for the purposes stated in Article 1 , and informs the user of this fact in advance and obtains consent . In addition, in accordance with applicable laws such as GDPR , the company may process the user's personal information in one of the following cases .
A. Consent of the data subject
B. In case of concluding and executing a contract with the information subject
D. In case of compliance with legal obligations
A. If processing is necessary for the significant interests of the data subject.
B. In cases where it is necessary to pursue the company's legitimate interests ( except in cases where the interests, rights, or freedoms of the information subject outweigh such interests )
② The company carefully protects the personal information of users . In accordance with applicable laws such as GDPR , users may request that their personal information be transferred to another manager and may request that their information be refused to be processed . Users also have the right to file a complaint with the personal information protection authority .
③The company may use personal information to provide marketing such as events and advertisements , and obtains the user's consent in advance . Users may withdraw consent at any time if they do not wish to do so .
④For requests related to this article, please contact the customer center in writing , by phone, or by email, and we will respond without delay .
⑤If you request correction of errors in personal information, the personal information will not be used or provided until the correction is complete .
Article 17 Matters concerning changes to personal information processing policy
① This personal information processing policy is effective from December 31, 2023. Members classified as dormant members under Article 8 prior to the effective date above will remain classified as dormant members , and if a member classified as dormant does not change to general status until one year has passed from the date of classification as a dormant member , personal information that has been stored separately will be destroyed to the extent that it does not violate relevant laws regarding the personal information retention period , etc.
② You can check the previous personal information processing policy below .