IKEA Korea Privacy Policy

IKEA Korea Ltd. (“IKEA”) establishes and discloses this Privacy Policy as follows to protect personal information in accordance with Article 27-2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., Article 30 of the Personal Information Protection Act and other relevant laws and to promptly and smoothly deal with any issues therefrom.

This Privacy Policy applies to the use of the IKEA internet homepage (http://www.ikea.kr, hereinafter “Web Homepage”), the IKEA mobile application provided via smart phone and other information and communications devices (hereinafter, “Application”) and the IKEA mobile internet homepage (http://m.ikea.kr, hereinafter “Mobile Homepage”) provided by IKEA.

Article 1 (Purpose of Processing Personal Information)

IKEA processes personal information for the following purposes. Personal information processed will not be used for any purpose other than the following purposes, and in the event the purpose of use is changed, IKEA intends to perform all necessary measures such as obtaining separate consent in accordance with the relevant laws.

1. Subscription and Management of Homepage Members
Confirm intent to subscribe as member; identify and certify identity; maintain and manage membership qualifications; prevent unauthorized use of service; restrict subscription by children under 14 years; various notifications; measures to restrict use by members who breached terms of use; sanction acts that may interrupt the smooth operation of services and acts of unauthorized use of services; restrict subscription and number of subscription attempts; confirm intent to withdraw as member
2. Provide Goods or Services
Provide services, etc. (e.g., home furnishing, separate kitchen planning service) through internet homepage, mobile homepage or application; provide troubleshooting relating to the user of services such as delivery and assembly such as customer confirmation
3. Improve Services
Improve to make services through internet homepage, mobile homepage or application (as defined under terms of use) to be provided using the method that is optimized for the user’s computer or other information and communications device; prepare statistics data relating to IKEA’s works such as service development and improvement
4. Customer Services
Confirm identity of complainant; confirm complaints; communicate and notify to confirm facts; notify results of customer services
5. Marketing Purpose
Only for those separately consented to the marketing purpose, (i) information related to services and other benefits provided by IKEA, (ii) newsletter provided by IKEA, (iii) notification of various events held by IKEA, (iv) various marketing held by IKEA to its customers

Article 2 (Categories of Personal Information Processed)

IKEA collects and processes the following personal information:

1. Member Subscription Information: name (first name, surname), mobile phone number, e-mail address
2. Automatically Generated Information: Cookie information
3. Service Use Information: information necessary for the provision of separate service or events participation

Article 3 (Period of Retention and Use of Personal Information)

1. IKEA processes and retains personal information in accordance with the laws or within the period consented by the subject of personal information at the time of collection of such personal information.
2. The period of retention and use of personal information is as follows.

(i) Principle: IKEA in principle discards personal information of a member immediately at the time of his/her withdrawal as member or upon achievement of the purpose of collection and use of such personal information.
(ii) Long-term inactive member: If a member that subscribed as member via the Web Homepage, Mobile Homepage or Application does not log-in for one (1) year or longer, IKEA stores and manages such member’s personal information separately from personal information of other members, and except in case there is a special provision under the relevant laws, IKEA does not use such personal information.
(iii) If provided by laws: Notwithstanding the provisions under Paragraphs (i) and (ii) above, IKEA retains and uses personal information of members as provided by laws, as follows (even if not specified below, if the period of retention and use is stipulated in other laws, then IKEA complies with such laws)

Categories of Personal Information
Laws Categories of Personal Information Retention Period
Commercial Code Expiration date of commercial credit 5 years
Protection of Communications Secrets Act Log record data, communications confirmation data such as trace record of access location, etc. 3 months
Telecommunications confirmation data such as telecommunications date and time, commencement and end time of telecommunications, number of uses, etc. 12 months
Product Liability Act Expiration date of damages claim 10 years

Article 4 (Consignment of Processing of Personal Information)

1. IKEA consigns the processing of personal information as follows for smooth processing of personal information.

Details of Consigned Work
Consignee Details of Consigned Work
Fourstic Inc. Management and maintenance of server that stores personal information related to the events held by IKEA
Confirmation of winner of events held by IKEA and delivery of prize


2. At the time of entering into the consignment agreement, IKEA manages, supervises and educates to comply with the relevant laws; specifies matters related to the prohibition of processing personal information other than for the purpose of consigned work, technical and managerial protective measures, restriction of re-consignment, damages, etc. in the agreement or other written documents; and supervises on whether the consignee safely processes personal information, in accordance with the Act on Promotion of Information and Communications Network Utilization Act and the Personal Information Protection Act.
3. If any detail of the consigned work or the consignee is changed, IKEA will disclose such change without delay in this Privacy Policy.

Article 5 (Rights and Obligations of the Subject of Personal Information and Method of Exercise)

1. A subject of personal information may exercise the following rights related to the protection of personal information at any time against IKEA and may exercise his or her rights as member by accessing member information change menu or member withdrawal procedure.

(i) Request to inspect personal information;
(ii) Request to change, in case of error, etc.;
(iii) Request to delete;
(iv) Request to suspend processing.

2. The rights under Paragraph 1 may be exercised by writing, telephone, e-mail or fax, and IKEA will take necessary measures thereof without delay.
3. In case a subject of personal information requests to change or delete any error, etc. in personal information, IKEA will not process the relevant personal information until the completion of the requested change or deletion.
4. A subject of personal information must not infringe upon personal information or privacy of himself/herself or any third party in violation of the relevant laws.

Article 6 (Discard of Personal Information)

1. IKEA will destroy personal information without delay at the expiration of the retention period, the achievement of the purpose or other reasons for which such personal information is no longer necessary.
2. Notwithstanding the expiration of the retention period consented by the subject of personal information or the achievement of the purpose, in case where such personal information must continued to be retained or used in accordance with other laws, such personal information must be transferred to a separate database or retained at a different place.
3. IKEA’s procedure and method of discarding personal information is as follows.

a. Discarding Procedure
IKEA will select personal information which has a cause for discard and discard such personal information upon approval of its personal information protection manager.
b. Discarding Method
IKEA will discard personal information printed on paper by shredding or incineration.

For any personal information stored in electronic file format, IKEA will delete by using technical method that cannot restore records.

Article 7 (Matters on Installation, Operation and Rejection of Tool for Automatic Collection of Personal Information)

1. IKEA uses cookies on homepages, which includes, but not limited to, session/permanent cookies and web becons.
2. Cookies are files that store the details of member’s usage at the time of access to homepages on computer and inform such details to IKEA. IKEA uses cookies to identify members’ preferred contents on homepages, change its homepages based on members preferences and measure the level of use of homepages.
3. Once a member accesses the homepages, IKEA uses cookies to analyze the frequency of access, time of visit, etc., understand the member’s visits and collects information related to the events participation, frequency of access, etc. and then provides optional marketing services or customized services that each member may be interested in.
4. A member has the right to choose whether to install cookies. The member may allow all cookies, configure to receive notification from web browsers at the time of the installation of cookies or refuse all cookies by setting web browser options. However, if the member refuses to install cookies, there may be difficulty in providing services. The member may refuse the installation or operation of the cookies as follows.
5. The method to designate whether to allow installation of cookies is as follows (in case of Internet Explorer).

(i) Click [Internet Option] in [Tools] menu;
(ii) Click [Personal Information Tab]; and
(iii) Set [Level of Privacy].

Article 8 (Measures to Secure Stability of Personal Information)

IKEA seeks to take following technical and managerial measures to secure stability to prevent loss, theft, exposure, falsification or damage of the personal information in its processing of the members’ personal information.

1. Encryption of Password: Members’ passwords are being stored and managed in an encrypted form, so only the member himself/herself knows the password, and only the member himself/herself who knows the password is allowed to confirm and change the personal information.
2. Countermeasures against hacking, etc.: IKEA makes best efforts to prevent leakage or damage of the members’ personal information due to hacking or computer virus, etc. IKEA backs up data from time to time in preparation for any damage of the personal information and prevents leakage or damage of the members’ personal information and documents by using up-to-date vaccine program. IKEA also ensures safe transmission of the personal information through network encryption communications, etc.
3. Minimizing Number of Employees Authorized to Handle Personal Information and Education: IKEA restricts the employees that may handle personal information to the person in charge, and assigns separate passwords therefor and renews such passwords regularly. IKEA makes best efforts to comply with IKEA’s Privacy Policy by providing education from time to time to the persons in charge.
4. Operation of Exclusive Organization for the Protection of Personal Information: IKEA operates an in-house exclusive organization for the protection of personal information to make best efforts to confirm the performance of IKEA’s Privacy Policy and compliance of the person in charge and to immediately change or respond in case of any problem thereof; provided that, to the extent IKEA performs obligations to protect personal information, IKEA will not be responsible for any damages that are not attributable to KIEA, such as negligence of any member or accidents outside the scope management by IKEA.

Article 9 (Personal Information Protection Manager)

1. IKEA is responsible for all works in relation to the processing of personal information and has designated the following personal information protection manager for the handling of complaints or providing relief for damages in relation to the processing of personal information.

· Name or department: Jongkyu Shin
· Telephone number: 02-310-8700
· E-mail: privacy.policy.korea@ikea.com

2. A member may inspect, confirm or report all complaints related to the protection of personal information that arise during the use of IKEA’s services.

Article 10 (Method of Relief against Infringement of Rights)

In case where a member needs to report or consult in relation to other infringement of personal information, the member may inquire into the following institutions and seek method of relief.

· Personal Information Protection Center (privacy.kisa.or.kr / 118 without area code)
· Cyber Division, the Ministry of Scientific Investigation at the Supreme Prosecutors’ Office (www.spo.go.kr / 02-3480-3571)
· Cyber Bureau at the National Policy Agency (www.ctrc.go.kr / 182 without area code)

Article 11 (Change to Privacy Policy)

In case of any addition, deletion or revision of this Privacy Policy, IKEA will notify thereof on the Web Homepage, Mobile Homepage or Application or by e-mail, etc. registered with IKEA by members.

Supplementary Provisions

Article 1 This Privacy Policy shall be effective from 06. 03. 2016.
Article 2 The prior version of the Privacy Policy of IKEA may be confirmed below.
- Privacy Policy applicable between 12. 14. 2015 and 06. 02. 2016 (Click)