Skip to main content

IKEA Korea Privacy Policy

IKEA Korea Ltd. (“IKEA”) establishes and discloses this Privacy Policy as follows to protect personal information in accordance with Article 27-2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Article 30 of the Personal Information Protection Act and other relevant laws and to promptly and smoothly deal with any issues relating therefrom.

Article 1 (Purpose of Processing Personal Information)

IKEA processes personal information for the following purposes. Personal information processed will not be used for any purpose other than the following purposes, and in the event the purpose of use is changed, IKEA intends to perform all necessary measures such as obtaining separate consent in accordance with the relevant laws.

1. Subscription and Management of Members
Confirm intent to subscribe as member; identify and certify identity; maintain and manage membership qualifications; prevent unauthorized use of service; restrict subscription by children under 14 years; various notices and notifications; measures to restrict use by members who breached terms of use; sanction acts that may interrupt the smooth operation of services and acts of unauthorized use of services; restrict subscription and number of subscriptions; confirm intent to withdraw as member

2. Provide Goods or Services
Provide services, etc. (e.g., home furnishing service, separate kitchen planning service) through web homepage, mobile homepage or application; provide troubleshooting relating to the user of services such as delivery and assembly such as customer confirmation

3. Improve Services
Improve to make services through web homepage, mobile homepage or application (as defined under the terms and conditions of use) be provided in a method that is optimized for the user’s computer or other information and communications device; prepare statistics data relating to IKEA’s works such as service development and improvement

4. Customer Services
Confirm identity of complainant; confirm complaints; communicate and notify to confirm facts; notify results of customer services

5. Marketing Purpose
Only for those separately consented to the marketing purpose, (i) information related to services and other benefits provided by IKEA, (ii) newsletter provided by IKEA, (iii) notification of various events held by IKEA, (iv) various marketing held by IKEA to its customers

Article 2 (Categories of Personal Information Processed and Method of Collection)

(1) IKEA collects and processes the following personal information.
1. Member Subscription Information
1) Home page member subscription: (Required) name (first name, surname), mobile phone number, e-mail address
2) IKEA Family membership subscription: (Required) name, gender, date of birth, e-mail address, password, mobile phone number, address, purchase information, membership number
(Optional) marital status, existence of children living together, number of children living together, age group of children living together
2. Provide Goods or Services
(Required)
- Relating to receiving, handling, responding to, resolving customer complaints or grievances: name, address, telephone number, e-mail address, membership number, details of complaints or grievances, records and details of purchase and use, information concerning payment and delivery
- Information Generated During Subscription and Visit: IP address, MAC address, duplicate identification information (DI), connecting information (CI) (Optional)
Address, e-mail address, mobile phone number for newsletter, events, marketing information, etc.

(2) IKEA collects personal information in the following method.
- Collection through homepage member subscription, use of service, events participation, tools collecting generated information; change of member information; facsimile; telephone; inquiries at the customer center; application for membership subscription

Article 3 (Period of Retention and Use of Personal Information)

(1) IKEA processes and retains personal information in accordance with the laws or within the period consented by the subject of personal information at the time of collection of such personal information.

(2) The period of retention and use of personal information is as follows.
1. Principle: IKEA in principle discards personal information of a member without delay upon his/her withdrawal as member or upon achievement of the purpose of collection and use of such personal information.
2. Long-term inactive member: If a member that subscribed as member via the web homepage, mobile homepage or application does not log-in for one (1) year or longer, IKEA stores and manages such member’s personal information separately from personal information of other members, and IKEA does not use such personal information except in case there is a special provision under the relevant laws.
3. If provided by laws: Notwithstanding the provisions of Paragraphs (i) and (ii), IKEA retains and uses personal information of members as provided by laws, as follows (even if not specified below, if the period of retention and use is stipulated in other laws, then IKEA complies with such laws)

Categories of Personal Information
Laws Categories of Personal Information Retention Period
Commercial Code Expiration of the statute of limitation on commercial claims 5 years
Protection of Communications Secrets Act Log record data, communications confirmation data such as trace record of access location, etc. 3 months
Telecommunications confirmation data such as telecommunications date and time, commencement and end time of telecommunications, number of uses, etc. 12 months
Product Liability Act Expiration of the statute of limitations on claims for damages 10 years
4. If consented by customers: Until the end of the period consented by the customer

Article 4 (Consignment of Processing of Personal Information)

(1) IKEA consigns the processing of personal information as follows for smooth processing of personal information.

Details of Consigned Work
Consignee Details of Consigned Work
Fourstic Inc. Management and maintenance of server that stores personal information related to the events held by IKEA
Confirmation of winner of events held by IKEA and delivery of prize
Pulip Communications Delivery of e-mails including IKEA FAMILY newsletter for IKEA
Inogis Delivery of mails including IKEA catalogues for IKEA
I4way Management and maintenance of call center system
CI Logistics Corporation, Gwangmyeong Logistics Product delivery and assembly
NTEC Kitchen and bathroom installation
Hanwha L&C Production and installation of kitchen upper board
Cafe 24 Hosting, management and maintenance of system for customer survey


(2) When entering into a consignment agreement, IKEA manages, supervises and educates the consignee to comply with the relevant laws, specifies matters related to the prohibition of processing personal information other than for the purpose of consigned work, technical and managerial protective measures, restriction of re-consignment, liability such as damages, etc. in the agreement or other written documents, and supervises whether the consignee safely processes personal information, in accordance with the Act on Promotion of Information and Communications Network Utilization Act and the Personal Information Protection Act.

(3) If any detail of the consigned work or the consignee is changed, IKEA will disclose such change without delay in this Privacy Policy.

Article 5 (Rights and Obligations of the Subject of Personal Information and Method to Exercise Such Rights)

(1) A subject of personal information may exercise the following rights related to the protection of personal information at any time against IKEA, and may exercise his/her rights as member through the member information change menu or member withdrawal procedure.
1. Right to request access to personal information;
2. Right to request correction of any error;
3. Right to request deletion of information;
4. Right to request discontinuance of personal information processing.

(2) The rights under Paragraph 1 may be exercised by writing, telephone, e-mail or fax to IKEA, and IKEA will take necessary measures therefor without delay.

(3) In case a subject of personal information requests to correct or delete any error, etc. in personal information, IKEA will not process the relevant personal information until the completion of the requested correction or deletion.

(4) A subject of personal information must not infringe upon personal information or privacy of himself/herself or any third party in violation of the relevant laws.

(5) IKEA does not collect any personal information of children under the age of 14 years. However, if it is necessary to collect personal information of children under the age of 14 years in special circumstance or for particular events, IKEA complies with the laws concerning the rights and obligations of legal representatives.

Article 6 (Overseas Transfer of Personal Information)

(1) Your personal information is transferred overseas as follows.
(2) IKEA Korea Ltd. takes necessary measures for your information transferred overseas to be safely protected in accordance with the laws of the Republic of Korea and internal policies of IKEA Korea Ltd. and IKEA Group.

Country to which personal information is transferred; time and method of transfer of personal information
Name of person receiving personal information and contact information of person in charge of information management Country to which personal information is transferred; time and method of transfer of personal information Categories of personal information transferred Purpose of use of personal information by the person receiving personal information Period of retention and use of personal information by the person receiving personal information
Capgemini Sverige AB, (Sweden)
Ronnowsgatan 8
252 25 Helsingborg
Sweden

raghunath.ganesan@capgemini.com
Sweden; Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network right away E-mail address, password, name, date of birth, mobile phone number, address Storage and management of collected personal information of members Retain until withdrawal as member (except where it is necessary to retain personal information under the relevant laws and regulations), but if it is necessary to use personal information after member withdrawal within the scope of the above purpose of collection and use such as handling occurred customer complaints, destroy without delay upon achievement of the relevant purpose
Capgemini India Private Limited
(India)
CAMPUS 6 B, RMZ
ECOSPACE(OUTER RING RD)
Bangalore 560 037
Karnataka
India

lvishnub@capgemini.com
India; Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network right away
Same as above
Same as above
Same as above
Capgemini Inc (USA)
620 West Germantown Pike, Suite 300
Plymouth Meeting
USA

raghunath.ganesan@capgemini.com
USA; Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network right away
Same as above
Same as above
Same as above
QUANT Marketing
Golden Cross House
8 Duncannon Street
London
020 7836 5656


Personal information is encrypted using a safe security server after collection and transferred to UK’s data server (ODB/DWH) through information and communications network right away
Name, gender, marital status, e-mail address, password, mobile phone number, address, existence of children living together, number of children living together, age group of children living together
1. Storage of personal information in ODB/DWH
2. Hosting and IT support
Retain until withdrawal as IKEA Family member (except where it is necessary to retain personal information under the relevant laws and regulations), but if it is necessary to use personal information after member withdrawal within the scope of the above purpose of collection and use such as handling occurred customer complaints, destroy without delay upon achievement of the relevant purpose
INGKA HOLDING B.V.

Personal information is encrypted using a safe security server after collection and transferred to
Name, e-mail address, gender
1. Storage in MDB and management of personal information
2. Hosting and IT support
3. Business support – central support function for the relevant market
4. Global business analysis - analysis of central support function at IKEA Group level (MDB data is analyzed on total sum basis)
Same as above
IBM Korea
10, Gukjegeumyung-ro, Yeongdeungpo-gu, Seoul, Republic of Korea
mktg@kr.ibm.com

When carrying out consigned work of email delivery service, personal information is encrypted using a safe security server and transferred to Singapore through information and communications network
Name, gender, marital status, date of birth, e-mail address, password, mobile phone number, address, existence of children living together, number of children living together, age group of children living together
Delivery of e-mails based on personal information stored in ODB/DWH
Same as above

Article 7 (Destruction of Personal Information)

(1) IKEA will destroy personal information without delay at the expiration of the retention period, the achievement of the purpose or other reasons for which such personal information is no longer necessary.
(2) Notwithstanding the expiration of the retention period consented by the subject of personal information or the achievement of the purpose, in case where such personal information must continued to be retained or used in accordance with other laws, such personal information will be transferred to a separate database or retained at a different place.
(3) IKEA’s procedure and method of destroying personal information is as follows.
1. Destruction Procedure
IKEA will select personal information which has a cause for discard and discard such personal information with approval of its personal information protection manager.
2. Destruction Method
IKEA will destroy personal information printed on paper by shredding or incineration.For any personal information stored in electronic file format, IKEA will delete such personal information by using technical method that will not allow data recovery.

Article 8 (Matters on Installation, Operation and Rejection of Tool for Automatic Collection of Personal Information)

(1) IKEA uses cookies on homepages, which includes, but not limited to, session/permanent cookies and web beacons.
(2) Cookies are files that store the details of member’s usage at the time of access to homepages on computer and inform such details to IKEA. IKEA may through cookies identify members’ preferred contents on homepages, change its homepages based on members preferences and measure the level of use of homepages.
(3) Once a member accesses the homepages, IKEA uses cookies to analyze the frequency of access, time of visit, etc., understand the member’s traffic flow and collects information related to the events participation, frequency of access, etc. and then provides selective marketing services or customized services that each member may be interested in.
(4) A member has the right to choose whether to install cookies. The member may allow all cookies, configure to receive notification from web browsers at the time of the installation of cookies or refuse all cookies by setting web browser options. However, if the member refuses to install cookies, there may be difficulty in providing services. The member may refuse the installation or operation of the cookies as follows.
(5) The method to designate whether to allow the installation of cookies is as follows (for Internet Explorer).
1. Click [Internet Option] in [Tools] menu;
2. Click [Personal Information Tab]; and
3. Set [Level of Privacy].

Article 9 (Measures to Secure Stability of Personal Information)

IKEA takes the following technical, managerial and physical measures to secure stability to prevent loss, theft, exposure, falsification or damage of the personal information in its processing of the members’ personal information.

1. Encryption of Password: Members’ passwords are being stored and managed in an encrypted form, so only the member himself/herself knows the password, and only the member himself/herself who knows the password is allowed to confirm and change the personal information.
2. Countermeasures against hacking, etc.: IKEA makes best efforts to prevent leakage or damage of the members’ personal information due to hacking or computer virus, etc. IKEA backs up data from time to time in preparation for any damage of the personal information and prevents leakage or damage of the members’ personal information and materials by using up-to-date vaccine program, and ensures safe transmission of the personal information through network encryption communications, etc.
3. Minimizing Number of Employees Authorized to Handle Personal Information and Education: IKEA restricts the employees that may handle personal information to the person in charge, and assigns separate passwords therefor and renews such passwords regularly, and IKEA makes best efforts to comply with IKEA’s Privacy Policy by providing education from time to time to the persons in charge.
4. Operation of Exclusive Organization for the Protection of Personal Information: IKEA operates an in-house exclusive organization for the protection of personal information to make best efforts to confirm the performance of IKEA’s Privacy Policy and compliance of the person in charge and to immediately change or respond to any problem that is detected; provided that to the extent IKEA performs the obligations to protect personal information, IKEA will not be responsible for any damages that are not attributable to IKEA, such as negligence of any member or of himself/herself or accidents outside the scope of management by IKEA.

Article 10 (Personal Information Protection Manager)

(1) IKEA is responsible for all works in relation to the processing of personal information and has designated the following personal information protection manager for the handling of request for inspection of personal information of the subject of such personal information, complaints or providing relief for damages in relation to the processing of personal information.

Personal Information Protection Manager
· Name: [Jonggyu Shin]
· Telephone number: 1670-4532
· E-mail: privacy.policy.korea@ikea.com
· Fax: 02-310-8799

Personal Information Protection Department
· Name: [Mingi Park]
· Telephone number: 1670-4532
· E-mail: privacy.policy.korea@ikea.com
· Fax: 02-310-8799

Article 11 (Remedy for Infringement on Rights and Interests)

If a member otherwise needs to report or consult in relation to infringement of personal information, the member may inquire at the following institutions and seek remedy.
· Personal Information Dispute Mediation Committee ( www.kopico.go.kr / 1833-6972 without area code)
· Personal Information Protection Center (privacy.kisa.or.kr / 118 without area code)
· Cyber Division, the Ministry of Scientific Investigation at the Supreme Prosecutors’ Office (www.spo.go.kr / 1301 without area code)
· Cyber Bureau at the National Policy Agency (www.ctrc.go.kr / 182 without area code)

Article 12 (Installation and Operation of Image Date Processing Equipment)

IKEA installs and operates image data processing equipment as follows.
1. Grounds and purpose of installation of image data processing equipment: Provide security for IKEA’s facilities and fire prevention
2. Number and location of equipment installed; scope of recording: installation of equipment in principal facilities including the inside and outside of the stores, all floors of the parking lots; the entire space of the principal facilities
- Gwangmyeong Store: 461 CCTV cameras
- Goyang Store: 494 CCTV cameras
3. Manager, department and person authorized to have access to image data: Each store’s safety and security manager
4. Recording hours, retention period, storage place and management
- Recording hours: 24 hours
- Storage period: 30 days from the recording time
- Storage place and management: Recording information is stored in and managed by the image data processing equipment control room of the safety and security team
5. Method and location for access to image data: Make a request to the manager (safety and security team)
6. Measures to deal with the request of the subject of information for inspection of image data: A form of request for inspecting or confirming the existence of image data must be submitted, in which case an inspection of image data may be allowed only if the person requesting it has been recorded as the subject of such recording or it is deemed obviously necessary for his/her physical safety or property interests.
7. Technical, managerial and physical measures to protect image data: Establish an internal management plan, restrict the access authority, keep image data safely, apply transmission technology, retain processing records and take measures to prevent falsification and forgery, get storage facilities and install locks, etc.

Article 13 (Change in the Privacy Policy)

In case of any addition, deletion or revision of this Privacy Policy, IKEA will notify thereof on the web homepage, mobile homepage or application, or by e-mail, etc. registered with IKEA by members.

Supplementary Provisions

Article 1 This Privacy Policy shall be effective from January 24, 2018.
Article 2 The prior versions of the Privacy Policy of IKEA may be confirmed below.

- Privacy Policy applicable between 12. 14. 2015 and 06. 02. 2016 (Click)
- Privacy Policy applicable between 06. 03. 2016 and 11. 30. 2017 (Click)
- Privacy Policy applicable between 11. 30. 2017 and 02. 23. 2017 (Click)