Coupang logo

Privacy Notice for Global Marketplace Community Members and Sellers

This Notice describes how Coupang Corp. (“Coupang”, “Us”, “We” or “Our”) collects, processes and transfers Personal Information collected from Marketplace Community Members and Sellers (“You”, “Your”) and includes the following sections:

1. Collection, Processing and Retention:

Our collection, processing and retention of Personal Information is as follows:
• If you choose to become a Marketplace Community Member (“Member”), We will collect, process and retain additional Personal Information as follows:
Personal Information collected Purpose of collection and use Retention period
Name, phone number (land line and mobile), and e-mail address of primary contact person of the Member. To provide the Member with information on new products and services and to support the Member with Seller registration (if applicable). Until the termination of membership or such longer period as required to fulfill Our legal obligations and/or internal policy requirements.
• If you choose to become a Seller, We will collect, process and retain additional Personal Information as follows:
Personal Information collected Purpose of collection and use Retention period
Copies of passports of owner(s) and legal representatives of Sellers. To perform due diligence on Seller. Until the termination of Seller status or such longer period as required to fulfill Our legal obligations and/or internal policy requirements
  • Seller business registration number, industry sector, category group, fax number and address.
  • Seller CEO name, phone number (landline and mobile), and e-mail address.
  • Coupang issued Seller ID and password.
  • To provider Services to the Seller including providing up-to-date information on new services and prommotions.
  • To manage the Seller relationship including by establishing communication channels for partnerships, sending notifications, issuing open API keys, processing service complaints, and detecting and preventing fraud and account abuse.
  • To perform demographic analysis.
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
To perform credibility assessment including fraud and policy non-compliance detection.
Settlement information (name of bank account holder, account number, copy of account passbook.) To provide settlement services and issue tax invoices.

2. Disclosure to Third Parties:

We may disclose your Personal Information to the following third parties.
a) Provision of Personal Information outside of South Korea:

Recipient/country Time and method of provision Purpose of provision Information provided Period of use and retention
Forter Pte Ltd. * Singapore Tranferred over the network from time to time. Create and improve databases to provide fraud and policy non-compliance detection services. *
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
Duration of service delivery
*For more information, refer to: https://www.forter.com/service-privacy-policy/ or contact privacy@forter.com

3. Consignment:

We may consign the processing of your Personal Information to third party service providers to improve Our services.
a) Consignment of Personal Information within South Korea:
Consignee Consigned functions
Hyosung ITX Provide assistance and consulting on seller registration, manage sellers.
Carriers Manage delivery for Milkrun pickup services.
Amazon Web Services Inc. Data storage services.
Microsoft E-mail, document/file storage and internal communication and collaboration tools.


b) Consignment of Personal Information outside of South Korea:
Consignee Country Time and method of transfer Type of information transferred Purpose and processing period
Coupang Global, LLC US Transferred over the network when necessary to perform a business purposes. Information collected and used while performing a business purpose For research and development purposes until the retention period expires.
Coupang (Shanghai) Co., Ltd.
韩领网络科技(上海)有限公司
(한림네트워크(상해)유한공사)
China
Coupang (Beijing) Co., Ltd.
韩领网络科技(北京)有限公司
(한림네트워크(북경)유한공사)
China
CPLB (Shenzhen) Co., Ltd.
韩领商贸(深圳)有限公司
China
IBM Security US, India Transferred over the network when necessary to perform a business purpose. Information collected and used while performing a business purpose To operate the Security Operation Center and perform related analysis until the retention period expires.
Salesforce Transferred over the network when service is used. Information collected and used while performing a business purpose. To operate and maintain overseas data center where Personal Information is stored until the retention period expires.
Forter Pte Ltd. Singapore Transferred over the network, frequently.
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
Duration of service delivery.

4. Disclosure to Government Authorities:

We use the Personal Information we collect solely for the purposes for which you have given your consent and do not disclose or provide such information to any third party beyond the extent to which you have given your consent, except as required by applicable law or in response to a request from government authorities or law enforcement made through a legitimate procedure in accordance with applicable law.

5. Retention and Deletion:

a) Any Personal Information retained beyond the termination of membership or Seller status (as applicable) will be kept safely in accordance with applicable laws and Coupang policies and will be deleted promptly once the applicable retention period expires. In such case, such Personal Information will only be used for the specific purpose for which it was retained and/or as otherwise required by applicable law.
b) Electronic files containing Personal Information will be deleted using technical methods that makes such information irrecoverable. Paper records containing Personal Information will be destroyed using methods such as incineration or shredding.
c) Retention periods required by applicable law are as follows:
Information retained Retention Legal basis
Records on contracts, settlements, and transactons. 5 years Commercial Act
Website access log. 3 months Electronic Communications Privacy Act
d) Retention periods required by Our policies are as follows:
Information retained Retention Legal basis
Seller ID, Seller name, Seller CEO name, and contact details. 1 years Fraud detection and prevention.

6. Data Subject Rights:

a) You can, at any time, access, update/correct, or request the deletion or suspension of processing your Personal Information that we hold. If you exercise any of these rights, please email or call the points of contact listed below, and we will promptly process your request.
b) You may only exercise the above rights with respect to Personal Information relates to you. Any attempt to obtain Personal Information by deception or invade the privacy of others may lead to civil and criminal penalties.

7. Automatic Collection of Personal Information:

a) Cookies are small text files placed on Your computer hard drive by the server servicing our website. At the time a cookie is loaded, You have the choice of accepting or rejecting the collection of your Personal Information by cookies. However, please be aware that rejecting cookies may limit certain functions on our website (such as services requiring a sign-in) from operating correctly.
b) How You manage cookies depends on the Internet browser You are using:
  • If you are using Internet Explorer, go to ‘Tools’ in the menu bar > click on ‘Internet Options’ > click on ‘Privacy’ tab > select an option.
  • If you are using Chrome, at the top right click ‘’ > click ‘Settings’ > select ‘Show advanced settings’ at the bottom > in the ‘Privacy’ section, click ‘Content settings’ button > in the ‘Cookies’ section, select an option.

8. Personal Information Safeguards

a) We maintain the following technical, managerial and physical safeguards necessary to ensure the security of Your Personal Information so that Personal Information may not be lost, stolen, leaked, altered or damaged:
  • an internal privacy management plan to ensure the security of Our Personal Information processing activities and performs information security audits to ensure that Personal Information safeguards are in place and any weaknesses identified are remediated immediately;
  • security solutions such as intrusion prevention system to protect against unauthorized access from the external network and works to protect the security of all other systems by adopting all possible technical measures;
  • access logs for Personal Information processing systems and employ measures to prevent tampering or alterations of the logs;
  • encryption of Personal Information during transmission using encrypted network protocols as well as any critical data that we store such as passwords;
  • 24-hour security monitoring using systems that can detect and stop intrusion attempts from hackers or other malicious actors and use anti-virus software to prevent damages from computer virus infections;
  • access restrictions to Personal Information to the necessary staff who need to handle Personal Information for performing specific job functions; and
  • regular training on privacy obligations and security and run campaign programs for all staff who process Personal Information.

9. Chief Privacy Officer and Staff Responsible for Privacy Inquiries

The Chief Privacy Officer (CPO) and the department responsible for handling privacy inquiries are designated as below to oversee all matters related to customer privacy and handle complaints and address damage from privacy-related issues. Customers may make inquiries, raise complaints or ask for damage relief regarding privacy issues through the contact points below. Coupang will promptly respond to and handle inquiries.
Chief Privacy Officer Department Handling Privacy Complaints
Name: Max Leveson
Email address: privacy@coupang.com
Department: Privacy and Data Governance
Email address: privacy@coupang.com
Customers who need to receive consultation on privacy matters or report a personal data breach may also contact the following authorities:

10. Notification Obligation

This Privacy Notice takes effect from its effective date. Should there be grounds for a material change to customer's right to data privacy, customers will be notified by Coupang at least 14 days before the change. Other changes will be notified to customers at least 7 days prior to their implementation.