Privacy Notice for Sellers (Ver. 1.2)

Coupang Corp. (hereinafter “Coupang”) collects only the minimum necessary amount of information only when necessary. We use the information we collect only to the extent that it was notified and do not use the information beyond such extent or disclose the information without your prior consent.

You are entitled to exercise all your rights related to the information we hold about you. We will notify you of any changes we make on our Privacy Notice and post the updated Notice so that you can see the changes anytime. This Notice describes our policies regarding how we process the personal information of our sellers (including those who consult their potential businesses with us, hereinafter “User”) which are consistent with applicable laws, specifically including the following privacy practices:

1. Coupang collects and uses the following types of Personal Information in relation to the services you use and retains and uses the information for the specified period:

Category Purpose of collection and use Type of Personal Information collected and used Retention period
Mandatory Sign-up, user identification, To provide services to sellers (e.g. sending service notifications, handling inquiries and requests,
sharing settlement details, delivering marketing messages, etc.),
To issue open API keys, Detecting and preventing fraud and account abuse.
User ID, password, email, name, mobile phone number Until the termination of the Agreement
(Global Seller only) To perform due diligence on Seller. Copies of passports of owner(s) and legal representatives of Sellers
Two-factor authentication Mobile phone number, email
To create child accounts for Sellers Pont of contact (person in charge, mobile phone number, email, user ID)
To issue tax invoices
To provide settlement services
Settlement information (Account information, account holder’s name, a copy of bankbook)
<if you use our Milkrun service>
To use our services and provide settlement services
ID, password
<Coupang Seller Academy>
To identify and communicate with participants
To host the seminar
Email Destroyed without delay upon the completion of the seminar
<Consultation about onboarding to Coupang Travel>
To identify and seamlessly communicate with clients
Name, mobile phone number, email Retained for 1 month since the end of consultation and destroyed without delay
<Signing up for Coupang Travel Wow Membership Promotion>
To confirm and communicate with sellers who have signed up for the seasonal promotion
Name, mobile phone number, email Destroyed without delay when contract extension is denied
<Application for live streaming on Live Vendor>
To receive applications for live streaming and notify application results
Email Destroyed without delay upon notification of application result
<Application for Coupang Live interview>
To recruit and register participants,
To provide guidelines for and conduct interviews about seller experience
To provide rewards
Name of the primary contact person, mobile phone number, email, Coupang ID Destroyed without delay when the seller withdraws consent to be registered as interview participant
<Registration to training for newly-onboarded Coupang Live sellers> Name, email Destroyed without delay upon the completion of the training
<Coupang Live Studio rental>
To make reservations for Coupang Live Studio and provide guidelines on reservation
Email Destroyed after being retained for 1 month from the date of application
<Coupang Live Studio rental>
To prevent and control the spread of communicable diseases
Name, contact information Destroyed after being retained for 4 weeks from the date of visit
<Consultation about ads products>
To provide consulting services for Coupang ads products
Mobile phone number Destroyed without delay after being retained for 3 months from the date of application
<Transfer of business ownership to an individual instead of a company after closing the business>
To process settlements due to business ownership transfer
Certificate of Business Suspension/Close of Business, Certificate of Registered Seal, a copy of bankbook,
a copy of an ID (name, resident registration number of driver’s license number), account number, address
Retained and destroyed according to relevant laws, such as the Framework Act on National Taxes and the Act on the Consumer Protection in Electronic Commerce
Fraud detection, provision of customized content and services based on the assumption of users’ interest, preference, and tendency Service usage history, access log, cookies(each service), IP address, device information (OS, version) Until the termination of the Agreement
Optional To manage address book/shipping information Additional phone number Until the termination of the Agreement
To send advertisement and event information messages Mobile phone number, email Destroyed without delay when the seller withdraws consent or upon the termination of the contract
<Reporting of ethical issues> To ensure a smooth communicate with the reporter (e.g. result of processing the report) Name, email, phone number Destroyed immediately upon achieving the purpose
  • We may request you to provide documentation depending on the type of service you use.

2. Coupang may share your Personal Information with third parties to the extent of its intended purpose to provide services or to comply with our legal obligations.

We use the information we collect solely for the purposes for which you have given your consent and do not disclose or provide such information to any third party beyond the extent to which you have given your consent, except in the following circumstances:

  1. Data subject has consented
  2. Required by law or determined to be in good faith (e.g. request from investigative or law enforcement authorities made through a legitimate procedure in accordance with applicable laws)
Party receiving the transfer (Information Manager’s contact information Country Time and method of transfer Type of information transferred Purpose Retention and processing period
Forter Pte Ltd.
(privacy@forter.com)
Singapore Tranferred over the network from time to time. • Seller name, Seller ID, transaction history.
• Information relating to your use of our systems including login, authentication, and activity/ navigation data.
• Information about the device from which you access our systems
Create and improve databases to provide fraud and policy non-compliance detection services. Duration of service delivery

3. Coupang consigns the processing of personal information to make available to you the following services and to make the following business processes effective:

We consign the information you provide to service providers to improve our services.

① Consignment of Personal Information within Korea:
Consignee Consigned functions
Coupang Pay Provides settlement services and issues tax invoices
KSJOB, UBASE Provide assistance and consulting on seller registration, manage sellers
Carrier (Daesung, KLP, JOIL, Hanbaek, KCTC, Eugene Logistics, Sebang, Dongwon LOEX, Dongbang) Manage delivery for Milkrun pickup services
Amazon Web Services Inc. Stores data, sends text messages and emails
Microsoft E-mail, document/file storage and internal communication and collaboration tools 
NHN Corp., Kakao Corp. Send text messages and emails
GS Neotek Maintains Genesys and Zendesk systems
UNIPOST Issues tax invoices
LG U Plus Sends text messages (SMS/LMS)
Salesforce Manages sales data
YKAD Sales agency for Coupang Eats
Shinsegae Media Sales agency for Coupang Eats
Unity Whole System Sales agency for Coupang Eats
APG Sales agency for Coupang Eats
CSJ Sales agency for Coupang Eats
Pinter Sales agency for Coupang Eats
KICC Sales and management agency for Coupang Eats
Studio Kwag Food photography for Coupang Eats
Studio Zero Food photography for Coupang Eats
UKMEDIA Food photography for Coupang Eats
H13D Studio Food photography for Coupang Eats
MH Studio Food photography for Coupang Eats


② Consignment of Personal Information outside of Korea
Coupang entrusts IT development and operation of our services to our affiliates (Coupang Global, LLC, Coupang (Shanghai) Co., Ltd., and Coupang (Beijing) Co., Ltd.). 
These affiliates comply with “7. Personal Information Safeguards”and Coupang’s security and privacy policies when carrying out their consigned services.

Party receiving the transfer (Information Manager’s contact information) Country Time and method of transfer Type of information transferred Purpose Retention and processing period
Coupang Global, LLC
(helpseller@coupang.com)
USA Transmitted through a secure network when personal information is required for business purposes Personal information collected and used while using Coupang Eats services (sign-up, CS, payment) Coupang service operation, research and development, fraud monitoring and detection Until termination of consignment contract
Coupang (Shanghai) Co., Ltd.
韩领网络科技(上 海)有限公司
(helpseller@coupang.com)
China
Coupang (Beijing) Co., Ltd.
韩领网络科技(北 京)有限公司
(helpseller@coupang.com)
China
Salesforce
(privacymark@salesforce.com)
USA, Japan Seller’s name, email, contact information Using the system for seller management
Zendesk
(support@zendesk.com)
Japan Name, email, phone number, membership number Using CS management system to operate customer center
Genesys
(GSN:yakida96@gsnict.com)
Japan Call recording, inbound phone number Using call system to operate customer center
Zoom
(privacy@zoom.us)
USA Name, email Receiving applications for Live seller webinar
(Global Seller only)
Forter Pte Ltd.
(privacy@forter.com)
Singapore • Seller name, Seller ID, transaction history.
• Information relating to your use of our systems including login, authentication, and activity/ navigation data.
• Information about the device from which you access our systems.
Create and improve databases to provide fraud and policy non-compliance detection services.

4. In principle, Coupang will delete your Personal Information immediately whenever the purpose for which the information was retained is fulfilled. Personal Information is deleted according to the following procedure, time limit and manner:

① Procedure and time limit
Any Personal Information no longer necessary for the purpose of which we originally collected and used will be kept safely in a separate database in accordance with the applicable laws and company policies and will be deleted without delay once the pre-defined retention period expires. In such case, Personal Information stored in a separate database will not be used for purposes other than the purpose for which you have given your consent or required by applicable law

② Deletion method
- Electronic files containing Personal Information will be deleted using a technical method that makes such information irrecoverable.
- Paper records containing Personal Information will be destroyed using methods such as incineration or shredding with a paper shredder.

③ We may further process any Personal Information required by law to be kept for a certain amount of time.

[Where required by law]
Applicable law Purpose Information stored Retention period
Act on the Consumer Protection in Electronic Commerce Article 6 To maintain consumer complaints or dispute records Consumer identifiable information, dispute resolution record 3 years
To maintain settlement and supply of goods records Consumer identifiable information, record on payment, supply of goods, contract and contract termination 5 years
Records on contract or contract termination
Records on labeling and advertisement Records on labeling and advertisement 6 months
Framework Act on National Taxes Article 85-3, Article 26-2 To calculate national tax exclusion period Evidence of all transactions for national tax 10 years
To calculate the length of period for national tax collection Documents for taxable base and tax declaration 5 years
Value-Added Tax Act Article 32 Ledgers, tax invoices, import tax invoices, receipts, etc. Documents for taxable base and tax declaration for value added tax  5 years
Electronic Financial Transactions Act Article 22 To confirm electronic financial transaction records Records on Electronic Financial Transactions 5 years
Protection of Communications Secrets Act Article 15-2 Complying with disclosure requests from investigation agencies with a warrant Website, application and other system access log 3 months
[Where required by company policies]
- If an Agreement with a seller with any past transactions (including product listings and sales) the seller has made using our services is terminated, we hold the minimum required amount of information including ID, name or company name, contact details, delivery address and bank account information for remittances for one year after the termination to provide the information to the parties to the transaction and to prevent arbitrary termination of the Agreement to knowingly bypass the restriction specified in this Notice

5. You as a user of Coupang services and as a data subject are entitled to exercise the following rights:

You or your legal representative can, at any time, access or modify your information or request deletion or suspension of processing your information that we hold.
If you wish to access, delete or request suspension of processing your information, please contact our privacy staff by phone.
We will make sure that your request is processed without delay.

You may only request processing (e.g. access to, deletion or suspend processing) of personal information if you are the data subject whose information we process in accordance with this Notice.
Any attempt to obtain Personal Information by deception or invade the privacy of others may lead to civil and criminal penalties.

Furthermore, it may be difficult to fulfill requests from customers to delete or stop the processing of their personal data, or withdraw the consent if any of the following is true:
• There are special provisions under the law, or it is absolutely necessary to fulfill an obligation under the law
• There is a possibility of incurring damage to life, body, property and other interests of a third party.

6. How cookies are installed and used and how to reject cookies.

Coupang does not collect and store the data automatically generated while using our services (cookies). 

7. Personal Information Safeguards

Coupang maintains technical, managerial and physical safeguards necessary to ensure the security of your Personal Information so that Personal Information may not be lost, stolen, leaked, altered or damaged.

① Internal privacy management plan
The Company maintains an internal privacy management plan to ensure the security of our Personal Information processing activities and performs information security audits to ensure that Personal Information safeguards are in place and any weaknesses identified are remediated immediately.

② Access control
The Company uses security solutions such as intrusion prevention system to protect against unauthorized access from the external network and works to protect the security of all other systems by adopting all possible technical measures.

③ Measures to prevent access log tampering and alterations
The Company stores and maintains access logs for personal information processing systems and employ measures to prevent tampering or alterations of the logs.

④ Personal Information encryption
The Company encrypts your Personal Information during transmission using encrypted network protocols as well as any critical data that we store such as passwords.

⑤ Anti-hacking measures
The Company operates 24-hour security monitoring using systems that can detect and stop intrusion attempts from hackers or other malicious actors and use anti-virus software to prevent damages from computer virus infections.
We regularly update our anti-virus software to ensure that we immediately react to new virus threats with the latest software and prevent privacy breaches.
We also constantly strive to keep up with new emerging hacking techniques and security technologies and apply them to our services.

⑥ Personal Information handled by minimum necessary staff and training
The Company restricts access to User’s Personal Information to the necessary staff who need to handle Personal Information for performing specific job functions.
We provide regular training on privacy obligations and security and run campaign programs for all staff who process Personal Information.
We also require our staff to sign non-disclosure agreements before joining to prevent human error-caused privacy breaches and maintain internal procedures for audits to ensure that our privacy policies are enforced and our staff comply with such policies.
We make sure that any staff handling Personal Information are handed over with the role in a secure and thorough manner and clearly define liability for privacy breaches that occur during employment and after termination.

8. We appoint a Chief Privacy Officer (CPO) to protect your personal information.

① We designate a Chief Privacy Officer (CPO) who is responsible for all functions related to the processing of Personal Information and address privacy related complaints from Users and provide damage relief. See details below:

CPO
Name: Kwan Hee Hong
Phone number: 1600-9879
Email: helpseller@coupang.com

Department handling privacy complaints
Department: Seller Call Center, Seller PMO (Coupang Eats Store)
Phone number: 1600-9879 / 1600-9827 (Coupang Eats Store)

② If you have any questions on, wish to file a complaint or need assistance on damage relief with regards to your privacy while using our service (or business), please contact our CPO or our Customer Service.

③ If you wish to report or consult on a privacy breach, contact:
▶ Korea Internet & Security Agency Personal Information Infringement Reporting Center: 118 (no area code required) / privacy.kisa.or.kr
▶ Cybercrime Investigation Team at the Supreme Prosecutors’ Office: 1301 (no area code required) / www.spo.go.kr
▶ Korean National Police Agency Cyber Bureau: 182 / www.cyber.go.kr

9. Our policy on changes to this Privacy Notice:

This Notice will be applicable from the date of its effective date. When we add, remove or correct any part of this Notice as a result of an updated law or our policies, we will provide you notice seven days prior to the effective date of any such change.
Any substantive changes to the rights of our Users including the collection and use of personal information and third-party disclosure will be notified to you at least 14 days prior.
Any updates to the Notice to reflect any changing legal requirements or our policies will be promptly made available to you on our website.

Privacy Notice version: 1.2

Publication date of the current Privacy Notice: March 9, 2022
Effective date of the current Privacy Notice: March 23, 2022
Coupang logo

Privacy Notice for Global Marketplace Community Members and Sellers ver1.1

This Notice describes how Coupang Corp. (“Coupang”, “Us”, “We” or “Our”) collects, processes and transfers Personal Information collected from Marketplace Community Members and Sellers (“You”, “Your”) and includes the following sections:

1. Collection, Processing and Retention:

Our collection, processing and retention of Personal Information is as follows:
• If you choose to become a Marketplace Community Member (“Member”), We will collect, process and retain additional Personal Information as follows:
Personal Information collected Purpose of collection and use Retention period
Name, phone number (land line and mobile), and e-mail address of primary contact person of the Member. To provide the Member with information on new products and services and to support the Member with Seller registration (if applicable). Until the termination of membership or such longer period as required to fulfill Our legal obligations and/or internal policy requirements.
• If you choose to become a Seller, We will collect, process and retain additional Personal Information as follows:
Personal Information collected Purpose of collection and use Retention period
Copies of passports of owner(s) and legal representatives of Sellers. To perform due diligence on Seller. Until the termination of Seller status or such longer period as required to fulfill Our legal obligations and/or internal policy requirements
  • Seller business registration number, industry sector, category group, fax number and address.
  • Seller CEO name, phone number (landline and mobile), and e-mail address.
  • Coupang issued Seller ID and password.
  • To provider Services to the Seller including providing up-to-date information on new services and prommotions.
  • To manage the Seller relationship including by establishing communication channels for partnerships, sending notifications, issuing open API keys, processing service complaints, and detecting and preventing fraud and account abuse.
  • To perform demographic analysis.
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
To perform credibility assessment including fraud and policy non-compliance detection.
Settlement information (name of bank account holder, account number, copy of account passbook.) To provide settlement services and issue tax invoices.
Inform of Coupang Live application and result email address Deleted without delay after notification

2. Disclosure to Third Parties:

We may disclose your Personal Information to the following third parties.
a) Provision of Personal Information outside of South Korea:

Recipient/country Time and method of provision Purpose of provision Information provided Period of use and retention
Forter Pte Ltd. * Singapore Tranferred over the network from time to time. Create and improve databases to provide fraud and policy non-compliance detection services. *
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
Duration of service delivery
*For more information, refer to: https://www.forter.com/service-privacy-policy/ or contact privacy@forter.com

3. Consignment:

We may consign the processing of your Personal Information to third party service providers to improve Our services.
a) Consignment of Personal Information within South Korea:
Consignee Consigned functions
Hyosung ITX Provide assistance and consulting on seller registration, manage sellers.
Carriers Manage delivery for Milkrun pickup services.
Amazon Web Services Inc. Data storage services.
Microsoft E-mail, document/file storage and internal communication and collaboration tools.


b) Consignment of Personal Information outside of South Korea:
Consignee Country Time and method of transfer Type of information transferred Purpose and processing period
Coupang Global, LLC US Transferred over the network when necessary to perform a business purposes. Information collected and used while performing a business purpose For research and development purposes until the retention period expires.
Coupang (Shanghai) Co., Ltd.
韩领网络科技(上海)有限公司
(한림네트워크(상해)유한공사)
China
Coupang (Beijing) Co., Ltd.
韩领网络科技(北京)有限公司
(한림네트워크(북경)유한공사)
China
CPLB (Shenzhen) Co., Ltd.
韩领商贸(深圳)有限公司
China
IBM Security US, India Transferred over the network when necessary to perform a business purpose. Information collected and used while performing a business purpose To operate the Security Operation Center and perform related analysis until the retention period expires.
Salesforce US, Japan Transferred over the network when service is used. Information collected and used while performing a business purpose. To operate and maintain overseas data center where Personal Information is stored until the retention period expires.
Forter Pte Ltd. Singapore Transferred over the network, frequently.
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
Duration of service delivery.

4. Disclosure to Government Authorities:

We use the Personal Information we collect solely for the purposes for which you have given your consent and do not disclose or provide such information to any third party beyond the extent to which you have given your consent, except as required by applicable law or in response to a request from government authorities or law enforcement made through a legitimate procedure in accordance with applicable law.

5. Retention and Deletion:

a) Any Personal Information retained beyond the termination of membership or Seller status (as applicable) will be kept safely in accordance with applicable laws and Coupang policies and will be deleted promptly once the applicable retention period expires. In such case, such Personal Information will only be used for the specific purpose for which it was retained and/or as otherwise required by applicable law.
b) Electronic files containing Personal Information will be deleted using technical methods that makes such information irrecoverable. Paper records containing Personal Information will be destroyed using methods such as incineration or shredding.
c) Retention periods required by applicable law are as follows:
Information retained Retention Legal basis
Records on contracts, settlements, and transactons. 5 years Commercial Act
Website access log. 3 months Electronic Communications Privacy Act
d) Retention periods required by Our policies are as follows:
Information retained Retention Legal basis
Seller ID, Seller name, Seller CEO name, and contact details. 1 years Fraud detection and prevention.

6. Data Subject Rights:

a) You can, at any time, access, update/correct, or request the deletion or suspension of processing your Personal Information that we hold. If you exercise any of these rights, please email or call the points of contact listed below, and we will promptly process your request.
b) You may only exercise the above rights with respect to Personal Information relates to you. Any attempt to obtain Personal Information by deception or invade the privacy of others may lead to civil and criminal penalties.

7. Automatic Collection of Personal Information:

a) Cookies are small text files placed on Your computer hard drive by the server servicing our website. At the time a cookie is loaded, You have the choice of accepting or rejecting the collection of your Personal Information by cookies. However, please be aware that rejecting cookies may limit certain functions on our website (such as services requiring a sign-in) from operating correctly.
b) How You manage cookies depends on the Internet browser You are using:
  • If you are using Internet Explorer, go to ‘Tools’ in the menu bar > click on ‘Internet Options’ > click on ‘Privacy’ tab > select an option.
  • If you are using Chrome, at the top right click ‘’ > click ‘Settings’ > select ‘Show advanced settings’ at the bottom > in the ‘Privacy’ section, click ‘Content settings’ button > in the ‘Cookies’ section, select an option.

8. Personal Information Safeguards

a) We maintain the following technical, managerial and physical safeguards necessary to ensure the security of Your Personal Information so that Personal Information may not be lost, stolen, leaked, altered or damaged:
  • an internal privacy management plan to ensure the security of Our Personal Information processing activities and performs information security audits to ensure that Personal Information safeguards are in place and any weaknesses identified are remediated immediately;
  • security solutions such as intrusion prevention system to protect against unauthorized access from the external network and works to protect the security of all other systems by adopting all possible technical measures;
  • access logs for Personal Information processing systems and employ measures to prevent tampering or alterations of the logs;
  • encryption of Personal Information during transmission using encrypted network protocols as well as any critical data that we store such as passwords;
  • 24-hour security monitoring using systems that can detect and stop intrusion attempts from hackers or other malicious actors and use anti-virus software to prevent damages from computer virus infections;
  • access restrictions to Personal Information to the necessary staff who need to handle Personal Information for performing specific job functions; and
  • regular training on privacy obligations and security and run campaign programs for all staff who process Personal Information.

9. Chief Privacy Officer and Staff Responsible for Privacy Inquiries

The Chief Privacy Officer (CPO) and the department responsible for handling privacy inquiries are designated as below to oversee all matters related to customer privacy and handle complaints and address damage from privacy-related issues. Customers may make inquiries, raise complaints or ask for damage relief regarding privacy issues through the contact points below. Coupang will promptly respond to and handle inquiries.
Chief Privacy Officer Department Handling Privacy Complaints
Name: Max Leveson
Email address: privacy@coupang.com
Department: Privacy and Data Governance
Email address: privacy@coupang.com
Customers who need to receive consultation on privacy matters or report a personal data breach may also contact the following authorities:

10. Notification Obligation

This Privacy Notice takes effect from its effective date. Should there be grounds for a material change to customer's right to data privacy, customers will be notified by Coupang at least 14 days before the change. Other changes will be notified to customers at least 7 days prior to their implementation.
Version 1.1

Release date: December 10 2020
Effective date: December 11 2020
Coupang logo

Privacy Notice for Global Marketplace Community Members and Sellers ver1.0

This Notice describes how Coupang Corp. (“Coupang”, “Us”, “We” or “Our”) collects, processes and transfers Personal Information collected from Marketplace Community Members and Sellers (“You”, “Your”) and includes the following sections:

1. Collection, Processing and Retention:

Our collection, processing and retention of Personal Information is as follows:
• If you choose to become a Marketplace Community Member (“Member”), We will collect, process and retain additional Personal Information as follows:
Personal Information collected Purpose of collection and use Retention period
Name, phone number (land line and mobile), and e-mail address of primary contact person of the Member. To provide the Member with information on new products and services and to support the Member with Seller registration (if applicable). Until the termination of membership or such longer period as required to fulfill Our legal obligations and/or internal policy requirements.
• If you choose to become a Seller, We will collect, process and retain additional Personal Information as follows:
Personal Information collected Purpose of collection and use Retention period
Copies of passports of owner(s) and legal representatives of Sellers. To perform due diligence on Seller. Until the termination of Seller status or such longer period as required to fulfill Our legal obligations and/or internal policy requirements
  • Seller business registration number, industry sector, category group, fax number and address.
  • Seller CEO name, phone number (landline and mobile), and e-mail address.
  • Coupang issued Seller ID and password.
  • To provider Services to the Seller including providing up-to-date information on new services and prommotions.
  • To manage the Seller relationship including by establishing communication channels for partnerships, sending notifications, issuing open API keys, processing service complaints, and detecting and preventing fraud and account abuse.
  • To perform demographic analysis.
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
To perform credibility assessment including fraud and policy non-compliance detection.
Settlement information (name of bank account holder, account number, copy of account passbook.) To provide settlement services and issue tax invoices.

2. Disclosure to Third Parties:

We may disclose your Personal Information to the following third parties.
a) Provision of Personal Information outside of South Korea:

Recipient/country Time and method of provision Purpose of provision Information provided Period of use and retention
Forter Pte Ltd. * Singapore Tranferred over the network from time to time. Create and improve databases to provide fraud and policy non-compliance detection services. *
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
Duration of service delivery
*For more information, refer to: https://www.forter.com/service-privacy-policy/ or contact privacy@forter.com

3. Consignment:

We may consign the processing of your Personal Information to third party service providers to improve Our services.
a) Consignment of Personal Information within South Korea:
Consignee Consigned functions
Hyosung ITX Provide assistance and consulting on seller registration, manage sellers.
Carriers Manage delivery for Milkrun pickup services.
Amazon Web Services Inc. Data storage services.
Microsoft E-mail, document/file storage and internal communication and collaboration tools.


b) Consignment of Personal Information outside of South Korea:
Consignee Country Time and method of transfer Type of information transferred Purpose and processing period
Coupang Global, LLC US Transferred over the network when necessary to perform a business purposes. Information collected and used while performing a business purpose For research and development purposes until the retention period expires.
Coupang (Shanghai) Co., Ltd.
韩领网络科技(上海)有限公司
(한림네트워크(상해)유한공사)
China
Coupang (Beijing) Co., Ltd.
韩领网络科技(北京)有限公司
(한림네트워크(북경)유한공사)
China
CPLB (Shenzhen) Co., Ltd.
韩领商贸(深圳)有限公司
China
IBM Security US, India Transferred over the network when necessary to perform a business purpose. Information collected and used while performing a business purpose To operate the Security Operation Center and perform related analysis until the retention period expires.
Salesforce Transferred over the network when service is used. Information collected and used while performing a business purpose. To operate and maintain overseas data center where Personal Information is stored until the retention period expires.
Forter Pte Ltd. Singapore Transferred over the network, frequently.
  • Seller name, Seller ID, transaction history.
  • Information relating to your use of our systems including login, authentication, and activity/ navigation data.
  • Information about the device from which you access our systems.
Duration of service delivery.

4. Disclosure to Government Authorities:

We use the Personal Information we collect solely for the purposes for which you have given your consent and do not disclose or provide such information to any third party beyond the extent to which you have given your consent, except as required by applicable law or in response to a request from government authorities or law enforcement made through a legitimate procedure in accordance with applicable law.

5. Retention and Deletion:

a) Any Personal Information retained beyond the termination of membership or Seller status (as applicable) will be kept safely in accordance with applicable laws and Coupang policies and will be deleted promptly once the applicable retention period expires. In such case, such Personal Information will only be used for the specific purpose for which it was retained and/or as otherwise required by applicable law.
b) Electronic files containing Personal Information will be deleted using technical methods that makes such information irrecoverable. Paper records containing Personal Information will be destroyed using methods such as incineration or shredding.
c) Retention periods required by applicable law are as follows:
Information retained Retention Legal basis
Records on contracts, settlements, and transactons. 5 years Commercial Act
Website access log. 3 months Electronic Communications Privacy Act
d) Retention periods required by Our policies are as follows:
Information retained Retention Legal basis
Seller ID, Seller name, Seller CEO name, and contact details. 1 years Fraud detection and prevention.

6. Data Subject Rights:

a) You can, at any time, access, update/correct, or request the deletion or suspension of processing your Personal Information that we hold. If you exercise any of these rights, please email or call the points of contact listed below, and we will promptly process your request.
b) You may only exercise the above rights with respect to Personal Information relates to you. Any attempt to obtain Personal Information by deception or invade the privacy of others may lead to civil and criminal penalties.

7. Automatic Collection of Personal Information:

a) Cookies are small text files placed on Your computer hard drive by the server servicing our website. At the time a cookie is loaded, You have the choice of accepting or rejecting the collection of your Personal Information by cookies. However, please be aware that rejecting cookies may limit certain functions on our website (such as services requiring a sign-in) from operating correctly.
b) How You manage cookies depends on the Internet browser You are using:
  • If you are using Internet Explorer, go to ‘Tools’ in the menu bar > click on ‘Internet Options’ > click on ‘Privacy’ tab > select an option.
  • If you are using Chrome, at the top right click ‘’ > click ‘Settings’ > select ‘Show advanced settings’ at the bottom > in the ‘Privacy’ section, click ‘Content settings’ button > in the ‘Cookies’ section, select an option.

8. Personal Information Safeguards

a) We maintain the following technical, managerial and physical safeguards necessary to ensure the security of Your Personal Information so that Personal Information may not be lost, stolen, leaked, altered or damaged:
  • an internal privacy management plan to ensure the security of Our Personal Information processing activities and performs information security audits to ensure that Personal Information safeguards are in place and any weaknesses identified are remediated immediately;
  • security solutions such as intrusion prevention system to protect against unauthorized access from the external network and works to protect the security of all other systems by adopting all possible technical measures;
  • access logs for Personal Information processing systems and employ measures to prevent tampering or alterations of the logs;
  • encryption of Personal Information during transmission using encrypted network protocols as well as any critical data that we store such as passwords;
  • 24-hour security monitoring using systems that can detect and stop intrusion attempts from hackers or other malicious actors and use anti-virus software to prevent damages from computer virus infections;
  • access restrictions to Personal Information to the necessary staff who need to handle Personal Information for performing specific job functions; and
  • regular training on privacy obligations and security and run campaign programs for all staff who process Personal Information.

9. Chief Privacy Officer and Staff Responsible for Privacy Inquiries

The Chief Privacy Officer (CPO) and the department responsible for handling privacy inquiries are designated as below to oversee all matters related to customer privacy and handle complaints and address damage from privacy-related issues. Customers may make inquiries, raise complaints or ask for damage relief regarding privacy issues through the contact points below. Coupang will promptly respond to and handle inquiries.
Chief Privacy Officer Department Handling Privacy Complaints
Name: Max Leveson
Email address: privacy@coupang.com
Department: Privacy and Data Governance
Email address: privacy@coupang.com
Customers who need to receive consultation on privacy matters or report a personal data breach may also contact the following authorities:

10. Notification Obligation

This Privacy Notice takes effect from its effective date. Should there be grounds for a material change to customer's right to data privacy, customers will be notified by Coupang at least 14 days before the change. Other changes will be notified to customers at least 7 days prior to their implementation.
Version 1.0

Release date: October 5 2020
Effective date: October 12 2020
You can check the previous privacy policy below.