Privacy Policy

Seoul Auction Co., Ltd. Privacy Policy

Seoul Auction (hereinafter referred to as the “Company”) has established and is disclosing the following guidelines to protect the privacy of the data subjects and to quickly and smoothly address the related difficulties pursuant to the Act on the Promotion of Information and Communications Network Utilization and Information Protection, Etc. and the Personal Information Protection Act.

Article 1 (Purpose of Processing Personal Information)

The Company processes the personal information for the following purposes. The personal information processed shall not be used for the purposes outside the following purposes and shall obtain prior consent, etc. when the purpose of use changes, pursuant to the relevant laws.

1. Homepage membership subscription and management
Personal information are processed for the purposes of verifying the intention of subscribe to the membership, personal identification and authentication for the provision of the membership services, maintenance and management of member qualification, personal verification pursuant to the implementation of the limited identity verification system and prevention of illegal use of the services, etc.

2. Provision of goods and/or services
Personal information are processed for the purposes of goods delivery, service provision, transmission of contracts and invoices, provision of contents, provision of customized services, personal authentication, age authentication, fees payment and settlement, debt collection, etc.

3. Complaint processing
Personal information are processed for the purposes of verifying the identity of the complainants, verification of complaints, contact/notification for factual investigation, notification of results of the processing, etc.

4. Marketing and advertisement purposes
Personal information are processed for the purposes of delivering marketing information, such as events, etc., determining the connection frequency and/or statistics on the service use by the members, etc.

Article 2 (Processing and Retention Period of Personal Information)

① The Company shall process and/or retain the personal information within the retention and/or use period pursuant to the relevant laws or as consented to by the data subject at the time of collecting the personal information.
② Processing and retention period for each type of personal information are as follows.
1. Homepage membership subscription and management: within the consented personal information retention and use period. Provided, until completing the applicable reasons when applicable to any of the following reasons.
1) Until completion of the applicable investigation and/or inquiry for investigation and/or inquiry, etc. pursuant to violation of relevant laws.
2) Until settlement of applicable debt/liability relationships when debt/liability remains pursuant to the use of the homepage.
2. Provision of goods and/or services: Until completion of goods and/or services provision and fee payment and/or settlement. Provided, until completing the applicable reasons when applicable to any of the following reasons.
1) Records on transactions, such as marks, advertisement, contract terms and performance, etc. pursuant to the Act on the Consumer Protection in Electronic Commerce, Etc.
- Records on Marks and Advertisements: 6 Months
- Records on Contract or Withdrawal of Contract, Fee Payment and Provision of Goods, Etc.: 5 Years
- Records on Consumer Complaints and Dispute Processing: 3 Years
2) Retention of communication confirmation data pursuant to Article 41 of the Protection of Communications Secrets Act
- Date of telecommunications by subscribers, starting and ending time, subscriber number of the other party, frequency of use, data on tracing location of connectors: 1 Year
- Computer communication, data on internet log records, data on tracing a location of connection: 3 Months
3) Taxation exclusion period and statute of limitations on tax collection (in accordance with the Framework Act on National Taxes)
- Evidential tax documents, etc.: 10 years
- VAT base, tax reports, etc.: 5 years
4) Viewing of e-transaction records (in accordance with the Electronic Financial Transactions Act)
-e-transaction records (information on other party, etc.): 5 years
5) In the event any other law or regulation stipulates a retention period: for the duration of such period

Article 3 (Entrustment of the Processing of Personal Information)

① The Company entrusts the processing of the personal information for smooth processing of the personal information as follows.

Company Contents of entrusted work
LG Uplus Corp. Text message sending service
BADAINFO Co., Ltd.
Samil Courier Packaging Catalog sending service
Stibee Mail sending service
DNDPIA
Maxtel Customer consultation
ks Express Artwork transport service
One-top Transport
Art in Art Co., Ltd.
Art Peak
Art Dream
H&h Express
Modu Art
Kyungmin Express
JM Art
ARTrans Co., Ltd
DONGBU ART Co., Ltd.
Ohyang Express Co., Ltd.
THE art ALL
VART
Nano Art
Korea Credit Bureau Identity authentication services

② The Company shall stipulate the prohibition of the processing of the personal information outside the purposes of performing the entrusted responsibilities, technical and administrative protection measures, restriction on re-entrustment, management and supervision of trustees, and indemnification, etc. in the entrustment contract pursuant to Article 25 of the Personal Information Protection Act, and the Company shall supervise the trustees to safely process the personal information.
③ The Company shall announce any changes to the entrusted responsibilities or the trustees through this privacy policy, without delay.

Article 4 (Rights and Obligations of the Data Subjects and the Method of Exercise)

① The data subjects may exercise the rights on each of the following personal information protection against the Company at any time.
1. Request to access the personal information
2. Request to correct errors, etc.
3. Request for deletion
4. Request to suspend processing
② The rights pursuant to Paragraph 1 may be exercised through the submission of writing, telephone, electronic mail, facsimile (FAX), etc. to the Company, and the Company shall take such measures without delay.
③ In the event the data subject requests correction or deletion on the errors, etc. in his/her personal information, the Company shall not use nor provide the concerned personal information until the correction or deletion is complete.
④ The rights pursuant to Paragraph 1 may be exercised through a representative, such as the legal guardian or a delegated person, etc. of the data subject. In such a case, a power of attorney pursuant to the attached form no. 11 of the Enforcement Rule of the Personal Information Protection Act shall be submitted.
⑤ The data subject shall not infringe on the personal information or privacy of him/herself or others being processed by the Company in violation of the relevant laws, including the Personal Information Protection Act.

Article 5 (Personal Information Items Processed)

①The Company processes the following personal information items.
1. Membership application
Required items: name, ID, password, postal address, mobile phone number, email address
Optional items: delivery address, artwork genres of interest, artists of interest
2. Bidding, payment, and shipping
Required items:
Information on bidder: name, mobile phone number, email address, postal address
Mobile phone authentication: name, date of birth, mobile phone number, gender, telecommunication service provider, self-identifying value (CI/DI), mobile phone authentication results
Card authentication: app card [name, date of birth, gender, mobile phone number, telecommunication service provider, self-identifying value (CI/DI)], ARS [mobile phone number, card number (last 8 digits), card password (first 2 digits), self-identifying value (CI/DI)]
For sending cash receipt: name, mobile phone number
3. Provision of personal information for marketing purposes
Optional items: name, mobile phone number, email address
② The following personal information items may be automatically generated and collected during the process of using the internet services.
․IP Address, Cookie, MAC Address, Service Use Record, Visit History, Defective Use Record, Etc.

Article 6 (Destruction of Personal Information)

① The Company shall destroy the personal information when the concerned personal information is no longer necessary, such as expiration of the personal information retention period or achieving the purpose of processing, etc.
② When the personal information must be retained after expiration of the retention period of the personal information consented to by the data subject or achieving the purpose of processing pursuant to other laws, the concerned personal information shall be moved to a separate database (DB) or the storage location shall be changed.
③ The procedures and methods of destroying the personal information are as follows.
1. Procedure for Destruction
The Company shall select the personal information with grounds for destruction and destroys the personal information with an approval of the privacy officer of the Company.
2. Method of Destruction
The Company shall destroy the personal information recorded and stored in an electronic format by using low level format, etc. in such a way that renders it unrecoverable, and the personal information in the form of a physical document shall be destroyed by a paper shredder or shall be incinerated.

Article 7 (Measures to Ensure the Safety of Personal Information)

The Company takes the following measures to ensure the safety of the personal information.
1. Managerial Measures: establishment, implementation of internal management plan and regular employee education, etc.
2. Technical Measures: Access control management of personal information processing system, installation of access control system, encryption of personally identifiable information, etc., installation of security program
3. Physical Measures: Access control of computer room and data storage room, etc.

Article 8 (Matters Concerning the Installation, Operation and Refusal of the Automated Personal Information Collection Devices)

① The Company uses cookies to store and retrieve the information of users in order to provide individually customized services.
② A cookie is a small quantity of information sent by the server used in operating a website to the computer browser of a user and can be stored on the hard disk of a computer of the users.
A. Purpose of Using Cookie: Used for providing information optimized for the users by determining each services visited by the users, the types of visits and usages, popular search terms and the use of secure connections, etc.
B. Installation, Operation and Refusal of Cookie: May refuse to store the cookie by selecting Tool > Internet Option > Privacy menu from the top section of a web browser.
C. You may experience difficulty in using a customized service when refusing to store the cookie.

Article 9 (Privacy Officer)

① The Company designated the following privacy officer to be responsible for overall tasks related to the processing of personal information and processing and remedying the complaints of the data subjects related to the personal information processing.
▶ Privacy Officer
Name: Lee, Jungbong
Position: CTO
Contact: 02-395-0330 / sos@emails.seoulauction.com
※ Directed to the privacy department.

▶ Privacy Department
Webservice Development Team
Contact: 02-395-0330 / sos@emails.seoulauction.com
※ Directed to the privacy department.

② All inquiries, complaints, damage relief, etc. concerning all personal information protection that arise in the course of using the services (or business) of the Company can be directed to the privacy officer or the privacy department. The Company shall provide replies to such inquiries without delay.

Article 10 (Request to Access the Personal Information)

The data subjects may request to access the personal information pursuant to Article 35 of the Personal Information Protection Act to the following department. The Company shall make every efforts to quickly process the requests to access the personal information by the data subject.

▶ Department for Receipt and Processing the Request to Access the Personal Information
Seoul Auction Customer Center
02-395-0330 / sos@emails.seoulauction.com

Article 11 (Remedy for Rights Infringement)

The data subjects may inquire on the remedy, consultation, etc. on infringement of personal information to the following agencies.
'The following agencies are separate from the Company and should be contacted when not satisfied with the complaints processing or remedy of the Company or requires more detailed assistance.'

▶ KISA Privacy Center
- Homepage: privacy.kisa.or.kr
- Telephone : (No Area Code) 118

▶ Personal Information Dispute Mediation Committee
- Homepage: www.kopico.go.kr
- Telephone : (No Area Code) 1833-6972

▶ Supreme Prosecutors’ Office of the Republic of Korea - Cyber Investigation Division
- Homepage: http://www.spo.go.kr
- Telephone : (No Area Code) 02-3480-3570

▶ National Police Agency - Cyber Investigation Bureau
- Homepage: https://ecrm.police.go.kr/
- Tel : (without area code) 182

Article 12 (Operation Management Policy for Image Information Processing Equipment)

① Grounds and Purpose of Installation of Image Information Processing Equipment
The company shall install and operate image information processing equipment for the following purposes in accordance with Article 25 Paragraph 1 of the 「Personal Information Protection Act」.
- Facility Safety and Fire Prevention
- Crime Prevention for Customer Safety

② Number of Installations, Installation Location and Shooting Range

Number of Installations Installation Location and Shooting Range
129 Building lobby, exhibition hall, warehouse and parking lot entrance

③ Chief Manager and Access Authority
The company has personal image information protection officers as follows to protect customers' image information and to handle complaints related to personal image information.


Name Position Team Contact
Chief Manager Lee, Chang-seob Senior Property Management Team 02-2075-4494
Access Authority Kang, Geon-soo Senior Property Management Team 02-2075-4497

④ Recording Time, Storage Period, Storage Location and Processing Method of Image Information

Recording Time Storage Period Storage Location
24 hours 180 days from the date of recording NVR location

- Processing Method: Requests such as use of personal image information for other purpose, provision to a third party, destruction, and viewing shall be recorded and managed, and when the storage period expires, it shall permanently be deleted (shredded or incinerated in the case of printed materials) in a way that cannot be restored.

⑤ Matters Concerning the Consignment Such as Installation and Management of Image Information Processing Equipment (only if applicable)
The company entrusts the installation and management of image information processing equipment as follows, and in accordance with relevant laws and regulations, the company stipulates necessary matters so that personal information can be safely managed during the consignment contract.


Consignee Manager Contact
S1 Sales Manager at the Business Site 02-2075-4494

⑥ Matters Concerning the Checking Method and the Place of Personal Image Information
- Checking Method: You can check by contacting the image information manager in advance and visiting the Company.
- Location: NVR location

⑦ Measures to the Information Subject's Request for Access to Image Information, etc.
When wanting to access to, confirm the existence of, or delete the personal image information, a customer can request it from the operator of the image information processing device at any time. However, it is limited to personal image information of the customer and personal image information that is clearly necessary for the immediate benefit of the life, body, and property of the information subject. The company shall take necessary measures without delay in the event that access to, confirmation of existence or deletion of personal image information is requested.

⑧ Measures to Ensure the Safety of Image Information
The image information processed by the Company is safely managed through encryption measures, etc. As an administrative measure for the protection of personal image information, the Company also grants different access rights to personal information, and to prevent forgery and falsification of personal image information, the Company records and manages the date and time of creation of personal image information, purpose of access, viewer and the date and time of access. In addition, a locking device is installed for safe physical storage of personal image information.


Article 13 (Modification of the Privacy Policy)

The current privacy policy and the operation and management policy for image information processing equipment were revised on 07/09/2023, and contents may be added, deleted, or modified due to changes in related laws and guidelines or the needs of the Company. In this case, we will notify you in advance through the website or e-mail. In addition, we may obtain the customer's separate consent if necessary in accordance with relevant laws and regulations.
- Announcement Date: 08/29/2023
- Effective Date: 07/09/2023

ⓒ Seoul Auction Corp. CEO : Lee Ok-Kyung Business Reg. : 101-81-46818 E-commerce Registration : Jong-Ro No. 01-2173 Address : 11, Pyeongchang 31-gil, Jongno-gu, Seoul, Korea Email : info@emails.seoulauction.com

Seoul Auction Corp. Business info arr icon arr icon
  • ⓒ Seoul Auction Corp. CEO : Lee Ok-Kyung
  • Business Reg. No. : 101-81-46818
  • E-commerce Registration : Jong-Ro No. 01-2173
  • Address : 11, Pyeongchang 31-gil, Jongno-gu, Seoul, Korea
  • Email : info@emails.seoulauction.com

With the exception of Seoul Auction Co., Ltd. as the seller, Seoul Auction Co., Ltd. is a mail order broker and not a party to mail order sales for all products and transactions on the site. Therefore, Seoul Auction Co., Ltd. is not responsible for product/transaction information and transactions. Any unauthorized reproduction, transmission, distribution, and/or crawling/scraping of images, videos, text, and other material or information (including the website screen) is strictly forbidden by the Copyright Act, the Unfair Competition Prevention and Trade Secret Protection Act, and other relevant law.