Article 1. Collected Personal Information Items and Collection Methods
The Company shall collect and use your personal information for the following programs described below (the “Program”). The Company shall collect your personal information when you subscribe as a member of the Program or use a service of the Program.
Collected Personal Information Items
Purpose of Collection
www.swarovski.com (“Website”) Membership and the SWAROVSKI Membership Service
Name, login ID, password, address, mobile number, email address, birth date, purchase records, credit card information
Name, address, zip code, country, phone number, mobile number, email address, birth date, bank details, preferences, purchase history, membership number
Name, address, zip code, country, phone number, mobile number, email address, birth date, preferences, purchase history, membership number, your SCS membership status
Retail Store Services
Name, mobile number, phone number
Article 2. Storage and Use of Personal Information
In case of withdrawal from the membership of the Program by you, the Company shall destroy such information as soon as practicable. Provided, however, in case the Company has the obligation to retain such information according to related laws, it shall store the information without destroying them. Provided, however, the Company shall retain the following information for the period outlined below for purposes such as confirmation of the Company’s obligation to manage transaction-related records in accordance with relevant laws, including the Commercial Act, and internal policy: 1) Records regarding agreements or cancellation of purchase applications: Five years (Act on the Consumer Protection in the Electronic Commerce Transactions, etc.) 2) Records regarding payments and supply of goods: Five years (Act on the Consumer Protection in the Electronic Commerce Transactions, etc.) 3) Records regarding consumer complaints or disputes settlement: Three years (Act on the Consumer Protection in the Electronic Commerce Transactions, etc.) 4) Records regarding Website visits: Three months (Telecommunications Security Protection Act)
Article 3. Measures to Secure Personal Information
The personal information of users shall be collected through the security system in electronic form, and treated and protected in documental or electronic form. Our consumer’s private information is stored on the Swarovski Database, and may be used for statistical or marketing analyses, integrated or treated in an identifiable manner. The Company pursues the following technical, managerial measures in order to secure personal information of its users and ensure that it is not lost, stolen, exposed, modified or damaged. Provided, however, the Company shall not be liable for any problems incurred in relation to the exposure of personal information, including IDs and passwords, as a result of the user’s carelessness or internet-related problems.
1. Password Encryption The log in ID (ID) and password of members (where applicable) are stored in non-readable form (hashed), and are knowledgeable only by the user. The confirmation or modification of personal information can only be made by the user who knows the password.
2. Measures against Hacking The Company is committing its best efforts to prevent the leakage or damage of its members’ personal information due to hacking or computer viruses. In case of personal information damage, the Company is frequently backing up of data, and preventing the exposure or damage of user’s personal information or data by using the latest vaccine programs. It is also ensuring safe transmission of personal information through encrypted communications technology. Firewalls, intrusion detection systems and regular security testing ensure the protection of the consumer database. Strong authentication methods for all privileged accounts are used.
3. Minimal Handling by Employees and Education The Company personnel with authority to handle personal information will be limited to the relevant manager. A separate password shall be granted for the task, which shall be renewed regularly.
Article 4. Entrustment of Personal Information
The Company currently entrusts the handling of your personal information to other companies as follows:
Swarovski Crystal Online AG (Swiss),
Daniel Swarovski Corporation AG (Swiss),
D. Swarovski & Co (Austria), and
Swarovski Aktiengesellschaft (Liechtenstein)
Maintenance and management of the Company’s servers
FedEx. and Ilyang Logistics
Work related to delivery and returns handling of ordered goods
Work related to Kakao and mobile message sending
|GEMS||Swarovski Korea Jewelry External Repair|
|S&K||Swarovski Korea Jewelry External Repair|
|Bestime||Swarovski Korea Watch External Repair|
|Bowondang||Swarovski Korea Watch External Repair|
|Maroosoft||Maintenance of the repair system|
|Ethan & Alice Marketing||Maintenance of the repair inquiry site|
|SK T Biz||Operation and management of the call center system|
In its entrustment contracts, the Company stipulates service providers to strictly observe the Company’s orders regarding the protection of personal information, confidentiality of personal information, prohibition of provision to a third party and assumption of responsibility in case of accidents, entrustment period, and the return or abolishment of personal information after the completion of a task, and maintains such contracts in written or electronic form.
Article 5. Third Party Transfer of Personal Information
The Company currently transfers your personal information to other companies as follows:
Transferred Personal Information Items
Purpose of Use of Personal Information by the Transferee
Transferee’s Retention Period
D.Swarovski KG and Swarovski Aktiengesellschaft Droschistrasse (Liechtenstein)
Items under Article 1
Provided under Article 1
Upon occurrence of the following events, Transferee will cease retention of the collected personal information:
When a member revokes consent to the collection and management of personal information; when the purpose for the aforementioned collection and management has been fulfilled; or when the company ceases business operations.
Article 6. Destruction of Personal Information
1. Destruction procedure
When the purpose of collection and use of the personal information has been fulfilled, information you filled in or provided shall be moved to a separate database (and in case of hardcopies, to a separate file). The information shall be stored for a certain period of time for information protection purposes pursuant to an internal policy and other relevant laws and regulations and shall be deleted thereafter.
2. Methods of destruction
Any print-out version of personal information will be shredded using a shedder or incinerated, and any personal information stored in the electronic files will be destroyed using a technical method which makes the records irreproducible.
Article 7. Exercise of Rights
You may always query or modify your personal information by accessing your profile on the Website or making such a request by telephone to the Privacy Officer, or make a request to the Privacy Officer to modify, delete or suspend the handling of your personal information. Where the personal information is information of a child under the age of 14, an authorized legal representative has the right to exercise the aforementioned rights for and on behalf of the child.
You may, at any time, request to cancel your membership from the Program by contacting email@example.com (for BeSwarovski and SCS memberships) or firstname.lastname@example.org (for all other Programs) and the Company shall immediately take the necessary measures.
Article 8. Automatic Collection of Personal Information
Article 9. Privacy Officer
The Company exerts its utmost efforts to make sure the members can use the Company’s Programs and/or services safely and securely. In the event of any incidences that are against those notified to the members regarding the protection of personal information, the Privacy Officer shall take complete responsibility. However, the Company will not be responsible for any damages to the information caused by, despite technical complementary measures taken, an unexpected incidence attributable to the innate risk of network such as hacking and any disputes resulting or arising from postings by visitors to the Website. Below is the information on the Privacy Officer that is responsible for taking care of your personal information. The Privacy Officer will gladly and promptly answer your inquiries on privacy.
<Privacy Officer >
- Name: Jason Lee
- Position: CEO
- Customer Service 1522-9065 | Tel 1661-9060