Ericsson-LG (hereinafter referred to as the "Company") processes and safely manages personal information in a lawful manner in compliance with the Personal Information Protection Act and related laws in order to protect the freedom and rights of information subjects. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, the following personal information processing policy is established and disclosed in order to guide the information subject on the procedures and standards for the processing and protection of personal information, and to promptly and smoothly handle related difficulties.
This policy applies to personal information that the Company collects through the website and offline events for marketing and promotional purposes.
1. Purpose of processing personal information
The Company processes personal information for the following purposes. The personal information processed will not be used for any purpose other than the following, and if the purpose of use changes, we will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
1. Event details for event participants
2. Utilization for marketing and promotion
Statistics and analysis of users' use of services, delivery of advertising information such as content and event information
3. To comply with legal responsibilities and obligations, including statutory reporting obligations
2. Items of personal information to be processed
The Company collects and uses the following personal information to the minimum extent necessary for content sharing, event participation, and promotion. In accordance with Article 15(1)1 and Article 22(1)7 of the Personal Information Protection Act, the information is processed with the consent of the information subject.
- Event participation application information: name, email address, company name, country, department, title, contact information
In addition, the following information may be generated and collected in the process of using the service or processing business.
- Information generated and collected when downloading content and participating in events: service use records, access logs, cookies, access IP information, suspension records
3. Processing of personal information of children under the age of 14
The Company does not collect or use the personal information of children under the age of 14.
4. Processing and Retention Period of Personal Information
The Company processes and retains personal information within the period of retention and use of personal information in accordance with laws and regulations or the period of retention and use of personal information agreed upon by the information subject.
Purposes |
Retention Period |
Items of personal information |
Download content and participation application for the event |
24 months after person record last interacted with the Company |
Name, e-mail address, company name, country, department, title, contact information |
5. Procedure and method of disposal of personal information
When personal information becomes unnecessary after the retention period has elapsed, the company destroys the personal information without delay. The Company destroys personal information recorded and stored in the form of electronic files so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents using a document shredder.
6. Provision of Personal Information to Third Parties
The Company processes the personal information of the information subject only within the scope specified in the purpose of processing the personal information, and provides the personal information of the information subject to a third party only when it falls under Articles 17 and 18 of the Personal Information Protection Act, such as with the consent of the information subject or special provisions of the law, and does not provide the personal information of the information subject to a third party otherwise.
Recipient |
Purpose of Provision |
Information provided |
Retention Period |
Adobe, Salesforce |
Customer Relationship Management (CRM) |
Name, e-mail address, company name, country, department, title, contact information |
24 months after person record last interacted with the Company |
7. Criteria for judging when additional use or provision occurs continuously
The Company does not additional use or provide personal information continuously without the consent of the information subject.
8. Consignment of Personal Information Processing
The Company entrusts the processing of personal information as follows in order to efficiently process personal information.
Recipient |
Purpose of Provision |
Information provided |
Retention Period |
Not applicable |
Not applicable |
Not applicable |
Not applicable |
9. Overseas Collection and Transfer of Personal Information
The Company provides the collected personal information overseas as follows in order to manage marketing information in an unified manner.
· Provision of Personal Information to Overseas Third Parties
Legal standard |
Items of personal information to be transferred |
Transfer Countries |
When and how to transfer |
Transfer recipient |
Purpose of Use |
Retention Period |
Article 28-8 (1) 3 (a) of the Personal Information Protection Act (Overseas processing consignment and storage for contract fulfillment) |
Name, e-mail address, company name, country, department, title, contact information |
United Kingdom |
After signing up for the event |
Adobe (Marketo Engage) |
Customer Relationship Management (CRM) |
24 months after person record last interacted with the Company (up to 24 months retention policy) |
Germany |
Salesforce |
10. Security measures to ensure the safety of personal information
1. In order to ensure the safety of personal information, the Company implements the following safety measures in accordance with Article 29 of the Act, Articles 30 and 30-2 of the Enforcement Decree of the same Act.
[1] Administrative measures: Establishment and implementation of internal management plans, operation of dedicated organizations, response to personal information leakage incidents, management and supervision of consignee, regular employee training
[2] Technical measures: Management of access rights to personal information processing systems, etc. installation of access control systems, encryption of personal information, storage and inspection of access records, prevention of malicious programs, etc.
[3] Physical measures: Control of access to computer rooms, data storage, etc., disposal of personal information
The Company processes personal data securely in accordance with Ericsson's Data Protection and Privacy Policy.
- Ericsson Privacy Policy
11. How to choose non-disclosure and possibility to disclose sensitive information
The Company does not collect sensitive information from users.
12. Processing of pseudonymous information
The Company does not use pseudonymized personal information so that a specific individual cannot be identified.
13. Installation operation, and refusal of automatic collection of personal information
< Installed and operated automatic personal information collection tool >
① The company uses 'cookies' to store and retrieve usage information from time to time in order to provide individual services and convenience to users.
② Cookies are sent to the browser of the information subject by the server (http) used for the operation of the website. It is a small amount of information and is stored on the data subject's PC or mobile.
③ The information subject can set the web browser options to allow or block cookies.
However, if you refuse to store cookies, you may not be able to use customized services.
④ Additional descriptions of cookies and how to accept or refuse cookies can be found on our Cookie Policy page.
14. If a third party is allowed to collect behavioral information through an automatic personal information collection tool, the use and refusal of such collection
Unless otherwise permitted in Article 37-2 of Personal Information Protection Act, the Company does not install and operate an automatic collection tool for personal information.
15. Rights and Obligations of Information Subjects and Legal Representatives, and Methods of Exercising Rights
1. The information subject may exercise the right to view, correct, delete, suspend or withdraw personal information, refuse to make automated decisions, or request an explanation (hereinafter referred to as the “exercise of rights") against the Company at any time.
2. The exercise of the right may be requested to the Company in writing, by e-mail, fax, etc., in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the Company will act without delay.
3. The exercise of rights can also be done through the legal representative of the information subject or an agent such as a delegated person. In this case, he or she must submit a power of attorney in accordance with the form of appendix No. 11 of the "Notice on Personal Information Processing Methods".
4. The right of the information subject to request access to and suspension of processing of personal information may be restricted in accordance with Article 35-4 and Article 37-2 of the Personal Information Protection Act.
5. If the personal information is specified as the object of collection under other laws and regulations, it is not possible for the information subject to request the deletion of the personal information.
6. The Company verifies that the person exercising the right is the principal or its legitimate representative.
7. Information on the person responsible for the action can be found in Section 16 below.
16. Name of the person in charge of personal information protection or the department in charge of personal information affairs and the department that handles difficulties
In accordance with Article 32 of the Enforcement Decree of the Personal Information Protection Act, the Company is responsible for the processing of personal information and designates a person in charge of personal information protection as follows to handle complaints and damage relief of information subjects related to the processing of personal information.
Responsible Department
Department: Security Team
Phone: 02-2016-1615
E-mail: security.elg@ericssonlg.com
Personal Information Protection Manager
Name: Hyunae Lee, Security manager
Personal Information Protection Officer
Name: Hangman Heo JRD/CFO
Personal Information Access Request and Processing Department
Department: Marketing & Communications
Name: Raehee Jang, Field Marketing Manager
Phone: 02-2016-1588
E-mail: elg.communications@ericsson.com
17. Designation of Domestic Agents
Not applicable
18. Remedies for infringement of the rights and interests of information subjects
[1] The Company guarantees the right of information subjects to self-determination of personal information and strives to provide consultation and remedy damages caused by personal information infringement, and if a report or consultation is required, please contact above 16. Personal Information Protection Manager. The information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee and the Personal Information Infringement Report Center of the Korea Internet & Security Agency in order to receive relief from personal information infringement. For other personal information infringement reports and consultations, please contact the following organizations.
① Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
② Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
③ Supreme Prosecutor's Office: 1301 (www.spo.go.kr)
④ National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)
19. Operation and management of fixed visual data processing devices
The Company does not operate fixed visual data processing devices.
20. Operation and management of mobile visual data processing devices
The Company does not operate mobile visual data processing devices.
21. Matters voluntarily determined by the personal information controller to include in the Personal Information Processing Instruction regarding personal information processing standards and protection measures
The Company has obtained the Information Security Certification (ISO27001) for the Ericsson Global Management System (EGMS) operated by headquarter.
22. Changes to the Personal Information Processing Policy
This Policy is effective from November 5, 2024.
The previous Policies can be found below.