Privacy Notice for Global Express

HANJIN TRANSPORTATION CO., LTD. (hereinafter called “the Company”) respects your privacy and is committed to protecting it. The Company provides this Privacy Policy to inform you of our policies and practices governing how we collect and use your personal data.

Who is responsible for data processing and how do you reach the Data Controller if you have any questions?

Responsibility lies with

• Name: HANJIN TRANSPORTATION CO., LTD.
• Address: Hanjin New Bldg Namdaemunro 63, Jung-gu, Seoul, Korea
• Telephone Number: +82-2-728-5550
• Email address: SELAGY@hanjin.co.kr

Where do we obtain your data and which types of data do we use?

We process personal data which we receive directly from individual customers such as you in connection with the provision of global express.

The categories of personal data that we may process relating to you are the following:

• 1Individual contact information of the sender and the consignee (name, phone number, address, email address);
• 2Shipping information (signature for point of delivery, shipment data, tracking data, and/or any information provided to us regarding the content of certain shipments);
• 3Information required under applicable laws for the provision of global express (tax identification information such as personal customs clearance code, resident registration number, and passport number); and
• 4Other personal information that may be provided to in the course of providing our services.
  If you provide the Company with personal data of third parties (such as consignee data), we process such data under the assumption that it was obtained and provided to us by you in accordance with applicable laws. Also, it is your responsibility to ensure that such third parties have been provided with a copy of this notice.

What are the purposes of processing your data and on which legal basis does the processing take place?

We process personal data for the purposes and pursuant to the legal grounds set out below:

• a for the performance of a contract with you(Art. 6 (1 b) GDPR)The Company may use and process personal data to the extent necessary to provide global express in accordance with the terms and conditions you have consented to. The personal data of consignors and consignees is stored in shipping invoices and the Company’s database for the shipment of goods, and may be used for the purposes of providing carriage service, tracking goods, and to perform any other contractual obligations.
• b on the basis of legal requirements (Art. 6 (1 c) GDPR)We are subject to various legal obligations, including statutory requirements, and, in order to comply with these legal obligations, we are required to collect and process certain personal data about you.
• b where it is necessary for the legitimate interests of the Company or of third parties (Art. 6 (1 f) GDPR)To the extent necessary, we may process your data beyond the scope of the contract in order to protect the legitimate interests of our own and those of third parties and without prejudicing your interests and fundamental rights and freedoms. We may process personal data in order to process claims we receive in connection with our services, operate, evaluate, and improve our business, managing our communications, conducting accounting and auditing, and improving and maintaining the quality of our customer services we provide to you using your personal data.

Who will receive your data?

Within the Company, units such as HR team, the legal team and the finance team will be granted access to your data that need it to fulfill the purposes as set out in this privacy notice.

Recipients of personal data may be:

Within the Company, those units will be granted access to your data that need it in order to comply with our contractual and statutory obligations.
Service providers and agents appointed by us may also receive the data for these purposes on the condition that they are bound by duties of confidentiality. They only process personal data based on our instructions and only in order to perform services on our behalf or comply with legal requirements. Also, we may share your personal data with our business partners such as the Company’s European subsidiary, resellers, and agency offices, which may use the personal data for the purposes described in this Privacy Policy.
Otherwise, we will only disclose your personal data to third parties if this is required by law or by law enforcement agencies, judicial bodies, government entities, tax authorities or regulatory bodies, you have given your consent or to the extent otherwise permitted under the applicable laws..

Will the data be transferred to a third country or an international organization?

Your personal data will be transferred to the Company in South Korea, outside the European Economic Area (“EEA”). In addition, the Company’s service providers with whom information is shared may be based outside the EEA. Data protection laws may or may not apply in jurisdictions outside the EEA or may not be as stringent as those in the EEA. The transfer will be based on GDPR Article 49.1(b) to the extent that such transfer is necessary for the performance of a contract between you and the Company. If the transfer is conducted for other purposes than this, the Company will implement measures such as using standard data protection contractual clauses to ensure that any transferred personal data remains protected and secure. A copy of these clauses can be obtained by contacting SELAGY@hanjin.co.kr.
The Company will implement appropriate measures to protect your personal data as set out in this policy and as required by applicable local law.

For how long will your data be stored?

We process and store your personal data up to 5 years, this is required to meet applicable contractual or legal or regulatory obligations or legitimate business needs regarding the statute of limitations.
When storing your personal data, we take steps to minimize the impact on your rights, including by masking personal data and restricting access authority to the personal data retained in our systems.

How is your data protected?

The Company maintains reasonable security measures to safeguard personal data from loss, interference, misuse, unauthorized access, disclosure, alteration or destruction. The Company also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete and current.

What are your rights with regard to data protection?

Subject to limitations and exceptions set out in the applicable laws, you have the following rights relating to the Company’s processing of your personal data: the right of access pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, the right to object pursuant to Article 21 GDPR and the right to data portability pursuant to Article 20 GDPR. Moreover, there is a right to appeal to a competent data protection supervisory authority pursuant to Article 77 GDPR.

The foregoing rights may be exercised by emailing SELAGY@hanjin.co.kr.

Are you obliged to provide data?

Within the scope of our relationship, you are obliged to provide that personal data which is required for commencing, executing and terminating the relationship and for compliance with the associated contractual obligations or the collection of which is imposed upon us by law. Without this data, we will generally not be able to enter into agreements with you, to perform under such an agreement or to terminate it.

To what extent will decision­making be automated?

We do not use fully automated decision-making processes pursuant to Article 22 GDPR in the context of our employment relationship with you.

Will profiling take place?

No profiling of your personal data by means of automated processing will take place.