FAQ - PRIVACY POLICY

LEGAL NOTICE

TERMS OF USE

PRIVACY POLICY

    Celine Korea Privacy Policy

     

    To safeguard the freedom and rights of data subjects, Celine Korea (the “Company”) responsibly processes and securely manages personal information in accordance with the Personal Information Protection Act (PIPA) and applicable laws and regulations. In line with Article 30 of the PIPA, we have established and disclosed this privacy policy to inform data subjects about our procedures and standards for processing and protecting personal information, as well as to ensure the efficient handling of related complaints.

     

    1. 1. Purpose, Scope, and Duration of Personal Information Collection and Use

     

    The Company will collect and use personal information only to the minimum extent necessary to provide services, in compliance with the PIPA.

     

    (1) Personal Information Processed Without Data Subject’s Consent

     

    The Company processes the following personal information without the data subject’s consent.

     

     Legal Basis Purpose of Collection and Use Collected Items Period of Retention and Use
    Article 15(1)4 of the PIPA (performance of a contract)] Purchase delivery Shipping information (recipient name, shipping address, phone number) 5 years

     

    (2) Personal Information Processed with Data Subject’s Consent

     

    The Company processes the following personal information with the consent of the data subject in accordance with Articles 15(1)(1) of the PIPA, 22(1)(7) of the PIPA.

     

    Purpose of Collection and Use Collected Items Period of Retention and Use
    -    Celine website membership registration and member identification/confirmation
    -    Verification of purchase qualifications and purchase validity
    -    Membership account and customer data management
    -    Provision of goods, repairs, or services 
    -    Handling of inquiries and requests
    -    Provision of live chat services
    -    Purchase (including member and guest purchases) and request service-based customer satisfaction surveys and data analysis to improve Celine’s products and services
    -    Account and record management
    -    Handling of complaints and grievances 
    -    Compliance with laws
    -    Use of customer service centres
    -    Reservation of boutique visits and customer data management
    -    Support for easy membership registration and login through Kakao sync.    		 -    Name (first name, last name), title, email address, password
    -    Phone number, mobile phone number, address, gender, date of birth, language, additional contact information
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device id, access information, purchase history, return history and reasons
    -    Records related to customer consultation and inquiries through various channels such as live chat (product and service-related information)
    -    Payment records (payment details, payment currency, payment method-related information such as credit card/account/easy payment), shipping information (for users who utilize the Kakao sync simple membership registration and login function) gender, name, nickname, birthday, year of birth, email, phone number, KakaoTalk channel addition status and history, shipping information (recipient name, shipping address, phone number)    		 -    From membership registration until 14 days after withdrawal from membership
    -    If you have not made a purchase for more than 3 years from the time of membership registration, we will delete your personal information even if you do not withdraw from membership.
    -    However, if it is necessary to retain your personal information under laws, including the commercial code and the act on consumer protection in electronic commerce, etc., the company will retain your personal information as required under the relevant law.
    -    Provision of personalized customer services
    -    Customer service or product development and specialization
    -    Support for offline store services such as visit reservations
    -    Content publication
    -    Purchase behaviour analysis
    -    Service improvement and enhancement
    -    Demographic analysis related to website usage
    -    Statistical analysis of customer access and usage frequency
    -    Management of meetings requests with your Celine team to handle your requests and complaints    		 -    Same as the items listed above
    -    Wish list, seller id and number, preferred language    		 As described above
    -    Product marketing and promotions for customers
    -    Provision of information on promotional events and other events through various media including phone calls, letters, emails, text messages, etc.
    -    Transmission of email, text, Kakao messages, product and service information, event information, marketing materials/information, promotion and advertising activities via social media or other digital platforms
    -    For marketing profiling
         		 -    Name, gender, title, address, email address, phone number
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device id, access information

     

    		 As described above

     

    1. 2. Procedure and Method of Destruction of Personal Information

     

    The Company will promptly destroy personal information when it is no longer necessary due to the expiration of the retention period or the achievement of the processing purpose.

     

            The procedures and methods for destroying personal information are as follows.

     

    • ⦁ Procedure for Destruction: The Company will select the personal information subject to destruction before proceeding with the destruction.
    • ⦁ Method of Destruction:
      • ⚬ For electronic files: Personal information stored electronically will be destroyed in a manner that ensures it cannot be reproduced.
      •  ⚬ For paper documents: Personal information on paper will be shredded or incinerated.

     

    In addition, applicable law requires us to retain the data of users for a certain period of time for the following reasons:

     

    • ⦁ Act on Consumer Protection in Electronic Commerce, Etc.

    -Records on the contract, subscription withdrawal, etc.: 5 years

    -Records on payment, supply of goods, etc.: 5 years

    -Records on consumer complaints or dispute settlement: 3 years

    -Records on display/advertising of information: 6 months

    • ⦁ Credit Information Use and Protection Act

    -Records on the collection/processing and use of credit information: 3 years

    • ⦁ Protection of Communications Secrets Act

    - Usage log information: 3 months

     

    1. 3. Provision of Personal Information to Third Parties

     

    The Company processes personal information of data subjects strictly within the scope defined for the intended purposes, and only shares personal information with third parties in accordance with Articles 17 and 18 of the PIPA. This includes instances where consent is obtained from data subjects or when special legal provisions apply. The Company does not disclose personal information to third parties outside these specified circumstances.

     

    To facilitate efficient provision of its services, the Company ensures that data is shared only to the extent necessary and with the consent of the data subject, as outlined in the following cases under Articles 17(1)1 of the PIPA.

     

    Recipient Celine Establishments:
    -    Celine (SA)
    -    Celine UK Ltd
    -    Celine Monte-Carlo SA
    -    Celine Suisse SA
    -    Celine Italia SRL
    -    Celine Germany Gmbh
    -    Celine Netherlands
    -    Celine Czech Republic
    -    Celine Sweden Ab
    -    Celine Denmark
    -    Celine Distribution Spain SL
    -    Celine (Hong Kong) Limited
    -    Celine Commercial And Trading (Shanghai) Co Ltd
    -    Celine Boutique Taiwan Co Ltd
    -    CPC Macau Company Limited
    -    Celine Distribution Singapore
    -    Celine Thailand
    -    Celine Philippines
    -    Celine Inc.
    -    Celine Canada Inc.
    Naver Financial Corp
    Purpose of Use by Recipient For Celine Establishments:
    (i)    To provide you the same personalized services worldwide
    (ii)    Transmission of email, text, Kakao messages, product and service information, event information, marketing materials/information, promotion and advertising activities via social media or other digital platforms
    For Naver Financial Corp:
    -    Payment and smooth transactions between sellers and buyers, verification of identity, customer management such as customer consultation and complaint handling/prevention of fraud, provision of benefits for purchasing good/services, settlement of payments, etc.
    Items to be Provided For Celine Establishments:
    (i)
    -    Name (first name, last name), title, email address, password
    -    Phone number, mobile phone number, address, gender, date of birth, language, additional contact information
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device id, access information, purchase history, return history and reasons
    -    Records related to customer consultation and inquiries through various channels such as live chat (product and service-related information)
    -    Payment records (payment details, payment currency, payment method-related information such as credit card/account/easy payment), shipping information(For users who utilize the Kakao sync simple membership registration and login function) gender, name, nickname, birthday, year of birth, email, phone number, KakaoTalk channel addition status and history
    (ii)
    -    Name, gender, title, address, email address, phone number
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device ID, access information

    For Naver Financial Corp:

    Merchant account number, payment product information, additional information to prevent fraud (name, date of birth, encrypted buyer identification number)
    Period of Retention and Use by Recipient -    From membership registration until 14 days after withdrawal from membership
    -    If you have not made a purchase for more than 3 years from the time of membership registration, we will delete your personal information even if you do not withdraw from membership
    -    However, if it is necessary to retain your personal information under laws, including the Commercial Code and the Act on Consumer Protection in Electronic Commerce, Etc., the Company will retain your personal information as required under the relevant law.

    For Naver Financial Corp:

    5 years from the date the information was provided to you, if required to retain it under applicable law

     

     

    • 4. Criteria for Determining Additional Use and Provision

     

    In accordance with Article 15(3) or Article 17(4) of the PIPA, the Company may use or provide personal information without the data subject’s consent by taking into account the factors outlined in Article 14-2 of the Enforcement Decree of the PIPA.

     

    To proceed with the additional use and provision of personal information without consent, the Company has evaluated the following considerations:

    • ⦁ Criteria for determining whether it is relevant to the original purpose of collection
    • ⦁ Criteria for determining whether additional use or provision of personal information is foreseeable by data subjects, based on the circumstances under which the information was collected or the practices in which it is processed
    • ⦁ Criteria for determining whether the interests of data subjects are unfairly infringed
    • ⦁ Criteria for determining whether necessary safety measures, such as pseudonymization or encryption, have been implemented

     

    1. 5. Delegation of Personal Information Processing

     

    The Company delegates the processing of personal information as follows to facilitate processing of personal information.

     

    Delegatee Delegated Processing
    Cybersource Payment
    DHL Warehouse logistics
    DHL Manhattan Wmos 2017 Warehouse management system
    Google Target marketing via YouTube, Gmail and google search engine
    Kakao Corp Simple signup to use Celine’s services with your Kakao account or KakaoTalk, personalized offers / recommendations and services, customized marketing communications
    KCP Payment
    LVMH Moet Hennessy Louis Vuitton Personalized offers and services and customized marketing communications, marketing profiling
    Meta Platforms, Inc. Target marketing via Instagram, Facebook
    Naver Financial Corp Payment, provide payment method
    Naver Pay Payment
    Octipas By Chapsvision In-store client database management, digital marketing platform
    Salesforce Client database management, e-commerce platform, order management & digital marketing platform
     
    SOM Order management system
    TikTok Technology Limited Target marketing via TikTok
    Valex Transport
    Powerfront Customer Service Center Live Chat

     

    In accordance with Article 26(1) of the PIPA, the Company includes provisions in agreements to ensure the following: prohibition of processing personal information for purposes other than those related to the delegated services, implementation of technical and managerial protection measures, restrictions on further sub-delegation, management and supervision of delegatees, and liability for damages. The Company continuously supervises its delegatees to ensure that personal information is processed securely. Additionally, under Article 26(6) of the PIPA, the Company’s consent is required whenever a delegatee intends to sub-delegate the processing of personal information.

     

    Any changes to the details of the delegated services or the delegatees will be promptly disclosed through this Privacy Policy.

     

    For information regarding the outsourcing of personal information processing, please refer to the 6. Overseas Transfer of Personal Information section.

     

    1. 6. Overseas Transfer of Personal Information

     

    The Company provides and delegates the processing of personal information collected from service users to parties located overseas, as outlined below.

     

    • ⦁ Provision of Personal Information to Overseas Third Parties

     

    Legal Basis Article 28-8 (1)(1) of the PIPA
    Recipient (Contact Info.) Celine Establishments:
    -    Celine (Sa), France
    ([email protected])
    -    Celine UK Ltd, United Kingdom
    ([email protected])
    -    Celine Monte-Carlo Sa, Monte-Carlo
    ([email protected])
    -    Celine (Suisse) Sa, Switzerland
    ([email protected])
    -    Celine Italia Srl, Italia
    ([email protected])
    -    Celine Germany Gmbh, Germany
    ([email protected])
    -    Celine Netherlands, Netherlands
    ([email protected])
    -    Celine Czech Republic, Czech Republic
    ([email protected])
    -    Celine Sweden Ab, Sweden
    ([email protected])
    -    Celine Denmark, Denmark
    ([email protected])
    -    Celine Distribution Spain SL, Spain
    ([email protected])
    -    Celine (Hong Kong) Limited, Hong Kong
    ([email protected])
    -    Celine Commercial And Trading (Shanghai) Co Ltd, China
    ([email protected])
    -    Celine Boutique Taiwan Co Ltd, Taiwan
    ([email protected])
    -    CPC Macau Company Limited, Macau
    ([email protected])
    -    Celine Distribution Singapore, Singapore
    ([email protected])
    -    Celine Thailand, Thailand
    ([email protected])
    -    Celine Philippines, Philippines
    ([email protected])
    -    Celine Inc., United States
    ([email protected])
    -    Celine Canada Inc., Canada
    ([email protected])
    Destination Country Please see recipients (contact info.)
    Purpose of Use by Recipient (i)    To provide you the same personalized service worldwide
    (ii)    Transmission of email, text, Kakao messages, product and service information, event information, marketing materials/information, promotion and advertising activities via social media or other digital platforms
    Items Transferred (i)
    -    Name (first name, last name), title, email address, password
    -    Phone number, mobile phone number, address, gender, date of birth, language, additional contact information
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device id, access information, purchase history, return history and reasons
    -    Records related to customer consultation and inquiries through various channels such as live chat (product and service-related information)
    -    Payment records (payment details, payment currency, payment method-related information such as credit card/account/easy payment), shipping information(for users who utilize the Kakao sync simple membership registration and login function) gender, name, nickname, birthday, year of birth, email, phone number, KakaoTalk channel addition status and history
    (ii) 
    -    Name, gender, title, address, email address, phone number
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device id, access information
    Timing and Method of Transfer Ad-hoc share through the network
    Period of Retention and Use by Recipient -    From membership registration until 14 days after withdrawal from membership
    -    If you have not made a purchase for more than 3 years from the time of membership registration, we will delete your personal information even if you do not withdraw from membership.
    -    However, if it is necessary to retain your personal information under laws, including the commercial code and the act on consumer protection in electronic commerce, etc., the company will retain your personal information as required under the relevant law.

     

    • ⦁ Delegation of personal information processing and storage for performance of contract
    Legal Basis Articles 28-8 (1) 3 of the PIPA
    Recipient (Contact Info.) 1.    Salesforce
    2.    Octipas by Chapsvision
    3.    SOM
    4.    Cybersource
    5.    Google, Meta Platforms, Inc. & TikTok Technology Limited
    6.    LVMH Moët Hennessy Louis Vuitton
    7.    Powerfront
    Destination Country 1.    Germany
    2.    Netherlands
    3.    EU
    4.    EU
    5.    Europe, U.S.
    6.    France
    7.    EU
    Purpose of Use by Recipient 1.    Client database management, e-commerce platform, order management & digital marketing platform
    2.    In-store client database management, digital marketing platform
    3.    Order management system
    4.    Payment
    5.    Target marketing
    6.    Personalized offers and services and customized marketing communications
    7.    Customer Service Center Live Chat
    Items Transferred

    For 1, 2, 3 and 4:
    -    Name (first name, last name), title, email address, password 
    -    Phone number, mobile phone number, address, gender, date of birth, language, additional contact information
    -    Nationality, service usage records, log records, online and offline store visit history
    -    Usage patterns, IP address, country of residence, device id, access information, purchase history, return history and reasons 
    -    Records related to customer consultation and inquiries through various channels such as live chat (product and service-related information) 
    -    Payment records (payment details, payment currency, payment method-related information such as credit card/account/easy payment), shipping information

     

    For 5:
    -    Email address, phone number

    For 6:
    -    Client ID, name, email address, phone number, birthday, gender, residing country, transaction data

    For 7:
    -    Live chat interaction data
    Timing and Method of Transfer

    For 1, 2, 3, 4, 5 and 7:
    -    Ad-hoc share through the network

    For 6:
    -    Upon request, through remote transmission using a private network
    Period of Retention a7d Use by Recipient

    For 1, 2, 3, 4 and 7:
    -    From membership registration until 14 days after withdrawal from membership
    -    If you have not made a purchase for more than 3 years from the time of membership registration, we will delete your personal information even if you do not withdraw from membership.
    -    However, if it is necessary to retain your personal information under laws, including the commercial code and the act on consumer protection in electronic commerce, etc., the company will retain your personal information as required under the relevant law.

    For 5:
    -    Time to verify if you are also a user from those social networks or services and to display our offers on the related platform

    For 6:
    -    3 years from transfer

     

    If you choose to refuse the transfer of your personal information overseas, please be aware that there may be restrictions on your ability to have access to the services listed in “Purpose of Use by Recipient”. Should you prefer not to have your personal information transferred overseas, you may opt to cancel your membership on the website or request withdrawal through our customer service center.

     

    1. 7. Matters to Ensure Personal Information Security

     

    • ⦁ Managerial Measures: Implementing an internal management plan, operating a dedicated organization, and providing regular training for employees.
    • ⦁ Technical Measures: Managing access rights to the personal information processing system, installing access control systems, encrypting personal information, and maintaining up-to-date security programs.
    • ⦁ Physical Measures: Controlling access to the IT room, data storage room, and other sensitive areas.

     

    1. 8. Processing of Pseudonymized Information

     

    In accordance with Article 28-2 of the PIPA, the Company utilizes collected personal information in a pseudonymized form to prevent the identification of individuals, for purposes such as compiling statistics, conducting scientific research, and preserving records for the public interest, as detailed below.

     

    •   ⦁ Processing of Pseudonymous Information

     

    Purpose of Processing Items Processed Processing Period
    Statistical, surveys or data science purposes Pseudonymous items necessary for the specific analysis or survey concerned For the duration of the specific analysis or survey concerned

     

    • ⦁ Provision of Pseudonymized information to Third Parties

     

    Recipient Purpose of Use by Recipient Items to be Provided Period of Retention and Use by Recipient
    Celine (SA) Statistical, surveys or data science purposes Pseudonymous items necessary for the specific analysis or survey concerned For the duration of the specific analysis or survey concerned

     

    • ⦁  Delegation of Pseudonymized Information Processing;

     

    Delegatee Delegated Processing
    Dataiku Data science platform

     

    • ⦁ Measures to Ensure the Security of Pseudonymized Information in accordance with Article 28-4 (Obligation to Take Safety Measures for Pseudonymized Information, etc.) of the PIPA::
      • Managerial measures: Implementation of an internal management plan and regular staff training.
      • Technical Measures: Management of access rights to the personal information processing system, installation of an access control system, encryption of unique identifiers, and deployment of security programs.
      • Physical measures: Restricting access to IT and data storage rooms.

     

    1. 9. Installation and Operation of Automatic Personal Information Collection Devices and Right to Opt-Out

     

    The Company periodically uses “cookies” to store and retrieve usage information, aiming to deliver personalized services and enhance user convenience. All the information on the use of cookies is centralized in our Cookie Policy available on this webpage: https://www.celine.com/en-kr/cookie-policy/

     

    1. 10. Rights and Responsibilities of Data Subjects and Their Legal Representatives, and How to Exercise Them

     

    At any time, the data subject may exercise their right to request that the Company access, correct, delete, suspend the processing of, or withdraw personal information, or to refuse or seek an explanation for an automated decision (“Exercise of Right”). The Company is committed to taking immediate measures in response.

     

    However, the data subject’s rights to request access to and suspend the processing of their personal information may be restricted by Articles 35(4) and 37(2) of the PIPA. Furthermore, the Company cannot delete personal information if other laws and regulations require its collection.

     

    According to Article 41(1) of the Enforcement Decree of the PIPA, you may exercise your rights with the Company in writing, via email, facsimile, etc. You may also exercise your rights through a representative or an authorized agent. In such cases, a power of attorney must be submitted in the form specified in Annex No. 11 of the Notification on How to Process Personal Information, and the Company will verify the identity of the person exercising the rights as either the data subject or their authorized representative.

     

    For children under the age of 14, personal information rights must be exercised by their legal representative. Minors aged 14 or older may exercise their rights concerning their personal information independently or through their legal representative.

     

    1. 11. Chief Privacy Officer

     

    The Company appoints a Chief Privacy Officer, as detailed below, to oversee the processing of personal information and address any complaints or concerns regarding data subjects’ rights and potential damages.

     

    • ⦁ Chief Privacy Officer
    • Name and Title: HeeKyong Hyun, E-Commerce Director
    • Contact: [email protected]

     

    1. 12. Remedies for Infringement of Rights and Interests

     

    To address any personal information infringement, individuals may apply for dispute resolution or seek consultation through the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency's Personal Information Infringement Reporting Center, among others. Additionally, the following institutions can be contacted for further reports and consultations regarding personal information infringement.

     

    • ⦁ Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
    • ⦁ Personal Information Infringement Reporting Center: 118 (privacy.kisa.or.kr)
    • ⦁ National Police Agency: 182 (ecrm.cyber.go.kr)

     

    1. 13. Amendments to this Privacy Policy

     

    This Privacy Policy is effective from September 3rd, 2025. Previous versions of the Privacy Policy can be requested from customer service via the “CONTACT US” section on the site.

     

     

COOKIES POLICY

Terms and Conditions of Sale

MODERN SLAVERY ACT STATEMENT

ACCESSIBILITY