Amorepacific Corporation (hereinafter referred to as the “Company”) places great importance on the personal information of applicants (hereinafter referred to as “Applicants”) who use the Company’s online recruitment services, and the Company is committed to safeguarding such personal information to the highest degree.
The Company complies with all applicable laws and regulations related to protection of personal information, including but not limited to the Personal Information Protection Act of Korea and the Fair Hiring Procedure Act. Accordingly, the Company has established the Privacy Policy and adheres strictly to its provisions. Furthermore, the Company makes this Privacy Policy available on its recruitment websites (https://careers.apgroup.com, hereinafter the “Recruitment Site”) to ensure that Applicants may access it at any time.
This Privacy Policy contains the following information:
Article 1. Items of Personal Information Collected, Purpose of Collection and Use, and Retention Period
Article 2. Provision of Personal Information to Third Parties
Article 3. Outsourcing of Personal Information Processing
Article 4. Procedures and Methods for Destruction of Personal Information
Article 5. Department Protecting Personal Information and Handling Complaints
Article 6. Automatic Collection of Personal Information
Article 7. Access and Correction of Personal Information
Article 8. Withdrawal of Consent to Collection and Use of Personal Information
Article 9. Administrative, Technical and Physical Measures to Safeguard Personal Information
Article 10. Rights of Applicants and Legal Representatives and How to Exercise Them
Article 11. Duty to Notify Changes to Privacy Policy
Article 1. Items of Personal Information Collected, Purpose of Collection and Use, and Retention Period
① The Company collects only the minimum personal information necessary for the purpose of processing job applications and conducting recruitment procedures for Applicants.
② The Company processes the following personal information without requiring separate consent from Applicants.
※ Membership Registration
| Legal Basis | Items Collected | Purpose of Collection and Use | Retention Period |
| Article 15(1)(4) of the Personal Information Protection Act (Performance of contact) |
Name, date of birth, country of residence, password, e-mail address, preference for recruitment notifications, phone number | Identity verification and applicant identification, provision of notices, provision of recruitment-related services | Until membership withdrawal |
※ Job Application
| Legal Basis | Items Collected | Purpose of Collection and Use | Retention Period |
|
Article 15(1)(4) of the Personal Information Protection Act of Korea (Performance of contract) |
Name, e-mail address, date of birth (solar/lunar), mobile phone number, academic background, degree, name of school, country of school location, enrollment date, graduation date, major, GPA, gender, personal statement
(if necessary) English name, nationality, current employer, current position, career history, qualifications and licenses, foreign language scores, military service information, personal statement |
Assessment of suitability for recruitment and use as supporting documents for screening and interviews; identity verification for aptitude tests and interviews; inclusion in the talent pool and provision of recruitment-related information | Retained for one year after completion of the recruitment process (However, such data shall be destroyed immediately upon membership withdrawal or upon a separate request) |
③ Sensitive information collected with separate consent from Applicants is as follows:
| Legal Basis | Items Collected | Purpose of Collection and Use | Retention Period |
| Article 23(1)(1) of the Personal Information Protection Act of Korea | Disability status (type, grade, date of certification), status as a person of national merit (relationship, merit registration number, classification) | Assessment of recruitment suitability | One year after completion of the recruitment process |
④ Applicants may refuse consent for optional items by choosing not to provide such information. If required fields are not completed, the recruitment service cannot be used; however, optional fields may be left blank without restricting use of the service.
⑤ The following information may be collected automatically during the use of services:
- Items collected automatically: system usage history, cookies, access logs, statistical data, web browser information, etc.
- Purpose of automatic collection: prevention of excessive or duplicate applications, verification of normal access routes, and provision of seamless recruitment services.
Article 2. Provision of Personal Information to Third Parties<
① The Company shall not use Applicants’ personal information beyond the scope notified in Article 1, nor provide such information to any third party, except where the Applicant has given prior consent or where such use or provision is permitted or required under applicable laws and regulations.
② Pursuant to Article 17(1)(1) of the Personal Information Protection Act of Korea, and upon obtaining separate consent from the Applicant, the Company provides personal information as follows:
| Recipient | Purpose of Provision | Items Provided | Retention Period |
|
Affiliated companies posting recruitment notices Amorepacific Holdings Corp., Innisfree Corporation, Etude Corporation, Osulloc Corporation, Amos Professional Corporation, Espoir Corporation, Osulloc Farm Corporation, Cosvision Corporation, and Pacific Tech Corporation |
Assessment of recruitment suitability |
Name, e-mail address, date of birth (solar/lunar), mobile phone number, academic background, degree, name of school, country of school, enrollment date, graduation date, major, GPA, gender, personal statement; and, any information separately provided, including but not limited to: English name, nationality, current employer, current position, career history, qualifications and licenses, foreign language scores, military service information, personal statement;
(Sensitive information) disability status (type, grade, date of certification), status as a person of national merit (relationship, merit registration number, classification) |
Retained for one year after completion of the recruitment process (However, such data shall be destroyed immediately upon membership withdrawal or upon a separate request) |
| Institutions issuing certificates or academic records submitted by the Applicant (Credu, Korea TOEIC Committee, Society for Korean Language & Literature, Hanja Education Promotion Association, Korea Association of Foreign Language, Korea Test Association, YBM Sisa, Korea Chamber of Commerce and Industry, BCT Korea, HSK Bureau in Korea. etc.) | Verification of the authenticity of qualifications submitted by the Applicant | Name, date of birth, unique certificate identification number | Destroyed immediately after the purpose of provision (verification of authenticity) has been achieved |
Article 3. Outsourcing of Personal Information Processing
① For the purpose of improving recruitment services and ensuring seamless system operations, the Company may outsource the management of Applicants’ personal information to specialized external service providers.
② When outsourcing the processing of personal information, the Company supervises and manages such service providers through outsourcing agreements or similar arrangements to ensure compliance with instructions related to personal information protection, confidential obligations, and the prohibition of providing personal information to third parties without the Applicant’s consent, in order to safeguard Applicants’ personal information.
③ The service providers entrusted with the processing of personal information and the details or the outsourced services are as follows:
| Service Provider | Description of Outsourced Services |
| EY Consulting LLC, SAP Inc. | Electronic processing and management of personal information |
| HR Consulting & Service Co., Ltd. | Management of Applicants’ personal information and support for recruitment operations |
| Goorm Co., Ltd. | Operation and maintenance of LINE coding tests |
| MIDAS In Co., Ltd. | Operation and management of AI competency assessment services |
| EECHECK Limited | Background and career verification |
④ The sub-processors entrusted with re-outsourced processing and the details of such services are as follows:
| Primary Processor | Sub-processor | Description of Sub-outsourced Services |
| MIDAS In Co., Ltd. | Korea Credit Bureau Co., Ltd. | Mobile phone identity verification |
⑤ In order to provide professional services, the Company outsources the processing and storage of personal information to overseas service providers in accordance with Article 28-8(1)(3) of the Personal Information Protection Act of Kroea (outsourcing and storage for the performance of contracts), as detailed below:
| Recipient | Country of Transfer | Items Transferred | Method of Transfer | Purpose of Transfer | Time of Transfer and Retention Period |
|
SAP SE (Dietmar-Hopp-Allee 16 69190 Walldorf Germany) Customer Support Channel: SAP Support APJ (supportapj@sap.com) Head of SAP SuccessFactors Korea : Kwangmo Han (Kwangmo.han@sap.com) |
Australia | Name (first/last), e-mail address, date of birth (solar/lunar), mobile phone number, telephone number (home/work), academic background, degree, name of school, country of school, enrollment date, graduation date, major, GPA, gender, nationality, current employer, current position, career history, qualifications and licenses, foreign language scores, military service information, status as a person of national merit and disability status, personal statement | Remote transmission via network | Electronic processing and storage of personal information |
Time of transfer: from April 14, 2021 Retention period: In accordance with the retention period specified in this Privacy Policy (see Article 4) |
※ If consent to the overseas transfer of personal information is refused, services that necessarily involve such overseas transfer cannot be used. In such cases, membership withdrawal may be completed, or a request may be submitted via the recruitment inquiry e-mail(apcareers@amorepacific.com).
Article 4. Procedures and Methods for Destruction of Personal Information
① The Company retains Applicants’ personal information during the period in which Applicants use the services provided by the Company, for purposes such as service provision and prevention of fraudulent or improper applications. Personal information of Applicants stored in electronic systems shall not be printed or output in document form except by the personal information protection, or persons authorized by them.
② Upon an Applicant’s request for deletion of personal information, the Company shall take such measures without delay. The deleted information shall be permanently deleted in a manner that prevents restoration or reuse.
③ When the purpose of collection and/or provision of personal information has been fulfilled, the Company shall promptly destroy such personal information in accordance with its internal destruction procedures, including deletion from electronic storage and shredding of printed materials.
④ Notwithstanding the foregoing, where retention is required under applicable laws and regulations, including the Personal Information Protection Act, the Commercial Act, and the Framework Act on National Taxes of Korea, the Company may retain the relevant personal information for the period prescribed by such laws.
Article 5. Department Protecting Personal Information and Handling Complaints
① To safeguard the personal information of Applicants and handle related complaints, the Company has designated a dedicated department. To ensure prompt handling of inquiries and complaints regarding the information, we have appointed a data protection officer (DPO) and a privacy manager.
[Data Protection Officer]
Name: Seungil Oh
Department: Information Security Center
Phone: +82-80-023-5454 (Toll-free; 09:00–18:00, Mon-Fri, excluding public holidays)
[Privacy Manager]
Name: Kwangbok Lee
Department: Information Security Center
Phone: +82-80-023-5454 (Toll-free; 09:00–18:00, Mon-Fri, excluding public holidays)
Email: privacy@amorepacific.com
FAX : 02-6040-5329
② For consultation regarding personal information, Applicants can contact the following institutions:
- Korea Internet & Security Agency (privacy.kisa.or.kr/+82-118)
- Supreme Prosecutor's Office (www.spo.go.kr/+82-1301)
- Personal Information Dispute Mediation Committee (www.kopico.go.kr/+82-1833-6972)
- Korean National Police Agency (ecrm.police.go.kr /+82-182)
Article 6. Automatic Collection of Personal Information
① The Company may use “cookies” (a feature that automatically collects personal information such as Internet access logs) to store and retrieve your data. A cookie is a small piece of data that our Company’s website server sends to the Applicant’s browser (e.g. Chrome, Edge, Safari), and can be stored on the Applicant’s computer hard drive. When an Applicant accesses the Company website, the Company computer reads cookies in the Applicant’s browser to provide services without requiring additional input such as name. While cookies identify the computer of each Applicant, they cannot personally identify the Applicant.
② The Company utilizes cookies to provide and improve services necessary to operate the website. We analyze access frequency and visit times of members and non-members, and track the number of Applicant visits.
③ Applicants may choose to allow or refuse cookie installation. They may adjust the settings in their web browser to allow all cookies, allow some cookies, or reject all cookies.
* How to set cookie settings
- Edge: Select … (Settings and more) in the upper right corner -> Select Settings -> Click Privacy, search, and services on the left bar -> Select Cookies -> Enable or disable the toggle Allow sites to save and read cookie data (recommended)
- Safari:
(MacOS) Click Safari in the top-left corner and press Settings -> Select Privacy -> Click Advanced -> Check or uncheck Block all cookies
(iOS) Select Settings -> Click Apps -> Choose Safari -> Select Advanced -> Enable or disable the toggle Block all cookies
- Chrome:
(PC) Select … in the upper right corner -> Select Settings -> Click Privacy and security -> Select Third-party cookies to adjust cookie settings
(Mobile) Select … in the upper right corner -> Select Settings -> Click Site settings under Advanced -> Press Third-party cookies to adjust cookie settings
Article 7. Access and Correction of Personal Information
① Applicants may access and correct their personal information in the application form. They may directly access and correct the information after identity verification or contact the Company via the recruitment inquiry e-mail (apcareers@amorepacific.com), and the Company will take immediate action. However, once the job application has been submitted, personal information may not be modified until the post has been filled.
② When an Applicant requests correction of an error in their personal information, the Company will not use or provide the information until correction is made. If the incorrect information has been already processed, we shall immediately notify third parties of the request to ensure that correction is applied.
③ Access and correction of personal information may be limited when:
1. There is a risk of causing significant harm to the rights of a third party.
2. There is a risk of causing significant harm to the operations of the service providers.
3. It violates laws.
Article 8. Withdrawal of Consent to Collection and Use of Personal Information
① Applicants may withdraw consent to the collection and use of personal information provided in their application form. For withdrawal of consent, Applicants may delete their application after identity verification, or contact the recruitment inquiry e-mail(apcareers@amorepacific.com) after which the Company will take necessary action including immediate destruction of their personal information. However, until the position has been filled, application forms may not be deleted.
② The Company shall ensure that withdrawing consent to collection of personal information is easier than granting consent.
Article 9. Administrative, Technical and Physical Measures to Safeguard Personal Information
① For safe handling of personal information, the Company establishes and executes internal management plans, and conducts training.
② The Company leverages and improves technological safeguards to prevent loss, theft, leakage, alteration and damage of Applicants’ personal information.
③ Applicants’ personal information is managed in an internal network which cannot be accessed or infiltrated by an external network. For critical data, additional security measures, i.e. encryption of files and transmitted data, and file locks, are applied to ensure data protection.
④ The Company takes extensive measures to strengthen network security. To prevent infiltration, we implement firewalls, operate an intrusion detection system in each server and use access control systems.
⑤ To prevent breach of personal information, we install antivirus programs on information devices that the information processing system and relevant staff use. These programs continuously monitor the devices and take action when malicious programs, e.g. viruses or spyware, are found.
⑥ To ensure safety of Applicants’ personal information, the Company restricts access to the minimum number of people, operates internal procedures on personal information access and management, and implement access control and lock, which our staff understands and complies with.
⑦ When any staff handling personal information needs to leave one's position, we take strict security measures during replacement training and have a clear definition of responsibilities on personal information-related accidents that occur after employment and resignation.
⑧ Applicants are responsible for ensuring the accuracy of the personal information they provide to the Company through confirmation and management. While using the Recruitment Site, if they utilize a third party’s personal information without approval or violate its rights, they may face Company’s intervention and even civil and criminal liability.
⑨ The Company shall not be liable for any breaches of personal data, including ID and password, which occurred due to Applicants’ negligence or network issues. It is the responsibility of each Applicant to protect their personal information by properly managing their ID and password. However, if any loss, leakage, adulteration or damage occurs due to the Company’s internal management errors or technical failures, the Company shall notify the Applicant immediately, take appropriate measures, and provide compensation.
Article 10. Rights of Applicants and Legal Representatives and How to Exercise Them
① Applicants and legal representatives ((hereinafter referred to as “Legal Representatives”) mean the person who submitted their application to the Company and their legal representatives. They hold the right to access, correct and modify their personal information and to delete their account.
② Applicants and Legal Representatives may exercise their right by contacting the company via the Internet, mobile phone, or written requests. The Company shall take necessary measures immediately.
③ To ensure the protection of minors, the Company does not collect personal information of children under the age of 14.
Article 11. Duty to Notify Changes to Privacy Policy
The Privacy Policy of the Company’s Recruitment Site may change in accordance with amendments to laws, government policies, internal operation guidelines, or security technologies. In such cases, the Company will immediately post the reasons and details of the changes on the homepage of the Recruitment Site.
<Supplementary Provision> Feb.02.2026
Section 1 (Effective Date) This Policy shall take effect on Feb.02.2026