Privacy Policy

Table of contents
Chapter 1General Provisions


  • 1.We value your personal data and take every measure available to protect it in strict compliance with the Privacy Protection Act of Korea.
  • 2.In accordance with our Policy on the Handling and Processing of Personal Data, we will keep you updated on how your personal data is used, including detailing for what purpose it is held and the measures that have been taken to protect it.
  • 3.Our Policy on Handling and Processing of Personal Data is subject to change due to an amendment to relevant laws, regulations, directives or internal operation codes. Any such change will be notified to you through our website (
Chapter 2Purpose and Scope of Data Collection
  • 1.For the Tour
    • -Your personal data is collected for the purpose of enabling a better response to your application and better visitor support

    Scope of collection

    • -Required: Your region, group name, vehicle license plate number, name, mobile phone number, email and fixed phone number
    • -o -Optional: Remark / questions
  • 2.IR Q&A Purpose of Data Collection
    • -IR Q&A For investment consulting

    IR Q&A Scope of Data Collection

    • -Name, Email, Phone Number, Company Name
Chapter 3Processing and Retention
  • 1.Our personal data will be retained and used for the performance of the contract between you and us and the offering of services thereunder until the purpose for which you provided your consent to our collection and use of your personal data is achieved. Upon such achievement, your personal data thereby retained will be destroyed without delay, provided that no relevant law or regulation dictate otherwise.
  • 2.Scope and period of retention under the applicable laws
    • A.For Tour: 3 months after the tour
      • -Purpose: To keep record of your access to the plant
      • -Your personal data will be retained if dictated under applicable laws.
      • -Your personal data retained under the foregoing paragraph will be used for the intended purpose only and retained for the period listed below.
    • B.Regarding consumer complaint or dispute
      • -Pursuant to: Act on Consumer Protection in Electronic Commerce, Etc.
      • -Retention period: 3 years
Chapter 4 Disclosure of Personal Data to a Third Party
  • We will only use your personal data within the scope set out in the sales agreement between you and us and the Purpose and Scope of Collection of our Policy on Handling and Processing of Personal Data. We will not use it outside the scope or disclose it whatsoever to a third party. We will take extra care when we disclose your personal data in the circumstances listed below.
Chapter 5Contract Processing of Data
  • 1.To perform our obligations under the contract with you and facilitate our operation including services for you, we employ a professional contractor to handle your personal data as set out below
  • 2.In connection with the employment of a contractor under paragraph 1, we enter into a paper-based or electronic agreement containing provisions regarding compliance with laws on privacy protection, the confidentiality of personal data, limited disclosure to a third party, liability in case of a contract breach, collection of commitment, contract period, and return or destruction of personal data upon expiry or termination of the contract.
    • -System maintenance service provider: Hyundai Autoever
Chapter 6Procedures and Method for Destruction of Personal Data

Upon the achievement of the purpose for which your personal data is collected, we will immediately destroy it unless the retention and the use period requirements dictate otherwise. The procedures and method for the destruction are as set out below.

  • 1.Procedures

    Upon the achievement of the purpose for which your personal data are collected, your personal data will be transferred to another database (or a filing cabinet if it is written on paper) and retained for the period set out in our internal policy or the applicable laws before being destroyed. (See the period of retention and use.)

  • 2.Method
    • -Paper based personal data: To be shredded by a machine or destroyed in such a way that the data is not legible
    • -Electronic personal data: To be deleted in such a way that the data cannot be recovered


  • 3.Matters about the right, obligation of information object and the way of its exercising
    • A.When the customers ask for the reading and proof of their personal information, Kia shall respond to the request faithfully, and when the personal information is considered to be corrected or deleted since the information has an error or the preservation period has been passed, it shall be corrected or deleted without delay
    • B.The customers may exercise the rights in the personal information management menu after the identification process by connecting to the company’s website online, or, by contacting the customer center or the personal information manager in written or by e-mail or telephone offline.
    • C.The customer may request the cancellation of consent to the collection, use or provision of personal information as below, and Kia shall take the necessary measures without delay.
      • -When the customer visit to cancel the consent to the collection, use or provision of personal information, other than it is specified in the regulations differently, Kia shall identify the customer and take the necessary measures without delay including the destruction of the personal information.
    • D.To facilitate the conversation with customers, Kia operates the customer service center and the contact information is as follows.
      • -Phone number: (without a telephone exchange number) 080-200-2000
      • -Cyber counseling: In the customer counseling of the customer support menu after connecting to, you can ask a question to the cyber counselor.
Chapter 7 Technical and Administrative Measures to Protect Personal Data
  • 1.Technical measures

    When we process your personal data, we take technical measure as set out below to ensure that your personal data is not lost, disclosed, modified or contaminated.

    • A.Your personal data will be stored on our internal network, which cannot be accessed or penetrated from an external network. Any critical part of your data is protected with additional security measures such as file encryption or data transfer and file lock
    • B.Our system to process your personal data and the devices used by our employees with an access to your personal data are equipped with applications capable of detecting anything that might breach your privacy, including viruses and spyware. This is to protect your personal data. Our vaccine application is updated regularly and whenever a new type of virus breaks out, we provide full protection for your personal data
    • C.We use security measures that allow us to transfer your personal data safely over the network using encryption algorithm or similar tools.
    • D.We ensure that our internal network is fully protected from unauthorized access, including hacking, by operating an anti-penetration system. We also ensure that each server is fully protected by access control.
  • 2.Administrative measures
    • A.To fully protect your personal data, we apply procedures on how key systems and facilities should be used.
    • B.We ensure that each of our members fully understands and complies with our procedures regarding access to and control of your personal data.
    • C.We restrict access to your personal data to a minimum number of our members. Such members include:
      • -Those responsible for managing and/or protecting personal information
      • -Anyone who needs to know your personal data in order to perform his/her job
    • D.If computers are used to handle your personal data, we ensure that a person with authorization to access your personal data is appointed and given a login name and a password
    • E.We ensure that all of our employees with access to personal data are given internal or external training regarding emerging security measures and the importance of privacy.
    • F.We ensure that i) newly joined employees sign a privacy protection agreement to prevent them from being involved in the disclosure of your personal data, ii) internal procedures are in place to audit compliance by our employees with our Policy on Handling and Processing of Personal Data, and iii) none of your personal data is breached or disclosed by any of our members with access to it after he/she leaves the company.
    • G.We ensure that i) the takeover of job from the outgoing personal data administrator to the incoming one takes place under full security and ii) accountability between the two is clearly defined in case of any privacy breach.
    • H.We ensure that the computing room, the document archive and other similar facility are subject to access control to prevent any unauthorized use thereof.
Chapter 8 Privacy Administrator and Contact Information
  • 1.We place a great deal of importance on your privacy and take every measure available to prevent your personal data from being contaminated, breached or disclosed. Contact our privacy administrators shown below for any question about our privacy policy or measures to protect your personal data.
  • 2.Our privacy administrators
    • A.Policy person in charge & the person in charge
      • -Person in charge: Digital Journal PR Team Lee Sang-Yoon
      • -The person in charge: Digital Journal PR Team Nam Ho Jin
      • -Phone: 080-200-2000
    • B.For the Sohari Plant
      • -Name: Kim Bo-ra
      • -Department: General Affairs Sohari
      • -Phone: 02-801-3408
      • -Email:
    • C.For the Hawseong Plant
      • -Name: Jung Hyun-sung
      • -Department: General Affairs Hwaseong
      • -Phone: 031-359-5041
      • -Email:
    • D.For the Gwangju Plant
      • -Name: Kim Seung-hyeon
      • -Department: General Affairs Gwangju
      • -Phone: 062-370-3311
      • -Email:
    • E. IR  Q&A
      • -NAME: Lee Min A
      • -Department: IR
      • -Phone: 02-3464-5473
      • -Email:
  • 3.Contact the Privacy Breach Report Center under the Korea Center for Korea Internet and Security Agency, the Cyber Terrorism Response Center under the National Police Agency, or any other similar agency for any question about privacy breach.
    • A.Privacy Breach Report Center (under the Korea Center for Korea Internet and Security Agency)
      • -Responsibilities: Receiving reports of privacy breaches, consulting
      • -Website:
      • -Phone: 118 (no area code required)
      • -Address: 135 Jungdae-ro, Songpagu, Seoul, 05717
    • B.Mediation Committee on Privacy Disputes (under the Korea Center for Korea Internet and Security Agency)
      • -Responsibilities: Mediation of disputes over privacy involving individuals and groups (in a civil manner)
      • -Website:
      • -Phone: 118 (no area code required)
      • -Address: 135 Jungdae-ro, Songpagu, Seoul, 05717
    • C.Department of Investigation into Cyber Crime under the Supreme Prosecutors' Office: 02-3480-3573 (
    • D.Cyber Terrorism Response Center under the National Police Agency: 1566-0112 (