The Article 1 (Purpose of Personal Information Management)

1. ①BUYKOREA processes personal information to a minimum as necessary for the purpose of providing customer service, handling civil complaints, and performing duties under its jurisdiction.
2. ②The purpose of processing personal information processed by buyKOREA is as follows.

   Purpose of Personal Information Management

   No.	Name of personal information file	Operating grounds	Purpose of management
   1	Member for buyKOREA overseas buyers	Owner of information’s consent	Supporting export of domestic companies and providing product information
   2	KOTRA Integrated Member	Owner of information’s consent	Providing service, handling complaints, etc

The Article 2 (Personal Information Management and Retention Period)

1. ①Personal information processed by buyKOREA shall be processed within the scope specified for collection and use purposes, and the retention period prescribed by the Personal Information Protection Act and related statutes shall apply mutatis mutandis.
2. ②The management and retention period of each of personal information is specified as follows.

   Personal Information Management and Retention Period

   No.	Name of personal information file	Operating grounds	Retention Period
   1	Member for buyKOREA overseas buyers	Owner of information’s consent	Until the membership withdrawal
   2	KOTRA Integrated Member	Owner of information’s consent	Until the membership withdrawal

3. ③The entire personal information file operated by KOTRA is guided by the 'Personal Information Protection Portal'.
4. ※Personal information protection portal (www.privacy.go.kr) → Civil petition yard → Request for perusal of personal information → Search for personal information file list → Enter "Korea Trade-Investment Promotion Agency" in the name of the institution.

The Article 3 (Providing Personal Information to a Third Party)

buyKOREA processes the information subject's personal information only to the extent specified in Article 1 (the purpose of processing personal information) and does not process it beyond its original purpose or provide it to third parties without prior consent from the entity unless.

1. 1.The case to obtain separate consent from owner of information
2. 2.The case special articles are prescribed in the Act and the Articles.
3. 3.As the case where owner of information or legal representative is unable to give the declaration of his/her consent or is unable to obtain prior consent due to unknown address, the case clearly admitted to be necessary for the benefit of owner of information or third party's imminent life, body, property
4. 4.As the case necessary for statistical writing and academic research purposes, the case to provide personal information in a form that can’t identify a specific individual
5. 5.As the case the personal information is used for intended purposes other than the purpose or if not provided to a third party, the duties stipulated by other Act cannot be performed, the case to pass through deliberation and resolution of the protection committee
6. 6.The case to be necessary to provide to foreign governments or international organizations for performing treaties or other international agreements
7. 7.The case to be necessary for investigating crimes, and filing and maintaining the prosecution
8. 8.The case to be necessary to perform the court’s trial
9. 9.The case to be necessary to execute punishment as well as custody, probation

The Article 4 (Entrustment of Personal Information Management)

1. ①buyKOREA has entrusted personal information management as below for a seamless personal information management.

   Entrustment of Personal Information Management

   No.	Entrusted affairs	Entrusted company name	Telephone number	Working Hour	check result of trustee management status
   1	buyKOREA homepage operation & maintenance	SysOne	02-6090-6800	09:00~18:00	appropriate
   2	Operating customer service center	UCESS PARTNERS	02-3439-7653	09:00~18:00	appropriate
   3	System maintenance	Neoplus Co.,Ltd​	02-2082-0500	09:00~18:00	appropriate

2. ②When signing an entrustment contract, BuyKOREA stipulates in the contract that the trustee handles personal information safely in accordance with Article 26 of the Personal Information Protection Act, technical measures, re-entrustment restrictions, management, and damages.
3. ③If the details of the entrusted work or the trustee change, we will disclose it through this personal information processing policy without delay.

The Article 5 (Matters on Rights and Responsibilities of Owner of Information and Methods of the Usage)

1. ①The owner of information (the legal representative can exercise the right under 14 years of age) can exercise the right of personal information protection of following each subparagraph at any time.
   1. 1.Request to access personal information
   2. 2.If there is an error, request correction
   3. 3.Request to delete
   4. 4.Request to suspend management
2. ②The exercise of rights under paragraph 1 may be made in writing, e-mail, imitation transmission (FAX), etc. after preparation in accordance with attached Form 8 of Personal Information Processing Method, and we will take measures without delay
3. ③When owner of information has requested correction or deletion of personal information, it will not be use or provided that year personal information until the correction or deletion is completed.
4. ④The exercise of rights under paragraph 1 may be conducted through an agent, such as the legal representative of the information subject or a person delegated. In such cases, you shall submit a power of attorney in attached Form 11 of the Notice on the Method of Processing Personal Information.
5. ⑤The request of the personal information access and suspension of management of, the right of owner of information may be restricted by the Personal Information Protection Act Article 35 Paragraph 5, Article 37 Paragraph 2.
6. ⑥Requests for the correction and deletion of personal information cannot be requested to be deleted if the personal information is specified as to be collected object in the other Act and Articles.
7. ⑦We verify whether the person to request for access, correction, deletion, suspension, etc according to the owner of information’s right, is the person himself or a legitimate representative.
   • Present identity card to identify yourself (identity card, driver's license, passport, etc.)
   • In case of a representative, present your identity card and a power of attorney to identify your representative
   • [Attachment 8 of the Notice on the Method of Processing Personal Information] Presentation of a Request for Access to Personal Information
   • [Attachment 11 of the Notice on the Method of Processing Personal Information] Presentation of a power of attorney
8. ⑧Requests for access, correction, deletion, and suspension of personal information management will be processed in the following procedure.
   

The Article 6 (Items of Personal Information Management)

buyKOREA manages following personal information items.

Entrustment of Personal Information Management

No.	Name of personal information file	Personal information items recorded in the personal information file
1	Member for buyKOREA overseas buyers	Required : ID (E-mail), Password, Name, Position, Workplace contact, Company name, Representative name, Workplace address, Country Optional : Mobile phone, fax
2	KOTRA Integrated Member	Required : ID, Password, Name, Work address , Work phone number, E-Mail, Representative phone number, Representative mail, CI, DI Optional : Name, Fax, Mobile phone, Department, Position, Office address, Personal interest item, Personal interest area

The Article 7 (Procedures and Methods of Personal Information Destruction)

1. ①buyKOREA will, in principle, destroy personal information without delay when the purpose of personal information management is achieved.
   However, when it is necessary to preserve it in accordance with other Acts, this is not the case. The procedures, deadlines and methods of destruction are specified as follows.
   1. A.Destruction procedure

      Unnecessary personal information and personal information files are managed under the responsibilities of personal information manager according to the internal policy procedure as follows.

      • Destruction of personal information ary.

      Personal information that has passed the retention period will be destroyed without delay from the end date

      • Destruction of personal information files

      When the personal information file becomes unnecessary such as the purpose of personal information file management being achieved, abolition of service, or the end of the business, the personal information file is destroyed without delay from the date when personal information management is recognized as unnecessary.

   2. B.How to destroy
      1. 1)Electronic forms of information use technological methods that cannot reproduce the records.
      2. 2)Personal information printed on paper is shredded by shredder or destroyed by incineration.

The Article 8 (Measures to Ensure the Safety of Personal Information)

buyKOREA, pursuant to Article 29 of the 「Personal Information Protection Acttt」, takes the technical, administrative and physical measures necessary for ensuring safety as follows.

1. 1.Establishment and implementation of an internal management plan
   BUYKOREA establishes and implements an internal management plan in accordance with the 'Standard for measures to secure safety of personal information'.
2. 2.Minimization and education of persons in charge of handling personal information
   We designate a person in charge of handling personal information and implement measures to manage personal information by minimizing it.
3. 3.Restrictions on access to personal information
   We are taking necessary measures to control access to personal information through granting, changing, and deleting access to the database system that processes personal information, and controlling unauthorized access from outside using the intrusion prevention system.
4. 4.Storage of access records and prevention of forgery and alteration
   Records (web logs, summary information, etc.) connected to the personal information processing system have been kept and managed for at least a year. However, the personal information processing system that processes personal information or processes unique identification information or sensitive information for more than 50,000 information subjects has been kept and managed for more than two years.
5. 5.Encryption of personal information
   Your personal information is encrypted, stored, and managed. We also use separate security features such as encryption and use of sensitive data when storing and transferring.
6. 6.Installing and periodically inspecting and renewing security programs
   BUYKOREA installs security programs and periodically updates and checks them to prevent personal information leakage or damage caused by hacking or computer viruses.
7. 7.Access control procedures are established and operated separately for the physical storage of the personal information system that holds personal information on unauthorized persons.

The Article 9 (Each Contact Person and Contact Points in charge of Personal Information Protection)

Each Contact Person and Contact Points in charge of Personal Information Protection

Division	Name of department	Name	Contact point
buyKOREA personal information management manager	Digital Trade-Investment	Chunwoo Jeon Executive Vice President for Digital Trade-Investment	Tel: 82-2-3460-7300
buyKOREA general customer informationM each sector manager	Digital Transformation Department	Geumha Lee Chief Officer	Tel. : 02-3460-7060
buyKOREA general customer information management manager	Digital Transformation Department	Junyeop Yook Assistant Manager	Tel. : 02-3460-3444 / Fax : 02-3460-7933 email : ernestoyook@kotra.or.kr

**SME stands for small and medium sized enterprises

The Article 10 (Personal Information Access Request)

1. ①The owner of information can request to access personal information pursuant to Article 35 of the Personal Information Protection Act to the following department. KOTRA will endeavor to promptly handle owner of information’s request to access personal information.
   • The department of reception and handling of request to access personal information
     • Name of department : Digital Transformation Department
     • Contact person : Junyeop Yook, Assistant Manager
     • Contact point : Tel. 02-3460-3444 / Email. ernestoyook@kotra.or.kr / Fax. 02-3460-7933
2. ②In addition to the department receiving and processing requests for perusal under paragraph 1, the information subject may request perusal of personal information through the Personal Information Protection Portal (www.privacy.go.kr) of the Personal Information Protection Committee.
   • The Ministry of the Interior’s comprehensive support portal for personal information protection → Complaints of personal information → Request for personal information access▶ Personal Information Protection Committee Comprehensive Portal → Personal Information Complaint → Request for perusal of personal information, etc.
     (Real name authentication required through public IPIN)

The Article 11 How to Relieve Infringement

The owner of information can inquire damage relief, consultation, and others about infringement of personal information to the following institutions.
(As the following institutions are separate from KOTRA, when you are not satisfied with KOTRA's own personal information complaints handling, damage relief results, or need further assistance, please contact them.)

• Reporting Center for Infringements on Personal Information (operated by The Korea Internet and Security Agency)
  • Affairs : Reporting personal information infringement, application for consultation
  • Homepage : privacy.kisa.or.kr
  • Telephone : (Without an area code) 118
  • Address : (58324) 9 Jinheung-gil, Naju, Jeollanam-do, Republic Of Korea
• Personal Information Dispute Mediation Committee (The Korea Internet and Security Agency)
  • Affairs : Personal information dispute mediation application, collective dispute mediation (civil settlement)
  • Homepage : www.kopico.go.kr
  • Tel : 1833-6972
  • Address : (03171) 209 Sejong Daero Road, Jongno-gu, Government Seoul Office 4F Personal Information Dispute Mediation Committee
• Supreme Prosecutors' Office Cyber Crime Investigation Department: 1301 (www.spo.go.kr, cid@spo.go.kr)
• Cyber Terror Response Center of National Police Agency : 182 (cyberbureau.police.go.kr)

In addition, a person who is infringed the rights or interests due to administrative disposition or omission by the head of public institution for the request of owner of information on personal information correction, deletion or suspension, etc, can request the administrative appeals as provided by the Administrative Appeals Act

Refer to the telephone number of the Central Administrative Appeals Commission (www.simpan.go.kr)

The Article 12 (Matters on the Installation and Operation of Automatic Collection Device of Personal Information and Rejection thereof)

buyKOREA can use cookie which stores users information and detect them at any time (COOKIE, automatic collection device of personal information such as internet access information file, etc). A cookie, as a small amount of information that a server to be used to run an institution's website sends to a user's browser, is also stored on the user's computer's hard disk. When a user accesses a website, the institution’s computer can read the contents of the cookie on the user's browser and detect user’s additional information in your computer, and can provide the service without further input such as the name of the contact, and others. Cookies identify your computer but do not personally identify yourself. In addition, the user has the option of installing cookies. As a result, by that the user can install the options in the web browser, the user accept all cookies, or check each time when a cookie is saved, or refuse to save all cookies. However, when you refuse to install cookies, you might turn to be uncomfortable with using the web and to have difficulty in using some services that require login.

(Example of how to install)

1. 1.Internet Explorer : Tools menu at the top of web browser ▷ Internet options ▷ Personal information ▷ Cookie blocking level installation
2. 2. Chrome : Installation menu on the right side of Web browser ▷ Advanced installation display at the bottom of the screen ▷ Contents installing button of personal information ▷ Cookie blocking level installation

The Article 13 Modification of Personal Information Management Policy

1. ①This policy will take effect on Februry 13, 2023.
2. ②The previous document could be found below
3. - Privacy policy, June 20, 2019 ~ March 1, 2021
4. - Privacy policy, March 2, 2021 ~ July 5, 2021
5. - Privacy Policy, July 6, 2021 ~ August 31, 2021
6. - Privacy Policy, September 1, 2021 ~ January 6, 2022
7. - Privacy Policy, March 2, 2021~ Februry 12, 2023

1. Controller

A controller is responsible for the collection and processing of your personal data in accordance with the General Data Protection Regulation (GDPR) as well as further applicable data protection laws. Please find your controller and its contact information here, depending on where you are.

2. Data protection officer

We have appointed a Data Protection Officer in accordance with Art. 37 of the GDPR. If there is anything you are unsure about regarding this Policy or our data protection of your personal data, feel free to contact our Data Protection Officer by emailing dpo@kotra-frankfurt.de at any time.

3. How we collect your personal data

We generally collect your personal data directly from you, when, for example, you submit an inquiry, attend events or seminars, use or engage in our services or provide us with your contacts. With your consent, we may sign up your membership and register buying offers on your behalf.

From time to time, we may gain access to your business contact details via recognised business data providers or an official website of your organisation. We may also receive your contact details through our primary contacts at your organisation if they think you may benefit from our services. As we work closely with other organisations, public agencies or governments of South Korea, we may also receive information about you from them.

When you visit our website, computer and technology information (e.g. browser type, IP address, unique device ID, etc.) is automatically collected via your browsers.

4. What type of personal data we have

We do not collect more information than we need to fulfil our purposes mentioned in this Policy and will not retain it for longer than is necessary. The types of personal data we collect and share depend on the nature of your relationship with us and the requirements of applicable laws.

• We collect your email, password, name, telephone, and company information when you sign up for membership.
• We collect data regarding orders, purchases, and offers that you provide in your transaction.
• We collect content that you share with other members through services such as inquiries, feedbacks, and price quotes.
• We collect your payment details, shipping, billing, and other information you provide in connection with the purchase or shipping of items.
• We gather your contact information and details of your comments, requests or any other issues you’ve raised regarding our services.
• We collect data that is generated through your actions which is linked to your account such as items placed in your shopping cart or your favorites.
• The personal data that we process may include any other personal data that is provided to us during the course of our services.
• When you visit our website, we collect and store information that your browser automatically transmits to us such as IP address, date and time of your access, your browser type, operating system type, and cookie-related data. For more information about our use of Cookies, please see 9. Cookies.

5. How we process your personal data

As KOTRA is a public agency of South Korea, we process personal data for a number of different purposes that arise from our missions to contribute to the development of the national economy through global business support activities.

We may process your personal data for the following purposes:

• To provide you with e-commerce services including offer, negotiation, contract, payment, and shipping between members
• To permit your membership registration and to prevent damages that may occur during business relations between members
• To sign up your membership and register buying offers on your behalf
• To contact you or communicate with you concerning our services
• To respond to your requests, inquiries or concerns regarding our services
• To contact you with regard to business opportunities which we believe might interest you

For visitors to our website

The information collected automatically when you visit our website will be processed for the following purposes:

• To ensure our website stays securely by preventing, detecting, mitigating and investigating fraud and security breaches
• To ensure the performance of our website
• To ensure that the content of our website is presented in the most effective manner for you and your computer

The provision of your personal data will generally be voluntary and there is no statutory nor contractual obligation to provide your personal data. We generally do not contractually require the provision of your personal data but note that in any event, non-provision of personal data might exclude you from using some of our services or parts thereof.

Our services are not intended for use by children. Under applicable national laws, we do not knowingly collect personal data from users who are considered children. According to our User Agreement, children are not permitted to use our services.

6. Legal basis for the processing of personal data

Where KOTRA is processing personal data for the performance of its functions, the primary legal bases under the GDPR are as follows:

• Where the processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract in accordance with Art. 6 (1) (b) of the GDPR. (i.e. using e-commerce services, signing up membership)
• Where the processing is necessary for the legitimate interests pursued by KOTRA or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data in accordance with Art. 6 (1) (f) of the GDPR. (i.e. preventing or detecting security issues)
• Where we have obtained a data subject’s consent to the processing in accordance with Art. 6 (1) (a) of the GDPR. (i.e. signing up membership and registration of buying offer on your behalf)
• Where the processing is necessary to comply with legal obligations in accordance with Art. 6 (1) (c) of the GDPR.

7. How we share your personal data with others

We do not sell or disclose your personal data to third parties for their marketing or advertising purposes without your consent. We only disclose your personal data when it is necessary for the purposes mentioned in this Policy or when we have obtained your consent.

Third party service providers may access to your personal data on a need to know basis for the purpose of providing services on behalf of us. They cannot do anything with your personal data without our permission. They will not share your personal data with any organisation apart from us, nor will they keep your personal data for longer than the period we instruct.

When necessary, we share your personal data with the following the data processors and recipients as far as necessary for the purposes described in this Policy:

• KOTRA headquarters in Korea and KOTRA offices in charge
• Other members of the website
• Payment service providers
• Shipping companies
• External operators of websites, applications, and services
• Law enforcement agencies, courts, government agencies or public authorities, intergovernmental or supranational bodies
• Third parties who are involved in judicial proceedings, in particular, if they submit a legal order, court order or equivalent legal order to us.

8. International transfers of personal data

As KOTRA is a public agency of South Korea, your personal data may be transferred to South Korea for the purposes mentioned in this Policy. As South Korea has not sought nor received “adequacy decision” from the European Commission, we use Standard Contractual Clauses adopted by the European Commission to provide appropriate safeguards for the transfer of your personal data.

Given the nature of KOTRA’s missions and functions, we may also disclose your personal data to recipients overseas. To ensure an adequate level of data protection when transferring your personal data from the European Economic Area (EEA) to third countries (outside the EEA), we will only transfer your personal data on the basis of an adequacy decision or appropriate safeguards such as Standard Contractual Clauses adopted by the European Commission. Upon request, we will provide you with a copy of the relevant information.

9. Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work or work more efficiently. We use cookies that are necessary for the operation of this website to enhance your experience when you use our website. You can control your cookies through the browser settings. Please visit the browser developer’s website if you want to find out how to manage your cookies on your browser.

If you want to know more about cookies, please visit www.aboutcookies.org or www.allaboutcookies.org.

10. Security

We have implemented technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised access or disclosure of personal data. We restrict access to your personal data to those who need to know that information to provide benefits or services to you. In addition, we train our employees to help them be well aware of risks associated with data security and confidentiality.

11. Data retention

We strive to keep our processing activities with respect to your personal data as limited as possible. Your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements. In case of consent, your personal data will be at the latest deleted without undue delay after the withdrawal of such consent.

12. Your rights

You have the rights, at any time:

• without giving reasons according to Art. 15 of the GDPR to obtain information about your data stored with us. With the exception of any connection fees charged by your provider, you will not incur any costs as a result of the inquiry;
• to have the data rectified in accordance with Art. 16 of the GDPR;
• to have the data erased in accordance with Art. 17 of the GDPR;
• to obtain from the controller restriction of processing in accordance with Art. 18 of the GDPR;
• to object to the processing for sending the newsletter according to Art. 21 (2) of the GDPR;
• to object to other forms of processing of your personal data in accordance with Art. 21 (1) of the GDPR;
• to withdraw any consent to the collection and use of data given to us at any time, without affecting the lawfulness of processing based on consent before its withdrawal in accordance with Art. 7 (3) of the GDPR;
• to receive your personal data in a machine-readable format and to transmit them to another person responsible in accordance with Art. 20 of the GDPR;

If you would like to exercise any of these rights, you can contact the Data Protection Officer or Data Protection Manager responsible for your region. You can find the contact information of our Data Protection Managers and Data Protection Officer here.

No cost will be charged for any response to acceptable requests. If for some reasons the request is denied, we will provide an explanation as to why the request has been denied.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes for the period we hold your data.

We take any complaints we receive from you very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We also welcome any suggestions for improving our procedures.

We ask that you first submit any such complaints directly to the Data Protection Officer or Data Protection Manager in your country. If you aren't satisfied with our response or have concerns about how we process your personal data, you have the right to lodge a complaint with the appropriate data protection authority in your region.

13. Links to other websites

You may find links to other websites on our websites. We recommend that you read the privacy policies on the other websites you visit. This Policy does not cover how other websites collect and process personal data.

Each Contact Person and Contact Points in charge of Personal Information Protection

Region	Controller	Contact Information
Austria	KOTRA Vienna	Address	Mariahilferstrasse 77-79/1/3, (Generali Center, 3rd Fl.) A-1060, Vienna, Austria
		Telephone	(43-1)586-3876
		Data Protection Manager	dpm_Austria@kotra.or.kr
Belgium	KOTRA Brussels	Address	Rond-point Schuman 11, 1040 Brussels, Belgium
		Telephone	(32-2) 203-2142
		Data Protection Manager	dpm_Belgium@kotra.or.kr
Bulgaria	KOTRA Sofia	Address	Floor 1, Interpred-WTC, 36 Dragan Tsankov Blvd., sofia 1057, Bulgaria
		Telephone	(359-2) 969-5030
		Data Protection Manager	info@kotra-sofia.org
Croatia	KOTRA Zagreb	Address	Radnička cesta 52/Ⅷ, 10000, Zagreb, Croatia
		Telephone	(385-1)4815-102
		Data Protection Manager	dpm_Croatia@kotra.or.kr
Czech Republic	KOTRA Praha	Address	Panorama Business Center, Skretova 12, 120 00, Praha 2, Czech Republic
		Telephone	(420)245-005-650
		Data Protection Manager	dpm_Czech@kotra.or.kr
Denmark	KOTRA Copenhagen	Address	Holbergsgade 14, 3rd Floor DK-1057, Copenhagen, Denmark
		Telephone	(45)3312-6658
		Data Protection Manager	info@kotra.dk
Finland	KOTRA Helsinki	Address	Salomonkatu 17 A, 3 Krs D, 00100 Helsinki, Finland
		Telephone	+358-9-682-9490
		Data Protection Manager	helsinki@kotra.or.kr
France	KOTRA Paris	Address	19 Avenue de l'Opéra, 75001 Paris, France
		Telephone	(33-1) 55 35 88 88
		Data Protection Manager	paris@kotra.or.kr
Germany (Frankfurt)	KOTRA Frankfurt	Address	MesseTurm 33.OG, Friedrich-Ebert-Anlage 49, 60308 Frankfurt am Main, Germany
		Telephone	(+49)69 2429-920/9
		Data Protection Manager	frankfurt@kotra.or.kr
Germany (Hamburg)	KOTRA Hamburg	Address	Axel-Springer-Platz 3, Haus B, 20355 Hamburg, Germany
		Telephone	(49-40) 3405-740
		Data Protection Manager	info@kotra.de
Germany (München)	KOTRA München	Address	Tal 12, D-80331 Munich, Germany
		Telephone	(49-89)2424-2630
		Data Protection Manager	munich@kotra.or.kr
Greece	KOTRA Athens	Address	6th Fl., 5 Chatzigianni Mexi Str., GR-11528, Athens, Greece
		Telephone	(30-210)654-3623~4
		Data Protection Manager	dpm_Greece@kotra.or.kr
Hungary	KOTRA Budapest	Address	H1123, 3F, KOTRA, Alkotas U. 50, Budapest, Hungary
		Telephone	(36-1)799-5400
		Data Protection Manager	dpm_Hungary@kotra.or.kr
Italy	KOTRA Milano	Address	Via Larga 2 - 20122, Milano, Italy
		Telephone	(39-02)795813
		Data Protection Manager	kotramil@kotra.it
Poland	KOTRA Warsaw	Address	KOTRA, Warsaw Financial Center 9th Floor, Emilii Plater 53, 00-113 Warsaw, Poland
		Telephone	(48-22)520-6230
		Data Protection Manager	biuro@kotra.pl
Romania	KOTRA Bucuresti	Address	Baneasa Business & Technology Park, Soseaua Bucuresti – Ploiesti nr. 42-44, Sector 1, Romania Cladirea A, Aripa A1, Et. 1
		Telephone	(40-21)233 2171~3
		Data Protection Manager	kotra2@kotra.ro
Slovakia	KOTRA Bratislava	Address	2nd Floor, Cintorinska 2333/9, 811 08 Bratislava, Slovak Republic
		Telephone	(421)2 2129 34 51
		Data Protection Manager	dpm_Slovakia@kotra.or.kr
Spain	KOTRA Madrid	Address	Paseo de la Castellana 95, Torre Europa 95, Planta 9 B, 28046 Madrid, Spain
		Telephone	(34-91)556-6241
		Data Protection Manager	dpm_Spain@kotra.or.kr
Sweden	KOTRA Stockholm	Address	KOTRA, Svardvagen 11C, SE-182 33 Danderyd, Sweden
		Telephone	(46-8)308-090
		Data Protection Manager	sto_ktc@kotra.or.kr
The Netherlands	KOTRA Amsterdam	Address	WTC Amsterdam, C tower 12F Strawinskylaan 1253, 1077XX Amsterdam, The Netherlands
		Telephone	(31-20)673-0555
		Data Protection Manager	info@koreatradecenter.nl
All other countries within the EU	KOTRA EUROPE HEAD OFFICE	Address	MesseTurm 33.OG, Friedrich-Ebert-Anlage 49, 60308 Frankfurt am Main, Germany
		Telephone	(+49)69 2429-920/9
		Data Protection Manager	dpo@kotra-frankfurt.de
All other countries outside the EU	KOTRA Headquarters in Korea	Address	13, Heolleung-ro, Seocho-gu, Seoul, Korea
		Telephone	82-1600-7119
		Data Protection Manager	dpm_HQ@kotra.or.kr

14. History for buyKOREA GDPR Privacy Policy

• ~ 2020. 06. 19 Policy
• 2020. 06. 20 ~ 2021. 03. 01 Policy
• 2021. 03. 02 ~ 2021. 08. 31 Policy
• 2021. 09. 01 ~ 2021. 12. 13 Policy