Borderless Film Privacy Policy
Borderless Film Co., Ltd. (hereinafter referred to as “Company”) establishes and discloses the following Privacy Notice to protect vendors and service contract parties’ (hereinafter referred to as “Contractor”) personal information in accordance with the Personal Information Protection Act and handle related issues in a quick and seamless manner. Any updates to this Privacy Notice will be posted on our website’s notice board, including the effective date and the details of the revision.
This Privacy Notice applies to Borderless Film Contractor and service contract parties. This does not apply to other services provided by Borderless Film.
1. Personal Information Collected, Purpose of Collection and Retention Period
Company is not used but for the original purpose of collection, and if the purpose of use is changed, we will take necessary measures such as obtaining separate consent under Article 18 of the Personal Information Protection Act. Coupang processes and retains personal information within the period of retention prescribed by the applicable laws or within the time period notified to and agreed to by the Contractor at the time of collecting the personal information. The period of processing and retaining personal information under the applicable laws can be found under ‘5. Procedure for and Methods of Destroying Personal Information’.
Company collects only the minimum amount of personal information from data subjects who are vendors or service providers contracting with the Company.
1.1 Personal information items processed without obtaining the data subject's consent
Company processes the following personal information items without the consent of the data subject.
| Legal Basis | Purpose of Collection | Information Collected | Period of Retention and Use |
|---|---|---|---|
| Personal Information Protection Act Article 15 Paragraph 1 Item 4 (Conclusion and Performance of Contracts) | Preparation of Service Contracts and Payment Settlement | Name, Mobile phone number, Bank account copy, Address, Email address (copy of SSN) | For five years after the termination of the service contract (however, copies of identification documents shall be destroyed after withholding tax reporting during the month following payment of the service fee) |
| Personal Information Protection Act Article 15 Paragraph 1 Item 2 (Compliance with Statutory Obligations) | Issuance of Tax Invoices Pursuant to Article 85-3 of the Framework Act on National Taxes | Name, SSN(copy of ID) | For a period of five years following the deadline for filing the final tax return for the tax period to which the transaction pertains |
| Enrollment in Employment Insurance for Artists pursuant to Article 77-7, Paragraph 5 of the Employment Insurance Act | Name, SSN, Address(copy of ID) | For three years from the date of enrollment (however, copies of identification documents shall be destroyed immediately after verifying the resident registration number and address) |
Personal information items processed without obtaining the data subject's consent
2. Provision and Consignment of Personal Information
Personal information shall be provided to third parties only within the scope of consent obtained from the contracting party pursuant to Article 17 of the Personal Information Protection Act. However, personal information may also be provided to third parties when required or permitted by special provisions of law, such as those under Article 18 of the Personal Information Protection Act.
Company may provide personal information in accordance with lawful procedures prescribed by law, such as when special provisions exist under other laws like the Personal Information Protection Act or the National Tax Basic Act, or when required by a warrant or a written request bearing the official seal of the head of the relevant agency. Specifically, Company may provide personal information to relevant authorities without the data subject’s consent in emergency situations such as disasters, infectious diseases, incidents or accidents causing imminent danger to life or bodily safety, or imminent property loss.
Company outsources its personal information processing operations as follows.
Company specifies in the contract or other documents, in accordance with Article 26 of the Personal Information Protection Act, matters concerning the prohibition of processing personal information for purposes other than performing the entrusted tasks, technical and administrative protective measures, restrictions on re-entrustment, management and supervision of the entrusted party, and liability for damages. It also manages and supervises whether the entrusted party processes personal information securely.
| Consignee | Purpose of Consignment |
|---|---|
| Coupang Corp | Payment processing |
| DAESUNG ACCOUNTING Corp. | Tax filing agency services |
| Korea Labor Relations Promotion Institute | Artist Employment Insurance Enrollment |
3. Use and Provision Without Vendors and Service contract parties Consent
Company processes and provides personal information only within the scope of consent obtained from the Contractor. However, pursuant to Articles 15(3) and 17(4) of the Personal Information Protection Act, the personal information may be additionally used or provided without the supplier’s consent. Company will take into account the following details when additionally using or providing personal information without the consent of the data subject:
- Whether it is relevant to the original purpose of collection
- Whether the additional use or provision of personal information is predictable in light of the circumstances where personal information was collected or the practice of personal information processing
- Whether the interests of the supplier are unjustly infringed
- Whether necessary security measures such as pseudonymization or encryption have been taken
4. Procedure for and Methods of Destroying Personal Information
Company destroys personal information without delay when the information is rendered unnecessary by the expiration of its retention period or by achieving the purpose of processing.
The procedure for and methods of destroying personal information are as follows.
- Procedure of Destruction : Once the purpose of personal information collection and use has been achieved, the information is separately stored and then destroyed after retaining for a certain period of time in obligation with the internal policies and applicable laws
- Methods of Destruction : Personal information in electronic form is destroyed through means that will make the data irrecoverable, whereas personal information stored in a hard copy format is destroyed using a shredder.
If it is required by applicable laws to retain personal information even after the expiration of personal information retention period consented by the Contractor or after achieving the purpose of processing, Company separately stores and manages to retain the necessary personal information.
| Information Retained | Retention Period |
|---|---|
| Commercial books and important documents pertaining to business operations pursuant to Article 33(1) of the Commercial Act | 10 Years |
| Vouchers or similar documents pursuant to Article 33(1) of the Commercial Act | 5 Years |
| Evidence of national taxes for all transactions pursuant to Article 26-2 of the Framework Act on National Taxes | 10 Years |
| Reported Data on Taxable Base and Tax Amount Pursuant to Article 85-3 of the Framework Act on National Taxes | 5 Years |
| Reporting Data on the Tax Base and Tax Amount for Value-Added Tax Pursuant to Article 71, Paragraph 3 of the Value-Added Tax Act | 5 Years |
| Information on Employment Insurance Enrollment Pursuant to Article 77-7, Paragraph 5 of the Employment Insurance Act | 3 Years |
5. Rights and Obligations of Data subject and Legal Representatives and How to Exercise the Rights
Contractor’s personal information can be viewed, corrected, deleted, withdrawing of consent or suspension of processing by using the following procedure: Personal information that cannot be directly accessed on the service can be accessible by making a request to the Customer Support and Compliant Handling Team specified under “7. Privacy Officer and Complaints Department.” The progress (or the results) made on (or the results of handling) the supplier’s request will be replied within 10 days. A legal representative or a delegated representative must prove his or her legitimate representative status by submitting a power of attorney and a certificate of family relations, etc.
However, withdrawing of consent or deleting or suspending the processing of personal information may be limited in the following cases.
- Where there are special legal provisions, or it is inevitable to fulfil a legal obligation.
- Where there is a possibility of causing harm to another person’s life or body or unjustly infringing on another person’s property or interests.
- In cases where the service agreed upon with the Contractor cannot be provided without processing personal information, and the contracting party has not clearly expressed their intention to terminate the contract.
6. Personal Information Safeguard Measures
Company has technical and administrative safeguard measures in place to ensure that Contractors’ personal information is not stolen, leaked, forged or damaged while processing the information.
- Technical Safeguards: real-time monitoring and blocking of hacking attempts and data leak, enhanced access control on personal information processing systems, storage of access logs and prevention of their forgery/alteration, at-rest encryption of passwords and critical information, and in-transit encryption of data
- Administrative Safeguards: Operation of a dedicated privacy team, regular training for personal information handlers, awareness-raising activities for employees, and regular audits for compliance
- Physical Safeguards: Install and operate the system in an area with controlled access from the outside, and establish and operate secure access control procedures.
7. Privacy Officer and Complaints Department
Company designates a Privacy Officer in charge of personal information protection as below to take responsibility for the processing of personal information, and to handle complaints and damage relief from users related to personal information processing.
| Category | Description |
|---|---|
| Privacy Team | Borderless Film |
| ga@borderlessfilm.com |
Effective Date: 12. 09. 2025
※ If you have any questions about privacy notice that is not indicated, please contact customer support team.