 |
Photo = Woori Card |
[Alpha Biz= Kim Jisun] Woori Card has been hit with a KRW 13.45 billion fine for using franchise owners' personal information for marketing purposes without consent.
The Personal Information Protection Commission (PIPC) announced on Wednesday that it had decided in a plenary meeting the previous day to impose the fine and issue a corrective order against Woori Card for violating the Personal Information Protection Act.
According to the PIPC, Woori Card’s Incheon Sales Center accessed merchant registration numbers in its card merchant management system from July 2022 to April 2023. Through this, it retrieved personal data—including names, resident registration numbers, addresses, and mobile phone numbers—of at least 131,862 franchise owners.
Starting in September 2023, the company extracted and stored franchise owners' personal information, along with their Woori credit card ownership status, from its customer database. Between January and April 2023, Woori Card sent emails containing personal data of 75,676 franchise owners to card recruiters on 100 different occasions.
In total, personal data of at least 207,538 franchise owners was shared with recruiters and used for marketing credit card issuance.
The PIPC ruled that Woori Card violated the law by exceeding the legally permitted scope of data collection and usage. The company has been ordered to rectify its data handling practices in addition to paying the fine.
AlphaBIZ Kim Jisun(stockmk2020@alphabiz.co.kr)
