1.Introduction

Welcome to the website www.moncler.com.

Moncler Korea Inc. (hereinafter also referred to as “Moncler” or “We”), part of the Moncler Group, provides the following information about the collection and processing of the user’s personal data. During the use of the site or its services (hereinafter, the “Website” and the “Services”), information and personal data concerning users of the Site are collected.

For this reason, in accordance with the provisions of the Personal Information Protection Act (“PIPA”) and applicable national legislation (together, “Privacy Legislation”), we have created this document (hereinafter “Privacy Policy”) for the purpose of describing what personal data we collect, the purposes and methods of its processing and the security measures used to protect it.

Pursuant to PIPA, ‘processing’ encompasses a broad range of activities, including collection, generation, recording, storage, retention, editing, searching, outputting, rectification, restoration, use, provision, disclosure, destruction, and any other similar actions involving personal data of any natural person (hereinafter, the “Data Subject” or the “User”), ‘controller’ is defined as public institution, corporate body, organization, or individual that, either directly or through a third party, processes personal data, and ‘personal data’ is defined as any information relating to a living natural person that (i) identifies a particular individual by his or her full name, resident registration number (RRN), image, or the like, (ii) even if it by itself does not identify a particular individual, may be easily combined with other information to identify a particular individual (in such cases, whether or not the information may be 'easily combined' shall be determined by reasonably considering the time, cost, and technology used to identify the individual such as the likelihood that the other information can be procured); or (iii) is information under (i) or (ii) above which is pseudonymised and thereby becomes incapable of identifying a particular individual without the use or combination of additional information for restoration to its original state.

2.Chief Protection Officer / Personal Data Protection Department

In accordance with the PIPA, the following individual has been designated as the Chief Privacy Officer (CPO) responsible for the overall management of personal data processing, complaint handling, and remedies for data subjects:

Chief Protection Officer

Name: Yongtaik Lee

Title: President / Chief Privacy Officer (CPO)

Email: privacy@moncler.co.kr

Personal Data Protection Department

Department Name: IT Department, Moncler Korea

Address: 2F, 60-26 Apgujeong-ro, Gangnam-gu, Seoul, Korea

Email: privacy@moncler.co.kr

Data subjects may contact the CPO or the Personal Data Protection Department regarding any privacy-related inquiries, complaints, or remedy requests that arise while using Moncler's services. Moncler will respond promptly and in good faith in accordance with applicable laws. Should a new officer be designated, this Privacy Policy will be updated and announced accordingly.

3. Categories of personal data processed / Purpose of the Processing, Nature of Data Provision and Legal basis for processing / Period of use and storage of Personal Data

The User’s Personal Data will be processed exclusively for the following purposes in accordance with applicable Korean data protection laws (PIPA). The categories of data processed, legal basis, and whether user consent is required are specified for each purpose:

4. Personal data processed without the data subject’s consent   

The following are the items of Personal Data processed without the consent of the Data Subject. Personal data may be deleted earlier subject to contractual agreements or data deletion requests. Data may be retained longer if required to establish, exercise, or defend legal claims, to comply with legal obligations, or where otherwise permitted by applicable law.

5. Personal data processed with the data subject’s consent

The following are the items of Personal Data processed based on the consent of the Data Subject. Some items may overlap with those listed in Section 3.1; however, this has been done to reinforce the legal basis for processing.

6. Data processing and archiving methods / Security Measures

User’s Personal Data will be processed both in paper form and using electronic means and always in compliance with the security requirements of applicable legislation, with particular but not exclusive reference to art.29 of PIPA. Our security measures include contractual arrangements with any contractor (e.g. service providers) or other party in order to protect the security and confidentiality of the User’s Personal Data in accordance with the provisions of our Privacy Policy. Specifically, we implement the following measures:

• Managerial measures: Establishment and enforcement of a Personal Data internal management plan, operation of dedicated organization, provision of periodic education on protection of Personal Data for employees, etc.
• Technical measures: Management of the right to access the Personal Data processing system, etc., installation of the access control system, encryption of Personally Identifiable Information (“PII”), etc., Installation and continuous update of security software
• Physical measures: Restrictions on the access to physical storage facilities storing Personal Data, including computer rooms and data rooms.

7. Procedure and modalities for the storage and destruction of Personal Data

In principle, we will promptly destroy User’s Personal Data in our possession once we achieve the purpose of collection and use of his/her Personal Data. The process and method for destroying Personal Data after the retention periods are as follows:

• Process of destruction: We identify Personal Data for which a destruction ground has arisen and destroy it upon obtaining approval from the Chief Protection Officer.
• Method of Destruction:Personal Datarecorded and stored in the form of electronic files and identified for removal is irreversibly anonymized in a manner that prevents any future recovery/reproduction.Personal Data recorded and stored in the form of paper documents shall be shredded or incinerated.

8. Provision of Personal Data to Third Party

Personal Data is disclosed to third parties in the following cases: (i) when disclosure is required by laws and regulations applicable to legitimate third party recipients, such as authorities and public bodies for their respective institutional purposes, e.g. anti-money laundering legislation, court authorities; (ii) in the event of extraordinary transactions (e.g. mergers, acquisitions, sale of business, etc.); or (iii) when consent for the provision has been obtained from the Data Subject.

 Currently, Personal Data is not provided to any independent third parties located in Korea; however, certain local service providers may process Personal Data as data processors under Moncler’s instruction, as described in the section ‘Outsourcing of Personal Data Processing;     where it is provided to third parties located overseas, the details are set out in Section 8, “Cross-border transfer of Personal Data.” Should there be any changes in the future, they will be reflected in this Privacy Policy.

9. Outsourcing of Personal Data Processing

We outsource certain Personal Data processing tasks as follows to ensure the efficient handling of Personal Data:

When entering into an outsourcing agreement, we specify in the contract or other written documents the prohibition of processing Personal Data for purposes other than the performance of the outsourced tasks, the implementation of technical and administrative safeguards, restrictions on further outsourcing, management and supervision of the outsourcee, liability for damages, and other matters in accordance with Article 26 of the PIPA. We also supervise the outsourcee to ensure the safe processing of Personal Data.

In accordance with Article 26(6) of PIPA, when the outsourcee further outsources Moncler’s Personal Data processing tasks, Moncler’s prior consent is obtained, and information on the sub-outsourcee and the details of the further outsourced tasks is disclosed through this Privacy Policy. In the event of any change in the contents of the outsourced tasks or the outsourcee, such change will be disclosed promptly through this Privacy Policy.

If any Personal Data processing tasks are outsourced overseas, details are provided in Section 8, “Cross-border transfer of Personal Data.”

10. Cross-border transfer of Personal Data

For the performance of certain processing activities concerning the User’s Personal Data, We transfer such data to external parties located in countries that do not belong to Korea (hereinafter referred to as “Third Countries”), the list of which is provided below and will be updated from time to time. The lawfulness of such transfers is ensured through mechanisms under Article 28-8 of PIPA, including obtaining the data subject’s consent or entering into a data processing agreement in accordance with the privacy policy.

Such transfer to these external parties constitutes either the provision of Personal Data to third parties or the outsourcing of Personal Data processing in accordance with PIPA (depending on the role they have in relation to the processing). If you choose not to consent to the overseas transfer of Personal Data, you may indicate your refusal in the proper consent form. However, please note that, the consequences of refusal may differ depending on which items of Personal Data you decline to have transferred overseas. In some cases, refusing the cross-border transfer of certain items may prevent you from using the services provided by Moncler. In other cases, you would be still able to purchase on this Website, refusal may result in your inability to be provided with targeted communications by e-mail (newsletter), phone, SMS, MMS, instant messaging and traditional mail, or with a customized management of the relationship between Moncler and you.

Specifically, we transfer Personal Data to Third Countries as follows:

11. Matters Regarding the Processing of Pseudonymized Data    

We utilize the Personal Data it collects in a pseudonymized form, in accordance with Article 28-2 of the PIPA, for purposes such as statistical analysis, scientific research, and public-interest recordkeeping, ensuring that individuals cannot be identified.

12. Use of Pseudonymized Data

13. Outsourcing of Pseudonymized Data Processing

Pseudonymized data may be shared with external systems or service providers (Microsoft Dynamics, Google LLC ) solely for operational and integration purposes. In such cases, the data are processed in a form that does not allow the identification of individuals, in compliance with Article 28-2 of the PIPA.

14. Measures to Ensure the Security of Pseudonymized Data

• Managerial measures: Establishment and enforcement of a pseudonymized data internal management plan, operation of dedicated organization, provision of periodic education on protection of Personal Data for employees, etc.
• Technical measures: Management of the right to access the pseudonymized data processing system, etc., installation of the access control system, encryption of unique identification data, etc., installation and renewal of security programs
• Physical measures: Restrictions on the access to physical storage facilities storing pseudonymized data, including computer rooms and data rooms.

15. Rights of the Data Subject  

As a Data Subject, the User may at any time exercise the rights recognized by the Privacy Policy and PIPA regarding the specific processing of his/her personal data.

Below is a general description of the rights and how to exercise them:

• right of access to Personal Information: the User may obtain access to Personal Data and information relating to the processing. If the User so wish, he/her will be provided with a copy of Personal Data;
• right to rectification of Personal Data: the User can obtain the correction, modification or updating of any inaccurate or out-of-date information, as well as obtaining the completion of incomplete Personal Data, including by providing an additional statement;
• right to withdraw consent and suspension of use: the User may at any time withdraw consent or request the suspension of using of processing of his/her Personal Data including profiling. Upon receipt of the request for withdrawal or suspension, the processing of the User’s Personal Data covered by such request will cease, while not related to the request will continue, and processing may also continue where lawful grounds exist, in full compliance with applicable laws;
• right to deletion of the User’s Personal Data: if the User’s Personal Data, specifically, (i) is no longer necessary for the purposes for which it was collected or processed, or (ii) has been unlawfully processed, or (iii) needs to be deleted to comply with a legal obligation and there is no legitimate reason for Moncler to process the User’s Personal Data in any way, the User may request the deletion of their Personal Data . If the Personal Data is specified as subject to collection under other laws, a request for its deletion cannot be made. Once the request, if legitimate, has been received and examined, the User’s Personal Data will be deleted;

To exercise the rights described above:

• write to Client Service through the “Contact us” section of the Website by filling out the Contact Form and selecting "Privacy" as the Topic;
• contact Moncler directly at the addresses indicated in Section 2 above.

If you need to consult regarding complaints or remedies related to personal information, you may contact the specialized organizations listed below.

16. Cookies (Installation, Operation, and Refusal of Personal Data Automated Collection Devices)

The Site uses technical cookies and, subject to the consent of the Data Subject, profiling, analytics and social cookies, as well as additional functionalities such as plug-ins and/or buttons.

For further information, Data Subjects are invited to read the Cookie Policy.

Moncler permits third parties to collect behavioral information via automatic collection devices, such as third-party cookies and advertising identifiers, when users visit or use its website or app. This is done for the purpose of improving service efficiency and enabling advertising and marketing activities. 

Users can allow or block cookies, through their browser settings.

   ▶ How to Manage Cookie Preferences

(1) Through the Cookie Preference Center (OneTrust CMP)

• To manage or withdraw your consent for cookies directly on our website: 1. Click the “Cookie Settings” link or icon available in the cookie banner or at the bottom of the webpage. 2. In the Cookie Preference Center, you can review the different categories of cookies (e.g., strictly necessary, functional, performance, targeting). 3. Enable or disable the categories of cookies according to your preferences. 4. Your choices will be saved and applied automatically. You may return to the Cookie Preference Center at any time to modify your preferences.

(2) How to Allow/Block Cookies in Web Browsers

Chrome

• To block all cookies: 1. Click the “⋮” icon at the top-right corner of Chrome. 2. Select New Incognito Window (shortcut: Ctrl+Shift+N). 3. In Incognito mode, your browsing history, cookies, site data, and form inputs will not be saved.

Microsoft Edge

• To block all cookies: 1. Click the “…” icon at the top-right corner of Edge. 2. Select New InPrivate Window (shortcut: Ctrl+Shift+N). 3. In InPrivate mode, browsing history, cookies, and site data are not stored.

Through Moncler’s website and mobile application, certain third parties may collect limited behavioral information for purposes such as analytics, performance measurement, personalization, and marketing. This collection occurs via cookies and similar tracking technologies that help understand how users interact with the digital services.

Such information may include data related to browsing behavior (e.g., pages visited, time spent on pages, interactions with content, or navigation patterns) but does not allow direct identification of individual users. The data is used to enhance the user experience, improve website and app performance, and deliver more relevant content or advertisements based on aggregated insights.

Users are informed of this collection through the cookie banner and can manage or withdraw their consent for non-essential cookies (e.g., performance, personalization, or marketing cookies) at any time through the consent management settings.

▶ How to Allow/Block Behavioral Information Collection

(1) Through the Cookie Preference Center (OneTrust CMP)

• To manage or withdraw consent for behavioral tracking and marketing cookies directly on our website: 1. Click the “Cookie Settings” link or icon available in the cookie banner or at the bottom of the webpage. 2. In the Cookie Preference Center, review the categories related to performance or targeting/advertising cookies, which are typically used for behavioral tracking. 3. Disable these categories if you do not wish your behavioral information to be collected. 4. Your preferences will be saved and applied automatically. You may revisit the Cookie Preference Center at any time to modify your choices.

(2) How to Allow/Block Behavioral Information Collection in Web Browsers

Chrome

• To block third-party cookies: 1. Click the “⋮” icon at the top-right corner of Chrome and go to Settings. 2. In the left menu, select Privacy and security, then click Third-party cookies. 3. Choose to block third-party cookies.
• To block all cookies: 1. Click the “⋮” icon and select New Incognito Window. 2. In Incognito mode, your browsing history, cookies, site data, and form inputs will not be saved.

Microsoft Edge

• To block third-party cookies: 1. Click the “…” icon at the top-right corner and go to Settings. 2. Select Privacy, search, and services, then under Tracking prevention, choose a level (Balanced or Strict). 3. Or go to Cookies and site permissions → Manage and delete cookies and site data, and enable Block third-party cookies.
• To block all cookies: 1. Click the “…” icon and select New InPrivate Window. 2. In this mode, history, cookies, and site data are not stored.

(3) How to Allow/Block Behavioral Information Collection in Mobile Browsers

Chrome (Android Devices)

• To block third-party cookies: 1. Open the Chrome app and tap the “⋮” icon, then go to Settings. 2. Navigate to Site settings → Third-party cookies, then choose to block. 3. To allow specific sites, tap Add site exception and input the site URL.
• To block all cookies: 1. Tap the “⋮” icon and select New Incognito tab. 2. In Incognito mode, no data such as history or cookies will be stored.

Safari (iOS Devices)

• Open Settings on your device, then tap Safari.
• Go to Advanced and enable Block All Cookies.

Samsung Internet

• To block third-party cookies: 1. Open the Samsung Internet app and tap the “≡” icon, then select Privacy. 2. Under Privacy Dashboard, tap Smart anti-tracking and set it to Always.
• To block all cookies: 1. Tap the Tabs icon, select Turn on Secret Mode, then tap Start. 2. In Secret Mode, browsing history and cookies will not be saved.

Changes to the Privacy Policy

This Privacy Policy may be updated in accordance with relevant laws and internal policies. Any revisions will be notified through the company website or app, with the effective date clearly indicated.

Effective Date: November 30, 2025

View previous versions of this Privacy Policy.

The previous version of this Privacy Policy can be found below.

• [Effective: November 21, 2024 – July 10, 2025] Privacy Policy
  
• [Effective: July 11, 2025 – July 30, 2025] Privacy Policy
• [Effective: July 31, 2025 – November 29, 2025] Privacy Policy
  
• [Effective: November 30, 2025 – Present] (Current)