Scrigroup - Documente si articole

     

HomeDocumenteUploadResurseAlte limbi doc
AeronauticaComunicatiiElectronica electricitateMerceologieTehnica mecanica


EXPORTATORII DE DATE SAMSUNG CA SI CONTROLORI -si- IMPORTATORII DE DATE SAMSUNG CA SI PROCESATORI

Electronica electricitate



+ Font mai mare | - Font mai mic





<}0

(a)   

(b)  

(c)   

(d)  

(e)   

(f)   

(h)

(c) that the SAMSUNG Data Importer shall provide sufficient guarantees in respect of the Technical and Organisational Security Measures specified in Appendix III to these Clauses;

(d) that after assessment of the requirements of the relevant provisions of the data protection law of the country or Member State in which the SAMSUNG Data Exporter is established the Technical and Organisational Security Measures are appropriate to protect Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of Processing and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of the implementation;

(e) that it will ensure compliance with the Technical and Organisational Security Measures;

(f) that, if the transfer involves Special Categories of Personal Data, the Data Subject has been informed or will be informed before such transfer that the Personal Data could be transmitted to a third country not providing adequate protection;

(g) that it agrees to forward the notification received from the SAMSUNG Data Importer pursuant to Clause 5(a) and subject to Clause 4 (j) to the Supervisory Authority if it decides to continue the transfer or to lift its suspension;

(h) to make available to the Data Subjects upon request a copy of these Clauses with the exception of Appendix III which shall be replaced by a summary description of the Technical and Organisational Security Measures;

(i) to respond in a reasonable time and to the extent reasonably possible to inquiries from the Supervisory Authority on the Processing of the relevant Personal Data and to any inquiries from the Data Subject concerning the Processing of this Personal Data by the SAMSUNG Data Importer; and

(j) to develop with SAMSUNG Data Importer a notification to the Supervisory Authority of any relevant jurisdiction within a reasonable time of any notification received from the SAMSUNG Data Importer under Clause 5(a).

Clause 5
Obligations of SAMSUNG Data Importers

Each SAMSUNG Data Importer agrees and warrants:

(a) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the SAMSUNG Data Exporter and its obligations under these Clauses, and that in the event of a change of that legislation which is likely to have a substantial adverse effect on the guarantees provided by the Clauses, it will notify the change to the SAMSUNG Data Exporter, and develop with SAMSUNG Data Exporter a notification to the Supervisory Authority, as specified in Clause 4 (j). Upon receipt of such notification, the SAMSUNG Data Exporter will be entitled to suspend the transfer of Personal Data, terminate the Clauses and/or exercise any and all other rights and/or remedies available to SAMSUNG Data Exporter at law, in contract, in equity or otherwise.

(b) to process (and to ensure that its subcontractors, if any, process) the Personal Data only on behalf of the SAMSUNG Data Exporter and in accordance with its instructions and the applicable provisions of applicable law, these Clauses and SAMSUNG's EU Privacy Policy.

(c) that it has implemented the Technical and Organisational Security Measures specified in Appendix III before Processing the Personal Data transferred.

(d) to deal promptly and properly with all reasonable inquiries from, and all claims or proceedings filed by, an SAMSUNG Data Exporter (with respect to each Data Subject's respective Personal Data only) or the Data Subject relating to its Processing of the Personal Data subject to the transfer, and to co-operate with the competent Supervisory Authority and abide by its final advice in the course of all its inquiries and with regard to the Processing of the Personal Data transferred;

(e) in accordance with policies and practices to be established between the Parties, at the request of the SAMSUNG Data Exporter to submit its data processing facilities for audit and, where applicable, in mutual agreement with the Supervisory Authority;

(f) to make available to the Data Subject upon request a copy of these Clauses with the exception of Appendix III which shall be replaced by a summary description of the Technical and Organisational Security Measures in those cases where the Data Subject is unable to obtain a copy from the SAMSUNG Data Exporter and indicate the office which handles complaints;

(g)    in accordance with policies and practices to be established between the Parties, to promptly notify the SAMSUNG Data Exporter about (i) any legally binding request for disclosure of the Personal Data unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of an investigation, (ii) any formal written request received from Data Subjects for access to their Personal Data; and (iii) any material accidental or unauthorised access as identified by the SAMSUNG Data Importer.

Clause 6

Liability

SAMSUNG Data Exporter agrees that a Data Subject who has suffered damage as a result of any violation of the provisions referred to in Clause 3 is entitled to receive compensation from SAMSUNG Data Exporter for the damage suffered to the extent provided for in Clause 3. SAMSUNG Data Exporter further agrees that it shall be liable for any violation of the provisions referred to in Clause 3 of this Agreement by SAMSUNG Data Importer, as guarantor of SAMSUNG Data Importer's obligations under such provisions.

If a Data Subject is not able to bring the action referred to in Clause 6(1) against the SAMSUNG Data Exporter because (a) the SAMSUNG Data Exporter has disappeared factually or has ceased to exist in law, and (b) SAMSUNG has not caused an appropriate credit-worthy entity located in the European Union to succeed to the obligations of such SAMSUNG Data Exporter as contemplated by Clause 3, the SAMSUNG Data Importer agrees that in such case such Data Subject may bring an action against the SAMSUNG Data Importer as if it were the SAMSUNG Data Exporter.

The Parties agree that if SAMSUNG Data Exporter is held liable for a violation referred to in paragraphs 1 and 2 of this Clause 6 by any SAMSUNG Data Importer, then:

(a) such SAMSUNG Data Importer will, to the extent it is liable, indemnify SAMSUNG Data Exporter for any cost, charge, damages, expenses or loss incurred by SAMSUNG Data Exporter; and

(b) SAMSUNG Data Exporter shall, in a separate proceeding, seek indemnification from such SAMSUNG Data Importer under Clause 6(3)(a), and such SAMSUNG Data Importer shall not contest the finding of a violation or the amount of any compensation awarded to the Data Subject.

Clause 7

Mediation and Jurisdiction

In the event of a dispute or claim brought by a Data Subject or Supervising Authority against any Party, the Parties will inform each other promptly about any such dispute or claims, and will cooperate with a view to settling them amicably in a timely fashion.

The Parties agree to participate in any generally available non-binding mediation procedure initiated by a Data Subject or Supervisory Authority. The Parties may elect to do so remotely (such as by telephone or other electronic means).

SAMSUNG Data Importer agrees that if there is a dispute between a Data Subject and either Party which is not amicably resolved and the Data Subject invokes the third party beneficiary provision in Clause 3, they will accept the decision of the Data Subject:

(a)           to refer the dispute to mediation by an independent person or, where applicable, by the Supervisory Authority;

(b)    to refer the dispute to the Courts of the country or the Member State in which the SAMSUNG Data Exporter is established;

The Parties agree that by agreement between the Data Subject and the relevant Party a dispute can be referred to an arbitration body, if that Party is established in a country which has ratified the New York Convention on enforcement of arbitration awards.

The Parties agree that Clauses 7(1), 7(2), 7(3) and 7(4) apply without prejudice to the Data Subject's substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

Clause 8

Co-operation with Supervisory Authorities

The Parties agree to deposit a copy of these Clauses with any Supervisory Authority with jurisdiction over SAMSUNG Data Exporter if it so requests.

The Parties agree that they will cooperate with the Supervisory Authority to establish the terms under which the Supervisory Authority shall conduct an audit of the data processing operations of the SAMSUNG Data Importer covered by this Agreement. Such audit will have the same scope and will be subject to the same conditions as would apply to an audit under clause 5(e). The Parties further agree that the Supervisory Authority may instruct the SAMSUNG Data Exporter to conduct an audit in accordance with clause 5(e) and the SAMSUNG Data Exporter shall comply with any such instruction issued by the Supervisory Authority and will inform the Supervisory Authority of all its findings.

Clause 9

Termination of the Clauses

1. Any SAMSUNG Company may terminate the Clauses as they apply to such SAMSUNG Company at any time for any reason upon written notice to the other SAMSUNG Companies. Upon termination of the Clauses, any SAMSUNG Data Importer that is thus no longer a Party to these Clauses shall immediately cease to process the Personal Data covered by these Clauses subject to requirements of applicable law and, if so instructed by SAMSUNG Data Exporter, either destroy or return all copies of such Personal Data.

2. The Parties agree that the termination of these Clauses at any time, in any circumstances and for whatever reason does not exempt them from the obligations and/or conditions under these Clauses as regards the processing of the data transferred prior to the termination.

3. The Parties agree that on the termination of the Clauses, the SAMSUNG Data Importer shall, at the choice of and according to the instructions of the SAMSUNG Data Exporter, return all the Personal Data transferred and the copies thereof to the SAMSUNG Data Exporter, or shall destroy all the Personal Data and certify to the SAMSUNG Data Exporter that it has done so, unless legislation imposed upon the SAMSUNG Data Importer prevents it from returning or destroying all or part of the Personal Data transferred. In that case, the SAMSUNG Data Importer warrants that it will guarantee the confidentiality of the Personal Data transferred and will not actively process the Personal Data transferred any more.

4. The SAMSUNG Data Importer warrants that upon request of the SAMSUNG Data Exporter and/or Supervisory Authority, it will submit its data processing facilities for an audit of the measures referred to in Clause 9(3).

Clause 10

Governing Law

The Parties agree that claims for breach of these Clauses as between the Parties shall be governed by Korean Law For claims brought by a Data Subject against one or both Parties, the law of the country in which the SAMSUNG Data Exporter is established will govern. Nothing in this Clause 10, however, shall operate to diminish or limit the rights of any Data Subject under the laws of any country or Member State in which the SAMSUNG Data Exporter is established.

Clause 11

Variation of the contract and Interpretation

The Parties undertake not to vary or modify the terms of these Clauses except with the concurrence of a majority of the SAMSUNG Companies that are a signatory to the Clauses; provided, however, that (i) the Parties acknowledge and agree that any variation of these Clauses can not operate to diminish or limit the privacy rights of any Data Subject under the laws of any relevant country or Member State; and that (ii) any such change subject to the review of the Supervisory Authority in the relevant jurisdiction, or that reduce the level of protection of any data subject in the relevant jurisdiction, shall be submitted to that Supervisory Authority for review and approval where necessary.

Clause 12

Additional Parties

Additional Parties may be bound by the Clauses by the execution of a Signatory Addendum to this Agreement, provided, however, that such addition will not operate to diminish or limit the privacy rights of any Data Subject under the laws of any relevant country or Member State.

SAMSUNG DATA EXPORTERS - CONTROLLERS[E2] 

SAMSUNG Electronics UK Ltd.

BY: __________ ______ ____ ____________

Printed name and title of signing representative:

SAMSUNG Electronics UK Irish office

BY: __________ ______ ____ ____________

Printed name and title of signing representative:

SAMSUNG Electronics Research Institute (SERI)

BY: __________ ______ ____ ____________

Printed name and title of signing representative:

SAMSUNG Electronics Design Europe (SDE)

BY: __________ ______ ____ ____________

Printed name and title of signing representative:

SAMSUNG Semiconductor Europe Ltd

BY: __________ ______ ____ ____________

Printed name and title of signing representative:

SAMSUNG Electronics GmbH

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Semiconductor Europe GmbH

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Semiconductor France SARL.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Semiconductor Italia S.P.A

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Semiconductor Sweden AB

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Semiconductor Helsinki Branch

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Semiconductor Vienna Branch

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Holding GmbH

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Europe Office

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics France SAS.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Italia S.P.A

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Iberia S.A.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Benelux B.V.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Belgium

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Telecom Benelux B.V.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Europe Logistics B.V.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Europe Logistics Slovak Branch

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics European Service Parts Depot

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Nordic AB

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics, Filiai of Samsung Electronics Nordic AB, Sverige

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Nordic AB

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Nordic Aktiebolag Sucen Sivulike

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Polska Sp.zo.o

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Potuguesa S.A.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Austria GmbH (Vienna office included)

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Austria GmbH, Wien Zweigniederlassung Zrich

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Austria Gmb Representation in the Republic of Croatia

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Austria Gmb Representative Office

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Romania SRL

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Romania Sofia Office

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Magyar Zrt.

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Zrt Ceska Organizacni Slozka

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Magyar Rt. Slovanska Organizacna Zlozka

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Slovakia s.r.o

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics LCD Slovakia s.r.o

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

Branch Office of Samsung Electronics Co. Ltd

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Data System Europe

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG Electronics Networks Europe

BY: __________ ______ ____ _____________

Printed name and title of signing representative:

SAMSUNG DATA IMPORTERS - PROCESSORS[E3] 

Samsung Electronics Co. Ltd

By__________ ______ ____ _________

Printed name and title of signing representative:

[TO BE COMPLETED - INSERT RELEVANT SAMSUNG ENTITY]

By__________ ______ ____ _________

Printed name and title of signing representative:

APPENDIX I[E4] 

SAMSUNG Data Exporters:

Each SAMSUNG Data Exporter, in its capacity as a Controller, is engaged in the business of SAMSUNG Companies, namely (without limitation): electronics (including consumer electronics) and semiconductor business.][E5] 

SAMSUNG Data Importers:

Each SAMSUNG Data Importer, in its capacity as a Processor, is engaged in the Processing of Personal Data received, directly or indirectly, from one or more other SAMSUNG Data Exporters.

Data Subjects:

The Data Subjects to whom the Personal Data relates are identified or identifiable natural persons within the scope of the EU Data Protection Directive or similar national legislation in other jurisdictions in which SAMSUNG Data Exporters are established, who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to such person's physical, physiological, mental, economic, cultural or social identity and who are (without limitation) within the following categories:

SAMSUNG Companies staff (current, past and prospective employees and staff, and for the avoidance of doubt 'staff' shall include (without limitation) professional advisers, consultants, volunteers, temporary and casual workers and applicants for employment with SAMSUNG Companies ("SAMSUNG Companies Staff"),

family members, relatives, guardians and associates of SAMSUNG Companies Staff; and

SAMSUNG Companies current, past or prospective contractors, sub-contractors, customers, suppliers, professional advisors or business partners ("SAMSUNG Companies Business Partners") including their employees, employee family members, applicants, consumers, customers or suppliers;

Purposes of the transfers:

The transfers are necessary for the following purposes:

SAMSUNG Companies are engaged in international business affairs and accordingly data processing operations for SAMSUNG Companies worldwide are performed in Korea and potentially other jurisdictions worldwide. SAMSUNG Data Exporters transfer Personal Data received from SAMSUNG Companies Staff SAMSUNG Companies Business Partners or authorized third party providers to SAMSUNG Data Importers in Korea and potentially other jurisdictions because the resources needed to process such data are located there. The Personal Data, once transferred to Korea or the intended jurisdiction, is processed for a range of business purposes of SAMSUNG Companies, including (without limitation):

  • employment-related activities such as administrative and managerial tasks, appointments or removals, disciplinary matters, processing payroll, working time management, determining and reviewing salaries, superannuation and providing training and learning services, and healthcare and other benefits and services to SAMSUNG Companies Staff
  • the management and administration of customer / client services which involves the processing of Personal Data held on behalf of SAMSUNG Companies Business Partners, as well as the management, maintenance and development of business relationships with SAMSUNG Companies Business Partners and other partners or third parties including but not limited to the administration of orders and accounts, business development , marketing, advertising and public relations in connection with SAMSUNG Companies business activity, goods or services.
  • the maintenance of information on the business or technical environment in which SAMSUNG Companies operate.
  • the provision of all services in support of SAMSUNG Companies including the wide and varying functions and operations such as legal, finance, real estate and property management, computing, security and engineering/maintenance departments within an organization as well as general office administration.

Categories of data:

The Personal Data transferred include all data SAMSUNG Companies determine necessary to perform their business functions, including (without limitation) SAMSUNG Companies Staff data and SAMSUNG Companies Business Partners data, defined as follows:

  • "SAMSUNG Companies Staff Data" means information relating to an identified or identifiable natural person who is SAMSUNG Companies Staff; family members, relatives, guardians and associates of SAMSUNG Companies Staff and includes (without limitation): name and address; employee/payroll number; e-mail address; telephone number; date of birth; tax ID/; identification number; photograph of SAMSUNG Companies Staff; family data' lifestyle and social circumstances and health-related information obtained to provide applicable health benefits; education and training details; employment history such as date of hire, previous positions held, previous salaries, and other employment-related data.
  • "SAMSUNG Companies Business Partners Data" means information SAMSUNG Companies receive from or on behalf of SAMSUNG Companies Business Partners or any other third parties that do business with SAMSUNG Companies. It also includes any complication or adaptation of such information created by SAMSUNG Companies in the course of their business relationship with SAMSUNG Companies Business Partners where the information relates to an identified or identifiable natural person. That 'person' could be an employee, employee family member, applicant, consumer, customer or supplier of the SAMSUNG Companies Business Partner. SAMSUNG Companies Business Partners Data includes (without limitation) name; address; e-mail address; telephone number; customer number or other such customer identifier/tag; date of birth; tax ID/ and personal photograph.

Sensitive Data:

[SAMSUNG Data Exporters process Special Categories of Data in their capacity as Data Controllers and this includes (without limitation) information concerning a Data Subject (as described in this Appendix 1) which relates to race or ethnic origin, political opinions religious beliefs or other beliefs, physical or mental health or condition, sexual history or orientation, trade union membership, commission or alleged commission of a criminal offence and any court, tribunal or inquiry proceedings, family lifestyle and social circumstances.][E6] 

Recipients:

The Personal Data transferred may be disclosed to:

(1) SAMSUNG Data Importers and SAMSUNG Companies Staff who have a reasonable need to know the information in order to fulfill the purposes detailed in the Section of this Appendix labeled "Purposes of the Transfer", including personnel involved in management and administration, information services, and human resources;

(2) Affiliates of SAMSUNG Data Exporter or SAMSUNG Data Importer, for the same purposes,

(3) the Data Subjects themselves,

(4) third party service providers of SAMSUNG Companies, such as SAMSUNG Companies Business Partners and any other suppliers, advisers, research and financial organisations or other data processors, and their authorized personnel,

(5) Central and Local Government, and

(6) any person (natural or legal) or organization as may be required by law.

Storage limits:

Any employment-related SAMSUNG Companies Staff Data transferred will be stored during the term of SAMSUNG Companies Staff employment and for a reasonable period of time thereafter based on legitimate business considerations and in accordance with the requirements under local law, including compliance with laws and regulations, processing remaining payroll or bonus payments, and administration of benefits. The same will apply to SAMSUNG Companies Business Partners Data

APPENDIX II

DATA FLOWS[E7] 


System

Function

Data Categories

Usage

End User

Flow Path

Storage

Integration point of time
under GERP
(YYYY.MM)

ApMS- Application Monitoring System

Monitoring enterprise's SCM-related KPI (Key Performance Indicators) to check the operation level of 7 important SCM systems

User registration and access information(name, department name, MySingle email, day and time of last connection, IP address of last connection)

to manage access data for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

CMS-Contents Management System

Collects and manages content (manuals, product information etc) related to service and marketing area
.Supports each country's homepage service by connecting download center

1) Employee's Details (Name, Department, Name, Position, email, Phone Number)
2) User access information (Day and time of last connected, MySingle ID, User IP address, Menu path of accessed)

1) user authentication and payment, mailing service
2) to manage access data for security and analysis

1) system administrators
2) system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

EAMS - Enterprise Architecture Management System

Enterprise Architecture management system to provide IT strategy, principles, standards and governance about Enterprise information systems

User information(Mysingle id, User name, Department, Name, Company Code, Company Name,
Division Name, Position, Email, Company Phone Number, Cell phone number, User IP address)

to manage EAMS users

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

IRP - Information Resource Planning

Managing the lifecycle of enterprise information systems in all areas like investment, projects, performance, assets, cost and human resources

Employee's access Information(Day and time of last connection, MySingle ID, IP, Name, singleid, Position, Department Name, Division, Company)

to analyze the level of usage of the system

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

IT-VOC

Managing employee's suggestions(VOC) for improvement about all enterprise systems

1)Employee's access information (ID ,Division, Subsidiary, Department, Name, Name, Position, IP, Day and time of last connection)
2)Employee's information in charge of systems (ID, authority for access)
3)Employee's service request information(ID Name, Division, Subsidiary, Department, Name, e-mail))

1)to manage access data for security and analysis
2)to manage authorization to the system
3)to manage history of applications

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

myDMS - Document Management System

Management system of approval/general documents generated in MySingle system for SEC employees

Employee's Information(Name,Position Level Code,Company Name,Company Code,Department Name,Department code,Department Name(English),Name(English),E-mail)

to manage access rights

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

WTN - Worldwide Trading Network

Supporting real-time transaction of purchase/sales data(purchase order, sales order etc) between SEC HQ and branches

Employee's information (Name, Email, Subsidiary)

to send E/W mySingle mails to each work groups on occasion of occurrence of PO-SO discrepancy

persons in charge of PO/SO management, account managers

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

GCMS - Global Credit Management System

Provides information related to risk hedging to prevent risk about A/R (account receivable) of SEC HQ and subsidiaries

Employee's access information(e.g. Name,Position,Department Name,Phone Number,MySingle ID,Email,Day and time of last connection)

user authentication, security, payment, mailing system Admin

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

GMPS - Global Management Planning System

Managing every year's management planning(planned the year before) of overseas subsidiaries

1)Employee's access information(Day and time of last connection, MySingle ID, IP)
2)Employee's information (Name,MySingle ID, Subsidiary, Phone Number, Email)

1)to manage current status of connection for security and analysis
2)user authentication, mailing service and authorization control

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

GSMS - Global Sample Management System

Supports receipt/issue/inventory management of product samples over all subsidiaries

Employee's access information(Name,Position,Department Name,Phone Number,MySingle ID,Email,Day and time of last connection)

user authentication, security, payment, mailing system Admin

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

GBIS - Global Business Intelligence System

Reports integrated business information like sales/marketing costs/vendor margin/return costs, which collected from overseas information systems

Employee's access information(User Name,Day and time of last connection, MySingle ID,Subsidiary,IP)

user authentication and log analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

SELP - Samsung electronics Export Logistics Portal

Support sharing purchase-related information with business partner which is necessary for production subsidiaries to procure materials

Employee(Person in charge of subsidiary claims) access information(MySingle ID, Department, Email, Date of last connection)

security and management of current status of connection
managers access to the system to check claims on the subsidiaries

claim managers for subsidiaries

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2009.01

CIS - Code Information System

Management system of enterprise master codes (product, material, model, components, and customers)

1)Employee's Access Information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)
3)Employee with approval authority information (Name,Company Name, Department, Name, Position, Company Phone Number, MySingle Email,,Cell phone number)
4)Buyer(company) and Supplier(company) information (Company name,Phone Number,Representative person,Address,VAT reg. no.)

1)to manage current status of connection for security and analysis
2)user authentication and mailing service
3)for inquiries for information on the person who approves processes for components/equipments/models
4)for total management of information related to Buyer(company) and Supplier(company)

1)system administrators
2)system administrators
3)users of processes for components/equipments/models
4)Buyer(company) and Supplier(company)'s managers

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

S-MOLD(Mold Management System)

Manages lifecycle(from approval to development and disposal) of molds developed in domestic and overseas

1)Employee's Information(Name, Department Name,Position, IP, Day and time of last connection, Menu path accessed,e-mail,)
2)Business Partners(Collaborative company) Details(Address,Phone Number, Business registration number,Kind of business)

1)user authentication, user audit
2)Business Partners(Collaborative company) Details(Address,Phone Number, Business registration number,Kind of business)

1)system administrators
2)system users (partners)

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Global MCM - Global Material Cost Management

Provides analysis and reports about manufacturing cost and material for saving these costs

Employee's access information(Day and time of last connection, MySingle ID,Department Name,IP)

to manage current status of connection for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

V-Glonets Buyer

supports procurement work of domestic/overseas subsidiaries such as supporting procurement of long-term delivery materials/short-term delivery materials and reporting procurement information

1)Employee's access information(Day and time of last connection, MySingle ID)
2)Employee's Information(Name,Department Name,Position,Phone Number,e-mail)

1)security and management of current status of use
2)for sending e-mail

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

Global SCM UI

Provides visibility of core APS functions concerned with demand and supply of overseas sales/production subsidiaries

Employee's access information(Day and time of last connection, MySingle ID,Name,Department Name,Position,Phone Number,e-mail,IP)

to manage current status of connection for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SigmaPark

Supports SEC 6sigma project management, 6sigma expert pool management, and management of education on 6sigma

1)Employee's access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GCoA - Global Chart of Account

Unify financial accounts of domestic/overseas subsidiaries

Employee's information(Email, Phone Number, SubsidiaryCode)

to manage registration of GCoA manager of subsidiaries

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

SEGAM - SEC Global Accouting Manual

Provides manuals about global financial accounting based on policies and standards

1)Employee's access information (Day and time of last connection, MySingle ID,IP)
2)User information(Email, Phone Number, Address, SubsidiaryCode)

1)security and management of current status of system use
2)user registration of the system (master)

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SENS - Samsung Electronics Nontrading System

Records trade information about revenues and costs between HQ and subsidiaries and connects these records with financial statement

1)Employee's access information(Day and time of last connection, MySingle ID,IP)
2)User information (Email, Phone Number, Address, SubsidiaryCode)

1)security and management of current status of system use
2)user registration of the system (master)

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

Global Consolidation Package System

Reports and Collects the final result in excel format about closing of accounts results audited by local inspector

1)User access information(Day and time of last connection, MySingle ID,IP)
2)User information (Email, Phone Number, Address, SubsidiaryCode)

1)security and management of current status of system use
2)user registration of the system (master)

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Global Fund Management System

Provides information about operating financial funds of overseas subsidiary such as debt and balance between income and expenses calculated daily and monthly

Employee's access information(Day and time of last connection, MySingle ID,IP)
Employee's information (single id, Subsidiary,)

for accessing web system and sending e-mails about financial funds information

system administrators, financial accounting team in HQ and Overseas

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

GIMS - Global Inventory Management System

Supports management of an adequate amount of inventory by providing special logic in head office and each subsidiary

Employee's access information((Mysingle id)

for accessing web system and inquiries for inventory data

people authorized by subsidiaries

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

GMAS - Global Management Analysis System,

Analyze financial management information of all subsidiaries by managing BS(Balance Sheet) and PL(Profit and Loss) chart

Employee's access information(MySingle ID)

for accessing web system and inquiries for management information

people authorized by subsidiaries

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

CS-NET (CS Management Center)

A portal system consists of 11 web systems related to product quality

1)Employee's access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information(Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Megasys (CS Management Center)

A planning system which supports forecasting demand of service materials in logistics, Supports delivery of materials to the exact location and in optimal time-span.

Employee's access information (Userid, passwd, Division)

demand forecast

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GSDW - Global Service Information Portal

management system of key indicators in quality, service, education, and contents areas for overseas service subsidiaries

1)Employee's access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2010.01

SVOC (CS Management Center)

integrates VOC data submitted through phone, e-mails, websites, internal systems, etc. and provides the data to requesting divisions

1)Employee's access information(Day and time of last connection, IP,Numbers of connection)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Invest(GMO)

Analyze and Manage overseas marketing investment (planning/execution/performance) of HQ, subsidiaries and branches related to overseas marketing business

Employee's access information(MySingle ID,Department Name,email,Name)

management of user authorization and current status of connection for security/analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

mNet(GMO)

Global Marketing portal system which analyse information on marketing, sales in global market

User registration information (Name, Email, Department, Position, IP, Phone Number, Day and time of last connection)

current status management for user analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GCIC (GMO)

Collects global customer information and analyzes propensity to consume of each customer in each country or product

1)Employee's access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)
3)B2C Personal Customer analysis information(Customer question and answer, Customer No.)

1)security and management of current status of connection
2)user authentication
3)summary data for customer information analysis

1)system administrators
2)system administrators
3)marketing managers for main office/European HQ/subsidiaries

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GEMS (GMO)

Sending emails to target customers for marketing and trace/analyze the feedback

1)Employee's access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)
3)B2C personal customer information(Name,Email)

1)security and management of current status of connection
2)user authentication
3)customer information for sending e-mails

1)system administrators
2)system administrators
3)marketing managers for main office/European HQ/subsidiaries

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Design Project Management System

Managing lifecycle of design development projects

1)Employee's information (Name,Department Name, ,Position,email,Phone Number)
2)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)

1)membership registration of the websites and management
2)to manage current status of connection for security and analysis

1)system administrators, members (to change personal information)
2)system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

mVOC.net(Mobile)

Mobile Communication Division's integrated management system of VOC data

1)Employee's access information(Day and time of last connection, MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

MD.Net(Mobile)

MD-NET (Mobile Design Information & Management Network)
supports project management of Mobile design team

Employee's information (Name,Department Name,Position,email,Phone Number,Company)
Employee's access information(Day and time of last connection, IP)

user authentication and mailing service,
authorization check for the access to the page,
management of current status of connection for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

MPS(Mobile)

Supports jobs related to mobile phone's specification (export, additional accessories, wrapping, WAP)

1)Employee's access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

MISS(Mobile)

Mobile Communication Division's marketing portal - Integration and Analysis of marketing contents

Employee's access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)

for inquiries for contents of mobile phone products

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

AnySVC mobile(Mobile)

Provide overseas service centres with tips for repairing mobile phones

User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)

management of user and current status of connection

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SPDM (VD)

Computerize jobs throughout all process from product planning, development to manufacturing release, and Used in head office and overseas offices

Employee's registration and access information (Name, Email, Position, Department Name, MySingle ID, Day and time of last connection, User IP address)

management of user and current status of connection for security/analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

DM Portal (DM)

Integrated management system of portal sites of DigitalMedia Division

1)User information (Position,Department Name,Phone number,MySingle ID)
2)User access information(Day and time of last connection,Department Name, IP)

1)user authentication and setting access rights, mailing service
2)to manage current status of connection for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

R&D Center Management System

A portal system for Digital Medial R&D Center, managing lab-related data repository, official announcement and conference rooms use

.Employee's information(Position,Department Name, Phone Number, Single ID)
.Employee's access information(Day and time of last connection, Department Name,IP)

to manage current status of connection for security and analysis, user authentication, approval, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

APS-MP (VD)

An SCM system which supports production planning that complies with real demand

Employee's access information(MySingle ID,Name,Position,email, Department Phone Number)

user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

VISS-Net (System Appliance) - VOC

Collects VOC about products produced by System Appliance Division to include the VOC in planning and developing stage

User access information(Name,Department Name,Position,Email,Phone Number,IP,Day and time of last connection)

user authentication and management of current status of connection for security

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

MIDAS (LCD)

Analyze raw data generated by MES, SCM, ERP in LCD HQ
. Supports executive staffs in decision making and understanding of current business status

1)User access information(Day and time of last connection, IP)
2)Employee's information (Name, Department Name,Position,email, Phone Number,Role)

1)to manage current status of connection for security and analysis
2)user authentication, authorization control

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

S-Focus (LCD)

Integrated management system about RMA (Return material authorization) process from customer's request to repair in LCD Divison

1)User access information(Day and time of last connection, IP)
2)Employee's information (Name,Department Name,Position,email,Position)

1)to manage current status of connection for security and analysis
2)user authentication, authorization control and payment service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SPDM for LCD (LCD)

Computerize jobs throughout all process from product planning, development to manufacturing release, and Used in head office and overseas offices

Employee's registration and access information (Name, Email, Position, Department Name, MySingle ID, Day and time of last connection,ip)

management of user and current status of connection for security/analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

DEX(CTO)- Data convert system

Supports CAD data exchange between internal developers and collaborative partners

.Employee's information (Name, Company, Department Name,Position,email,Phone Number)
.User access information(Day and time of last connection, IP)

user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Enterprise R&D KMS (CTO)

Portal site sharing R&D knowledge in Corporate Technology Operations Division

Employee's information (Name,Department Name,Position,email)
B2B company information (Name,Department Name,Position,email)

user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

APS-DP (Semiconductor)

Semi-conductor Division's SCM system, and forecasts demand on sales

Employee's information (Name,Department Name,Position,email,Phone Number)

user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Development Workplace (Memory)

System for managing and integrating processes and data on product development lifecycle

User access information(Day and time of last connection,IP)

to manage current status of connection for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

TIPS (SYS.LSI)

Provides total business information like sales, KPI, marketing areas for System LSI Division

1)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

TOBIS (Memory)

Provides total business information of Memory Divison , collects data such as sales/production/inventory/costs/management plan from many different systems, and analyze them in report and chart format

1)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Customer Workplace (Semiconductor)

Supports customer collaboration within Semi-conductor Division

Employee's access information (Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)

user authentication

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SAP (Semiconductor) - Sales and Order Management

Semi-conductor Division's ERP system which manages the whole sales-related work such as receiving orders/shipping/billing

1)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (MySingle ID, Name,Department Name,Position,email,Phone Number)
3)B2B Customer(company) information (Company name, Address, Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service
3)to deal with sales-related works

1)system administrators
2)system administrators
3)managers of receiving orders and goods issue

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

2009.01

Buyer workspace (website)

to manage key subjects to help business partner strengthen the competitiveness as partner

User information(Company code, User name, phone number,email)
User Access Information(User IP Address,Day and time of last connection)

to send email to person in charge of procurement in business partner,
to manage login information for security

employee in charge of procurement

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

APS Management System(KAIS)

Manages KPI for SCM

User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)

to manage current status of connection for security and analysis

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

DC&P System

Dealing with laws about Finance and accounting

1)User access information(Day and time of last connection, MySingle ID, IP)
2)User Profile( Subsidiary Code, Single ID, User Name, email, Position,Language)

1)to manage current status of connection for security and analysis
2)user registration and control

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

OSCL (Network)

Issues License key for OfficeServ CTI S/W

1)User access information(Day and time of last connection, MySingle ID, Department Name, Phone number, IP)
2)User Profile( ID, User Name, email )

1)to manage current status of connection for security and analysis
2)user authentication and mailing service

Distributor Master and Operator

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GSBN - Global Samsung Business Network

Supports collaboration between SEC branches/subsidiaries and external business partners in SCM, PRM, Marketing areas

1)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's Details (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SSeMS - Supplier e-Management System

Managing lifecycle( from registration to evaluation, termination of contract) of business partners as collaborative company, over all domestic and overseas

1)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's details (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

e-HMS (CS Management Center)

Registers and checks whether the materials contain toxic substances to comply with the regulation, RoHS, which EU prohibits importing of products containing toxic substances

1)Employee's access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

STELS (CS Management Center) - Samsung Technology e-Learning System

integrated online training system for global service engineers and contact center counselors

1)User access information(Day and time of last connection, ID ,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and mailing service

1)system administrators
2)education managers for subsidiaries

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

SQCI - Supplier Quality Control Innovation

quality monitoring system of products produced by partners

1)Employee's access information(Day and time of last connection, MySingle ID,IP)
2)Employee's information(Name,Department Name,email,Phone Number)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Qnet (Network)- Quality Network

Service management system about products released by Network division, supports pending issue and unsolved problems that is needed to request development department to solve

1)Employee's access information(Day and time of last connection,MySingle ID,Department Name,Phone Number,IP)
2)Personal's information (Email,ID,Name,Department Name,Position, Company phone number, Cell phone number)

1)to manage current status of connection for security and analysis
2)user authentication and mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

prins (Printing)

Supports management and effective use of key knowledge in Printing division
.Provides information on the division itself, marketing, development, purchasing, and human resources

Employee's access information(Name, Position, email, Phone Number, Day and time of last connection, IP of last connection)

membership registration for the website,

System administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

Smart-HA (System Appliance)

System Appliance Division's system for sharing product-related information between head office employees and PMs and local employees of overseas subsidiaries and branches

1)Employee's information (Name, Subsidiary,Department Name,Position,email,Phone Number, Role)

1)membership registration of the websites and management

1)system administrators, members (to change personal information)

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

CPCex (CTO)

Supports collaboration of GBM, overseas subsidiaries, partners and Labs in development

Employee's information (Name,Department Name,Position,email)

user authentication and payment, mailing service

system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

E-sourcing system

Support sourcing agreement for procurement from business partner

Employee's information( email, phone number)

to have cooperative relationship as business partner with new partner

employee in charge of procurement

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

eGLS - e Global Logistics System

Provides enterprise standard process about logistics area and manages performance and KPI about logistics

1)Employee's access information(Day and time of last connection,MySingle ID,Department Name,Phone Number,IP)

1)to manage current status of connection for security and analysis

1)system administrators

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GHR - Global HR management system

Overseas personnel management system

Employee's profile (Name,Department Name,Position, Roles, Academic background, Career, Address, email, hired/retired date, Date of birth, sex, Phone Number, Salary, Performance review record, Training history), User login information

to use statistical data of HR information

system administrators, HRM team members, authorized people in subsidiaries (HR managers for main office/GBM, resident employees in overseas HQs, and people employed by subsidiaries)

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

GHRS - Global HR system(DW)

SEC HR(human resources) DataWarehouse that collects data related to human resources of head office, overseas subsidiaries

Employee's profile (Name,Department Name,Position,Roles, Academic background, Career, Address, email, hired/retired date, Date of birth, sex, Phone Number, Salary, Performance review record, training history)

to use statistical data of HR information

system administrators, HRM team members, authorized people in subsidiaries (HR managers for main office/GBM, and resident employees in overseas HQs)

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

-

MyProject- Project Management System(Mobile)

1)Supports development projects of Mobile Devision
2)Mobile Communication Division's S/W development and collaboration system
. S/W project management and co-work (SSCM)
. Control each 's requirements on mobile phones (CRC) 3)System for logging improvements of quality-related problem 4)information sharing with S/W partner developers

1)Employee's registration information (MySingle ID, Name, Department Name, Phone Number, Email)
2)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
3)Employee's details (Name,Department Name,Position,email,Phone Number)

1)user authentication and payment, mailing service
2)to manage current status of connection for security and analysis
3)membership registration of the websites and management
4)for total management of customer information of B2B partners

system administrators,B2B partners, persons in charge of partners

Direct from employee to server based in Korea

Hosted on Server (HQ, Korea)

-

syncsight (VD) - https://www.syncsight.com

Sharing marketing information with B2B users and VD division's subsidiaries related to VD division

1)User access information(Day and time of last connection, MySingle ID, Name, email, Country,Subsidiary)
2)Employee's information (Name, Kind of business,Position,email,Phone Number,Date of birth,)

1)to manage current status of connection for security and analysis
2)membership registration of the websites and management
3)for total management of customer information of B2B partners

system administrators, administrators, persons in charge of partners

Direct from employee to server based in Korea

Hosted on Server (HQ, Korea)

-

Corporate GWP System

Supports corporate GWP(Great WorkPlace) activities

Employee's profile (Name, Single ID, Position, Department Name, Company Name,Data of birth, Sex, Roles, Working location, employee status, Academic background)
Department information(Department Name, Department Manager)

evaluation of GWP activities and user authentication

employees in subsidiaries

Direct from employee to server based in Korea

Hosted on Server (HQ, Korea)

-


System

Function

Data Categories

Usage

End User

Flow Path

Storage

Integration point of time
under GERP
(YYYY.MM)

GSBN - Global Samsung Business Network

Supports collaboration between SEC branches/subsidiaries and extenal business partners in SCM, PRM, Marketing areas

Business Partners(Collaborative company) Details(Company name, Phone Number,Representative person,email, Address)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service
3)for total management of customer information of B2B partners

system administrators, B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

SSeMS - Supplier e-Management System

Managing lifecycle( from registration to evaluation, termination of contract) of business partners as collaborative company, over all domestic and overseas

Business Partners(Collaborative company) Details(Company name,Phone Number, Representative Person of company,email, Address)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service
3)for registration of new partners ,
for total management of partner's information

system administrators, B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

e-HMS (CS Management Center)

Registers and checks whether the materials contain toxic substances to comply with the regulation, RoHS, which EU prohibits importing of products containing toxic substances

Business Partners(Collaborative company) Details(Company name,Phone Number,Representative person,email, Address)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service
3)for total management of customer information of B2B partners

system administrators, B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

STELS (CS Management Center) - Samsung Technology e-Learning System

integrated online training system for global service engineers and contact center counselors

Business partner's information in charge of repair service(Company Name,Phone Number,Representative person,email, Address)

1)to manage current status of connection for security and analysis
2)user authentication and mailing service
3) to manage repair service centers and engineers needed to be trained

system administrators,education managers for subsidiaries

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

SQCI - Supplier Quality Control Innovation

quality monitoring system of products produced by partners

Business Partners(Collaborative company) Details(Company Name,Phone Number,Name of president,email, Address)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service
3)for total management of customer information of B2B partners

system administrators, B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

Qnet (Network)- Quality Network

Service management system about products released by Network division, supports pending issue and unsolved problems that is needed to request development department to solve

1)Personal's information (Email,ID,Name,Department Name,Position, Company phone number, Cell phone number)
2)B2B customer(company)'s information (Email,ID,Name,Department Name,Position,Company phone number, Cell phone number)

1)to manage current status of connection for security and analysis
2)user authentication and mailing service
3)user authentication and mailing service

1)system administrators
2)system administrators
3)system administrators, registered B2B partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

prins (Printing)

Supports management and effective use of key knowledge in Printing division
.Provides information on the division itself, marketing, development, purchasing, and human resources

reseller information (Company name,Phone Number,email, ID)

membership registration for the website,
to provide information related to the division

- system administrators
- to change member's private information

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

Smart-HA (System Appliance)

System Appliance Division's system for sharing product-related information between head office employees and PMs and local employees of overseas subsidiaries and branches

Business Partners(Collaborative company) Details(Company name, Name of president,Phone Number,email,Address, Subsidiary,Person's name of contact)

1)membership registration of the websites and management
2)for total management of customer information of B2B partners

1)system administrators, members (to change personal information)
2)system administrators, registered B2B partners (to change personal information)

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

CPCex (CTO)

Supports collaboration of GBM, overseas subsidiaries, partners and Labs in development

B2B company information (Name,Department Name,Position,email)

user authentication and payment, mailing service

system administrators

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

E-sourcing system

Support sourcing agreement for procurement from business partner

Business partner information (Address, Representative Person, Representative Person's birthday, email, phone number)

to have cooperative relationship as business partner with new partner

employee in charge of procurement and person in business partner

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

ERMS-Email Response Management System

Enterprise WEB system for integrated management of e-mails from customers submitted through externally opened websites

call center communication infomation with B2C customer(Name,E-Mail, Products purchased, Date of purchased,Phone Number,Fax Number,Address)

counselling and customer analysis

Contact Center managers, CRM managers (employees in subsidiaries and outsourcing employees employed by subsidiaries)

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

OnLine Customer DB

Manages B2C and B2B online users' LDAP, authorization, membership by using Data encryption technology

1)Business Partners(Collaborative company) Details(Company code, Company name, User Name, Phone Number, , email, Address)
2)Communication information with B2C Customer(Name,Address,Date of birth,Email,Phone Number)

1)for total management of customer information of B2B partners
2)for total management of B2C general customer information

1)B2B partners, persons in charge of partners
2)B2C general users

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

WMC - Web Management Center

Provide policies and guidelines about web design and infrastructure for planning and developing enterprise websites

User access information(User ID with B2B authentication,Department Name,Phone Number, EmailAddress)

to manage access data

system administrators

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

ITTS - Intransit Tracking System

Tracking the progress of goods while being shipping from head office/production subsidiaries to Sales/logistics subsidiaries

1)User access information(Day and time of last connection, ID,Phone Number,IP)
2)Business Partner (Collaborative company)'s information (Company name,Phone Number,email)

1)user authentication and mailing service
2)user authentication and mailing service

system administrators

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

V-Glonets Supplier

supports domestic/overseas subsidiaries to collaborate with partners in procurement area

Business Partners(Supplier company) Details(Company code, User Name,Phone Number,email)

for sending e-mails to people who agreed on receiving e-mails about new RFQ, FCST, PO

system -> B2B partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

SLPS - Samsung Local Procurement System

Support sharing purchase-related information with business partner which is necessary for production subsidiaries to procure materials

Business Partners(Supplier company) Details(Company code,User Name,Phone Number,email)

for sending e-mails to people who agreed on receiving e-mails about new RFQ, FCST, PO

system -> B2B partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

Global PR Database
(www.theprsource.com)

Shares head office's PR strategy, guidelines and main activities on multimedia with PR managers in global subsidiaries, branches and overseas agencies

User registration and access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)

membership registration of the websites and management

system administrators, members (to change personal information)

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

GICOS (VD)

Supports billing of repair charge and payment that service company repairing TV/Monitor requests overseas

Business Partners(Collaborative company) Details(Company Name,Phone Number,Cell phone number,Fax number,Representative person,email,Country)

for total management of customer information of B2B partners

B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

GPS (VD) - WEB Service

Supports free exchange and controlling inventory of Monitor panel overseas

Business Partners(Collaborative company) Details(Company name,Phone Number,Representative person,email, Address)

for total management of customer information of B2B partners

B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

WISE (Computer)

Supports global self-service on computer products
.Sending service materials, Searching of materials, processing RMA(Return Material Authorization)

Business partner's information in charge of repair service(Company Name,Phone Number,Representative person,email, Address)

user authentication and mailing service

persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

syncsight (VD) - https://www.syncsight.com

Sharing marketing information with B2B users and VD division's subsidiaries related to VD division

Business Partners(Collaborative company) Details(Company name,Phone Number,email, Name,Position)

1)to manage current status of connection for security and analysis
2)membership registration of the websites and management
3)for total management of customer information of B2B partners

system administrators, administrators, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

AV Online Service Management System (AV)
(www.samsungplay.com ,UK.samsungplay.com)

Global website for advertising MP3 products and cultivating mania groups

B2C personal customer information (Name,Address,email,Date of birth,sex, Day and Time of last connection)

membership registration of the websites and management

system administrators, members (to change personal information)

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

Samsung System Aircon (System Appliance)

An external site for advertising products, electronic system air conditioner

User Access Information (Name, Email,country,Date of birth, IP)

user authentication and control of current status of connection

system administrators

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

c-Dance

Semi-conductor Division's B2B system which supports collaboration with customers in a series of work from purchase request to shipping by using RosettaNet (International standard for e-commerce) technology

User information(ID, Password, e-mail, Company, Department Name, Position, Phone Number)

information for analysis of user-login and current status of connection

system administrators

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

WEB Site for Europe HQ
www.samsung.com/eu/

SEC European website
.Provides recruiting information to European customers
.Supports registration of purchased products
.Provides products/service/marketing information of a specific country by offering links to other European countries' websites

1)Business partners(collaborative company)'s information (Company name, Phone Number, Representative person,Address, Homepage address,email)
2) information with customers (Name, Email, Company, Job)

1)request from Semi-conductor subsidiary (for statistical analysis)
2)inquiry on products

1)customer companies, partners
2)members, partner companies

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

Supplier portal (website)

Portal system for procurement between Samsung and Business partner

Business Partner information(Company code, User name, Phone number,email)
User Access information(User IP Address, Day and time of last connection)

to send email to person in charge of procurement in business partner,
to manage login information for security

person in charge of procurement in business partner

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

GRMS-Returned goods Management System

Define standard process for returning goods, monitor returned goods approval status and delivery information

Buyer(company) information (Company name,Phone Number,email address, User ID, Name)

for registration of returned goods and monitor approval status

subsidiaries, 3PL, Buyer, ASC
* ASC(Associate Service Center)? Repair Service center internationally authorized

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)

MyProject- Project Management System(Mobile)

1)Supports development projects of Mobile Devision
2)Mobile Communication Division's S/W development and collaboration system
. S/W project management and co-work (SSCM)
. Control mobile phone requirements (CRC)
3)System for logging improvements of quality-related problem 4)information sharing with S/W partner developers

Business Partners(Collaborative company) Details(Company name,Phone Number,Representative person,email, Address)

1)user authentication and payment, mailing service
2)to manage current status of connection for security and analysis
3)membership registration of the websites and management
4)for total management of customer information of B2B partners

system administrators,B2B partners, persons in charge of partners

Direct from person(Non-employee) to server based in Korea

Hosted on Server (HQ, Korea)


System

Function

Data Categories

Usage

End User

Flow Path

Storage

Integration point of time
under GERP
(YYYY.MM)

GTMS - Global Treasury management System

Manage overseas subsidiaries' cash flow and standardize overseas subsidiaries' Treasury business

Employee's information (Name, Department Name,Position,Email,Phone Number)

to do approval service and to manage current status of connection for security and analysis

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

GSPN(Europe)

Supports repairing service of external service company and provides functions such as download service manuals, drivers, user manuals

1)User access information(Day and time of last connection, IP, Count of connection)
2)Employee's information (Name,Department Name,Position,email,Phone Number)
3)ASC sevice center's information(Company name,Phone Number,Representative person,email, Address)
* ASC(Associate Service Center)? Repair Service center internationally authorized

1)to manage current status of connection for security and analysis
2)user authentication and mailing service
3)for total management of customer information of B2B partners

system administrators, ASC managers

Direct from Admin to server based in Country(EU)

Hosted on Server in London

STLS - Samsung Trading & Logistics System

Automation system about trading and logistics between subsidiaries and collaborative partners such as banks, 3PL, insurance companies and shipping companies

B2B customer information (Address, Phone Number)

to provide information on partners related to logistics, included in EDI documents

partners related to logistics, 3PL

Direct from Admin to server based in Country(EU)

Hosted on Server in London

Campaign Designer

Supports planning/execution/analysis of campaigns through emails

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SFC (Europe) - Europe
( https://europe.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEBN) - Belgium
( https://be.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEBN) - Netherlands
( https://nl.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEF) - France
( https://fr.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEG) - Germany
( https://de.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEI) - Italy
( https://it.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SENA) - Norway
( https://nordic.samsungmobile.com )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEOL) - Poland
( https://pl.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEP) - Portugal
( https://pt.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SESA) - Spain
( https://es.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SFC (SEUK) - U.K
( https://uk.samsungmobile.com/ )

To Popularize Samsung Mobile Phone &SFC website. To download Ringtones, Screensavers, wallpapers etc.

1)User access information(Day and time of last connection,MySingle ID,Department Name,IP)
2)Employee's information (Name,Department Name,Position,email,Phone Number)

1)security and management of current status of connection
2)user authentication

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

WEB Site for Europe HQ
( www.samsung-europe.com )

SEC European website
.Provides recruiting information to European customers
.Supports registration of purchased products
.Provides products/service/marketing information of a specific country by offering links to other European countries' websites

1)Purchasing information of B2C personal customers (Name, Date of birth, Address, Email, Phone Number, product purchased, time and place of purchase)
2)Applicants' information seeking for a job(Name,Email, ,Resume)
3)Customer's questions submitted through email

1)to collect the customer's history of product purchase
2)for submitting resume
3)to submit inquiries

system administrators, marketing managers, applicants, recruiting managers

Direct from Admin to server based in Country(EU)

Hosted on Server in London

CRM-CIC (Europe)

Manages works of service contact center such as dealing with VOC, and monitoring the progress of settlement

information with B2C personal customers (Name,Address,Email,Products purchased)

to analyze customers and to deal with provision of services

system administrators, contact center managers

Direct from Admin to server based in Country(EU)

Hosted on Server in London

CRM-CM

. Collects customer data
. Provides customers with product information through email campaigns
. Reflects the analysis of cross selling and up selling activities to future campaigns

1)User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,IP)
2)B2C personal information (Name,Address,Date of birth,sex,Email,Products purchased, answering information)

1)to manage access data for security and analysis
2)DB for customer who purchased SEC products

1)system administrators
2)marketing managers for main office/European HQ/subsidiaries

Direct from Admin to server based in Country(EU)

Hosted on Server in London

e-Office (Europe)

Supports office automation of subsidiaries
. Supports systemization of documents, automation of system approvals, and management of marketing budget

1)User access information(MySingle ID, Password, Date of last connection)
2)Employee's information (Name,Department Name,Position,e-Mail ID,SAP ID)
3)Employee's information (Phone Number,Cell phone number,Fax,Nationality,Company Address, local person or not?, Language)

1)to manage current status of connection for security and analysis
2)user authentication and payment, mailing service
3)to manage extra information of the user

1)system administrators
2)system administrators, e-Office managers in subsidiaries
3)system administrators, e-Office managers in subsidiaries

Direct from Admin to server based in Country(EU)

Hosted on Server in London

RDW (Europe) - Regional Data Warehouse

Accumulates subsidiaries' management information data such as sales and financial information and Provides these data to other web sites

User access information(User Name,Day and time of last connection, MySingle ID,Subsidiary Code, User IP of last connection)

user authentication and log analysis

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SIMS (Europe)

Work portal system for employees in overseas subsidiaries
.provides personal today's schedule, to do list and to check list

User access information(Day and time of last connection, MySingle ID,User IP of last connection)

log-in data to analyze logs

system administrators, SIMS administrators for subsidiaries

Direct from Admin to server based in Country(EU)

Hosted on Server in London

APS-FP (SEH)

Manages schedule about production plan of production subsidiaries in global SCM

User Access Information(user,password,User IP of last connection)

user authentication

system administrators, production managers

Direct from Admin to server based in Country(EU)

Hosted on Server in SEH subsidiary

APS-FP (SESK)

Manages schedule about production plan of production subsidiaries in global SCM

User Access Information(user,password,User IP of last connection)

user authentication

system administrators, production managers

Direct from Admin to server based in Country(EU)

Hosted on Server in SESK subsidiary

Global MES (SEH)

Support manufacturing execution which deliver information enabling the optimization of production activities from order launch to finished goods, and provides functions such as resource allocation, dispatching production units, data collection/acquisition, quality management, performance analysis, operations/detail scheduling and labor management, etc.

User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,User IP of last connection)

to manage current status of connection for security and analysis

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in SEH subsidiary

Global MES (SESK)

Support manufacturing execution which deliver information enabling the optimization of production activities from order launch to finished goods, and provides functions such as resource allocation, dispatching production units, data collection/acquisition, quality management, performance analysis, operations/detail scheduling and labor management, etc.

User access information(Day and time of last connection, MySingle ID,Department Name,Phone Number,User IP of last connection)

to manage current status of connection for security and analysis

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in SESK subsidiary

SAP SVC (ECC)

ERP system which supports sales process about supplying service material to external company serving repairing service in Europe

User Access Information(Day and time of last connection, ID, Department Name)

to analyze access data

system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SEBN)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, Company Phone Number, Company Fax Number, Email)
User access information(ID, User access log data)
Customer Details(Company name, name of a person in charge, Company Address, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SEF)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

Company Name, Dept, Position, Company address

basic system for the subsidiaries (for understanding status of sales, profit-and-loss, inventory, etc)

employees in SEF subsidiary ,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

partner.samsung (SEG) - Germany

Supports collaboration with partners , provides detailed product information and manages partner's points according to trading increases

Business partner Details(Name, Company Name, Phone Number)

Business partners, employees in subsidiaries

Hosted on Server in Germany

SAP (SEG)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators ,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

STARLIGHT (SEG)

Manages reseller sell-in and sell-out, pays incentive and provides community function

User Information(ID, Name)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress)

employees in subsidiaries

Hosted on Server in Germany

Country Web Site (SEG) - Germany

websites for advertizing the products/services/marketing to customers

User Information(ID, Name),

general users

Hosted on Server in Germany

SAP (SEH)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log data)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies ,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SELS)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log)
Customer Deatils(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SENA)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SEP)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SESA)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Access Information(Day and time of last connection), Customer Details(Company name,Address,Phone Number)

to do ERP work

account/management, AR, Order desk, sales users,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SESK)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SEUK)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in London

SAP (SEHG)

SEHG's ERP system which supports FI/CO related work

User Information(ID,Name, Department Name,Role, Company,Position,CompanyPhone Number,CompanyFax,Email)
User access information(ID,Day and time of last connection)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SAP (SSEG)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID,Name,Department Name,Role,Company,Position,CompanyPhone Number,CompanyFax Number,Email)
User access information(ID,Day and time of last connection)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SAP (SSEL)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID,Name,Department Name,Role,Company,Position,CompanyPhone Number,CompanyFax Number,Email)
User access information(ID,Day and time of last connection)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

Hosted on Server in Germany

SAP (SEAG)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log data)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

SAP (SELSK)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log data)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)

SAP (SEPOL)

ERP system which supports subsidiaries' sales, purchasing, accounting, logistics

User Information(ID, Name, Department Name, Role, Company, Position, CompanyPhone Number, CompanyFax Number, EmailAddress)
User access information(ID, User access log data)
Customer Details(Company name, name of a person in charge, CompanyAddress, Phone Number, Fax Number, EmailAddress, Bank Account)

to do ERP work

employees in subsidiaries and of warehouse companies,system administrators

Direct from Admin to server based in Country(EU)


From System
(Sender)

To System
(Receiver)

Function

Data Categories

Usage

End User

Flow Path

Storage

Integration point of time
under GERP
(YYYY.MM)

MySingle
(Server in UK)

MySingle
(Server in Korea)

Enterprise Intranet System providing functions and contents such as mailing, approval, board, or links to company's internal systems

Employee's Profile (Fullname,Surname,First Name,Fullname(English),Surname(English),First Name(English),Sex, Subsidiary Company Code,Subsidiary Company Name,Subsidiary Company Name(English),Department Code,Department Name,Position Level Code,Position Level Name,Company Address,Language,an executive person or not,maximum file size the person can attach,natives or not,Security Level ,User Level ,employee status (in office, retired,temporarily not working),Date of Birth)

to support mailing service between employees as Samsung intranet system

group intranet users, managers of each affiliates and group

Direct from employee to server based in Korea

Hosted on Server(HQ, Korea)

SAP

GHR - Global HR management system

Overseas personnel management system

Employee's profile (Name,Department Name,Position, Roles, Academic background, Career, Address, email, hired/retired date, Date of birth, sex, Phone Number, Salary, Performance review record, Training history), User login information

to use statistical data of HR information

system administrators, HRM team members, authorized people in subsidiaries (HR managers for main office/GBM, resident employees in overseas HQs, and people employed by subsidiaries)

Data Interface from Server in Country to Server in Korea

Hosted on Server (HQ, Korea)

SAP

GHRS - Global HR system(DW)

SEC HR(human resources) DataWarehouse that collects data related to human resources of head office, overseas subsidiaries and child companies

Employee's profile (Name,Department Name,Position,Roles, Academic background, Career, Address, email, hired/retired date, Date of birth, sex, Phone Number, Salary, Performance review record, training history)

to use statistical data of HR information

system administrators, HRM team members, authorized people in subsidiaries (HR managers for main office/GBM, and resident employees in overseas HQs)

Data Interface from Server in Country to Server in Korea

Hosted on Server (HQ, Korea)

SAP

eGLS - e Global Logistics System

Provides enterprise standard process about logistics area and manages performance and KPI about logistics

1)Employee's access information(Day and time of last connection,MySingle ID,Department Name,Phone Number,IP)
2)Business Partners(Collaborative company) Information(Company name,Company Address)

1)to manage current status of connection for security and analysis
2)customer information and address data for delivery

1)system administrators
2)subsidiaries managers/for calculating indexes

Data Interface from Server in Country to Server in Korea

Hosted on Server (HQ, Korea)

APPENDIX III

TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES[E8] 

INTRODUCTION

It is the policy of Samsung Electronics (called hereafter "COMPANY") and its subsidiaries to pursue technical and organizational security measures substantially consistent with the processes described in this Appendix III as adjusted and evolved by COMPANY from time to time (the "COMPANY Measures"). The degree to which the COMPANY Measures are implemented with respect to any particular location or system will depend on several factors. The business environment in which COMPANY operates is very dynamic, driven to a great extent by the requirements of its clients. In addition, as a result of changes in COMPANY operations and the acquisition of other businesses on a continuing basis, at any point in time there may be business units, divisions, or subsidiaries of COMPANY that have not yet fully implemented the COMPANY Measures but are in the process of evolving to a business model more consistent with the COMPANY Measures. The deployment and adjustment of the COMPANY Measures will continue as part of the continuing development of COMPANY' business and the integration of COMPANY business acquisitions. Description of various elements in the COMPANY Measures does not mean COMPANY has been contracted by its client to provide such elements on behalf of the client, which will be determined in each case by the services agreement in effect between COMPANY and its client. With respect to each of its clients, implementation of the COMPANY Measures will be done in accordance with the practices and policies established by COMPANY and the client.

I. TECHNICAL SECURITY MEASURES

1. Authentication

1.1 COMPANY' standard authentication process requires use of User IDs and passwords for access to the COMPANY network and for access to different systems and applications within the COMPANY network. The User ID and password pair is a common form of authentication credentials. Each user of COMPANY information systems is issued individual, unique authentication credentials. COMPANY issues User IDs only upon adequate validation of the person's existence and business need. COMPANY issues User IDs and passwords in a secure manner. Where deemed necessary, users are required to change passwords when they first logon using the new password.

The company informs users that it is their responsibility to protect the confidentiality and availability of their authentication credentials. Users are required to change their passwords for access to the COMPANY network periodically. Requirements with regard to length and form of passwords are set out in the appropriate COMPANY security directive, as amended from time to time. A standard COMPANY user logon has a preset number of invalid logon attempts prior to locking the account out and requiring administrative intervention for system access. COMPANY further records information about accesses to the COMPANY network under a User ID, including date, time, length, and nature of access.

1.2 COMPANY requires strong authentication credentials through use of strong access controls and/or dual authentication in certain circumstances that COMPANY has determined to involve access to more sensitive systems and applications, or access to the COMPANY network under more sensitive circumstances. COMPANY currently requires strong authentication process for all remote access and for all "privileged administrator access" to selected COMPANY systems that contain critical data and/or access that involves network, system or application administrative responsibilities.

1.3 COMPANY applies encryption technologies during the transmission of authentication credentials over an COMPANY internal network, provided that such application is required for the protection of the credentials over an internal COMPANY network. All external, or internet based authentication including authentication data (password) being stored on a database is encrypted.

2. Access Control

2.1 COMPANY has in place technical measures that limit access of users of the COMPANY network to: (i) systems and applications that the user needs in order to perform the user's job functions, and (ii) the functions that can be performed once access is granted. These measures are accomplished through software programs and operating system administrative tools that enable COMPANY network administrators to create, modify, and delete access authorizations. COMPANY network, systems and applications administrators are typically specialized in that function and work from an objective set of requirements.

2.2 COMPANY makes decisions concerning levels of access control based upon sensitivity of the applications and the information that can be accessed through those applications, associated levels of risk, and regulatory requirements. The scope of each employee's authorization is described in the databases or other recording mechanisms that contain the person's authorization profile. Data from each customer is kept separate from other customer data so that access to each set of data can be controlled. Therefore, each employee is able to access only limited data which is relevant to their job function.

2.3 There is a data security function within COMPANY that engages in daily monitoring of COMPANY network access and usage to determine whether authentication and access control measures are functioning properly, to test the functions, and to determine whether access authorizations are being exceeded or abused. COMPANY further has an internal audit function that periodically examines whether users have exceeded the permitted levels of network, system or application access contrary to COMPANY policies and standards.

3. Network Security

Communications networks operated by the COMPANY shall be separated from the internet by firewalls on contact points between the internet and the internal communications networks in order to prevent unauthorized intrusion by unidentified users and protect internal networks.

3. COMPANY employs a variety of additional security measures to prevent unauthorized access to the COMPANY network and abuses of authorized access. These include network access controls, including firewall technology, both hardware and software components, network intrusion detection technology, and encryption technology on a selected basis where appropriate. These technologies are reviewed in light of the latest technological developments and are periodically updated. COMPANY has a group of staff members within COMPANY ' information services department that are tasked with protecting, maintaining, and monitoring the security and integrity of the COMPANY network.

Server Security

All COMPANY systems or applications are protected by security equipments such as firewall, router and switch. COMPANY's security program checks security level of systems or server against the COMPANY security policy. IT staff monitors COMPANY security level continuously.

. COMPANY has in place business processes and the necessary software, hardware, and facilities to back-up data residing on the COMPANY network. These processes and technology features include manual and automated data backup procedures and redundant computer systems, Data Centers, power supplies, power sources, and telecommunications feeds.

. Physical Measures

.1 Access to Building Control

The technical equipment for data operations within the primary COMPANY data centre is located in a separate part of the data centre which is reinforced with solid walls. All entrances are closed with stable doors. The doors are locked at all times. The buildings are equipped with an alarm system and protected by security services to monitor unauthorized entry. Entrance and exit are supervised. All doors that give access to different areas of the data operations are equipped with electromagnetic locks and electronic door lock systems ("proximity-reader").

Access is given only to employees and contractors of COMPANY who are in the possession of a valid pass for an electronic door lock system bearing their photo. The electronic door lock systems installed at every door which separates the different areas of the data operations only gives access to the premises for those employees who are authorized to enter the specific area of data operation. Authorization has to be granted by responsible managers. The Corporate Security Department is responsible for handing out and collecting of electronic passes to all COMPANY employees. The responsible manager and corporate security examines whether a specific person's access to a particular area of data operations is necessary. Those examinations are carried out prior to issuance and periodically thereafter.

At the time of termination of a person's employment with COMPANY, the manager or other authorized person collects the former employee's electronic pass and Security blocks the particular pass within the electronic door lock systems. Additionally, processes are in place for the revocation of terminated employee's information systems access.

Visitors have to apply for a visitor card at the receptionist or attendant's desk. The purpose for the visit and the name of the contact person are recorded. Access is granted only to those visitors who received a visitor card and who are accompanied by COMPANY employees. Visitors must be accompanied by a COMPANY employee.

.2 Storage Media Control

Storage media are kept in locked rooms. Every storages medium that is removed from the data operation systems is stored in the locked storage room.

Only the appropriate operations center operator within every shift has access to this room. Every storage media that is removed from the room or is stored within the room is listed in a storage media register to be kept by the personnel who are responsible for the storage of such media.

The erasure or destruction of storage media is mentioned in the aforementioned register.

II. ORGANIZATIONAL SECURITY MEASURES

COMPANY has policies and procedures that address security measures, with a goal of protecting all information properties including customer data and other trade secrets owned by COMPANY. These security measures apply to all people who enter or leave the COMPANY's premises or who use the Company's IT equipment including employees and contractors of the COMPANY and its affiliates and business partners.

These policies and procedures are notified to all employees also anytime accessible by any employee from Human Resource Department.

1. Authentication

COMPANY requires that all persons that use COMPANY information systems in any form for any job have individual authentication credentials. Depending upon the level of access, the source of access or the nature of the information asset being accessed the credentials may include strong authentication credentials. These requirements are established by written policies and practices. In addition, COMPANY engages in management-level compliance training that specifically includes COMPANY network authentication and related processes.

2. Access Control

COMPANY has policies and procedures that address provision of access on a limited basis, with a goal of limiting access to only to the information and systems that are necessary for the user to perform their job functions. Such a limitation is dependent on the systems being used and the applications available. An example of such a limitation is technical support personnel who have administrative rights that are based upon a specific application, a group of computers, or a group of telecom equipment according to their assigned jobs. Access privileges are issued, modified, and revoked as persons change job functions and as employment is terminated.

3. Audit

Internal audit and external auditors periodically audit the company's practices to ensure proper security controls, processes, and procedures are in place and effective in the protection of our operations. There are periodic audits by internal/external security organization to identify the potential vulnerability of COMPANY to abuses of authorized access and unauthorized access attempts. COMPANY Information Services continually monitors the COMPANY network, systems and applications to identify unauthorized access to and use of same.

4. Training

COMPANY trains its employees on proper handling of authentication credentials and authorized access to and use of the COMPANY network. COMPANY has a policy addressing electronic communications that specifically identifies for employees and contractors rules concerning use of COMPANY electronic communications assets, including the COMPANY network. COMPANY also has relevant procedures through its policies concerning handling of company information, trade secrets, and intellectual property. COMPANY enforces these policies and rules through disciplinary action including, in appropriate circumstances, termination of employment. COMPANY has audit processes and an internal audit group focused on monitoring compliance with these policies.

5. COMPANY Organizational Resources

5.1 COMPANY has a cross-functional Safeguards and Security Committee. Members of the Committee are corporate officers and senior security personnel. This Committee is active in monitoring relevant activities and proposing and reviewing policies in these areas and implementing safeguards for information security and physical security needs.

5.2 COMPANY has a Chief Security Officer whose responsibility to assist in the development of appropriate policies and procedures relating to privacy and security and to provide leadership to various groups and initiatives within COMPANY directed at enhancing measures for the protection of both COMPANY data and customer data within COMPANY ' possession.

5.3 [COMPANY has a Virtual Privacy Office that supports the Chief Privacy Officer and others involved in privacy matters. The Virtual Privacy Office is a team comprised of representatives from the business groups and support functions. The team develops training materials, reference materials, policies and procedures and engages in other activities designed to enhance the privacy program at COMPANY.] [E9] 


 [E1]Please insert the date.

 [E2] Can you please check that this is an accurate and complete list of all Samsung data controllers who may be exporting data under this agreement.

 [E3]Can you please check that this is an accurate and complete list of all Samsung data importers who may be processing data under this agreement.

 [E4] [E4]Please review this appendix for accuracy. It contains details on the information processed under this DTA. It has been drafted based on the information in the privacy policy but it is in draft form only and its it needs to be checked by Samsung.

 [E5]Please amend this description of Samsung's business accordingly. This description is in draft only.

 [E6]Do the Samsung Data Exporters process Sensitive Personal Data / will Sensitive Personal Data be transferred to the Samsung Data Importer? It is important to check this point.

 [E7]These data flow charts have been adapted further by DB Cho and Crysta Lee's team. These data flows are the version sent by Joon Yong Park on 7 August.

 [E8]Please note that this document is in draft only (draft dated 21/07/08). In particular, please see the comment at paragraph 5.3 below. This document provides an overview of the technical and organisational security measures adopted by Samsung in relation to the underlying data transfers. It has been discussed with Hae Ki Park, Security Manager and Kyung Tae Lee, European Security Assistant but please have a look and let us have your comments.

 [E9]Please note that we have not fully discussed the particular issue of whether there should be a Virtual Privacy Office. This needs to be discussed further prior to execution of this agreement. This is a further aspect in the proposed creation of a privacy organization within Samsung.



Politica de confidentialitate | Termeni si conditii de utilizare



DISTRIBUIE DOCUMENTUL

Comentarii


Vizualizari: 2373
Importanta: rank

Comenteaza documentul:

Te rugam sa te autentifici sau sa iti faci cont pentru a putea comenta

Creaza cont nou

Termeni si conditii de utilizare | Contact
© SCRIGROUP 2024 . All rights reserved