South Korea: Data Protection Laws of the World Handbook: Second Edition - South Korea

E-Commerce And Privacy Alert

LAW

In the past, South Korea did not have a comprehensive law governing data privacy. However, a new law relating to protection of personal information (Personal Information Protection Act, "PIPA") was enacted and became effective as of 30 September 2011.

Moreover, there is sector specific legislation such as:

  • The Act on Promotion of Information and Communication Network Utilization and Information Protection ("IT Network Act") which regulates the collection and use of personal information by IT Service Providers, defined as telecommunications business operators under Article 2.8 of the Telecommunications Business Act; and other persons who provide information or intermediate the provision of information for profit by utilizing services rendered by a telecommunications business operator;
  • The Use and Protection of Credit Information Act ("UPCIA") which regulates the use and disclosure of Personal Credit Information, defined as credit information which is necessary to determine the credit rating, credit transaction capacity, etc. of an individual person. The UPCIA primarily applies to a Credit Information Providers/Users, defined under Article 2.7 of the UPCIA as a person (entity) prescribed by Presidential Decree thereof who provides any third party with credit information obtained or produced in relation to his/her own business for purposes of commercial transactions, such as financial transactions with customers, or who has been continuously supplied with credit information from any third party to use such information for his/her own business; and
  • The Act on Real Name Financial Transactions and Guarantee of Secrecy ("ARNFTGS") which applies to information obtained by financial or financial services institutions.

Under PIPA, except as otherwise provided for in any other Act, the protection of personal information shall be governed by the provisions of PIPA.

DEFINITION OF PERSONAL DATA

Under PIPA, information pertaining to a living individual, which contains information identifying a specific person with a name, a national identification number, images, or other similar information (including information that does not, by itself, make it possible to identify a specific person but that which enables the recipient of the information to easily identify such person if combined with another information).

Under the IT Network Act, information pertaining to a living individual, which contains information identifying a specific person with a name, a national identification number, or similar in a form of code, letter, voice, sound, image, or any other form (including information that does not, by itself, make it possible to identify a specific person but that enables to identify such person easily if combined with another information).

The relevant Korean authorities' understanding is that the construction of Personal Data under PIPA and that under IT Network Act are same in spite of subtle difference in definition wordings.

DEFINITION OF SENSITIVE PERSONAL DATA

Under PIPA, Sensitive Personal Data is defined as Personal Data consisting of information relating to a living individual's: (i) thoughts or creed; (ii) history regarding membership in a political party or labor union; (iii) political views; (iv) health care and sexual life; and (v) other Personal Data stipulated under the Enforcement Decree (the Presidential Decree) which is anticipated to otherwise intrude seriously upon the privacy of the person. The Enforcement Decree of PIPA includes genetic information and criminal record as Sensitive Personal Data. IT Network Act also has a similar definition.

NATIONAL DATA PROTECTION AUTHORITY

The Minister of Public Administration and Security (the "MOPAS") is in charge of the execution of PIPA.

The Korea Communications Commission (the "KCC") is in charge of the execution of the IT Network Act.

REGISTRATION

Under PIPA, a public institution which manages a Personal Data file (collection of Personal Data) shall register the following with the MOPAS: (a) name of the Personal Data file; (b) basis and purpose of operation of the Personal Data file; (c) items of Personal Data which are recorded in the Personal Data file; (d) the method to process Personal Data; (e) period to retain Personal Data; (f) person who receives Personal Data generally or repeatedly; and (g) other matters prescribed by Presidential Decree. A "public institution" in this context refers to any government agency or institution.

The Presidential Decree of PIPA stipulates that the followings also shall be registered before MOPAS:

  • the name of the institution which operates the Personal Data file;
  • the number of subjects of the Personal Data included in the Personal Data file;
  • the department of the institution in charge of Personal Data processing;
  • the department of the institution handling the Personal Data subjects' request for inspection of Personal Data; and
  • the scope of Personal Data inspection of which can be restricted or rejected and the grounds therefore.

Only "public institutions" are required to register before the MOPAS.

DATA PROTECTION OFFICERS

Under PIPA, every Data Handler (which means any person, any government entity, company, individual or other person that, directly or through a third party, handles Personal Data in order to manage Personal Data files for work purposes) must to designate a data protection officer.

Under IT Network Act, every IT Service Provider must designate a director or chief officer of department in charge of handling Personal Data as a data protection officer. Pursuant to Presidential Decree of the IT Network Act to, an IT Service Provider with less than 5 employees, the owner or representative director shall be the person in charge.

COLLECTION AND PROCESSING

If a Data Handler under PIPA or an IT Service Provider under IT Network Act intends to collect Personal Data from the data subject or IT service user, it must:

  • first notify the data subject or IT service user of the vital information stipulated under the law; and
  • obtain the data subject's or IT service user's prior consent to such collection other than some exceptional cases stipulated under the law.

If a Data Handler under PIPA intends to collect Sensitive Personal Information, the consent must be separately obtained.

Under the newly amended IT Network Act, which became effective as of 18 August 2012, an IT Service Provider shall not collect a Resident Registration number (equivalent to Social Security number in the United States), unless (i) the IT Service Provider is designated as an identification institution by the KCC; or (ii) there exist special provisions under any other laws or Notification of the KCC.

Under the PIPA, prior to obtaining the prerequisite consent for collecting Personal Data from a data subject, a Data Handler must notify the data subject of (a) the purpose of collection and use of Personal Data, (b) items of Personal Data to be collected and (c) time period for possession and use of Personal Data, (d) the fact that the data subject has the right to refuse to consent and the consequences of refusing.

Under the IT Network Act, prior to obtaining prerequisite consent for collecting Personal Data from IT service user, an IT Service Provider must notify the IT service user of (a) the purpose of collection and use of Personal Data, (b) items of Personal Data to collect and (c) time period for possession and use of Personal Data.

When a certain business transfer occurs, the Data Handler or IT service provider, must provide its data subjects or IT service users a chance to opt out by providing a notice, including items of: (a) the expected occurrence of Personal Data transfers; (b) the contact information of the recipient of the Personal Data, including the name, address, telephone number and other contact details of the recipient; and (c) the means and process by which the data subject or IT service user may refuse to consent to the transfer of Personal Data.

If the data subject or IT service user is under 14, the consent of his/her legal guardian must be obtained.

As a general rule, a Data Handler under PIPA or an IT Service Provider under IT Network Act may not handle Personal Data, without obtaining the prior consent of the data subject or IT service user, beyond the scope necessary for the achievement of the Purpose of Use. This general rule also applies where a Data Handler or IT Service Provider acquires Personal Data as a result of a merger or acquisition.

Exceptions to the general rule above apply in the following cases under PIPA:

  • Where there exist special provisions in any Act or it is inevitable to fulfil an obligation imposed by or under any Act and subordinate statute;
  • Where it is inevitable for a public institution to perform its affairs provided for in any Act and subordinate statute, etc.;
  • Where it is inevitably necessary for entering into and performing a contract with a subject of Personal Data;
  • Where it is deemed obviously necessary for the physical safety and property interests of a subject of Personal Data or a third person when the subject of Personal Data or his/her legal representative cannot give prior consent because he/she is unable to express his/her intention or by reason of his/her unidentified address, etc.; and
  • Where it is necessary for a Data Handler to realise his/her legitimate interests and this obviously takes precedence over the rights of a subject of Personal Data. In such cases, this shall be limited to cases where such data is substantially relevant to a Data Handler's legitimate interests and reasonable scope is not exceeded.

Exceptions to the general the rule above apply in the following cases under IT Network Act:

  • If the Personal Data is necessary in performing the contract on provision of IT services, but it is obviously difficult to get consent in an ordinary way due to any economic or technical reason;
  • If it is necessary in settling the payment for charges on the IT services rendered; and
  • If a specific provision exists in this Act or any other Act.

Under the ARNFTGS, financial institutions must obtain written consent for the disclosure of an individual's information relating to his/her financial transactions.

TRANSFER

As a general rule, a Data Handler or an IT Service Provider may not provide Personal Data to a third party without obtaining the prior opt in consent of the data subject or IT service user.

Exceptions to the general rule above apply in the following cases under PIPA:

  • Where there exist special provisions in any Act or it is necessary to fulfil an obligation imposed by or under any Act and subordinate statute;
  • Where it is necessary for a public institution to perform its affairs provided for in any Act and subordinate statute, etc.; and
  • Where it is deemed obviously necessary for physical safety and property interests of a subject of Personal Data or a third person when the subject of Personal Data or his/her legal representative cannot give prior consent because he/she is unable to express his/her intention or by reason of his/her unidentified address, etc.

Exceptions to the general rule above apply under IT Network Act if a specific provision exists in this Act or any other act otherwise.

Under PIPA, a Data Handler must obtain consent after it notifies the data subject of (a) the person (entity) to whom the Personal Data is furnished, (b) purpose of use of the Personal Data by the person (entity), (c) types of Personal Data furnished, (d) period of time during which the person (entity) will possess and use the Personal Data and (e) the fact that the data subject has the right to refuse to consent and the consequences of refusing.

Under the IT Network Act, an IT Service Provider must notify the IT service user of (a) the person (entity) to whom the Personal Data is furnished, (b) purpose of use of the Personal Data by the person (entity), (c) types of Personal Data furnished and (d) period of time during which the person (entity) will possess and use the Personal Data, and then obtain consent from the IT service user.

The UPCIA stipulates that prior to obtaining prerequisite consent for providing personal credit information to any other person, a Credit Information Provider/User must notify the credit information subject of (a) the person (entity) to whom the credit information will be furnished;(b) the purpose of use of the Personal Credit Information by the person (entity); (c) the types of Personal Credit Information to be furnished; and (d) the period of time during which the person (entity) will possess and use the Personal Credit Information.

Exceptions to the general rule above apply in the following cases under the UPCIA:

  • Where a Credit Information Company as defined under the Article 2.5 of the UPCIA provides such information for the purpose of performing central management and utilization thereof with another Credit Information Company or Credit Information Collection Agency as defined under the Article 2.6 of the UPCIA;
  • Where such provision is required to perform a contract, and to entrust the processing of credit information under Article 17.2 of the UPCIA;
  • Where the relevant Personal Credit Information is provided as part of rights and obligations that are transferred by way of business transfer, division, merger, etc.;
  • Where Personal Credit Information is provided for a person who uses the information for purposes prescribed by Presidential Decree, including claims collection (applicable only to the credit which is an object of collection), license and authorization, determination of a company's credit worthiness, and transfer of securities;
  • Where Personal Credit Information is provided in accordance with a court order for submission thereof or a warrant issued by a judicial officer;
  • Where such information is provided upon the request of a prosecutor or judicial police officer, in the event of occurrence of an emergency where a victim's life is in danger or he/she is expected to suffer bodily injury, etc., so that no time is available to issue a judicial warrant;
  • Where such information is provided as the head of a competent government office requests, in writing, for the purpose of inquiry and examination in accordance with any laws pertaining to taxes or demands the taxation data required to be provided in accordance with such laws pertaining to taxes;
  • Where Personal Credit Information held by a financial institution is provided to a foreign financial supervisory body in accordance with international conventions, etc.; and
  • Where such information is otherwise provided in accordance with other laws.

Under the ARNFTGS, financial institutions must obtain written consent for the transfer of an individual's information relating to his/her financial transactions to a third party.

SECURITY

Under PIPA and IT Network Act, every Data Handler or IT Service Provider must, when it handles Personal Data of data subject or IT service user, take the following technical and administrative measures in accordance with the guidelines prescribed by Presidential Decree to prevent loss, theft, leakage, alteration, or destruction of Personal Data:

  • establishment and implementation of an internal control plan for handling Personal Data in a safe way;
  • installation and operation of an access control device, such as a system for blocking intrusion to cut off illegal access to Personal Data;
  • measures for preventing fabrication and alteration of access records;
  • measures for security including encryption technology and other methods for safe storage and transmission of Personal Data;
  • measures for preventing intrusion of computer viruses, including installation and operation of vaccine software; and
  • other protective measures necessary for securing the safety of Personal Data.

BREACH NOTIFICATION

Under PIPA, if a breach of Personal Data occurs the Data Handler must notify the data subjects without delay of the details and circumstances, and the remedial steps planned. If the number of affected data subjects exceeds 10,000, the Data Handler shall immediately report the notification to data subjects and the result of measures taken to MOPAS, KISA or the National Information Security Agency (the "NIA").

Under the IT Network Act, an IT Service Provider must, if it discovers an occurrence of intrusion:

  • immediately report it to the KCC or the Korea Internet & Security Agency (the "KISA"); and
  • analyse causes of intrusion and prevent damage from being spread, whenever an intrusion occurs.

The KCC may, if deemed necessary for analyzing causes of an intrusion, order an IT Service Provider to preserve relevant data, such as access records of the relevant information and communications network.

Under the newly amended IT Network Act, which became effective as of 18 August 2012, if a loss, theft or leakage of Personal Data occurs, the IT Service Provider must notify the IT Service user and report to the KCC without delay of the details and circumstances, and the remedial steps planned.

ENFORCEMENT

The competent authorities may request reports on the handling of Personal Data, and also may issue recommendations or orders if a Data Handler or IT Service Provider violates PIPA or the IT Network Act. Non compliance with a request or violation of an order can result in fines, imprisonment, or both.

For example, MOPAS, the supervising authority for Data Handler, can issue a corrective order in response to any breach of an obligation not to provide Personal Data to a third party. Breach of a corrective order leads to an administrative fine of not more than KRW 30 million. Prior to issuing a corrective order, MOPAS may take an incremental approach and instruct, advise and make recommendations to the Data Handler.

Under the IT Network Act, an IT Service Provider who collected Personal Data without consent of the relevant user shall be subject to the penalty of imprisonment for not more than 5 years or a fine not exceeding KRW 50 million.

Under the UPCIA, a Credit Information Provider/User who has provided Personal Credit Information without consent of the relevant credit information subject shall be subject to the penalty of imprisonment of up to 5 years or a fine not exceeding KRW 50 million.

Under the ARNFTGS, a person who discloses information or data concerning financial transactions shall be punished by imprisonment not exceeding 5 years or by a fine not exceeding KRW 30 million.

ELECTRONIC MARKETING

The transmission of an advertisement via an information and communication network, including electronic mails is not prohibited by the IT Network Act, but provides individuals with the right to prevent the processing of their personal data (e.g. a right to "opt out") for electronic marketing purposes. An IT Service Provider who intends to transmit an advertisement by information and communication network must specify the following information in the advertisement.

  • The type and main contents of the transmitted information;
  • The name and contact information of the sender;
  • The source from which the electronic mail address was collected (applicable only when transmitted by electronic mail); and
  • Matters concerning the measures and method by which the addressee can express his intention to decline reception of the information easily.

A person who intends to transmit an advertisement by telephone (includes SMS text messages) or facsimile shall obtain a prior consent (e.g. a right to "opt in") from the addressee, unless (a) the person who has collected an addressee's contact information directly through a transaction of goods, etc. intends to transmit to the addressee any advertising information for profit concerning the goods, etc. offered by that person or (b) the relevant advertising information falls under the definition of an advertisement under the Act on the Consumer Protection in the Electronic Commerce Transactions, etc. or a soliciting telephone call under the Door-to-Door Sales, etc. Act. A person who intends to transmit an advertisement by telephone or facsimile must specify the following information.

  • The name and contact information of the sender; and
  • Matters concerning the measures and method by which the recipient can express his intention to revoke his consent to receive the information easily.

A person who transmits an advertisement shall not take any of the following technical measures.

  • A measure to avoid or impede the addressee's denial of reception of the advertising information or the revocation of his consent to receive such information;
  • A measure to generate an addressee's contact information, such as telephone number and electronic mail address, automatically by combining figures, codes, or letters;
  • A measure to register electronic mail addresses automatically with intent to transmit advertising information for profit; and
  • Various measures to hide the identity of the sender of advertising information or the source of transmission of an advertisement.

ONLINE PRIVACY (INCLUDING COOKIES AND LOCATION DATA)

Cookie, log, IP information, etc. are also regulated by the IT Network Act as personal data, which if combined with other information enable the identification a specific individual person easily. Under the IT Network Act, using cookies (or web beacons) must be done with the opt-out consent of the user and the privacy policy must publicise the matters concerning installation, operation and opt-out process for automated means of collecting personal information, such as cookies, logs and web beacons.

The protection of location information is governed by the provisions of the Act on the Protection, Use, etc. of Location Information (the "LBS Act").

Under the LBS Act, any person who intends to collect, use, or provide location information of a person or mobile object shall obtain the prior consent of the person or the owner of the object, unless (a) where there is a request for emergency relief or the issuance of a warning by an emergency rescue and relief agency; (b) where there is a request by a police for the rescue of the person whose life or physical safety is in immediate danger; or (c) where there exist special provisions in any Act.

Under the LBS Act, any person (entity) who intends to provide services based on location information (the "Location-based Service Provider") shall report to the KCC. Further, any person (entity) who intends to collect location information and provide the collected location information to location-based service providers (the "Location Information Provider") shall obtain a license from the KCC.

If a Location Information Provider intends to collect personal location information, it must specify the following information in its service agreement, and obtain the consent of the subjects of personal location information.

  • Name, address, phone number and other contact information of the Location Information Provider;
  • Rights held by the subjects of personal location information and their legal agents and methods of exercising the rights;
  • Details of the services the Location Information Provider intends to provide to Locationbased Service Providers;
  • Grounds for and period of retaining data confirming the collection of location information; and
  • Methods of collecting location information.

If a Location-based Service Provider intends to provide location-based service by utilising personal location information provided from Location Information Provider, it must specify the following information in its service agreement, and obtain the consent of the subjects of personal location information;

  • Name, address, phone number and other contact information of the Location-based Service Provider;
  • Rights held by the subjects of personal location information and their legal agents and methods of exercising the rights;
  • Details of the Location-based Services;
  • Grounds for and period of retaining data confirming the use and provision of location information; and
  • Matters concerning notifying the personal location information subject of the provision of location information to a third party as below.

If a Location-based Service Provider intends to provide location information to a third party, in addition to the above, it must notify the subjects of personal location information of the third party who will receive the location information and the purpose of this provision.

© DLA Piper

This publication is intended as a general overview and discussion of the subjects dealt with. It is not intended to be, and should not used as, a substitute for taking legal advice in any specific situation. DLA Piper Australia will accept no responsibility for any actions taken or not taken on the basis of this publication.


DLA Piper Australia is part of DLA Piper, a global law firm, operating through various separate and distinct legal entities. For further information, please refer to www.dlapiper.com

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
 
Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Practice Guides
by Mondaq Advice Centres
Relevancy Powered by MondaqAI
Related Topics
 
Related Articles
 
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.

Disclaimer

The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.

General

Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions