The Korea Foundation (hereinafter, the Foundation) does not use personal information for any purposes other than the following purposes. The Foundation will seek prior consent of users before any changes to such purposes are made.
The Foundation collects a minimum amount of personal information required to provide customer services, handle complaints, and implement its programs.
The Foundation uses personal information obtained under law and with the consent of information subjects in satisfaction survey, statistics analysis, and smooth communication with customers to offer better services.
The Foundation collects and retains personal information under relevant laws and regulations and with information subjects’ consent only. Personal information files retained by the Foundation are as follows:
|File Titles||Processing Grounds & Purposes||Information Stored in Files||Retention Period|
|Website Membership Management File||Membership information management||Name, ID (e-mail address), password, and consent or refusal for e-mail communication||Until membership withdrawal|
|Information on Applicants for Online Social Science Data Services||Consent of information subjects||Name, e-mail address, contact information, mobile phone number, address, and complaintdetails||5 years|
|Screening of applicant qualifications|
|Information on Complaint Submitters||Ethics and practice guidelines||Name, nationality, gender, occupation, department, major, e-mail, mobile phone number, andarea of interest||2 years|
It is, in principle, prohibited to provide personal information retained by the Foundation to athird party, except the following cases:
except when there is a concern for unjust infringement on the interests of information subjectsor a third party
When entrusting personal information processing, the Foundation abides by Article 26 of the Personal Information Protection Act. Accordingly, the Foundation stipulates, in a written document, obligations and responsibilities, including the prohibition of personal information processing for purposes other than entrusted services, technical and managerial protection measures, restriction on re-entrustment, supervision of the entrusted party and compensation for damages, and supervises whether the entrusted party safely handles personal information.
|Entrusted Party||Entrusted Services||Period of Personal Information Retention and Use|
|TRUEBON||System maintenance and repair||Until membership withdrawal or end of entrustment contract|
Users may exercise their rights as Information Subjects as follows: The Foundation may entrust a third party with personal information processing under Article 26 “Restrictions on Personal Information Processing Entrustment” of the Personal Information Protection Act. The Foundation shall make an online announcement of relevant information including purposes, content and period of entrustment, and the entrusted party’s name, address and contact information.
Claim based on form
Decision notice sent within 7 days
Within 15 days of claim collection
For application, please refer to the personal information access request form.Please be informed, however, access may be restricted in the following cases under Item 5, Article 35 of the Personal Information Act:
Information subjects may request the correction or deletion of personal information retained by the Foundation under Article 36 “Correction and Deletion of Personal Information” of the Personal Information Protection Act. They, however, are not allowed to make a request for the deletion of personal information if the collection of such information is stipulated under other laws.
For application, please refer to the personal information correction/deletion request form.
서식에 따른 청구
10일이내 정정조치결과통지서 송부(1회에 한하여 연장 가능)
Information subjects may request the discontinuance of the processing of personal information retained by the Foundation under Article 37 “Discontinuance of Personal Information Processing” of the Personal Information Protection Act.
For application, please refer to the personal information access request form. The Foundation, however, may refuse to accept the request for the discontinuance of personal information processing under Item 2, Article 37 of the Personal Information Protection Act in the following cases:
Please refer to the aforementioned “2. Collection and Retention of Personal Information” regarding the types of personal information processed by the Foundation.
When the personal information retention period has expired or processing purposes are achieved, the Foundation destroys personal information without delay in principle unless such information needs to be preserved under other laws. The process, timing, and methods of personal information disposal are as follows:
In accordance with internal guidelines and relevant laws, the Foundation disposes of information entered by users when the retention period has expired or processing purposes are fulfilled.
Users’ personal information is destroyed within 5 days after the end date of the retention period or after it is deemed that the processing of such information is unnecessary due to the fulfillment of processing purposes.
The Foundation disposes of personal information in the following way:
To protect personal information, content in the Foundation’s message board (Contact the President, Q&A, and Policy Recommendations) is destroyed without delay two years after posting, and such disposal is recorded. Disposal records are managed by a department in charge of website maintenance.
Dormant members are those who have not logged in for two years since they last logged in to the Foundation’s services. Such members’ accounts are considered dormant, and the Foundation may restrict their use of services offered by the Foundation. They need to go through authentication to use the Foundation’s services again after their accounts were classified as dormant ones.
The Foundation appoints personal information protection managers as follows to ensure appropriate collection and processing of personal information, thereby protecting users’ rights and interests and properly conducting programs and activities.
|Senior Manager for Personal Information Protection||Kang Young-pil, Executive Vice President of Finance and Operationsfirstname.lastname@example.org||064-804-1014|
|Manager for Personal Information Protection||PARK Ji-Young, Director, Resource Management Departmentemail@example.com||064-804-1061|
|Staff Member for Personal Information Protection||LEE Kwang-Ho, Senior Program Officer, Resource Management Departmentfirstname.lastname@example.org||064-804-1064|
Under Article 29 “Obligations for Safety Measures” of the Personal Information Protection Act, the Foundation takes technical, managerial, and physical measures for the safety of personal information as follows:
The Foundation controls access to personal information by granting, changing, and cancelling access rights to database system for personal information processing, and blocks unauthorized access by using firewall and detection systems.
The Foundation stores records of access to its website for at least six months, and makes sure such records are not tampered, stolen, or lost.
To prevent personal information leakage and damage by hacking or computer virus, the Foundation installs, renews, and checks safety programs on a regular basis, installs system in an access-restricted area, and conducts technical and physical surveillance and blocking.
The Foundation has set up personal information system in a separate physical area, and controls physical access to the system based on its own access control procedures.
Information subjects may contact the Personal Information Dispute Mediation Committee, the Personal Information Protection Center of the Korea Internet and Security Agency, or other relevant organizations for counselling or dispute settlement regarding any infringement on personal information-related rights and interests. When they find counselling or remedy offered by the Foundation’s Personal Information Protection Managers unsatisfactory, they many inquire at the following organizations: