Privacy Policy
Article 1(The purpose of processing personal information, the period of processing and holding of personal information, and the items of personal information handled)
The purpose of processing and retention period of personal information files registered and disclosed pursuant to Article 32 of the Privacy Act, and how to inquire personal information items handled are as follows. Shortcut to search for personal information files in Chungcheongnam-do
Personal information protection portal(www.privacy.go.kr) of the Ministry of Government Administration and Home Affairs.
Article 2 (Provided by a third party of personal information)
In principle, the Chungcheongnam-do Safety Experience Center handles the personal information of the information subject within the specified scope for collection and utilization purposes. Except for the following cases, it does not process or provide the information subject beyond its original purpose or to a third party without prior consent from the information subject. However, when providing personal information to third parties (Article 17) and other than the scope of the purpose (Article 18 of the Act), the service provider is specified to prepare and manage the "External 3rd Party Supply Register."
- A. In case of obtaining separate consent from the main body of information.
- B. In case there are special provisions in other laws.
- C. In case the information subject or legal representative is unable to express his or her opinion or obtain prior consent due to an unknown address, it is clearly recognized that it is necessary for the urgent interests of the information subject or a third party;
- D. In case necessary for statistical or academic research purposes, personal information is provided in an unrecognizable form for a particular individual;
- E. In case personal information cannot be used for purposes other than the purpose or provided to a third party, it has been deliberated and approved by the Protection Committee.
- F. Where necessary to provide to foreign governments or international organizations for the implementation of treaties and other international agreements;
- G. Company. Necessary for investigation of crime and for filing and maintaining of the indictment;
- H. Ah, if necessary to carry out the court's trial work
- I. Now, if necessary for the execution of sentence and protection and protective measures
Article 3 (Personal Information Processing Consignment)
- The Safety Experience Center in Chungcheongnam-do consigns the following tasks for handling personal information for the smooth handling of personal information.
- Name/submission of the agency
- consignee (assignee)
- consigned purposes and items
- In accordance with Article 26 of the Personal Information Protection Act, the Chungcheongnam-do Safety Experience Center stipulates in the contract and supervises whether the trustee safely handles personal information, including matters related to personal information handling, technical and administrative protection measures, limits on trustees, management and supervision of trustees, and damages, in
- If the contents of the consignment work or the trustee change, we will disclose it through this Privacy Policy without delay.
Article 4 (the right, duty, and method of exercise of the information subject and legal representative)
- The main body of information may exercise the following rights, and the legal representative of children under the age of 14 may require access to, correction, deletion, and suspension of processing of the child's personal information.
- A. Requesting access to personal information
- B. Request for personal information to be corrected and deleted
- C. Request for suspension of personal information processing
- Personal information files held at the Safety Experience Center in Chungcheongnam-do may be required to access personal information pursuant to Article 35 of the Personal Information Protection Act. However, the request for personal information access may be limited as follows by Article 35 Clause 4 of the Act
- A. In case of prohibited or restricted access according to law;
- B. In case there is a risk of harming another person's life or body or of unjustly infringing upon another person's property and other interests
- C. In case a public institution has a significant disruption in performing any of the following tasks
- 1) Tasks related to taxation, collection, or refund of taxes
- 2)Work on the evaluation of grades or selection of admissions in schools of different levels under the Primary and Secondary Education Act and the Lifelong Education Facility under the "Living Education Act" and other higher education institutions set up under other laws
- 3) Testing and qualification examination on academic background, function, and employment
- 4) In-progress assessment or judgment on compensation and payment amount calculation
- 5) Audit and investigation work in progress in accordance with other laws
- Personal information files held at the Safety Experience Center in Chungcheongnam-do can be modified or deleted in accordance with Article 36 of the Personal Information Protection Act. However, if the personal information is specified as the subject of the collection in other statutes, it cannot be requested to be deleted.
- Personal information files that are available at the Safety Experience Center in Chungcheongnam-do can be requested to be suspended in accordance with Article 37 of the Privacy Act (the suspension However, if a request for suspension of personal information processing is made, the request for suspension of processing may be rejected as follows in accordance with Article 37.2 of the Act.
- A. In the event that there is a special provision in the law or that it is inevitable to comply with its obligations under the Act
- B. In case there is a risk of harming another person's life or body or of unjustly infringing upon another person's property and other interests;
- C. In case public institutions cannot perform their duties as prescribed by other laws unless their personal information is processed
- D. In the event that it is difficult to implement the contract, such as failing to provide the information entity and the services promised without processing the personal information, the information entity has not clearly stated its intention to terminate the contract;
Article 5 (The destruction of personal information)
In principle, the safety experience center in Chungcheongnam-do destroys personal information that has been achieved for the purpose of handling personal information without delay. The procedure, time and method for decommissioning are as follows.
- destruction procedure
- Personal information and personal information files shall be processed immediately by the person handling personal information after the purpose is achieved or if necessary, in accordance with the internal policy and related statutes.
- Termination period and method of destruction
- When the retention period expires, or when personal information becomes unnecessary, such as the achievement of the purpose of processing personal information, and the abolition of the business concerned, the information shall be destroyed without delay. Information in electronic file formats uses a technical method that does not allow recording to be replayed. Personal information printed on paper is shredded with a shredder or destroyed through incineration.
Article 6 (Measures to secure the safety of personal information)
The Chungcheongnam-do Safety Experience Center takes the following steps to secure personal information safety.
- Minimizing and Training of Personal Information Handling Staff: Employees handling personal information are designated and managed only by the required number of employees, and training is provided for the safe management of the handling staff.
- Restrictions on access to personal information: The database system handling personal information is kept, changed, and closed records are kept for three years, and unauthorized access is controlled from the outside using the intrusion prevention system.
- Access record storage: Records accessed to the personal information processing system (Web logs, summary information, etc.) are safely stored so that they are not falsified, stolen or lost, and access records kept for at least six months are analyzed and managed on a semiannual basis.
- Encryption of personal information: The personal information processor encrypts and stores unique identification, sensitive information, bio-information, and password. In particular, it encrypts and stores them one-way so that they do not become codified when storing passwords. In addition, the company uses separate security functions (Security server, SSL VPN, etc.) such as encryption and use when transferring personal information.
- Security Program Installation and Periodic Inspection and Renewal: To prevent personal information leakage or damage caused by hacking or computer viruses, we have installed security programs, used automatic updates, or performed updates once or more to maintain and inspect the latest state.
- Control of Access to Management Terminal: Access control is provided to prevent anyone other than the person concerned from accessing and operating the management terminal.
- Access Control to Non-Authorized Persons: The medical institution implements and operates procedures for controlling the transfer and entry of secondary storage media, including personal information, with separate physical storage locations of the personal information system. However, this may not apply if personal information is processed using a work computer or mobile device without operating a separate personal information processing system.
- Response to a crisis in case of a disaster/disaster: a fire, flood, or power failure. In the event of a disaster, we establish and operate crisis response procedures to protect and recover the personal information system.
Article 7 (Relief method for infringement of rights)
Information subject can inquire the following agencies for damage relief, counseling, etc. for personal information infringement
- Personal information infringement report center (operated by Korea Internet and Security Agency)
- Authorized work : Personal information infringement report, consultation request
- Homepage : (privacy.kisa.or.kr)
- Telephone : (without code) 118
- Address : (05717) Personal information infringement report center, Korea Internet and Security Agency, 135, Jungdae-ro, Songpa-gu, Seoul, Republic of Korea
- Personal Information dispute adjustment committee (operated by Personal Information Protection Committee)
- Authorized work : Public information dispute adjustment request, group dispute adjustment (civil remedy)
- Homepage : (www.kopico.go.kr)
- Telephone : (without code) 118, (Representative number) 1833-6972, (FAX) 02-2100-2485
- Address : (03171) 4th floor, 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
- Supreme Prosecutor’s Office Cyber Crime Investigation Center
- Homepage : (www.spo.go.kr)
- Telephone : 02-3480-3571
- email : cybercid@spo.go.kr
- Police Cyber Safety Bureau
- Homepage : (cyberbureau.police.go.kr)
- Telephone : (without code)182
- Also, those who are infringed upon their rights or interests by disposals or omissions made by the head of a public institution in response to the information principal's request for personal information to be read, corrected, deleted, or suspended can request administrative judgment as provided under the Administrative Appeals Act.
- Administrative Appeals Request : Central Administrative Appeals Commission
- Homepage: (www.simpan.go.kr)
- Telephone : Refer to the guidance of the telephone to know how to request for appeal
Article 8 (Personal Information Protection Manager)
Chungcheongnam-do Province designated the privacy manager as below to take responsibility for works related to privacy and to deal with information owner's claims and helping victims.
- Personal Information Protection Manager: Self-governing chief administrator Junggoo Lee
- Personal Information Protection Staff: Information policy Okhee Park
- Telephone : 041-635-3717
Article 9 (Alternation of personal information processing policy)
- This personal information processing policy is effective from 2017. 3. 24.
- You can read the previous personal information processing policy below.
- Personal Information Processing Policy(2016.04.01~2017.03.23) Read the policy