Personal Information Protection Policy
HOME Other Personal Information Protection Policy
All personal information handled by The Korean Society of International Agriculture complies with the Personal Information Protection Act and other related laws, and has the following processing policy to protect users' personal information and rights and to smoothly deal with users' personal information-related grievances.
Article 1. Purpose of Processing Personal Information
All personal information handled by our website is collected, retained, and processed based on relevant laws, such as the Personal Information Protection Act, or with the consent of the users. Personal information collected is processed for the following purposes. Personal information processed will not be used for any purpose other than the following purposes, and prior consent will be sought if the purpose of use is changed.
① Membership Sign-up and Management
Personal information is processed for the purpose of personal identification, prevention of illegal or unauthorized use, age verification, preservation of records for dispute settlement, handling of complaints and delivery of notices, etc. in relation to the use of membership services such as using the original texts provided by the website and posting writings, etc.
② Processing for Other Services
Personal information is processed for projects and services implemented by the Society, such as issuing certificates, managing membership fees, online thesis entry review system, and pre-registration for academic conferences, etc.
Article 2. Processing and Retention Period of Personal Information
① In principle, personal information collected will be destroyed immediately after the purpose of personal information processing is achieved. In addition, if there is a request for membership withdrawal or deletion of personal information, it will be destroyed without delay in a way that cannot be restored.
② However, if it is necessary to preserve users' personal information according to bylaws or other laws, the provisions of the relevant laws will be followed.
Article 3. Matters concerning the Provision of Personal Information to Third Parties
In principle, our homepage processes users' personal information within the scope specified for collection and utilization purposes, and will neither process it beyond the scope of the original purpose nor provide it to third parties without the user's prior consent, except in the following cases. However, personal information can be processed in the following cases:
1. Where separate consent is obtained from the user;
2. Where provision is required by law, etc.;
3. Where the user or his/her legal representative is unable to express his/her opinion or it is impossible to obtain his/her prior consent due to unknown address, etc. and it is clearly deemed necessary for urgent interests of the user or third party's life, body or property;
4. Where personal information is required for the purpose of statistics and academic research, etc. and provided in a form that cannot identify specific individuals;
5. Where necessary for investigation and prosecution of a crime;
6. Where necessary for the court's trial proceedings;
7. Where necessary for execution of sentence, custody, and protective disposition.
Article 4. Matters concerning the Entrustment of Personal Information Processing
In the case of entrusting personal information processing, related information is posted on the website so that users can check it. The selection or change of the entrusted agency will be notified through the notice and personal information processing policy.
Article 5. Matters concerning the Rights and Obligations of Users and Legal Representatives and their Methods of Exercise
① Users (legal representatives if they are under 14 years of age) may exercise the following rights for personal information protection at any time:
1. Request for access to personal information;
2. Request for correction in case of errors, etc.;
3. Request for deletion;
4. Request for processing suspension.
② The rights under the paragraph 1 can be exercised in writing, e-mail, FAX, etc. after filling out the Form No. 8 attached to the Enforcement Rule of the Personal Information Protection Act, and we will take action without delay.
※ For requests for personal information access, correction, or deletion, the user can directly correct or withdraw through 'modification of member information' or 'withdrawal of membership', etc. after completing a personal verification process.
③ If a user requests correction or deletion of personal information errors, etc., such personal information will not be used or provided until correction or deletion is completed.
④ The exercise of rights under the paragraph 1 may be carried out through the user's legal representative or through his/her agent, such as the person delegated. In this case, a power of attorney shall be submitted in the Form No. 11 attached to the Enforcement Rule of the Personal Information Protection Act.
⑤ For requests for personal information access and processing suspension, users' rights may be restricted under Paragraph 5 of Article 35 and Paragraph 2 of Article 37 of the Personal Information Protection Act.
⑥ For requests for correction or deletion of personal information, deletion cannot be allowed if the personal information is specified as a subject for collection in other laws.
⑦ The person who made the request for access, correction or deletion, or suspension of personal information processing, etc. will be verified for whether he/she is the person concerned or a legitimate agent.
Article 6. Personal Information Items Processed
① Personal information processed by our website is limited only to the minimum amount of personal information necessary for the tasks of the Society and as specified by laws, and details are posted on the website to guide users.
② The essential items of personal information processed by our homepage are as follows:
③ Our homepage can collect and process additional personal information other than the essential items above as needed.
Article 7. Procedures and Methods for Destroying Personal Information
In principle, our homepage destroys personal information that has achieved the purpose of personal information processing without delay. However, this may not be the case if it is to be preserved in accordance with other laws. Procedure, deadline, and method of destruction are as follows:
① Destruction procedure
Unnecessary personal information and personal information files are processed as follows in accordance with the internal policy under the responsibility of the person in charge of personal information.
- Destruction of personal information
Personal information over the retention period will be destroyed without delay from the end date.
- Destruction of personal information files
If the personal information file becomes unnecessary due to achieving the purpose of processing the personal information file, abolishing the relevant service, or terminating the project, etc., the personal information file will be destroyed without delay from the date it is deemed unnecessary to process the personal information.
② Destruction method
1) Information in electronic form is destructed by using a technical method that cannot be restored.
2) Personal information printed on paper is shredded or destroyed through incineration.
Article 8. Measures to Secure the Safety of Personal Information
To ensure the safety of personal information, the following measures are taken:
1. Minimizing personal information handling staffs and training them
Personal information handling staffs are designated and managed only at the minimum level required, and they are trained for safe management.
2. Restricting access to personal information
We take necessary measures to control access to personal information through granting, changing, or deleting access to the personal information processing system that processes personal information, and we control unauthorized access from outside by using the intrusion prevention system.
3. Storage of access records
We keep and manage access records to the personal information processing system for at least 6 months.
4. Encryption of personal information
Personal information is stored and managed safely through encryption, etc. In addition, we use separate security features such as encryption of important data when storing and transmitting them.
5. Installation, regular inspection and renewal of security programs
To prevent personal information leakage or damage caused by hacking or computer viruses, etc., we install, update and inspect security programs regularly.
6. Access control of unauthorized personnel
We set aside a separate physical storage location for the personal information processing system, which stores personal information, and establish and operate access control procedures.
Article 9. Remedy for Infringement of Rights and Interests
Users may apply for dispute settlement or consultation with the Personal Information Dispute Mediation Committee and the Korea Internet & Security Agency's Personal Information Infringement Reporting Center in order to receive relief from damage caused by personal information infringement.
☞ Personal Information Dispute Mediation Committee(www.kopico.go.kr)
☞ Personal Information Infringement Reporting Center (without area code) (privacy.kisa.or.kr)
☞ Cyber Investigation Division of the Supreme Prosecutors' Office (www.spo.go.kr)
☞ Cyber Security Bureau of the National Police Agency (cyberbureau.police.go.kr)
In addition, a person whose rights or interests have been infringed upon by an action or non-action by the head of a public institution to the user’s request for access, correction/deletion or processing suspension of personal information, etc. may apply for an administrative appeal as prescribed by the Administrative Appeals Act.
☞ Refer to the telephone number information of the Central Administrative Appeals Commission (www.simpan.go.kr)
Article 10. Contact Information of the Personal Information Protection Officer and Staff
Article 11. Modification of Privacy Policy
This Privacy Policy will take effect from November 14, 2017.
Article 1. Purpose of Processing Personal Information
All personal information handled by our website is collected, retained, and processed based on relevant laws, such as the Personal Information Protection Act, or with the consent of the users. Personal information collected is processed for the following purposes. Personal information processed will not be used for any purpose other than the following purposes, and prior consent will be sought if the purpose of use is changed.
① Membership Sign-up and Management
Personal information is processed for the purpose of personal identification, prevention of illegal or unauthorized use, age verification, preservation of records for dispute settlement, handling of complaints and delivery of notices, etc. in relation to the use of membership services such as using the original texts provided by the website and posting writings, etc.
② Processing for Other Services
Personal information is processed for projects and services implemented by the Society, such as issuing certificates, managing membership fees, online thesis entry review system, and pre-registration for academic conferences, etc.
Article 2. Processing and Retention Period of Personal Information
① In principle, personal information collected will be destroyed immediately after the purpose of personal information processing is achieved. In addition, if there is a request for membership withdrawal or deletion of personal information, it will be destroyed without delay in a way that cannot be restored.
② However, if it is necessary to preserve users' personal information according to bylaws or other laws, the provisions of the relevant laws will be followed.
Article 3. Matters concerning the Provision of Personal Information to Third Parties
In principle, our homepage processes users' personal information within the scope specified for collection and utilization purposes, and will neither process it beyond the scope of the original purpose nor provide it to third parties without the user's prior consent, except in the following cases. However, personal information can be processed in the following cases:
1. Where separate consent is obtained from the user;
2. Where provision is required by law, etc.;
3. Where the user or his/her legal representative is unable to express his/her opinion or it is impossible to obtain his/her prior consent due to unknown address, etc. and it is clearly deemed necessary for urgent interests of the user or third party's life, body or property;
4. Where personal information is required for the purpose of statistics and academic research, etc. and provided in a form that cannot identify specific individuals;
5. Where necessary for investigation and prosecution of a crime;
6. Where necessary for the court's trial proceedings;
7. Where necessary for execution of sentence, custody, and protective disposition.
Article 4. Matters concerning the Entrustment of Personal Information Processing
In the case of entrusting personal information processing, related information is posted on the website so that users can check it. The selection or change of the entrusted agency will be notified through the notice and personal information processing policy.
Article 5. Matters concerning the Rights and Obligations of Users and Legal Representatives and their Methods of Exercise
① Users (legal representatives if they are under 14 years of age) may exercise the following rights for personal information protection at any time:
1. Request for access to personal information;
2. Request for correction in case of errors, etc.;
3. Request for deletion;
4. Request for processing suspension.
② The rights under the paragraph 1 can be exercised in writing, e-mail, FAX, etc. after filling out the Form No. 8 attached to the Enforcement Rule of the Personal Information Protection Act, and we will take action without delay.
※ For requests for personal information access, correction, or deletion, the user can directly correct or withdraw through 'modification of member information' or 'withdrawal of membership', etc. after completing a personal verification process.
③ If a user requests correction or deletion of personal information errors, etc., such personal information will not be used or provided until correction or deletion is completed.
④ The exercise of rights under the paragraph 1 may be carried out through the user's legal representative or through his/her agent, such as the person delegated. In this case, a power of attorney shall be submitted in the Form No. 11 attached to the Enforcement Rule of the Personal Information Protection Act.
⑤ For requests for personal information access and processing suspension, users' rights may be restricted under Paragraph 5 of Article 35 and Paragraph 2 of Article 37 of the Personal Information Protection Act.
⑥ For requests for correction or deletion of personal information, deletion cannot be allowed if the personal information is specified as a subject for collection in other laws.
⑦ The person who made the request for access, correction or deletion, or suspension of personal information processing, etc. will be verified for whether he/she is the person concerned or a legitimate agent.
Article 6. Personal Information Items Processed
① Personal information processed by our website is limited only to the minimum amount of personal information necessary for the tasks of the Society and as specified by laws, and details are posted on the website to guide users.
② The essential items of personal information processed by our homepage are as follows:
| Personal information file name | Member management | |
|---|---|---|
| Main item | ID, password, phone number (cell phone), e-mail, etc. | |
| Purpose of retention | Member management, use of original texts, use of bulletin boards, entry and examination of papers, sending newsletters, etc. | |
| Basis of retention | User consent | |
| Period of retention | Until the withdrawal and deletion of membership | |
Article 7. Procedures and Methods for Destroying Personal Information
In principle, our homepage destroys personal information that has achieved the purpose of personal information processing without delay. However, this may not be the case if it is to be preserved in accordance with other laws. Procedure, deadline, and method of destruction are as follows:
① Destruction procedure
Unnecessary personal information and personal information files are processed as follows in accordance with the internal policy under the responsibility of the person in charge of personal information.
- Destruction of personal information
Personal information over the retention period will be destroyed without delay from the end date.
- Destruction of personal information files
If the personal information file becomes unnecessary due to achieving the purpose of processing the personal information file, abolishing the relevant service, or terminating the project, etc., the personal information file will be destroyed without delay from the date it is deemed unnecessary to process the personal information.
② Destruction method
1) Information in electronic form is destructed by using a technical method that cannot be restored.
2) Personal information printed on paper is shredded or destroyed through incineration.
Article 8. Measures to Secure the Safety of Personal Information
To ensure the safety of personal information, the following measures are taken:
1. Minimizing personal information handling staffs and training them
Personal information handling staffs are designated and managed only at the minimum level required, and they are trained for safe management.
2. Restricting access to personal information
We take necessary measures to control access to personal information through granting, changing, or deleting access to the personal information processing system that processes personal information, and we control unauthorized access from outside by using the intrusion prevention system.
3. Storage of access records
We keep and manage access records to the personal information processing system for at least 6 months.
4. Encryption of personal information
Personal information is stored and managed safely through encryption, etc. In addition, we use separate security features such as encryption of important data when storing and transmitting them.
5. Installation, regular inspection and renewal of security programs
To prevent personal information leakage or damage caused by hacking or computer viruses, etc., we install, update and inspect security programs regularly.
6. Access control of unauthorized personnel
We set aside a separate physical storage location for the personal information processing system, which stores personal information, and establish and operate access control procedures.
Article 9. Remedy for Infringement of Rights and Interests
Users may apply for dispute settlement or consultation with the Personal Information Dispute Mediation Committee and the Korea Internet & Security Agency's Personal Information Infringement Reporting Center in order to receive relief from damage caused by personal information infringement.
☞ Personal Information Dispute Mediation Committee(www.kopico.go.kr)
☞ Personal Information Infringement Reporting Center (without area code) (privacy.kisa.or.kr)
☞ Cyber Investigation Division of the Supreme Prosecutors' Office (www.spo.go.kr)
☞ Cyber Security Bureau of the National Police Agency (cyberbureau.police.go.kr)
In addition, a person whose rights or interests have been infringed upon by an action or non-action by the head of a public institution to the user’s request for access, correction/deletion or processing suspension of personal information, etc. may apply for an administrative appeal as prescribed by the Administrative Appeals Act.
☞ Refer to the telephone number information of the Central Administrative Appeals Commission (www.simpan.go.kr)
Article 10. Contact Information of the Personal Information Protection Officer and Staff
| Classification | Organization name | Name | Contact information |
|---|---|---|---|
| Personal Information Protection Officer | The Korean Society of International Agriculture | Lee Ho-sun | +82-63-238-1118 |
| Personal Information Protection Staff | The Korean Society of International Agriculture | Bak Jin-jeong | +82-63-238-1136 |
Article 11. Modification of Privacy Policy
This Privacy Policy will take effect from November 14, 2017.
