Privacy Policy
In accordance with Article 30 of the 「Personal Information Protection Act」to protect private information of the data subject, and to handle relevant grievances in a prompt and efficient manner, Korea Creative Content Agency (hereinafter “KOCCA”) establishes and discloses its Privacy Policy as follows.
Paragraph 1. Purpose and Period of Processing and Retaining Personal Information
-
① For the details such as the purpose, items, and period of retaining personal information files that KOCCA processes and retains, please click on each item below.
-
1. List of Website Membership
- Purpose of Processing
- For self-authentication; maintenance and management of membership qualification; prevention of unlawful use of service; notifying and handling grievances due to the provision of membership service.
- Evidence of Retainment
- Consent of Data Subject
- Items of Personal Information
-
- [Professional Members]Required: name, e-mail, mobile phone number, company name, department/position, office phone number
- [Corporate Members]
Required: company name, business registration number, representative, address, main phone number, name, mobile phone number, e-mail, department and position, office phone number
Optional: fax number
- Period of Retainment
- Semi-permanent storage
-
2. List of Consulting and Online Applications
- Purpose of Processing
- Requests for processing personal information, management of online application, etc.
- Evidence of Retainment
- Consent of Data Subject
- Items of Personal Information
-
- [Damage Reports for Business in China & Consulting for Entering into Overseas Market]Required: company name, name, mobile phone number, e-mail
Optional: position, phone number - [Application for Event & Market Participation]Required: company name, business registration number, representative, address, main phone number, name, mobile phone number, e-mail, department and position, office phone number
Optional: fax number
- [Damage Reports for Business in China & Consulting for Entering into Overseas Market]Required: company name, name, mobile phone number, e-mail
- Period of Retainment
- Semi-permanent storage
-
1. List of Website Membership
- ② KOCCA processes and retains personal information files only for the operational purposes published on “Personal Data Protection Laws in Korea”(www.privacy.go.kr), and does not use the files for any other purposes. When and if changes occur in the operational purposes, KOCCA takes necessary measures such as asking for additional consent according to Article 18 of the 「Personal Information Protection Act」.
-
③ Cookies that save and fetch the User’s data can be automatically created and collected while using internet services.
-
1. Purpose of Using Cookies
To provide optimized service by identifying the user’s site visit history, use pattern, size, etc.
-
2. Denial of Cookie Auto-Collection
User can make choices on the collection of cookies and simply deny by setting web browser options.
Cookie Collection Settings
- 1) Go to [Tools] menu and select [Internet Option].
- 2) Click on [Privacy Tab].
- 3) Set the [Level of Privacy].
-
1. Purpose of Using Cookies
Paragraph 2. Provision of Personal Information to a Third Party (when and if applicable)
- ① KOCCA does not provide the personal information it collected and/or retained to a third party without the consent of the data subject. However, in inevitable cases as stipulated in Paragraph 1 of Article 17 and Paragraph 2 of Article 18, KOCCA may provide private information to a third party without the consent of the data subject.
Paragraph 3. Consignment of Personal Information Processors (when and if applicable)
-
① For efficient processing of personal information, KOCCA consigns private information processing matters to another party as follows.
List
Responsible Department, Consignee, Scope of Consigned Work, Period of Retention and Use
Responsible Department Consignee Scope of Consigned Work Period of Retention and Use Global Business Division ECPlaza Network Inc. - Information computer processing, maintenance, website operation
Until termination of consignment contract - ② When signing the consignment contract, KOCCA clearly stated, in written form, the prohibition of processing personal information for purposes other than implementing the consigned work, measures of technical and/or managerial protection, limitations on re-consignment, management and/or supervision of the consignee, and compensation for damages. KOCCA is supervising whether the consignee is safely processing personal information.
- ③ When and if changes occur in the details of the consigned work or the consignee, KOCCA will disclose the details via this Privacy Policy with no delay.
Paragraph 4. Rights and Obligation of Data Subjects and How to Exercise the Rights
-
① Data subjects, at all times, can exercise the privacy protection rights listed in the sub-paragraphs below.
- 1. Requests for Access to Personal Information
- 2. Requests for Corrections in Cases of Wrong Information
- 3. Requests for Deletion
- 4. Requests for Suspension of Processing
- ② One can exercise his/her rights stipulated in Paragraph 1 to KOCCA via written form, phone call, e-mail, or fax, and KOCCA will take action with no delay. [Form no. 8, Personal Information Protection Act Enforcement Rule] Personal Information Access Request Form
- ③ When and if the data subject requests for corrections or to delete wrong personal information, KOCCA does not use or provide the personal information of concern until the correction or deletion has been completed.
- ④ The rights stipulated in Paragraph 1 may be exercised via a legal representative or a delegated person of the data subject. In this case, one must submit a letter of attorney using form no. 11 of the Personal Information Protection Act Enforcement Rule. [Form no. 11, Personal Information Protection Act Enforcement Rule] Letter of Attorney
- ⑤ Data subjects shall not violate relevant legislations such as the 「Personal Information Protection Act」 and infringe personal information and/or privacy of oneself and/or others of which KOCCA processes.
Paragraph 5. Destruction of Personal Information
- ① When KOCCA no longer needs certain personal information due to the termination of personal information retention period and/or achievement of processing purposes, KOCCA shall destruct the information of concern with no delay.
- ② When and if KOCCA needs to continue its storage of personal information even after its retention period and/or achieving the processing purposes consented by the data subject due to other legislations, the relevant personal information (or the personal information file) should be moved to a separate database or should be stored in another location.
-
③ The procedure and method of destructing private information is as follows.
-
1. Destruction Procedure
Information entered by the data subject shall be moved to a separate database (if printed on paper, in a different document) and shall be destructed immediately after being saved for a certain period according to internal policies and/or other relevant legislation. The private information which is moved to another database shall not be used for purposes other than according to legislation.
-
2. Destruction Term
The personal information of the data subject shall be destructed within five(5) days since the termination of the retention period if the retention period of the information has been terminated. In cases where KOCCA no longer needs the personal information due to achievement of processing purposes of the information, abolition of the service, or termination of business, the personal information shall be destructed within five(5) days since the acknowledgement of no longer needing the information.
-
3. Destruction Method
All printouts with personal information shall be shredded or incinerated. Personal information saved as an electronic file format shall use technical methods to disable records from being reproduced.
-
1. Destruction Procedure
Paragraph 6. Ensuring the Safety of Personal Information
-
① To secure the safety of personal information, KOCCA takes the following measures.
- 1. Minimizing the number of staff who handle personal information. : KOCCA implements measures to manage personal information by assigning an officer and minimizing and limiting the number of staff who handles personal information.
- 2. Conducting regular internal audits. : KOCCA conducts regular(twice a year) internal audits to secure safety in terms of handling personal information.
- 3. Establishing and implementing internal management plans. : KOCCA establishes and implements internal management plans to safely process personal information.
- 4. Encrypting personal information. : Only the data subject of the personal information knows the personal information and passwords since the information is saved and managed as encrypted data. For significant data, KOCCA uses additional security functions such as file lock function or encryption for the relevant files and data to be transmitted.
- 5. Taking technical measures in case of hacks, etc. : To prevent leaks and damages of personal information caused by hacks and/or computer viruses, KOCCA has installed security programs, conducts regular updates and/or inspects the programs. KOCCA also technically/physically observes and/or blocks any hacking and/or computer viruses by installing systems in areas subject to access control from the outside.
- 6. Controlling access to personal information. : KOCCA is taking necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information. KOCCA also uses intrusion prevention systems to control illegal access.
- 7. Using locking devices for document security. : Documents and supplementary storage devices including personal information are stored in a safe location with locking devices.
- 8. Controlling access of unauthorized persons. : KOCCA has a separate physical storage location where personal information is stored, and establishes and operates access control procedures.
Paragraph 7. Remedial Procedures for Violation of Rights and Interests
-
1. Data subjects can make inquiries on damage remedies and consulting regarding personal information breaches to the following institutions.
(The institutions below are distinct institutions from KOCCA. If you are not satisfied with KOCCA’s internal handling of complaints or the results of damage remedies, or need further assistance, please contact the following institutions.)
Paragraph 8. Privacy Officers
-
① To generalize duties related to the processing of personal information, take responsibility, and handle complaints and remedy damages of the data subject regarding personal information processing, KOCCA assigns privacy officers and persons in charge as follows.
List
Responsible Department, Consignee, Scope of Consigned Work, Period of Retention and Use
Category Affiliation Name Contact Information Privacy Officer Head, Industry Division Hyeon-seok Yoo 061-900-6028
jackone@kocca.krPersonal Information Protection Website Manager Global Business Division Byung-ho Park
Paragraph 9. Personal Information Access Request
-
① The owner of information can request to access personal information pursuant to Article 35 of the Personal Information Protection Act to the following department. KOCCA will endeavor to promptly handle owner of information’s request to access personal information.
-
The department of reception and handling of request to access personal information
Byung-ho Park(Global Business Division, Website Manager), Tel: 061-900-6028, E-mail: jackone@kocca.kr
-
The department of reception and handling of request to access personal information
-
2. In addition to the reception and handling department of access request of Paragraph 1, the owner of information can also request personal information access through the website of the comprehensive support for personal information protection (www.privacy.go.kr) of the Ministry of the Interior.
The Ministry of the Interior’s comprehensive support portal for personal information protection → Complaints of personal information → Request for personal information access
(requires real name verification through public Ipin)
Paragraph 10. Changes in Privacy Policies
- ① This privacy policy has been announced on September 1, 2022. The policy is a notice on the department responsible for private information protection services, the responsible department, phone number, personal information handlers, and privacy officers by field. The policy is a notice on the responsible department for personal information processing consignments, consignee, details of consigned work, period for retention and use of personal information. The policy is a notice on the purpose and period of retaining personal information, evidence of retaining such information, personal information, and period of retaining the information.