The City processes User’s personal information for the following purposes. Processed information will not be used for any purposes other than for the following purposes. The City will seek prior consent of the Users who are the subject of the personal information before any change to the intended use is implemented.
Personal information is processed to confirm the User’s intention to be a registered member, identify or certify User identity in relation to its provision of membership services, maintain or manage membership status, verify User ID to comply with the Limited Verification of Identities policy, prevent unauthorized use of service, acquire consent of a legal agent if the User is under the age of 14, give public announcement or notice, and handle customer complaints.
The City processes personal information to verify the complaining person’s identification, review complaints, contact or notify the complaining persons to investigate the cause of the complaints and notify complaint review results.
In principle, the City processes personal information within the scope set forth in Article 1 (Purpose of Personal Information Management). The City does not process personal information outside the said scope, and shall not disclose the same to a 3rd party. The City processes the following types of personal information:
The City posts the collected data, legal basis, purpose of processing, retention period, the team dealing with the viewing requests, person in charge etc when it collects personal information. Your personal information retained by the City is processed legitimately and appropriately to protect your rights and interest. Users’ personal information is destroyed in principle when the purpose of processing of such information is achieved. However, the following information is retained during the term as stated in the personal information file.
In principle, the City does not entrust your personal information to third parties for processing without notification. When signing an entrustment contract pursuant to Article 26 of the Personal Information Protection Act, the City shall ensure that personal information shall not be lost, stolen, leaked, altered or damaged, and supervise and educate the trustee, and inform you of such entrustment through the City’s web site.
Each User is entitled to exercise the following rights. A legal agent of the User under the age of 14 may request an inspection, change, removal, or suspension from processing of his or her personal information.
A User may request to inspect his/her personal information under Article 35 (Inspection of Personal Information) of the Personal Information Protection Act, provided that a restriction may be placed on such request if one of the following is the case under Article 35 (4) of the same Act:
A User may request the correction or deletion of his/her personal information under Article 36 (Correction or Deletion of Personal Information) of the Personal Information Protection Act, provided that such request may be rejected if other laws stipulate the collection of such information.
A User may request the suspension of processing of his/her personal information under Article 37 (Suspension, etc from Managing Personal Information) of the Personal Information Protection Act, provided that such request may be rejected if one of the following is the case, under Article 37 (2) of the Personal Information Protection Act:
When the retention of the User’s personal information becomes unnecessary due to the achievement of the purpose of processing the User's personal information, the City shall, in principle, destroy that personal information immediately.
The procedure and method of destruction are as follows.
Personal information entered by the User is stored in the City’s DB after it has achieved the purpose of processing (if it is provided in a paper, it will be filed as a separate hard copy) for a retention period pursuant to the internal policy and the applicable laws before it is destroyed. Personal information stored in DB is not used for purposes other than intended or allowed by law.
The destruction of personal information contained in a hard copy shall be carried out using a shredder or an incinerator. The destruction of personal information recorded and stored in DB shall be carried out in an irrecoverable way.
The following technical, administrative and physical measures are taken by the City to ensure safety of personal information under Article 29 of the Personal Information Protection Act:
The City restricts access to the personal information of its Users to the designated personnel.
Password of the User is codified before it is saved and managed in such a way that no other person knows the password than the User. Important items are codified for transmission, storing and handling using encryption or file lock mechanism.
The City strives to prevent any leakage of or damage to its Users’ personal information caused by hacking or a computer virus. All data are backed up periodically to prevent any damage to the stored personal information. In addition, the City prohibits any unauthorized access from outside and strives to take all available measures to ensure security of its system.
Access to the database system processing your personal information is limited to the authorized personnel. Suitable measures such as granting, changing or cancelling of the access authority are in place to control access to personal information. In addition the firewall system is in place to control unauthorized access from outside.
The City stores and manages records of access to personal information systems for at least 6 months and uses security programs to prevent such access records from being forged or falsified, stolen or lost.
The City has a separate storage place where personal information is physically stored, and establishes and implements a process of controlling access to such place.
The City appoints a personal information manager and working-level officer in order to protect personal information and handle any complaints related to the personal information in accordance with Article 31(1) of the Personal Information Protection Act and Article 32 (Affairs and eligibility of personal information manager) of the Enforcement Decree of the same Act as follows:
This Policy shall take effect on the date of enforcement. The City will put up a public information notice on amendments to this Policy if caused by the applicable laws or the public policy before they take effect.
In the event of an infringement of a User’ss personal information, a complaint may be submitted to the Personal Information Dispute Meditation Committee or to the Personal Information Infringement Report Center of the Korea Internet Security Agency (KISA). A User may contact the following agencies to report or consult on matters concerning the infringement of personal information: