eng_sub_left
Purpose of Processing Personal Information
The Korea Institute of Energy Technology handles the minimum amount of personal information necessary to provide educational services, handle civil complaints, and perform duties prescribed by laws and regulations. The personal information we process is not used for any other purposes beyond stated, and if the purpose of use is changed or used for other purposes, necessary measures will be taken, such as obtaining separate consent under Article 18 of the Privacy Protection Act.
Status of Personal Information Files
The Korea Institute of Energy Technology collects and holds personal information only with the provisions of laws and regulations and the consent of the data subject. Personal information collected and held in this way will be legally and appropriately processed in accordance with relevant laws and regulations so that rights and interests will not be violated. The list of personal information files registered and disclosed by the Korea Institute of Energy Technology pursuant to Article 32 of the Privacy Protection Act is as follows.
- If you are unable to check your information from the link above, please use the Ministry of Government Administration and Home Affairs' Comprehensive Information Protection Portal (www.privacy.go.kr) → Personal → Personal Information Civil Service → Personal Information Access → Personal Information List Search menu.
- In the process of using the Internet service, the following personal information items can be automatically created and collected.
- IP address, cookies, MAC address, service usage record, visit record, defective usage record, etc.
Processing and Retention Period of Personal Information
The Korea Institute of Energy Technology processes and holds personal information within the period of use and collection agreed upon by the data subject pursuant to Article 15 of the Privacy Protection Act (collection and use of personal in accordance with the law).
Matters Concerning the Provision of Personal Information to a Third Party
- The Korea Institute of Energy Technology provides personal information to third parties only if it falls under Articles 17 and 18 of the Privacy Protection Act, such as the consent of the data subject and special provisions of the law.
- The Korea Institute of Energy Technology provides personal information to third parties as follows.
Collected Items | Collection Purpose | Collecting Department | Retention/Usage Period |
---|---|---|---|
Name, educational background | Identification of participants | Admissions, Korea Institute of Energy Technology | Destroyed after the end of the admissions promotion event or fulfillment of the purpose |
Email address, contact information | Notices and promotional text messages | Admissions, Korea Institute of Energy Technology | Destroyed after the end of the admissions promotion event or fulfillment of the purpose |
Commissioning of Personal Information Processing
- For more efficient processing of personal information, the Korea Institute of Energy Technology commissions the following processing tasks to third-party suppliers.
Commissioning Entity | Name of Subcontractor | Commissioned Task |
---|---|---|
Korea Institute of Energy Technology, Korea Electric Power Corporation | K2 Webtech | Building and maintenance of the website of Korea Institute of Energy Technology |
Rights and Obligations of a Data Subject and Ways to Exercise Them
- A data subject (referring to a legal representative in case the subject is under the age of 14) may exercise the following personal information protection-related rights at any time against the Korea Institute of Energy Technology.
- Request for Access to Personal Information
Personal information held by the Korea Institute of Energy Technology may be requested to be reviewed in accordance with Article 35 of the Privacy Protection Act. However, if it falls under any of the subparagraphs of Article 35 (4) of the Privacy Protection Act, the reason may be notified to the data subject and access may be restricted or rejected. - Request for Correction/Deletion of Personal Information
Personal information files held by the Korea Institute of Energy Technology may be requested to be corrected or deleted pursuant to Article 36 of the Privacy Protection Act (correction and deletion of personal information). However, if other laws and regulations stipulate that personal information be subject to collection, the request for deletion may be rejected. - Request for Suspension of Personal Information Processing
Personal information held by the Korea Institute of Energy Technology may be requested to be suspended in accordance with Article 37 of the Privacy Protection Act (suspension of personal information processing, etc.). However, if it falls under any of the subparagraphs of Article 37 (2) of the Privacy Protection Act, the request for suspension of processing may be rejected.
Annex 8 of the Enforcement Rule of the Privacy Protection Act] Request for personal information (reviewing, correction, deletion, suspension of processing)
- Request for Access to Personal Information
- Requests for reviewing, correction/deletion, and suspension of personal information can be made in writing, email, and fax, and the Korea Institute of Energy Technology will notify you of actions on the matter within ten days.
- If the data subject requests correction or deletion of personal information errors, etc., the Korea Institute of Energy Technology will not use or provide the personal information until correction or deletion is made.
- The exercise of rights under paragraph (1) may be made through an agent such as a legal representative of the data subject or a person who has been delegated.
[Annex 11 of the Enforcement Rule of the Privacy Protection Act] Power of attorney
Destruction of Personal Information
In principle, once the purpose of processing personal information is achieved, the Korea Institute of Energy Technology will destroy the personal information without delay.
The procedure, deadline, and method of destruction are as follows.
Destruction Procedure
- After achieving the purpose, the information entered by the user will be transferred to a separate database (separate folder in the case of paper) and stored for a certain period of time in accordance with internal policies and other related laws and regulations. At this time, the personal information transferred to the database is not used for any other purpose except for by law.
The Deadline for Destruction
- If the user's personal information retention period has elapsed, the personal information will be destroyed within five days of the end of the retention period, and in case personal information becomes unnecessary, due to achieving the purpose of processing personal information, abolishing the service, or termination of the business.
How Information Will Be Destroyed
- For electronic information, a technical method that prevents any records from being replayed is used. Personal information printed on a piece of paper is destroyed with a shedder or destroyed through incineration.
Measures to Secure Personal Information Safety
In accordance with Article 29 of the Privacy Protection Act, the Korea Institute of Energy Technology is taking technical/management, and physical measures necessary to ensure safety as follows.
Establishment and Implementation of an Internal Management Plan
- For the safe processing of personal information, we have established and implemented an internal management plan.
Control of Access Authorization
- Employees who handle personal information have been designated and minimized by limiting them to a few persons in charge. The details of granting, changing, and canceling access to the personal information processing system are recorded, and the records are kept and managed for at least three years.
Access Control
- In order to prevent illegal access and infringement through information and communication networks, unauthorized access is restricted by limiting external access to Internet Protocol (IP) addresses. It also uses an intrusion prevention system to control unauthorized access from the outside.
Encryption of Personal Information
- Unique identification information, passwords, and biometric information are encrypted when transmitted or stored through an information and communication network. However, when storing passwords, one-way encryption is stored so that they cannot be decrypted.
Storage and Inspection of Access Records
- Records of access to the personal information processing system are stored and managed for at least six months, and access records are periodically checked to prevent forgery, theft, or loss.
Technical Measures for Security Issues such as Hacking
- To prevent personal information leakage or damage caused by hacking or computer viruses, the Korea Institute of Energy Technology installs security programs, periodically renews and inspects, and installs systems in areas where access is restricted from the outside, technically and physically monitors and blocks them.
Physical Safety Measures
- In places where personal information is stored, such as computer rooms and data storage rooms, safe locks are installed and access control procedures are established and maintained.
Safety measures in response to natural disasters and manmade calamities
- In the event of a disaster or calamity, we have prepared a plan for backup and recovery of the personal information processing system and we are regularly checking the system.
How to Relieve Infringement of Rights and Interests
- The data subject can inquire about the institutions below about damage relief and counseling for personal information infringement cases.
(The institutions below are separate organizations from the Korea Institute of Energy Technology, and if you are not satisfied with the outcomes of the Korea Institute of Energy Technology's own personal information complaint and damage relief, or if you need more help, please contact us.)- Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
- Scope of work: Reporting personal information infringement cases and applying for counseling
- Website: privacy.kisa.or.kr
- Phone: 118 (without an area code)
- Address: Korea Internet & Security Agency, 9 Jinheung-gil, Naju-si, Jeollanam-do
- Personal Information Dispute Mediation Committee
- Scope of work: Application for personal information dispute mediation, collective dispute mediation (civil settlement)
- Website: www.kopico.go.kr
- Phone: 1833-6972
- Address: Seoul Government Complex 4th Fl., 209 Sejong-daero, Jongno-gu, Seoul
- Supreme Prosecutors' Office Cybercrime Investigation Team: (without an area code) 1301, cid@spo.go.kr (www.spo.go.kr)
- National Police Agency Cyber Safety Bureau: 182 (cyberbureau.police.go.kr)
- Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
- In addition, a person who has been infringed upon his/her rights or interests due to disposition or omission made by the head of a public institution may request an administrative trial as prescribed by the Administrative Appeals Act.
- Refer to the phone number guidance of the Central Administrative Appeals Commission (www.simpan.go.kr).
Designation of the Person in Charge of Personal Information Protection
- The Korea Institute of Energy Technology is in charge of personal information processing and designates a person in charge of personal information protection as follows to handle complaints and damage relief of data subjects related to personal information processing.
- The head in charge of personal information protection
- President of Korea Institute of Energy Technology (Yoon Eui-Joon)
- The person in charge of personal information protection
- Director of Department of Planning, Korea Institute of Energy Technology (Han Sang-Cheol)
- The head in charge of personal information protection
- The data subject may contact the personal information protection manager and the department in charge of all personal information protection inquiries, complaints, and damage relief incurred whilst using the service of the Korea Institute of Energy Technology. We will answer and process the data subject's inquiries without delay.
Concerning the Installation, Operation and Refusal of Devices that Automatically Collect Personal Information, such as Internet access data files
- The purpose of using cookies is as follows.
In order to provide specialized customized services for the school, the Korea Institute of Energy Technology uses "cookies" that store and import user information frequently.
Cookies are a small amount of information sent by the server (HTTP) used to run the website to the user's web browser and are also stored on the user's local hard disk. - Users have the option of installing/operating or rejecting cookies. Therefore, users may set options in their web browser either to allow all cookies, go through confirmation whenever cookies are saved, or refuse to save all cookies. However, if you refuse to save cookies, you cannot use the services that require login.
- The following is a way to specify whether cookies are allowed or denied for installation.
※ Sample instruction (for Internet Explorer): Allow or reject cookie security settings in [Tools] → [Internet Options] → [Personal Information] tab → [Internet Zone Settings] at the top of the web browser.
- The following is a way to specify whether cookies are allowed or denied for installation.
Legal Status of the Revision of Personal Information Processing Policy
- This personal information processing policy will take effect on May 26, 2021.