The Korea Environmental Industry & Technology Institute APEC Online International Environmental Education Center (hereinafter referred to as 'ESTEN') holds the following handling policy to protect users' personal information and rights and interests in accordance with the Personal Information Protection Act and to stably manage users' grievances related to personal information. If ESTEN revises privacy policy, it will be notified through the website announcement (or individual notice), and this policy will take effect from the opening date of the site.

 

Purpose of processing personal information

'ESTEN' processes personal information for the following purposes. The processed personal information will not be used for any purpose other than the following, and prior consent will be asked when the purpose of use is changed.

 

  •  Website membership registration and management

Personal information is processed for the purpose of confirming the intention to join as a member, identifying and authenticating the person in accordance with the provision of membership services, maintaining and managing membership qualifications, preventing illegal use of services, notifying various notices, and preserving records for dispute settlement.

  •  Service provision and use of statistical analysis

Personal information is processed for the purpose of providing content and customized services, identifying access frequency, or statistics on member service use.

Status of personal information items

The items of personal information processed by 'ESTEN' for member management and complaint handling are as follows.

- Required: Email
- Optional items
- Collection method: website
 

Processing and retention period of personal information

'ESTEN' retains personal information in accordance with laws and regulations, retains personal information consented by the information subject during the period of use or collection of personal information, processes and retains personal information within the period of use. 

Personal information related to website membership registration and management is retained and used for the above purposes from the date of consent to collection and use until membership withdrawal.

● Basis for collection
Article 15 Paragraph 1 of the Personal Information Protection Act “In case of obtaining consent from the information subject”

● Retention period
Immediately upon membership withdrawal

 

Veto and disadvantage

If you do not want to give consent to the collection of personal information, you can refuse it. Then, the use of the service may be partially restricted accordingly.

Matters concerning the provision of personal information to third parties
'ESTEN' provides personal information to third parties only when it falls under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the information subject and special provisions of the law.

Matters concerning entrustment of processing personal information

1. 'ESTEN' entrusts the following processing of personal information for stably processing personal information.

Website Title Company Name Tasks Period
APEC Online International
Environmental Education Center		 SMART COOP Website improvement and maintenance;
User information management
(Refer to the corresponding website)		 2021.07.15. ~ 2022.02.10


2. 'Korea Environmental Industry & Technology Institute' prohibits processing of personal information other than for the purpose of performing entrusted works in accordance with Article 26 of the Personal Information Protection Act when ESTEN consignment contract is concluded, proceeds technical and administrative protection, restricts on re-entrustment, manage and supervise of trustees, and specifies responsibilities such as compensation for damages in contracts,and oversees whetther the trustee safely handles personal information.

3. If there is change in contents of the consignment work or the trustee, we will disclose it through this policy of processing personal information without delay.

Rights of data subjects and legal representatives ․ Duties and method of exercise

1. The information subject can exercise the following privacy-related rights to ‘ESTEN’ at any time.

  • Request to read personal information
    - Request for correction in case of errors, etc.
    - Request for deletion
    - Request to stop processing

2. The exercise of the rights pursuant to Paragraph 1 may be done in writing, e-mail, fax, etc. in accordance with the Form 8 of the Enforcement Regulations of the Personal Information Protection Act for 'ESTEN', and 'ESTEN' will take action on it without any delay.

3. If the information subject requests correction or deletion of personal information errors, 'ESTEN' will not use or provide the personal information until the correction or deletion is completed.

4. The exercise of other rights in Paragraph 1 may be done through an agent such as the legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with Form 11 of the Enforcement Regulations of the Personal Information Protection Act.

Matters concerning the destruction of personal information

In principle, ‘ESTEN’ destroys the personal information without delay when the purpose of processing personal information is achieved. However, this is not the case when preservation is required according to other laws. The procedures, deadlines and methods of destruction are as follows.

  • Destruction procedure
    - Destruction of personal information: Personal information whose retention period has elapsed will be destroyed without delay right after the end date.
    - Destruction of personal information file: When the personal information file becomes unnecessary because of fulfillment of the purpose of processing the personal information file, the abolition of the service, or the termination of the business, the personal information file to destroy, the personal information file will be destroyed without delay from the date on which the processing of personal information is deemed unnecessary.
     
  • Destruction method
    - Information stored in electronic form uses a technical method that cannot reproduce records. Personal information printed on paper is shredded with a shredder or destroyed through incineration.
     
  • Destruction result
    - In the event of withdrawal, not only the information collected but also all data related to the provision and use of content will be deleted and cannot be recovered.
Measures to ensure the safety of personal information

In accordance with Article 29 of the Personal Information Protection Act, 'ESTEN' is taking the following technical/administrative and physical measures to ensure safety.
  • Minimization and training of employee’s management on personal information
    - We are implementing measures to manage personal information by designating employees who handle personal information and limiting them their access to the information
     
  • Establishment and implementation of internal management plan
    - We have established and implemented an internal management plan for safe handling of personal information.
     
  • Encryption of personal information
    - The user's personal information is stored and managed with an encrypted password, so only the user can have access to it. For important data, separate security functions such as encrypting files and transmission data or using a file lock function are used.
     
  • Technical measures against hacking
    - 'ESTEN' installs a security program to prevent leakage and damage of personal information caused by hacking or computer viruses, periodically updates and inspects it, installs the system in an area where access is restricted from outside, and technically and physically monitors and blocks it.
     
  • Restrict access to personal information
    - We take necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and we use an intrusion prevention system to restrict unauthorized access from outside.
     
  • Storage of access records and prevention of forgery
    - Records of access to the personal information processing system are kept and managed for at least 6 months, and security functions are used to prevent forgery, theft, or loss of access records.
Installation of an automatic personal information collection device 
Matters concerning operation and its refusal

ESTEN does not use 'cookies' that store and retrieve usage information of the information subject from time to time.
  • Personal Information Infringement Report Center (Operated by Korea Internet & Security Agency)
    - Responsibilities: Report personal information infringement, apply for consultation
    - Homepage: www.privacy.go.kr
    - Telephone: (without area code) 118
    - Address: (58324) 9, Jinheung-gil, Naju, Jeollanam-do (301-2 Bitgaram-dong), 3rd floor, Personal Information Infringement Report Center
     
  • Personal Information Dispute Mediation Committee
    - Responsibilities: Personal information dispute control application, collective dispute mediation (Civil settlement)
    - Website: www.kopico.go.kr
    - Telephone: (without area code) 1833-6972
    - Address: 4th floor, Government Complex Seoul, 209 Sejong-daero, Jongno-gu, Seoul (03171)
     
  • Supreme Prosecutor's Office Cyber Crime Investigation Team
    02-3480-3573 (www.spo.go.kr)
     
  • Korean National Police Agency Cyber Security Bureau.
    182 (cyberbureau.police.go.kr)
Regarding requests under Article 35 (Access to Personal Information), Article 36 (Correction or Erasure of Personal Information), Article 37 (Suspension, etc. of Processing of Personal Information) of the Personal Information Protection Act, a person whose rights or interests have been infringed due to a disposition or omission taken by the head of a public institution may file an administrative appeal in accordance with the Administrative Appeals Act.

Matters concerning the employee in charge of personal information protection

The Korea Environmental Industry & Technology Institute is fully responsible for works relating to processing personal information, and has designated the employee in charge of personal information protection and working-level personnel as follows to handle complaints and damage relief from information subjects related to  processing personal information.
 
 Division Department Name Contact
Personal information
protection officer		 National
Environmental
Information
Network System		 Lee Yong-jun E-mail : yjlee@keiti.re.kr
Responsible officer
for each field of
personal information
protection		 National
Environmental
Information
Network System		 Lee Yong-jun E-mail : yjlee@keiti.re.kr
Privacy handler National
Environmental
Information
Network System		 Minju KIM E-mail : minju4022@keiti.re.kr

Department that receives and handles requests for access to personal information
Information subjects can inquire about all personal information protection-related inquiries, complaint handling, damage relief, etc. The Korea Environmental Industry & Technology Institute will respond and handle inquiries from information subjects without delay.
 
Department Name Contact
Environmental Knowledge
Information Room		 Minju KIM E-mail : minju4022@keiti.re.kr
Fax : 02-2284-1190

Changes to Privacy Policy

This privacy policy will be applied from the opening date of the website. If there are additions, deletions or corrections of changes in accordance with laws and policies, we will notify you through a notice 7 days prior to the implementation of the changes.