The Korea Environmental Industry & Technology Institute APEC Online International
Environmental
Education
Center (hereinafter referred to as 'ESTEN') holds the following handling policy to protect
users'
personal
information and rights and interests
in accordance with the Personal Information Protection Act and to stably manage users'
grievances
related to
personal information. If ESTEN revises privacy policy, it will be notified through the website
announcement
(or individual notice), and this
policy will take effect from the opening date of the site.
Purpose of processing personal information
'ESTEN' processes personal information for the following purposes. The processed personal
information
will
not be used for any purpose other than the following, and prior consent will be asked when the
purpose
of
use is changed.
-
Website membership registration and management
Personal information is processed for the purpose of confirming the intention to join as a
member,
identifying and authenticating the person in accordance with the provision of membership
services,
maintaining and managing membership qualifications, preventing
illegal use of services, notifying various notices, and preserving records for dispute
settlement.
-
Service provision and use of statistical analysis
Personal information is processed for the purpose of providing content and customized services,
identifying
access frequency, or statistics on member service use.
Status of personal information items
The items of personal information processed by 'ESTEN' for member management and complaint
handling
are
as
follows.
- Required: Email - Optional items - Collection method: website
Processing and retention period of personal information
'ESTEN' retains personal information in accordance with laws and regulations, retains personal
information
consented by the information subject during the period of use or collection of personal
information,
processes and retains personal information
within the period of use.
Personal information related to website membership registration and management is retained and
used
for
the
above purposes from the date of consent to collection and use until membership
withdrawal.
●
Basis for collection Article
15 Paragraph 1 of the Personal Information Protection Act “In case of obtaining consent from the
information
subject”
● Retention period Immediately upon membership withdrawal
Veto and disadvantage
If you do not want to give consent to the collection of personal information, you can refuse it.
Then,
the
use of the service may be partially restricted accordingly.
Matters concerning the
provision
of
personal information to third parties 'ESTEN'
provides personal information to third parties only when it falls under Articles 17 and 18 of
the
Personal
Information Protection Act, such as the consent of the information subject and special
provisions of
the
law.
Matters concerning entrustment of processing personal
information
1.
'ESTEN' entrusts the following processing of personal information for stably processing personal
information.
Website Title |
Company Name |
Tasks |
Period |
APEC Online International Environmental Education Center |
SMART COOP |
Website improvement and maintenance; User information management (Refer to the
corresponding website) |
2021.07.15. ~ 2022.02.10 |
2. 'Korea Environmental Industry & Technology Institute' prohibits processing of personal
information
other than for the purpose of performing entrusted works in accordance with Article 26 of the
Personal
Information Protection Act when ESTEN
consignment contract is concluded, proceeds technical and administrative protection, restricts
on
re-entrustment, manage and supervise of trustees, and specifies responsibilities such as
compensation
for
damages in contracts,and oversees whetther
the trustee safely handles personal information.
3. If there is change in contents of the
consignment
work or the trustee, we will disclose it through this policy of processing personal information
without
delay.
Rights of data subjects and legal representatives ․ Duties and method of
exercise
1. The information subject can exercise the following privacy-related rights to ‘ESTEN’ at any
time.
- Request to read personal information
- Request for correction in case of errors,
etc. -
Request
for deletion - Request to stop processing
2. The exercise of the rights pursuant to Paragraph 1 may be done in writing, e-mail, fax, etc.
in
accordance
with the Form 8 of the Enforcement Regulations of the Personal Information Protection Act for
'ESTEN',
and
'ESTEN' will take action on it without
any delay.
3. If the information subject requests correction or deletion of personal
information
errors, 'ESTEN' will not use or provide the personal information until the correction or
deletion is
completed.
4. The exercise of other
rights in Paragraph 1 may be done through an agent such as the legal representative of the
information
subject or a person who has been delegated. In this case, you must submit a power of attorney in
accordance
with Form 11 of the Enforcement Regulations
of the Personal Information Protection Act.
Matters concerning the destruction of
personal
information
In principle, ‘ESTEN’ destroys the personal information without
delay
when
the purpose of processing personal information
is achieved. However, this is not the case when preservation is required according to other
laws.
The
procedures, deadlines and methods of destruction are as follows.
- Destruction procedure
- Destruction of personal information: Personal
information
whose retention period has elapsed will be destroyed without delay right after the end
date. -
Destruction of personal information file: When
the personal information file becomes unnecessary because of fulfillment of the purpose of
processing
the personal information file, the abolition of the service, or the termination of the
business,
the
personal information file to destroy, the
personal information file will be destroyed without delay from the date on which the
processing
of
personal information is deemed unnecessary.
- Destruction method
- Information stored in electronic form uses a
technical
method
that cannot reproduce records. Personal information printed on paper is shredded with a
shredder
or
destroyed through incineration.
- Destruction result
- In the event of withdrawal, not only the
information
collected
but also all data related to the provision and use of content will be deleted and cannot be
recovered.
Measures to ensure the safety of personal information
In accordance
with
Article 29
of the Personal Information Protection Act, 'ESTEN' is taking the following technical/administrative
and
physical measures to ensure safety.
- Minimization and training of employee’s management on personal
information
-
We
are
implementing measures to manage personal information by designating employees who handle
personal
information and limiting them their access to
the information
- Establishment and implementation of internal management plan
- We have
established
and implemented an internal management plan for safe handling of personal
information.
- Encryption of personal information
- The user's personal information is
stored
and
managed with an encrypted password, so only the user can have access to it. For important
data,
separate
security functions such as encrypting files
and transmission data or using a file lock function are used.
- Technical measures against hacking
- 'ESTEN' installs a security program
to
prevent
leakage and damage of personal information caused by hacking or computer viruses,
periodically
updates
and inspects it, installs the system in
an area where access is restricted from outside, and technically and physically monitors and
blocks
it.
- Restrict access to personal information
- We take necessary measures to
control
access to personal information by granting, changing, and canceling access rights to the
database
system
that processes personal information, and we
use an intrusion prevention system to restrict unauthorized access from outside.
- Storage of access records and prevention of forgery
- Records of access
to
the
personal information processing system are kept and managed for at least 6 months, and
security
functions are used to prevent forgery, theft, or loss
of access records.
Installation of an automatic personal information collection device Matters
concerning
operation and its refusal
ESTEN does not use 'cookies' that store and retrieve
usage
information of the information subject from time
to time.
- Personal Information Infringement Report Center (Operated by Korea Internet &
Security
Agency)
- Responsibilities: Report personal information infringement, apply
for
consultation - Homepage: www.privacy.go.kr - Telephone:
(without area code) 118 - Address: (58324) 9, Jinheung-gil, Naju, Jeollanam-do (301-2
Bitgaram-dong),
3rd floor, Personal Information Infringement Report Center
- Personal Information Dispute Mediation Committee
- Responsibilities:
Personal
information dispute control application, collective dispute mediation (Civil
settlement) -
Website:
www.kopico.go.kr - Telephone: (without area
code) 1833-6972 - Address: 4th floor, Government Complex Seoul, 209 Sejong-daero,
Jongno-gu,
Seoul
(03171)
- Supreme Prosecutor's Office Cyber Crime Investigation Team
02-3480-3573
(www.spo.go.kr)
- Korean National Police Agency Cyber Security Bureau.
182
(cyberbureau.police.go.kr)
Regarding requests under Article 35 (Access to Personal Information), Article 36 (Correction or
Erasure
of
Personal Information), Article 37 (Suspension, etc. of Processing of Personal Information) of the
Personal
Information Protection Act, a person
whose rights or interests have been infringed due to a disposition or omission taken by the head of
a
public
institution may file an administrative appeal in accordance with the Administrative Appeals
Act.
Matters concerning the employee in charge of personal information
protection
The
Korea Environmental Industry & Technology Institute is fully responsible for works relating to
processing
personal information, and has designated the employee in charge of personal information protection
and
working-level personnel as follows to
handle complaints and damage relief from information subjects related to processing personal
information.
Division |
Department |
Name |
Contact |
Personal information protection officer |
National Environmental Information Network System |
Lee Yong-jun |
E-mail : yjlee@keiti.re.kr |
Responsible officer for each field of personal information protection |
National Environmental Information Network System |
Lee Yong-jun |
E-mail : yjlee@keiti.re.kr |
Privacy handler |
National Environmental Information Network System |
Minju KIM |
E-mail : minju4022@keiti.re.kr |
Department that receives and handles requests for access to personal
information Information
subjects can inquire about all personal information protection-related inquiries, complaint
handling,
damage
relief, etc. The Korea Environmental Industry
& Technology Institute will respond and handle inquiries from information subjects without
delay.
Department |
Name |
Contact |
Environmental Knowledge Information Room |
Minju KIM |
E-mail : minju4022@keiti.re.kr Fax : 02-2284-1190 |
Changes to Privacy Policy
This privacy policy will be applied
from
the
opening date of the website. If there are additions, deletions or corrections of changes in
accordance
with
laws
and policies, we will notify you through
a notice 7 days prior to the implementation of the changes.
|