Personal data processing policy
Article 1. Purpose of processing personal data. The processed personal data will only used for its purpose and if the purpose changes, prior consent will be done.
- Website Members management Personal data will be processed for the purpose of membership, member services, identification to confirm identity, abuse prevention, unauthorized use prevention, membership intention confirmation, record keeping for dispute, adjustment, complaint, notice delivery and etc.
Article 2. Processing and preservation period of personal data
- Preservation basis: Consent of information agency Has rights to disagree and if rejected, become member is limited
- Preservation period: From Application till cancelation of membership. Personal data preservation is every 2 years after membership confirmed.
Article 3. Details of providing personal data to the 3rd parties We provide personal data to the following institute and person to the following purpose and range.
- Providing institute/person: Site (managing institute) which has SSO system
- Sharing Basis and purpose: Under individual's consent, can log in easier without additional logging in (authentication method of each institute) to the other sites.
- Item provided of personal data: member ID
- Preservation and holding period of personal data: Until one’s application cancels on SSO service
- Members have rights to disagree. If disagree, Using SSO service is limited.
Article 4. Consignment of personal data processing Anyang city doesn't allow consignment personal data processing without user's agreement. If consignment is needed in the future, we will announce through personal data processing policy such as consignment object, consignment contents, consignment period, consignment contract details (Comply with personal data protection regulation, regulated not to provide personal data or responsibilities to the 3rd parties). Also we will get prior consent, if needed.
Article 5. Details about action, rights and obligations of information agency The users of personal data agency have the following rights.
- Request to open one's personal data (Article 35 of personal data protection law)
- Request to revise or delete one's personal data (Article 36 of personal data protection law)
- Request to stop processing one’s personal data (Article 37 of personal data protection law)
- Request for the representative ("request to open and etc")to open, revise, delete, stop and etc of one's personal data according to the regulation and method and legal representative of kids under 14 years old.( Article 38 of personal data protection law)
- Claim for damages if violated personal data protection law (Article 39 of personal data protection law)
- Regarding to revise, opening and deleting of personal data, by clicking on 'personal data revision' or 'membership cancellation' after identity confirmation.
- The personal data deleted or cancelled by user's request, it will be processed under preservation and holding period
Article 6. Items managed by personal data
- Membership management
- Essential items: personal identification, SSO service offering, notice delivery and etc(name, ID, password, gender, email, phone no, mobile phone no, address)
- Optional items: Info to provide personalized services(birthday, company address, latest school, job )
Article 7. Destruction method and procedure of personal data If the purpose of using preservation of personal data expires, then it will be destroyed.
- Destruction procedure
- It will be destroyed when the info agent requests (membership cancellation).
- Destruction method
- Personal data is stored in the electronic file type, Can be deleted with the technical method that cannot play back the records.
Article 8. Securing safety of personal data According to the Article 29 of personal data protection law, physical and technical method is done as follows.
- Personal data’s code
The main personal data like passwords is coded, stored and provides additional security function such as file locks or important files coded so oneself only knows.
- Technical measure for hacking and etc. To prevent from releasing and Personal data damaging due to hacking or computer virus, it renews and checks regularly and installs info system at the area where it is controlled the access of external which implements observation technically and physically.
- Limitation to approach personal data processing system Through granting, revision and cancellation of personal data regarding to access the data base system, the personal data access is controlled, and firewall system controls the access from external.
- The person in charge of personal data will minimize and the only one who manage the personal data.
Article 9. Remedy for rights and interests violation. For the remedy related to the personal data violation, the personal data gents can apply for consulting solutions to the personal data conflicts committee, Korea Internet Security Agency, personal data violation reporting center and etc.
Please contact the following regarding additional reports or consulting.
- Personal data conflicts committee: No 118 (ARS No 3)
- Information protection, mark authentication committee: 02-580-0533~4
- Criminal investigation section of Public prosecutor’s office: 02-3480-2000
- CTRC of national police agency: 02-392-0330
Article 10. Person in charge contact point of personal data by field
- Director for personal data protection field: Jaehak Kwon, head of information and communication in Anyang City
- Person in charge: Sunwyong Eom, information communication in Anyang City 031-8045-5134, firstname.lastname@example.org)