A. A. We collect and keep based on what is stipulated in relevant laws and consent of the subjects of information. Major personal information files collected and kept by us under the law are as follows. [Nuri-Sejong Department]

For more details of things registered with our personal information files, please use the following:
The Ministry of Interior’s portal for comprehensive support for protection of personal information (www.privacy.go.kr) → Personal information-related complaints → Demand for inspection of personal information → Menu for search for the list of personal information files.

B. Information automatically collected (when using our website)
The following information is automatically collected and stored for statistical analysis made for improvement of our homepage and efficient communication between users and our website.
Addresses of websites that users go through when visiting our homepage and hours/dates of visits
Users’ browser types and OS

C. Information-sharing under relevant laws
We keep members’ personal information for a given period of time if required by relevant laws. We make it a rule to use such personal information only for specified purpose.

D. Inquiries about personal information files

We will strive to protect people’s rights and interests by handling personal information kept by us properly under relevant laws. Our partial disclosure of personal information will be strictly pursuant to relevant laws.

A. Provision to a third party
We do not use members’ personal information or provide it to a third party beyond the scope that we notified members of or that is consented by them, unless otherwise required by the law.

B. Entrustment of personal information handling
As regards our entrustment of personal information handling to a public or expert institution, we make the trustee observe restrictions or procedures under the Personal Information Protection Act, Article 26 (Restrictions on Management of Personal Information Following Entrustment of Affairs).
We check the ongoing status from time to time.

C. Restriction on use and provision of personal information
We put strict control on the use of personal information collected and kept by us and provision of it to a third party. The Personal Information Protection Act, Article 18 (Restrictions on Use and Provision of Personal Information for Any Purpose Other than Intended Ones) allows exceptions to strict control on the use of personal information as follows.

1. Where the separate consent is obtained from a subject of information
2. Where special provisions exist in any other Act
3. Where it is deemed obviously necessary for physical safety and property interests of a subject of information or a third person when the subject of information or his/her legal representative cannot give prior consent as he/she is unable to express his/her intention or by reason of his/her unidentified address, etc
4. Where personal information is necessary for compiling statistics, or scientific research purposes, etc., and the personal information is provided in a form by which a specific individual cannot be identified
5. Where using personal information for any purpose other than the intended purpose or a failure to provide a third person with such information makes it impossible to perform affairs provided for in any other Act, and this has undergone deliberation and resolution by the Protection Committee
6. Where it is necessary for providing a foreign government or international organization with personal information in order to implement a treaty or any other international agreement
7. Where it is necessary for investigating a crime, and instituting and sustaining a public prosecution
8. Where it is necessary for a court to perform its judicial affairs
9. Where it is necessary for executing a punishment, care and custody or protective disposition

We destroy users’ personal information as follows upon attaining the purpose of collecting and using it.

A. Destruction procedure

• We destroy information entered by users for member subscription and the like as per internal guidelines and relevant laws (Ref. Period for keeping and using).
• The said personal information is not used for a purpose other than what is designated unless otherwise stipulated in the law.

B. Destruction method

• We destroy documents containing personal information with a shredder or through incineration.
• We delete personal information stored in the form of an electronic file, using an irrecoverable method.

Under the Personal Information Protection Act, Chapter V (Guaranteeing Rights of Subjects of Information), subjects of information have the following rights about others’ handling of their personal information.

A. Inspection of their personal information

B. Correction and deletion of their personal information

C. Suspension of handling personal information

D. Knowing how to exercise their rights concerning personal information

E. Asking for compensation of loss related to personal information

Under the Personal Information Protection Act, Article 35 (Inspection of Personal Information), Article 36 (Correction or Deletion of Personal Information), and Article 37 (Suspension, etc. from Managing Personal Information), subjects of information may ask us to let them inspect, correct, delete or stop managing their personal information kept by us.

A. Inspection of personal information
Subjects of information may ask us to let them inspect their personal information file kept by us under the Personal Information Protection Act and other relevant laws.

- We may restrict or reject an inspection by explaining the grounds, if one of the following is the case, under the Personal Information Protection Act, Article 35 (4)

1. Where an inspection is prohibited or restricted by Acts
2. Where it is apprehended that any third person's life and body may be harmed, or any third person's property and other interests may be unduly infringed on
3. Where a public institution causes any inconvenience while carrying out any of the following affairs
   • (a) Affairs concerning the imposition, collection or refund of taxes
   • (b) Affairs concerning grade evaluation or the selection of newly enrolled students at schools of each level under the Elementary and Secondary Education Act and the Higher Education Act, lifelong education centers under the Lifelong Education Act, and other higher education institutions established under other Acts
   • (c) Affairs concerning tests of academic ability, functions and employment, and qualification evaluation
   • (d) Affairs concerning an assessment or decision in progress in connection with the calculation, etc. of compensation or benefits
   • (e) Affairs concerning an audit and an investigation in progress under other Acts

B. Correction, deletion, and suspension of managing personal information
A subject of information who has inspected his/her personal information may request a personal information manager to correct or delete or suspend managing his/her personal information: Provided, That if other statutes stipulates the particular personal information be collected, the subject of information shall not request the deletion thereof.

When you find a case of violation or loss due to collection, use, provision or entrustment of personal information not based on the law or without obtaining the consent of the subject of information, while using our website, or a situation where the rights and interests of the subject of information may be infringed on due the possibility of personal information leakage, you may report it to the following institution.

The Personal Information Infringement Reporting Center of the KISA (Korea Internet & Security Agency) (http://privacy.kisa.or.kr, Tel: 118) under the Personal Information Protection Act, Article 62 (Reporting, etc. Infringements)

In handling users’ personal information, we take technical/administrative measures as follows not to cause the loss, theft, leakage, alteration or damage of personal information.

A. Encoding of passwords
Members’ passwords are stored and managed by encoding them. Ascertainment and alteration of personal information can be done only by members themselves.

B. Anti-hacking measures
We strive to prevent leakage of or damage to members’ personal information caused by hacking or virus. We back up materials kept by us from time to time in case of their damage. We use updated vaccine programs to prevent leakage of or damage to materials and users’ personal information. We use encoded communications for safe transmission of personal information through networks. We operate intrusion prevention system to block unauthorized access from outside. We strive to operate all available technical devices to enhance the security of the system.

C. Education and keeping the number of employees handling personal information to a minimum
We let only a small number of employees handle personal information. We always stress the importance of observing the Personal Information Handling Guidelines through educational sessions carried out for employees from time to time.

D. Operation of a dedicated personal information protection organization
We check to see whether the Personal Information Handling Guidelines are complied with by employees and strive to find solutions to problems, if any. Meanwhile, we are not responsible to for any problems caused by leakage of ID, password and the like due to users’ carelessness or a technical problem with the Internet.

Subjects of personal information may get help from the following institutions concerning personal information infringement if they are not satisfied with the way we handle their personal information or take measures against infringement of rights and interests.

The Personal Information Infringement Reporting Center of the KISA (Korea Internet & Security Agency)

• Homepage : privacy.kisa.or.kr (Tel: 118)
• Address : The Personal Information Infringement Reporting Center, 135, Jungdae-ro, Songpa-gu, Seoul, Korea (05717)

The Internet Crime Investigation Center of the Supreme Prosecutors' Office : 02-3480-3573 (www.spo.go.kr)

The Cyber Terror Response Center of the National Police Agency : 1566-0112 (www.netan.go.kr)

Personal information protection manager : Park Chung-sik, Content Support Department (Senior General Manager)

• Email : parkcs@ksif.or.kr - Tel : +82-2-3276-0750 Fax : 0303-3130-0707 팩스 : 0303-3130-0707
• Address : 11F, Seocho Pyeonghwa building, 22, Banpo-daero, Seocho-gu, Seoul, Republic of Korea, 06716

Personal information protection officer : Jang Hyunsuk, Content Support Department (Assistant Manager)

• Email : sejonghs@ksif.or.kr
• Tel : +82-2-3276-0757 Fax : 0303-3130-0707

This privacy policy comes into effect in June 2020.

<Established> 2013. 8.
<Amended> 2015. 5.
<Amended> 2016. 4.
<Amended> 2017. 8.
<Amended> 2018. 4.
<Amended> 2018. 5.
<Amended> 2019. 5.
<Amended> 2020. 6.