Etc
The King Sejong Foundation complies with the provisions of the "Personal Information Protection Act" and related laws to protect the freedoms and rights of data subjects, processing personal information lawfully and managing it securely. In accordance with Article 30 of the "Personal Information Protection Act," we have established and disclosed the following personal information processing guidelines to inform data subjects about the procedures and standards for personal information processing and to promptly and smoothly address any related grievances.
Key Personal Information Processing Indicators (Labeling)
-
Collection of General Personal Information
Collection of General Personal Information
The items of personal information collected differ by service.
Collection of General Personal Information Service Name Personal Information Items King Sejong Foundation Online Service Member Information King Sejong Foundation Online Service Member Information Learners Name, Email Address, Gender, Date of Birth, Nationality Teachers Name, Email Address, Gender, Date of Birth, Nationality, Affiliated Institution, Position -
Purpose of Personal Information Processing
Purpose of Personal Information Processing
According to Article 32 of the Personal Information Protection Act, the purpose of processing the personal information files that are registered and publicly disclosed is as follows:
Purpose of Personal Information Processing Personal Information File Name Processing Purpose King Sejong Foundation Online Service Member Information - King Sejong Foundation Online Service Use
- - Online King Sejong Institute
- - Nuri-King Sejong Institute
- - King Sejong Foundation Website
- - King Sejong Institute Digital Library
- - AI-Based Korean Language Learning Support Service
- Statistics on Service Usage
- Customer Surveys
- Provision of Personalized Services and Additional Services
- Management of Learning History
- King Sejong Foundation Online Service Use
-
Retention Period of Personal Information
Collection of General Personal Information
The processing and retention periods for each type of personal information are as follows:
Collection of General Personal Information Service Name Retention Period King Sejong Foundation Online Service Member Information 2 years -
Outsourcing of Personal Information Processing
Outsourcing of Personal Information Processing
To facilitate smooth personal information management, we have outsourced the following personal information processing tasks.
Outsourcing CompaniesSangsang Story Co., Ltd., Storm Media Co., Ltd., SJW International Co., Ltd., Irtech Co., Ltd.
-
Provision of Personal Information
Provision of Personal Information
To process requests for access to personal information, we provide the applicant's personal information to the respective holding institution of the personal information file.
Provided ItemsName, Date of Birth, Phone Number, Address
-
Request for Access to Personal Information
Request for Access to Personal Information
The King Sejong Foundation will strive to ensure that requests for access to personal information by data subjects are processed promptly.
Processing DepartmentOnline Information Team, Content Business Division
Hover over ※ symbols to view details, and for more information, please refer to the privacy policy below.
Table of Contents
- Purpose of Personal Information Processing
- Processing and Retention Period of Personal Information
- Registration of Personal Information Files and Items of Processed Personal Information
- Provision of Personal Information to Third Parties
- Matters Concerning the Outsourcing of Personal Information
- Procedures and Methods for Destroying Personal Information
- Rights and Obligations of Data Subjects and Legal Representatives, and Methods of Exercising Those Rights
- Measures to Ensure the Security of Personal Information
- Methods for Installation, Operation and Refusal of Automatically Collected Devices
- Matters Concerning the Personal Information Protection Officer
- Department for Receiving and Processing Requests for Access to Personal Information
- Remedies for Infringement of Data Subject Rights
- Changes to the Personal Information Processing Policy
-
Article 1 Purpose of Personal Information Processing
-
① The King Sejong Foundation processes personal information to the minimum necessary for purposes such as providing online services, handling civil complaints, and performing related duties.
1. Service Provision
Personal information is processed for the purpose of confirming the intent to register for the King Sejong Institute online service, identifying individuals, and providing customized services based on statistics.
2. Personal Information FilesPurpose of Personal Information Processing No. Personal Information File Name Legal Basis for Operation Purpose of Processing 1 King Sejong Foundation
Online Service
Member InformationConsent by Data Subject - Use of King Sejong Foundation Online Services
- - Online King Sejong Institute
- - Nuri-King Sejong Institute
- - King Sejong Foundation Website
- - King Sejong Institute Digital Library
- - AI-Based Korean Language Learning Support Service
- Statistics on Service Usage
- Customer Surveys
- Provision of Personalized Services and Additional Services
- Management of Learning History
② The registration details of the King Sejong Foundation's personal information files can also be accessed by visiting the Personal Information Protection Commission's comprehensive support portal (www.privacy.go.kr) → Personal Information Complaints → Requests for Access to Personal Information → Search Menu for Personal Information File List and enter "King Sejong Foundation" in the organization name field.
- Use of King Sejong Foundation Online Services
-
Article 2 Processing and Retention Period of Personal Information
① The personal information processed by the King Sejong Foundation is handled and retained within the retention period specified by the Personal Information Protection Act and related laws, or within the period of retention and use consented to by the data subject at the time of collection.
② The processing and retention periods for personal information are as follows:
| No. | Personal Information File Name | Retention Period | Department | Website Address |
|---|---|---|---|---|
| 1 | King Sejong Foundation Online Service Member Information |
2 years (Immediately deleted upon membership withdrawal) |
Online Information Team |
https://ksif.or.kr https://www.iksi.or.kr https://nuri.iksi.or.kr https://nuri.iksi.or.kr/library |
-
Article 3 Registration of Personal Information Files and Items of Processed Personal Information
-
The King Sejong Foundation processes the following personal information items.
Registration of Personal Information Files and Items of Processed Personal Information No. Personal Information File Name Items of Personal Information Recorded in the Personal Information File 1 Maintenance of King Sejong Foundation
Online Service SystemLearners Name, Email Address, Gender, Date of Birth, Nationality Teachers Name, Email Address, Gender, Date of Birth, Nationality, Affiliated Institution, Position - No.
- 1
- Personal Information File Name
- Maintenance of King Sejong Foundation Online Service System
- Learners
- Name, Email Address, Gender, Date of Birth, Nationality
- Teachers
- Name, Email Address, Gender, Date of Birth, Nationality, Affiliated Institution, Position
-
Article 4 Provision of Personal Information to Third Parties
-
① The King Sejong Foundation processes personal information within the scope specified for the purpose of collection and use, and does not exceed the original purpose or provide it to third parties without prior consent from the data subject, except in the following cases:
- 1. When separate consent is obtained from the data subject.
- 2. When there are special provisions in other laws.
- 3. When the data subject or their legal representative is unable to express their intention or cannot obtain prior consent due to circumstances such as being uncontactable, and it is clearly recognized as necessary for the urgent life, body, or property interests of the data subject or a third party.
- 4. When it is necessary for purposes such as statistical compilation and educational research, and personal information is provided in a form that cannot identify specific individuals.
- 5. When it is impossible to perform duties specified by other laws if the personal information is not used for purposes other than those originally intended or provided to third parties, and it has undergone review and resolution by the Protection Committee.
- 6. When it is necessary to provide personal information to foreign governments or international organizations for the implementation of treaties or other international agreements.
- 7. When it is necessary for the investigation of crimes and the initiation and maintenance of prosecutions.
- 8. When it is necessary for the performance of court duties.
- 9. When it is necessary for the execution of sentences and protective measures.
② The King Sejong Foundation does not provide registered personal information files to third parties.
③ In cases where provision occurs under the circumstances specified in paragraph 1, the King Sejong Foundation will notify or inform the data subject of the fact of provision within the scope permitted by law.
-
Article 5 Matters Concerning the Outsourcing of Personal Information
-
① The King Sejong Foundation outsources personal information processing tasks as follows to facilitate smooth personal information management for online services.
Matters Concerning the Outsourcing of Personal Information Outsourcing Company Name Outsourced Tasks Phone Number Sangsang Story Co., Ltd. Maintenance of King Sejong Foundation Online Service System 02-6671-9301 Storm Media Co., Ltd. Acting on behalf of the King Sejong Foundation Online Service Operations 02-3443-8571 SJW International Co., Ltd. Management of King Sejong Foundation Online Service Curriculum 02-6406-1309 Irtech Co., Ltd. Operation of AI-Based Korean Language Learning Support Service 042-824-1108 ② When entering into outsourcing contracts, the King Sejong Foundation specifies in documents such as contracts provisions related to the prohibition of processing personal information for purposes other than those of the outsourced tasks, technical and managerial protective measures, restrictions on re-outsourcing, and liabilities for management and supervision damages in accordance with Article 26 of the Personal Information Protection Act. The Foundation also supervises whether the outsourcing company processes personal information securely.
③ In the event of changes in the content of the outsourced tasks or the outsourcing company, the King Sejong Foundation will promptly disclose this information through the relevant personal information processing policy.
-
Article 6 Procedures and Methods for Destroying Personal Information
-
① The King Sejong Foundation will, in principle, destroy personal information that has fulfilled its processing purpose without delay. However, this may not apply in cases where retention is required by other laws. The procedures, deadlines, and methods for destruction are as follows:
- 1. Destruction Procedures
Unnecessary personal information and personal information files are handled under the responsibility of the personal information officer in accordance with internal policy procedures as follows:-
1) Destruction of Personal Information
Personal information whose retention period has expired will be destroyed without delay from the expiration date. -
2) Destruction of Personal Information Files
When the purpose of processing the personal information file is achieved, the service is discontinued, or the business is terminated, the personal information file will be destroyed without delay from the date it is recognized as unnecessary for processing.
-
1) Destruction of Personal Information
-
2. Destruction Methods
- 1) Information in electronic form will be destroyed using technical methods that render the records irretrievable.
- 2) Printed personal information will be destroyed by shredding or incineration.
- 1. Destruction Procedures
-
Article 7 Rights and Obligations of Data Subjects and Legal Representatives, and Methods of Exercising Those Rights
-
① Data subjects (referring to legal representatives for those under 14 years of age) may exercise the following rights related to personal information protection at any time:
- 1. Request for access to personal information
- 2. Request for correction in case of errors
- 3. Request for deletion
- 4. Request for suspension of processing
-
② The exercise of rights under paragraph 1 can be made in writing, by email, or by facsimile (FAX) after completing the form according to the template in Annex 8 of the Enforcement Rules of the Personal Information Protection Act, and we will take action without delay.
-
③ If a data subject requests correction or deletion of personal information due to errors, we will not use or provide the relevant personal information until the correction or deletion is completed.
-
④ The rights under paragraph 1 can be exercised through a legal representative or an authorized person. In this case, a power of attorney according to the template in Annex 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.
-
⑤ Requests for access to personal information and requests for suspension of processing may be restricted under Article 35, Section 5, and Article 37, Section 2 of the Personal Information Protection Act.
-
⑥ Requests for correction and deletion of personal information cannot be made if the personal information is explicitly specified as a subject of collection under other laws.
-
⑦ When a request for access, correction, deletion, or suspension of processing is made, we will verify whether the requester is the data subject or a legitimate representative.
* [Template No. 8 of the Personal Information Protection Commission] Request for Access to Personal Information
Download Request for Access to Personal Information -
* [Template No. 11 of the Personal Information Protection Commission] Power of Attorney
Download Power of Attorney
-
Article 8 Measures to Ensure the Security of Personal Information
-
To ensure the security of personal information, the following measures are implemented:
1. Minimization and Training of Staff Handling Personal Information
Only necessary personnel are designated and managed to handle personal information, and training is provided to these employees to ensure safe management.2. Access Restrictions to Personal Information
Necessary measures are taken to control access to personal information through the granting, modification, and deletion of access rights to the personal information processing system. An intrusion prevention system is used to control unauthorized access from external sources.3. Retention of Access Logs
Records of access to the personal information processing system are retained and managed for more than one year.4. Encryption of Personal Information
Personal information is securely stored and managed through encryption and other methods. Additionally, separate security features are used on important data such as encrypting during storage and transmission.5. Installation of Security Programs and Regular Inspections/Updates
To prevent the leakage and damage of personal information due to hacking or computer viruses, security programs are installed and regularly updated and inspected.6. Access Control for Unauthorized Persons
A separate physical storage location for the personal information processing system is established, and access control procedures are set and operated for this location.
-
Article 9 Methods for Installation, Operation and Refusal of Automatically Collected Devices
-
① The King Sejong Foundation operates "cookies" to locate and store customer information when necessary for the operation of its website. Cookies are very small text files sent from the server operating the website to the customer's browser, which are then stored on the customer's computer hard drive. Customers can choose to allow or refuse the collection of text information through cookies by adjusting their web browser's security settings.
- 1. In the web browser's [Tools] menu, select [Internet Options] - [Security] - [Custom Level] to set the level of information collection through cookies.
- 2. Through the menu above, you can choose to be prompted every time a cookie is saved, or you can refuse the storage of all cookies.
- 3. However, if you refuse the installation of cookies, you may experience difficulties in using the content.
-
② The information collected by cookies and its purposes are as follows:
- 1. Collected Information: ID, access IP, membership classification, service usage information such as contents used, etc.
- 2. Purpose of Use: To provide differentiated information based on individual areas of interest.
-
Article 10 Matters Concerning the Personal Information Protection Officer
-
① The KIng Sejong Foundation has designated the following personal information protection officers to oversee all matters related to personal information processing and to handle complaints and remedies related to personal information processing by data subjects:
-
List Table Position Name Contact Information Email Personal Information Protection Supervisor Park Chung-sik 02-3276-0780 parkcs@ksif.or.kr Personal Information Protection Officer Park Jin-seok 02-3276-1105 jinseok@ksif.or.kr Online Service Member Information Officer Jang Hyun-seok 02-3276-1102 sejonghs@ksif.or.kr ② Data subjects may contact the personal information protection officer and the responsible department regarding any inquiries, complaints, or remedies related to personal information protection that arise while using the services (or business) of the King Sejong Foundation. The King Sejong Foundation will respond to and address inquiries from data subjects without delay.
-
Article 11 Department for Receiving and Processing Requests for Access to Personal Information
-
① Data subjects may submit requests for access to personal information under Article 35 of the Personal Information Protection Act to the following department. The Ministry of Culture, Sports and Tourism will strive to ensure that requests for access to personal information by data subjects are processed promptly.
List Table Department for Receiving
and Processing Access RequestsDepartment : Online Information Team, Content Business Division
Tel : 02-3276-1121
Email : nuri@iksi.or.kr
Fax : 0303-3130-0700② In addition to the department mentioned in paragraph 1, data subjects may also submit requests for access to personal information through the Personal Information Protection Commission's "Comprehensive Portal for Personal Information Protection" website (www.privacy.go.kr).
▶ Personal Information Protection Commission Comprehensive Portal → Civil Complaints → Request for Access to Personal Information (Real-name authentication required via I-PIN or mobile phone verification)
-
Article 12 Remedies for Infringement of Data Subject Rights
-
Data subjects may apply for dispute resolution or counseling to the Dispute Mediation Committee, the Personal Information Infringement Reporting Center of the Korea Internet & Security Agency, etc., to seek remedies for damages caused by personal information infringement. The following institutions are separate from the King Sejong Foundation, and if you are not satisfied with the results of the King Sejong Foundation's internal handling of personal information complaints or need more detailed assistance, please contact them.
List Table Institution Name Responsibilities Website Contact Information Personal Information Infringement Reporting Center
(Operated by Korea Internet & Security Agency)Reporting personal information infringement, requesting counseling privacy.kisa.or.kr (Toll-free) 118 Personal Information Dispute Mediation Committee Application for personal information dispute resolution, collective dispute mediation (civil resolution) www.kopico.go.kr (Toll-free)
1833-6972Supreme Prosecutors' Office
Cyber Crime Investigation DivisionInquiries and reports regarding criminal cases related to personal information infringement privacy@spo.go.kr
(www.spo.go.kr)(Toll-free) 1301 National Police Agency Cyber Investigation Bureau Inquiries and reports regarding criminal cases related to personal information infringement cyberbureau.police.go.kr (Toll-free) 182
Additionally, anyone whose rights or interests have been infringed due to the actions or omissions of the head of a public institution regarding requests for access, correction, deletion, or suspension of processing of personal information may file an administrative appeal in accordance with the Administrative Appeals Act. ☞ Please refer to the phone number information on the Online Administrative Appeals website (www.simpan.go.kr).
-
Article 13 Changes to the Personal Information Processing Policy
-
This personal information processing policy has been in effect since August 2022.