Go to content

Member

Privacy Policy

1. Purpose of Personal Information Processing

The Korea Foundation (hereinafter, the Foundation) does not use personal information for any purposes other than the following purposes. The Foundation will seek prior consent of users before any changes to such purposes are made.

  • •  A. Membership Management
  • •  The Foundation collects a minimum amount of personal information required to provide customer services, handle complaints, and implement its programs.
  • •  B. New Service Development, Marketing, and Advertisement
  • •  The Foundation uses personal information obtained under law and with the consent of information subjects in satisfaction survey, statistics analysis, and smooth communication with customers to offer better services.

2. Collection and Retention of Personal Information

The Foundation collects and retains personal information under relevant laws and regulations and with information subjects’ consent only. Personal information files retained by the Foundation are as follows:

Collection and Retaining of Personal Information
File Titles Processing Grounds & Purposes Information Stored in Files Retention Period
Website Membership Management File Membership information management Name, ID (e-mail address), password, and consent or refusal for e-mail communication Until membership withdrawal
Information on Applicants for Online Social Science Data Services Consent of information subjects Name, e-mail address, contact information, mobile phone number, address, and complaint details 5 years
Screening of applicant qualifications
Information on Complaint Submitters Ethics and practice guidelines Name, nationality, gender, occupation, department, major, e-mail, mobile phone number, and area of interest 2 years
Complaint handling

3. Provision of Personal Information to Third Party

It is, in principle, prohibited to provide personal information retained by the Foundation to a third party, except the following cases:

  • A. For the purpose of collection, the Foundation may provide personal information to a third party when
    • - information subjects give additional consent,
    • - there are applicable laws or such provision is indispensable for fulfilling legal obligations,
    • - such provision is indispensable for conducting activities of public agencies specified by laws,
    • - or such provision is evidently necessary to protect the urgent interests of information subjects or a third party without prior consent because of incorrect address or because information subjects or their legal representatives are in no condition to express their opinion.
  • B. For other purposes, the Foundation may provide personal information to a third party when (※except when there is a concern for unjust infringement on the interests of information subjects or a third party)
    • - information subjects give additional consent,
    • - there are special regulations specified in other laws,
    • - such provision is evidently necessary to protect the urgent interests of information subjects or a third party without prior consent because of incorrect address or because information subjects or their legal representatives are in no condition to express their opinion,
    • - such provision is necessary for the purpose of statistics and academic research, and in this case, information should be provided in a way that it cannot potentially identify a specific individual,
    • - activities specified by laws cannot be conducted unless personal information is used for other purposes or provided to a third party (in this case, a protection committee’s prior deliberation and decision is required),
    • - it is necessary to provide information to foreign governments or international organizations to implement treaties or international agreements,
    • - such provision is necessary to conduct crime investigation and prosecution,
    • - such provision is necessary for court proceedings,
    • - or such provision is necessary for the execution of a sentence, care and custody.

4. Entrustment of Personal Information Processing

When entrusting personal information processing, the Foundation abides by Article 26 of the Personal Information Protection Act. Accordingly, the Foundation stipulates, in a written document, obligations and responsibilities, including the prohibition of personal information processing for purposes other than entrusted services, technical and managerial protection measures, restriction on re-entrustment, supervision of the entrusted party and compensation for damages, and supervises whether the entrusted party safely handles personal information.

Collection and Retaining of Personal Information
Entrusted Party Entrusted Services Period of Personal Information Retention and Use
NeoWithNet System maintenance and repair Until membership withdrawal or end of entrustment contract
National Information and Credit Evaluation (NICE) i-PIN verification / real name verification No additional preservation is made as the entrusted party already has retained the pertinent information.

5. Rights and Duties of Information Subjects and Methods to Exercise Them

Users may exercise their rights as Information Subjects as follows: The Foundation may entrust a third party with personal information processing under Article 26 “Restrictions on Personal Information Processing Entrustment” of the Personal Information Protection Act. The Foundation shall make an online announcement of relevant information including purposes, content and period of entrustment, and the entrusted party’s name, address and contact information.

  • A. Access to Personal Information for Inspection Under Article 35 “Access to Personal Information” of the Personal Information Protection Act, information subjects may request access to personal information retained by the Foundation.

    개인정보 열람
    • o Requester (information subject) – Request using a form – Korea Foundation President
    • o Korea Foundation President – Notification of request results within 5 days – Requester (information subject)
    • o Korea Foundation President – Within 10 days after request collection – Access implementation
  • ※ For application, please refer to the personal information access request form.
    Please be informed, however, access may be restricted in the following cases under Item 5, Article 35 of the Personal Information Act:
    • o Certain laws prohibit or restrict such access
    • o There is a possibility of harm to other people’s life or body, or unjustly infringement of their property or interests.
    • o There is a possibility of causing serious impediment to any of the following affairs of pubic organizations:
      •  · Affairs related to the implementation of achievement, skill and recruitment examinations, and the screening of qualifications
      •  · Affairs related to inspection and investigation in progress under other laws
  • B. Correction and Deletion of Personal Information
    Information subjects may request the correction or deletion of personal information retained by the Foundation under Article 36 “Correction and Deletion of Personal Information” of the Personal Information Protection Act. They, however, are not allowed to make a request for the deletion of personal information if the collection of such information is stipulated under other laws.
    • o – Scope of correction/deletion request
    • o – Correction of information incorrectly recorded
    • o – Deletion of content not applicable to certain categories
    • o ※ For application, please refer to the personal information correction/deletion request form.
    • o – Procedures of request for correction or deletion.
    • 개인정보 정정·삭제
    • o Requester (information subject) – Request using a form – Korea Foundation President
    • o Korea Foundation President – Notification of request results within 10 days (may be extended just once) – Requester (information subject)
  • • C. Discontinuance of Personal Information Processing
    Information subjects may request the discontinuance of the processing of personal information retained by the Foundation under Article 37 “Discontinuance of Personal Information Processing” of the Personal Information Protection Act.
    • o ※ For application, please refer to the personal information access request form. The Foundation, however, may refuse to accept the request for the discontinuance of personal information processing under Item 2, Article 37 of the Personal Information Protection Act in the following cases:
    • o – There are special regulations in laws or such refusal is indispensable for fulfilling legal obligations.
    • o – There is a concern for unjust infringement of other peoples’ life, body, property, or other interests.
    • o – Public organizations cannot implement their programs and activities stipulated by other laws if not allowed to process personal information.
    • o – Personal information processing is needed to offer services and fulfill contract signed by information subjects who have not made clear their intention to terminate such contract.
  • • D. Users may refuse to accept users’ agreement and privacy policy when signing up for membership. In this case, posting and the use of additional services may be partially restricted.
  • • E. When signing up, users may fill in personal information selectively, if necessary. There is no disadvantage in receiving services in the case of such selective registration.

6. Types of Personal Information Processed

Please refer to the aforementioned “2. Collection and Retention of Personal Information” regarding the types of personal information processed by the Foundation.

7. Installation, Operation and Refusal of Automatic Data Collection Tool

  • A. Purpose of Using Cookies
    The Foundation uses cookies to offer better services to users by identifying website use pattern, number of users, and other information.
  • • B. Installation, Operation, and Refusal of Cookies
    • o – Users have the right to choose the installation of cookies. They, therefore, may select options in their web browsers to allow the use of all the cookies, to confirm each time cookies are saved, or to refuse to save all the cookies.
    • o – When users refuse to save cookies, they may have difficulties in using some services that need login.
    • o – Installation or refusal of cookies can be made with the following methods (in case of Internet Explorer):
      •  ① Select [Internet Options] from the [Tools] menu.
      •  ② Click the [Personal Information] tab.
      •  ③ Set privacy level.

8. Disposal of Personal Information

When the personal information retention period has expired or processing purposes are achieved, the Foundation destroys personal information without delay in principle unless such information needs to be preserved under other laws. The process, timing, and methods of personal information disposal are as follows:

  • A. Disposal Process
    In accordance with internal guidelines and relevant laws, the Foundation disposes of information entered by users when the retention period has expired or processing purposes are fulfilled.
  • B. Disposal Timing
    Users’ personal information is destroyed within 5 days after the end date of the retention period or after it is deemed that the processing of such information is unnecessary due to the fulfillment of processing purposes.
  • C. Disposal Methods
    The Foundation disposes of personal information in the following way:
    • o ① Information in electronic form shall be destroyed permanently in a way that it cannot be restored.
    • o ② Information in non-electronic form shall be destroyed by shredding or incineration.

9. Management of Message Board Information

To protect personal information, content in the Foundation’s message board (Contact the President, Q&A, and Policy Recommendations) is destroyed without delay two years after posting, and such disposal is recorded. Disposal records are managed by a department in charge of website maintenance.

10. Management of Dormant User Accounts

Dormant members are those who have not logged in for two years since they last logged in to the Foundation’s services. Such members’ accounts are considered dormant, and the Foundation may restrict their use of services offered by the Foundation. They need to go through authentication to use the Foundation’s services again after their accounts were classified as dormant ones.

11. Personal Information Protection Managers

The Foundation appoints personal information protection managers as follows to ensure appropriate collection and processing of personal information, thereby protecting users’ rights and interests and properly conducting programs and activities.

Collection and Retaining of Personal Information
Name E-mail Phone Number
Senior Manager for Personal Information Protection Gwang-keun Kim, Executive Vice President of Finance and Operations gkkim@kf.or.kr 02-2046-8508
Manager for Personal Information Protection Mi-sook Park, Director, Management Support Team mspark@kf.or.kr 02-2046-8515
Staff Member for Personal Information Protection Chang-hee Han, Senior Program Officer, Management Support Team chhan@kf.or.kr 02-2046-8540

12. Changes to Privacy Policy

When there are any changes made to its privacy policy, the Foundation shall announce such changes in its homepage to make them readily available to information subjects, and shall keep records of such changes in compliance with Article 30 “Establishment and Disclosure of Privacy Policy” of the Personal Information Protection Act.
※ Changes to Privacy Policy (January 31, 2012)
※ Changes to Privacy Policy (August 26, 2013)
※ Changes to Privacy Policy (December 22, 2013)
※ Changes to Privacy Policy (August 6, 2014)
※ Changes to Privacy Policy (February 5, 2015)

13. Measures to Secure Safety of Personal Information

Under Article 29 “Obligations for Safety Measures” of the Personal Information Protection Act, the Foundation takes technical, managerial, and physical measures for the safety of personal information as follows:

  • A. Restriction on Access to Personal Information
    • The Foundation controls access to personal information by granting, changing, and cancelling access rights to database system for personal information processing, and blocks unauthorized access by using firewall and detection systems.
  • B. Retention and Anti-Tampering of Access Records
    • The Foundation stores records of access to its website for at least six months, and makes sure such records are not tampered, stolen, or lost.
  • C. Technical Measures against Hacking
    • To prevent personal information leakage and damage by hacking or computer virus, the Foundation installs, renews, and checks safety programs on a regular basis, installs system in an access-restricted area, and conducts technical and physical surveillance and blocking.
  • D. Physical Access Control on Unauthorized Personnel
    • The Foundation has set up personal information system in a separate physical area, and controls physical access to the system based on its own access control procedures.

14. Remedy for Infringement on Rights and Interests

Information subjects may contact the Personal Information Dispute Mediation Committee, the Personal Information Protection Center of the Korea Internet and Security Agency, or other relevant organizations for counselling or dispute settlement regarding any infringement on personal information-related rights and interests. When they find counselling or remedy offered by the Foundation’s Personal Information Protection Managers unsatisfactory, they many inquire at the following organizations:

  • - Personal Information Dispute Mediation Committee: (without area code) 118 (Ext. 2)
  • - E-Privacy Mark Certification Committee: 02-550-9531 (www.eprivacy.or.kr)
  • - High-Tech Crime Investigation Department, Supreme Prosecutors’ Office: 02-3480-2000 (www.spo.go.kr)
  • - Cyber Terror Response Center, Korean National Police Agency: 02-392-0330 (www.ctrc.go.kr)