Korea Advanced Institute of Science and Technology (“www.kaist.ac.kr” heve in after “KAIST homepage”) ensures the privacy of personal information and the rights and interests of users under the Protection of Personal Information Act. The following policies have been established to satisfactorily solve user difficulties regarding personal information.
Korea Advanced Institute of Science and Technology (“KAIST homepage”) will notify users of revisions to the personal information processing policy through online announcements or individual notification.
Korea Advanced Institute of Science and Technology (“www.kaist.ac.kr” heve in after “KAIST homepage”) processes personal information for the following objectives. Processed information will not be used for any other purpose than the stated objective and in case of changes to the policy prior consent will be obtained.
Personal information is processed with the objectives to fulfill contracts related to providing content and service as well as settling fees.
Personal information is processed with the objective of passing on notifications to members.
Korea Advanced Institute of Science and Technology (“KAIST homepage”) processes and collects items of personal information in order to provide various services, such as membership subscription, in the following manner.
As a general rule, once the objective for personal information is met, the user's personal information is immediately destroyed. However, as stated below, certain information is retained for the indicated period of time for the following reasons.
Korea Advanced Institute of Science and Technology (“KAIST homepage”) processes the personal information of users within the specified boundaries as mentioned above in Article 1 (Objective of Personal Information Processing). Without prior consent, KAIST does not exceed the specified boundaries or provide personal information to third parties. However, personal information may be processed in the following situations.
Korea Advanced Institute of Science and Technology (“KAIST homepage”), as a general rule, does not entrust user information to others without user consent. However, after obtaining user consent, the following cases are when Korea Advanced Institute of Science and Technology (“KAIST homepage”) currently consigns personal information.
When consigning a contract, abide by laws related to the protection of personal information, prohibit disclosure of personal information to third parties, and clearly stipulate the responsibilities. The contract content of concern is kept on record in paper and electronically. In case of changes to the enterprise, notifications will be sent through announcements and personal information processing policies.
As the personal information owner, users can exercise the following rights.
Korea Advanced Institute of Science and Technology (“KAIST homepage”), as a general policy, destroys relevant personal information immediately after its objective has been met. The procedures, deadline, and methods of destruction are as follows.
After obtaining the objective of the information registered by users, the information is transferred to a separate database (separate document for paper records) and stored for a certain period of time or immediately destroyed according to internal policies and related regulations. In this case, personal information transferred to the separate database will not be used for any purpose other than legislation.
In cases of passing the retention period of personal information, the personal information is destroyed within 5 days of the final retention date. When personal information has become unnecessary due to objective obtainment, discontinuance of the relevant service, or the ending of an enterprise, the personal information is destroyed within 5 days of the date that the information is acknowledged as unnecessary.
Korea Advanced Institute of Science and Technology (“KAIST homepage”) takes the following descriptive/managerial and physical actions necessary for safety assurance in accordance to Article 29 of the Act on the Protection of Personal Information.
We implement measures to minimize the management of personal information by appointing an employee to deal with personal information and limit access to the person in charge.
We implement periodical (once per quarter) internal inspections in order to assure the safe handling of personal information.
We established and implemented an internal management plan in order to ensure the safe handling of personal information.
The personal information of users is stored and managed under password protection. Only the user may know their password and we use unique safety functions to protect important information – password protecting the file/transfer data and file locking functions.
We keep record and manage the access to the personal information processing system for at least 6 months. We utilize security functions to prevent the forgery, theft, and loss of access records.
We store personal information documents and other assisting storage media in safe areas equipped with locking devices.
We established and operate access control procedures for the physical location storing personal information.
Korea Advanced Institute of Science and Technology (“KAIST homepage”) has appointed the following personal information protection manager and supervisor in order to protect personal information and handle complaints related to personal information. (Personal information manager and supervisor in accordance with Section 1 of Article 31 of the Act on the Protection of Personal Information)
This personal information processing policy takes effect the day it is implemented. A notice will be sent out 7 days before modifications are implemented in case of additions, deletions, and modifications of the related laws and policies.
Conflict solution and consulting can be requested at the Personal Information Dispute Mediation Committee and the Personal Information Violation Center of the Korea Internet and Security Agency for those seeking aid against personal information violation. Please contact the following organizations for other personal information violation reports or consultations.