Privacy Policy
Personal Information Protection Policy
This English translation is provided for your reference purposes only, and is not legally binding. Only a Korean version of the privacy policy is legally binding.
Korea Defense Industry Association (hereinafter referred to as the “KDIA”) has established
and set forth the following processing policies in compliance with the Personal
Information
Protection Act 30 in order to protect data subject’s personal information and interests, and to
handle the grievance efficiently.
1. The Purpose of Processing Personal Information
A. KDIA processes personal information for the following purposes. The personal data which
is being processed shall not be used for any purpose other than the following
and when the purpose is changed, KDIA will do required actions such as receiving separate
agreement in accordance with Personal Information Protection Act 18.
1) The settlement of grievance
Personal information shall be processed for the purpose of identification of complainants,
checking the grievance, contact for the fact-finding, notifying the result, and etc.
2. Period for which Personal Information is Processed and Retained
A. KDIA processes and collects items of personal information within the period for which
personal information is processed and retained under the law or the period which has
been agreed when the personal information is collected from the data subject.
3. Personal Information Provided to Third Parties
A. In principle, and without the prior consent of users, KDIA shall not provide third parties
with personal information which collected and retained by KDIA: However, Following
subparagraphs may be allowed.
1) Where KDIA obtain an approval from data subjects;
2) Where special provisions exist in the law or it is inevitable to observe legal obligations;
3) Where it deems necessary for the protection from the impending danger of life, body or economic profits of data subject or third parties, in case that data subjects or
his/her legal representative is not in a position to express intention, or prior consent cannot be obtained owing to unknown addresses;
4) Where personal information is provided in a manner of keeping specific individual unidentifiable necessarily for the purposes of statistics and academic research, etc.
4. Outsourcing Personal Information Processing
A. For the smooth processing of personal information, KDIA is outsourcing personal information processing as follows.
| Outsourcee | Outsourced work | The period to retain and use the personal information |
|---|---|---|
| Hangang NT | Maintenance of website | Until the termination of outsourcing contract. |
B. KDIA specifies a prohibition of processing personal information for other than the
purpose of outsourced work, technical and managerial protection measures, limitation to
reoutsourcing, supervising outsourcees, and etc., in documents such as a written
contract, and supervises whether outsourcee processes the personal information safely
pursuant to Article 25 of the Personal Information Protection Act.
C. When there is a change of the affairs of outsourced work or outsourcee, it shall be immediately disclosed through this privacy policy.
5. The Rights and Responsibilities of the data subjects and the Methods of Exercising Rights
A. Data subjects may exercise the following rights about personal information protection at any time towards KDIA.
1) To make a request for inspection of his/her personal information
2) To make a request for correction of errors, if necessary
3) To make a request for deletion
4) To make a request for suspension of management
B. The exercise of the rights pursuant to Clause 1 shall be implemented through submitting
a written document by attached document file, sending an e-mail or a fax, etc.
Then KDIA shall take necessary measures immediately.
C. When the data subjects make a request for either correction or deletion of errors of
personal information, KDIA shall not use or provide the corresponding personal
information until the correction or deletion process is completed.
D. The exercise of the rights pursuant to Clause 1 shall be conducted by his/her legal
representative of the data subjects or a person who holds a delegation of authority.
Provided, however, that it is necessary to submit a power of attorney by attached
document file.
E. Data subjects shall not infringe himself/herself who are processed by KDIA or others’ personal information or privacy through violation of personal information protection act or other related statutes.
6. Destruction of Personal information
A. In principle, KDIA shall destroy the personal information immediately when retention period is terminated or purpose of processing personal information is achieved.
B. Where the retention of such personal information is mandatory by other statutes
nevertheless the period of the personal information which is agreed by data subjects is
expired or attainment of the purpose of processing the personal information, the
personal information files shall be stored and managed separately from other personal
information.
C. Methods, procedures and periods of destroying personal information are as follows.
1) Destruction Procedure
KDIA selects the personal information that the reason of destruction occurs and destroys
it with an acceptance of KDIA’s personal information protection officer.
2) Destruction Method
- Personal information printed on paper shall be shred or incinerated.
- Electronic file form of information shall be permanently deleted beyond recoverability through technical methods.
7. Measures to Ensure Safety of Personal Information
KDIA takes security measures for securing safety of personal informations.
A. Management measures
Minimizing the numbers of managing employees of personal information and educating them.
B. Technical measures
Limited access to personal information processing system, installation of limited control
system, and encryption of personal information.
C. Physical measures : Access control to data processing department
8. Personal Information Protection Officer
A. KDIA appoints personal information protection officers as described below who are in
charge of the personal information management to help deal with complaints from the
subjects of information and remedy against the damage.
Chief personal information protection officer
Name : Jason Yang
Department : Overseas Department
Tel : (82+)2-3270-6056
Position : Team Leaderr
E-Mail : tgiyang@kdia.or.kr
Personal information protection officer
Name : Hojin-Yoon
Department : Overseas Department
Tel.(Office) : (82+)2-3270-6059
Positon : Manager
E-mail : hjyoon@kdia.or.kr
B. Data subjects may ask for the matters which are about the protection of personal
information that occurs during use of KDIA’s service, complaints handling, remedy against
the damage, and etc. to the manager and department in charge. KDIA will
reply and processes inquiries from data subjects immediately.
9. Claim for access of personal information
Data subjects may request an access of personal information persuant to Article 35 of the Personal Information Protection Act to person in charge below. KDIA will make an effort that data subject’s claim for access of personal information is to be processed quickly.
Person in charge of the claim for accessing personal information.
Name : Jungwon LEE
Department : Planning and Management Team
Tel.(Office) : 02-3270-6014
Position : Manager
E-mail : wabar@kdia.or.kr
10. Remedies for Rights and Interests Infringement
A. Data subjects may inquire the remedy and consultation for the infringement of personal information to the following institutions.
< Following institutions are seperate entities different than KDIA. Please contact following
institutions where complaints handling and the result of remedies for the
infringement that KDIA offers are not satisfied or need to receive additional support. >
▶ Privacy Call Center (under the Korea Internet & Security Agency):
Responsibilities : report against the infringement of personal information, and consultation request
Website : http://privacy.kisa.or.kr
Telephone number : 118 (without area code)
Address : Privacy Call Center, Korea Internet & Security Agency, 135, Jungdae-ro, Songpa-gu, Seoul, Republic of Korea
▶ Personal Information Dispute Mediation Committee
Responsibilities : Application for personal information dispute mediation, collective dispute mediation (settlements in civil cases)
Website : https://www.kopico.go.kr
Telephone number : 118 (without area code)
Address : Personal Information Dispute Mediation Committee, 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
▶ Cybercrime Investigation Division, Supreme Prosecutors’ Office :
02-3480-4555 ( www.spo.go.kr )
▶ Cybercrime Investigation Division, National Police Agency :
1566-0112 ( www.netan.go.kr )
11. The Changes of Personal Information Policy
Enforcement date of this policy is Sep. 11th, 2018.