Article 1 (Purpose of processing personal information)
The Fintech Center Korea processes personal information minimally for the purposes listed in each of the following items. The processed personal information is not used for any purpose other than the following purposes, and if the purpose of use is changed, we take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
Membership registration, use of membership services, and identification according to limited identification procedures, personal identification, maintenance and management of membership, prevention of unauthorized use, confirmation of intention to join, record keeping for dispute settlement, handling of complaints, delivery of notices, etc.
Article 2 (Processing and Retention Period of Personal Information)
The Fintech Center Korea shall process and retain personal information within the period of retention and use of personal information in accordance with laws and regulations or the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
The processing and retention period of each personal information is as follows.
Membership: Until withdrawal of membership
"Retention of telecommunication fact verification data pursuant to Article 41 of the Telecommunications Secrets Protection Act
Subscriber's telecommunication date, start and end time, other party's subscriber number, usage level, and sending base station location tracking data: 1 year
Computer communication, Internet log records, access point tracking data: 3 months
Article 3 (Provision of Personal Information to Third Parties)
In principle, the Fintech Center Korea processes the personal information of the information subject within the scope specified for the purpose of collecting and using it, and does not process it beyond the scope of the original purpose or provide it to a third party without the prior consent of the information subject, except in the following cases. However, items 5 through 9 are limited to the case of public institutions.
1. obtaining separate consent from the information subject
2. there are special provisions in other laws
3. when the information subject or his/her legal representative is in a state where he/she is unable to express his/her will or cannot obtain prior consent due to unknown address, and it is clearly recognized that it is necessary for the urgent interests of the life, body, or property of the information subject or a third party.
4. providing personal information in a form that does not identify a specific individual as necessary for purposes such as statistical compilation and academic research.
5. in the case of using personal information for purposes other than the purpose or not providing it to a third party, it is impossible to perform the duties prescribed by other laws, and it has been deliberated and resolved by the Protection Committee.
6. when it is necessary to provide it to a foreign government or international organization for the implementation of a treaty or other international agreement
7. When necessary for the investigation of crimes and the filing and maintenance of prosecutions
8. necessary for the performance of the court's judicial duties
9. when necessary for the execution of a sentence or custodial or protective disposition
Article 4 (Consignment of personal information processing)
The Fintech Center Korea entrusts the processing of personal information as follows for smooth personal information processing services.
Consignee (trustee): Unione Communications Co.
Contents of consignment: Program participation information, marketing, event participation prize presentation, etc.
Consignment period: 1 year
Contact : 02-550-2606
Business hours : 10:00 ~ 18:00
In accordance with Article 26 of the Personal Information Protection Act, when concluding a consignment contract, we specify in documents such as contracts the prohibition of processing personal information other than for the purpose of performing consignment work, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and responsibilities such as compensation for damages, and supervise whether the consignee processes personal information safely.
Article 5 (Rights and Obligations of the Information Subject and Method of Exercise)
The information subject (or legal representative if under the age of 14) may exercise the following rights related to personal information protection.
- Request to view personal information
- Request for correction in case of errors, etc.
- Request for deletion
- Request for suspension of processing
② The exercise of the rights under Paragraph 1 may be made to the Fintech Center Korea in writing, e-mail, or facsimile transmission (FAX) after filling out the form in Appendix 8 of the Enforcement Rules of the Personal Information Protection Act, and the Fintech Center Korea will take action without delay.
③ If the information subject requests the correction or deletion of errors in personal information, the personal information shall not be used or provided until the correction or deletion is completed.
④ The exercise of the rights under Paragraph 1 may be made through an agent, such as the legal representative of the information subject or a person who has been delegated. In this case, a power of attorney in the form of Appendix No. 11 to the Enforcement Rules of the Personal Information Protection Act must be submitted.
⑤ Requests for access to personal information and suspension of processing may restrict the rights of the information subject pursuant to Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.
⑥ A request for correction or deletion of personal information cannot be made if the personal information is specified as the subject of collection in another law.
⑦ When requesting access, correction, deletion, or suspension of processing in accordance with the rights of the information subject, we will verify whether the person making the request is the person or a legitimate representative.
Article 6 (Personal Information Items Processed)
The personal information items processed by the Fintech Center Korea are as follows.
Required items: ID, password, name, email address, contact information
Optional items: company name, position
Article 7 (Destruction of Personal Information)
In principle, the Fintech Center Korea destroys the personal information without delay when the personal information retention period has expired or the purpose of processing has been achieved. However, this may not be the case if it is required to be preserved in accordance with other laws and regulations. The procedure, deadline, and method of destruction are as follows.
The information entered by the user is stored for a certain period of time in accordance with the internal policy and other relevant laws and regulations after the purpose is achieved, such as membership withdrawal, and then destroyed. At this time, the personal information transferred to the DB will not be used for any other purpose except in accordance with the law.
Destruction of personal information
Personal information that has exceeded the retention period shall be destroyed without delay from the end date.
Destruction of personal information files
When the personal information file becomes unnecessary, such as the achievement of the purpose of processing the personal information file, the abolition of the service, or the termination of the business, the personal information file shall be destroyed without delay from the date when it is recognized that the processing of personal information is unnecessary.
Method of destruction
The personal information shall be permanently destroyed so that it cannot be recovered or reproduced by electronic means.
Article 8 (Measures to secure the safety of personal information)
The Fintech Center Korea takes the following measures to ensure the safety of personal information.
Minimization and training of employees handling personal information
We designate and manage only the necessary number of employees who handle personal information, and provide training to employees for safe management.
Restriction of access to personal information
We take necessary measures to control access to personal information by granting, changing, and canceling access rights to the personal information processing system that processes personal information, and we use an intrusion prevention system to control unauthorized access from the outside.
Retention of access records
We keep and manage records of access to the personal information processing system for at least 6 months.
Encryption of personal information
Personal information is safely stored and managed through encryption, etc. In addition, we use separate security functions such as encrypting important data when storing and transmitting.
Installation of security programs and periodic checks and updates
We install security programs and periodically update and check them to prevent personal information leakage and damage due to hacking or computer viruses.
Access control for unauthorized persons
We set aside a separate physical storage location for the personal information processing system that stores personal information and establish and operate access control procedures for it.
Article 9 (Installation, operation, and rejection of automatic personal information collection devices)
Fintech Center Korea uses 'cookies' to store and retrieve user information in order to provide personalized services to users.
Cookies are small amounts of information sent to the user's computer browser by the server (http) used to operate the website and are stored on the hard disk of the user's PC computer.
Installation, operation, and refusal of cookies: You can refuse to save cookies by setting options in the Tools > Internet Options > Privacy menu at the top of your web browser.
If you refuse to save cookies, you may experience difficulties in using personalized services.
Article 10 (Personal Information Protection Officer)
Personal information protection officer: Chairman of Fintech Center Korea
Personal Information Protection Department: Business Planning Office, Fintech Center Korea (02-6375-1550)
Article 11 (Remedies for infringement of rights and interests)
The subject of personal information may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee and the Personal Information Infringement and Reporting Center of the Korea Internet and Security Agency as follows to remedy the damage caused by personal information infringement.
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
Personal Information Infringement Report Center: 118 (without area code) (privacy.kisa.or.kr)
Supreme Prosecutors' Office Cyber Investigation Division: 1301 (without area code) (www.spo.go.kr)
National Police Agency Cyber Safety Bureau: (without area code) 182 (cyberbureau.police.go.kr)