Gyeonggi Cultural Foundation Personal Information Processing Policy
admin - December 20, 2019
Hits 4409
Gyeonggi Cultural Foundation Personal Information Processing Policy
In accordance with Article 30 of the Personal Information Protection Act, the Gyeonggi Cultural Foundation(referred to as “ Foundation ”) establishes and discloses the guidelines for the processing of personal information in order to protect the personal information of the data subjects and to quickly and smoothly deal with the grievances related thereto. It is. This policy is effective from October 18, 2019, and if it is revised, it will be notified through the website notice (or the entire and individual notice by means of written, e- mail, telephone, SMS, etc.).
Article 1 (Purpose of Processing Personal Information)
‘Foundation’ processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following purposes, and if the purpose of use is changed, we will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
① Member registration and management of integrated homepage
Confirmation of membership intent, identification and certification by providing membership system, maintenance and management of membership, identification by enforcement of limited identity verification system, prevention of fraudulent use of service, and consent of legal representative in processing personal information of children under 14 Personal information is processed for the purpose of confirmation, notice, notice, and grievance.
② Civil affairs processing
Personal information is processed for the purpose of verifying the identity of the complainant, confirming the complaint, contacting and notifying for fact investigation, and notifying the processing result.
③ We process personal information in connection with the use of the following services.
1. Participation in education / events provided by the Foundation
2. Reservation of rentals in the spaces (performance venues, etc.) operated by the Foundation
3. Reservation for group visits to museums and galleries operated by the Foundation
4. Offer coupon service when purchasing a museum shop product operated by the Foundation
5. Providing information on events conducted by the Foundation
6. Provide ‘Foundation’ information to the extent allowed by members, such as sending newsletters and notifications
Article 1 (Purpose of Processing Personal Information)
‘Foundation’ processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following purposes, and if the purpose of use is changed, we will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
① Member registration and management of integrated homepage
Confirmation of membership intent, identification and certification by providing membership system, maintenance and management of membership, identification by enforcement of limited identity verification system, prevention of fraudulent use of service, and consent of legal representative in processing personal information of children under 14 Personal information is processed for the purpose of confirmation, notice, notice, and grievance.
② Civil affairs processing
Personal information is processed for the purpose of verifying the identity of the complainant, confirming the complaint, contacting and notifying for fact investigation, and notifying the processing result.
③ We process personal information in connection with the use of the following services.
1. Participation in education / events provided by the Foundation
2. Reservation of rentals in the spaces (performance venues, etc.) operated by the Foundation
3. Reservation for group visits to museums and galleries operated by the Foundation
4. Offer coupon service when purchasing a museum shop product operated by the Foundation
5. Providing information on events conducted by the Foundation
6. Provide ‘Foundation’ information to the extent allowed by members, such as sending newsletters and notifications
Article 2 (Processing and Retention Period of Personal Information)
① ‘Foundation’ processes and retains personal information within the period of possession and use of personal information pursuant to the law or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
② If an existing ‘Foundation’ homepage (ggcf.kr) member has re- joined as Jiji members, Jiji members can view the history of their activities through the authentication process. Jiji members can use the existing information within the members’ allowance, such as sending newsletters.
③ Each personal information processing and retention period is as follows.
1. Membership, management, and service use of ‘Jiji C. Members': When joining the ‘Foundation’ integrated homepage until the time of withdrawal, it shall be kept, but it shall be deleted if it does not become an active member within 5 years after switching to a dormant customer. However, if it falls under any of the following reasons
1) If an investigation or investigation is in progress due to a violation of related laws, until the end of the investigation or investigation.
2) In case of remaining bond / debt relations due to the use of the website,
2. Civil affairs processing: 3 years after the civil affairs
3. Record of online payment and supply of goods, etc .: 5 years from the date of processing
4. Records on the issue and use of Jiji members’ coupons: 5 years
④ Processing of Personal Information of the Withdrawn Member
1. Withdrawal member’s personal information will be deleted immediately. However, the following cases will be deleted after 30 days retention.
1) If you need to re- enroll for the purpose of receiving repeated benefits
2) If you wish to recover information with a simple change of mind
① ‘Foundation’ processes and retains personal information within the period of possession and use of personal information pursuant to the law or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
② If an existing ‘Foundation’ homepage (ggcf.kr) member has re- joined as Jiji members, Jiji members can view the history of their activities through the authentication process. Jiji members can use the existing information within the members’ allowance, such as sending newsletters.
③ Each personal information processing and retention period is as follows.
1. Membership, management, and service use of ‘Jiji C. Members': When joining the ‘Foundation’ integrated homepage until the time of withdrawal, it shall be kept, but it shall be deleted if it does not become an active member within 5 years after switching to a dormant customer. However, if it falls under any of the following reasons
1) If an investigation or investigation is in progress due to a violation of related laws, until the end of the investigation or investigation.
2) In case of remaining bond / debt relations due to the use of the website,
2. Civil affairs processing: 3 years after the civil affairs
3. Record of online payment and supply of goods, etc .: 5 years from the date of processing
4. Records on the issue and use of Jiji members’ coupons: 5 years
④ Processing of Personal Information of the Withdrawn Member
1. Withdrawal member’s personal information will be deleted immediately. However, the following cases will be deleted after 30 days retention.
1) If you need to re- enroll for the purpose of receiving repeated benefits
2) If you wish to recover information with a simple change of mind
Article 3 (Inactive Customer Conversion and Personal Information Processing)
① ‘Foundation’ keeps personal information of inactive members for one year. An inactive member is a dormant state with no activity history, such as a visit to the museum or a login to the homepage. The dormancy judgment period is one year by default, and can be set to three years when selected.
② The separate storage is separated from the main database and stored in a separate storage device.
③ When a dormant member attempts to log in to the homepage, it is notified that it is a dormant member and can be restored to its active state through mobile phone occupation authentication.
① ‘Foundation’ keeps personal information of inactive members for one year. An inactive member is a dormant state with no activity history, such as a visit to the museum or a login to the homepage. The dormancy judgment period is one year by default, and can be set to three years when selected.
② The separate storage is separated from the main database and stored in a separate storage device.
③ When a dormant member attempts to log in to the homepage, it is notified that it is a dormant member and can be restored to its active state through mobile phone occupation authentication.
Article 4 (Provide Third Party of Personal Information)
‘Foundation’ does not provide the data subject’s personal information to third parties. However, personal information will be provided to third parties only if the information is subject to Article 17 of the Personal Information Protection Act, such as the consent of the data subject and special provisions of the law.
‘Foundation’ does not provide the data subject’s personal information to third parties. However, personal information will be provided to third parties only if the information is subject to Article 17 of the Personal Information Protection Act, such as the consent of the data subject and special provisions of the law.
Article 5 (Consignment of Personal Information Processing)
The Foundation does not entrust the processing of personal information to third parties. However, in order to facilitate the processing of personal information, we will disclose it through this personal information processing policy immediately, and implement the consent process under Article 17 of the Personal Information Protection Act and the restriction on processing under Article 26.
The Foundation does not entrust the processing of personal information to third parties. However, in order to facilitate the processing of personal information, we will disclose it through this personal information processing policy immediately, and implement the consent process under Article 17 of the Personal Information Protection Act and the restriction on processing under Article 26.
Article 6 (Rights, duties and exercise methods of the information subject)
① The information subject can exercise the following rights in relation to personal information at any time for the Foundation.
1. Request for access to personal information
2. Request for correction if there is an error
3. Delete request
4. Processing stop request
② The exercise of rights under Paragraph 1 can be done by using ‘Jiji members’ My Members menu, or by writing, representative phone (031- 231- 7200), e- mail, facsimile (FAX), etc. Will take action immediately. If the data subject requests correction or deletion of personal information, the Foundation will not use or provide the personal information until the correction or deletion is completed.
③ The exercise of rights under Paragraph 1 can be done through the legal representative of the information subject or the representative such as a person who has been delegated. In this case, you must submit a power of attorney according to Form 11 of the Enforcement Regulations of the Personal Information Protection Act.
④ The right of the information subject may be restricted in accordance with Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.
⑤ A request for correction or deletion of personal information cannot be requested if the personal information is specified for collection in other laws and regulations.
⑥ ‘Foundation’ checks whether the person who made the request, the request for correction or deletion, or the request for suspension of processing according to the information subject’s right, is the person or the rightful agent. Proof of identity such as a relevant certificate may be required.
⑦ The information subject shall not infringe the personal information or privacy of the information subject or other person handled by the Foundation in violation of related laws such as the Personal Information Protection Act.
① The information subject can exercise the following rights in relation to personal information at any time for the Foundation.
1. Request for access to personal information
2. Request for correction if there is an error
3. Delete request
4. Processing stop request
② The exercise of rights under Paragraph 1 can be done by using ‘Jiji members’ My Members menu, or by writing, representative phone (031- 231- 7200), e- mail, facsimile (FAX), etc. Will take action immediately. If the data subject requests correction or deletion of personal information, the Foundation will not use or provide the personal information until the correction or deletion is completed.
③ The exercise of rights under Paragraph 1 can be done through the legal representative of the information subject or the representative such as a person who has been delegated. In this case, you must submit a power of attorney according to Form 11 of the Enforcement Regulations of the Personal Information Protection Act.
④ The right of the information subject may be restricted in accordance with Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.
⑤ A request for correction or deletion of personal information cannot be requested if the personal information is specified for collection in other laws and regulations.
⑥ ‘Foundation’ checks whether the person who made the request, the request for correction or deletion, or the request for suspension of processing according to the information subject’s right, is the person or the rightful agent. Proof of identity such as a relevant certificate may be required.
⑦ The information subject shall not infringe the personal information or privacy of the information subject or other person handled by the Foundation in violation of related laws such as the Personal Information Protection Act.
Article 7 (Items of Personal Information Processed)
‘Foundation’ processes the following personal information items.
1. Membership and management of ‘지지 씨 Members’
Required items: name, ID (e- mail address), password, place of residence, organization of interest
Optional items: receive SMS, receive newsletter
2. Civil affairs processing (counsel bulletin board)
Required items: name, mobile phone, email address
3. Participate in Education / Events
Required items: Participant Name
Optional items: gender, birth year, phone number
4. Rental application
Required items: phone number, name
Optional Item: Group Name
5. Application for group viewing
Required items: Name of the leader, phone number
Optional items: address, birth year
6. In the process of using the Internet service, the following personal information items may be automatically generated and collected. (If there is an item of personal information that is automatically generated and collected)
IP address, cookie, MAC address, service usage history, visit history, bad usage record, etc.
‘Foundation’ processes the following personal information items.
1. Membership and management of ‘지지 씨 Members’
Required items: name, ID (e- mail address), password, place of residence, organization of interest
Optional items: receive SMS, receive newsletter
2. Civil affairs processing (counsel bulletin board)
Required items: name, mobile phone, email address
3. Participate in Education / Events
Required items: Participant Name
Optional items: gender, birth year, phone number
4. Rental application
Required items: phone number, name
Optional Item: Group Name
5. Application for group viewing
Required items: Name of the leader, phone number
Optional items: address, birth year
6. In the process of using the Internet service, the following personal information items may be automatically generated and collected. (If there is an item of personal information that is automatically generated and collected)
IP address, cookie, MAC address, service usage history, visit history, bad usage record, etc.
Article 8 (Destruction of Personal Information)
① ‘Foundation’ destroys personal information when personal information becomes unnecessary, such as the retention period of personal information and the purpose of processing.
② If the personal information must be kept in accordance with other laws despite the period of retention of personal information agreed to by the data subject or the purpose of processing has been achieved, the personal information (or personal information file) must be stored in a separate database. Preserve it by moving it to a different storage location.
③ The procedures and methods of personal information destruction are as follows.
1. Destruction procedure
① ‘Foundation’ destroys personal information when personal information becomes unnecessary, such as the retention period of personal information and the purpose of processing.
② If the personal information must be kept in accordance with other laws despite the period of retention of personal information agreed to by the data subject or the purpose of processing has been achieved, the personal information (or personal information file) must be stored in a separate database. Preserve it by moving it to a different storage location.
③ The procedures and methods of personal information destruction are as follows.
1. Destruction procedure
- ‘Foundation’ destroys personal information that should be destroyed in accordance with the internal policy and related laws under the responsibility of the personal information manager.
- ‘Foundation’ selects personal information for which the reason for destruction occurs, and destroys personal information with the approval of ‘Foundation’s personal information protection officer.
- ‘Foundation’ destroys personal information printed on paper by shredding or incineration. Information in the form of electronic files uses a technical method that cannot reproduce the record.
Article 9 (Measures to Ensure Personal Information Safety)
① ‘Foundation’ takes the following measures to ensure the safety of personal information.
1. Administrative measures: establishment and implementation of internal management plan, regular employee training, etc.
2. Technical measures: access authority management of personal information processing system, access control system installation, encryption of unique identification information, security program installation
3. Physical measures: access control of computer room, data storage room, etc.
② The Foundation takes the following measures against hacking.
1. ‘Foundation’ uses anti- virus programs to prevent damage from computer viruses. Vaccine programs are updated periodically and, if a sudden virus appears, provide it as soon as the vaccine is available to help protect your privacy.
2. ‘Foundation’ adopts a security device (SSL) that can safely transmit personal information on the network using encryption algorithms.
① ‘Foundation’ takes the following measures to ensure the safety of personal information.
1. Administrative measures: establishment and implementation of internal management plan, regular employee training, etc.
2. Technical measures: access authority management of personal information processing system, access control system installation, encryption of unique identification information, security program installation
3. Physical measures: access control of computer room, data storage room, etc.
② The Foundation takes the following measures against hacking.
1. ‘Foundation’ uses anti- virus programs to prevent damage from computer viruses. Vaccine programs are updated periodically and, if a sudden virus appears, provide it as soon as the vaccine is available to help protect your privacy.
2. ‘Foundation’ adopts a security device (SSL) that can safely transmit personal information on the network using encryption algorithms.
Article 10 (Matters Regarding Installation, Operation and Rejection of Automatic Collection Device of Personal Information)
① ‘Foundation’ uses ‘cookies’ that store and retrieve usage information from time to time in order to provide personalized service to users.
② Cookies are a small amount of information sent to the user’s computer browser by the server (http) used to operate the website and may be stored on the hard disk of the user’s PC computer.
1. Purpose of Use of Cookies: Used to provide you with a list of the content and services that you have viewed in the Jiji Members.
2. Installation, operation and rejection of cookies: You can refuse to save cookies through the option setting in the Tools> Internet Options> Privacy menu at the top of the web browser.
3. If you refuse to store cookies, you may have difficulty using the customized service.
③ The procedures and methods of personal information destruction are as follows.
1. Destruction procedure
① ‘Foundation’ uses ‘cookies’ that store and retrieve usage information from time to time in order to provide personalized service to users.
② Cookies are a small amount of information sent to the user’s computer browser by the server (http) used to operate the website and may be stored on the hard disk of the user’s PC computer.
1. Purpose of Use of Cookies: Used to provide you with a list of the content and services that you have viewed in the Jiji Members.
2. Installation, operation and rejection of cookies: You can refuse to save cookies through the option setting in the Tools> Internet Options> Privacy menu at the top of the web browser.
3. If you refuse to store cookies, you may have difficulty using the customized service.
③ The procedures and methods of personal information destruction are as follows.
1. Destruction procedure
- ‘Foundation’ destroys personal information that should be destroyed in accordance with the internal policy and related laws under the responsibility of the personal information manager.
- ‘Foundation’ selects personal information for which the reason for destruction occurs, and destroys personal information with the approval of the personal information protection officer of ‘Foundation’.
- ‘Foundation’ destroys personal information printed on paper by shredding or incineration. Information in the form of electronic files uses a technical method that cannot reproduce the record.
Article 11 (Matters concerning Personal Information Protection Officer)
① ‘Foundation’ is responsible for the handling of personal information, and appoints a person in charge of personal information protection as follows to deal with complaints and damages of information subjects related to the processing of personal information.
▶ Personal Information Protection Officer
– Name: Young Jin Lee
– Title: Head of Management Division
– Position: General Manager
– Contact: 031- 231- 7203
– e- mail :
※ You will be connected to the department in charge of personal information protection.
▶ Privacy Department
– Title: Integrated PR Team
– Person in charge: Hwang Rok- ju
– Contact: 031- 231- 7261
– Email: webmaster@ggcf.or.kr
② The information subject can inquire about personal information protection inquiries, complaint handling, damage relief, etc. that occurred while using the services (or business) of the Foundation. ‘Foundation’ will respond directly to the information subject’s inquiries.
① ‘Foundation’ is responsible for the handling of personal information, and appoints a person in charge of personal information protection as follows to deal with complaints and damages of information subjects related to the processing of personal information.
▶ Personal Information Protection Officer
– Name: Young Jin Lee
– Title: Head of Management Division
– Position: General Manager
– Contact: 031- 231- 7203
– e- mail :
※ You will be connected to the department in charge of personal information protection.
▶ Privacy Department
– Title: Integrated PR Team
– Person in charge: Hwang Rok- ju
– Contact: 031- 231- 7261
– Email: webmaster@ggcf.or.kr
② The information subject can inquire about personal information protection inquiries, complaint handling, damage relief, etc. that occurred while using the services (or business) of the Foundation. ‘Foundation’ will respond directly to the information subject’s inquiries.
Article 12 (Request for Access to Personal Information)
① The information subject may request the viewing of personal information pursuant to Article 35 of the Personal Information Protection Act to the following departments. The Foundation will endeavor to expedite the processing of personal information requests from data subjects.
▶ Receipt / Processing Department for Requesting Personal Information
– Title: Integrated PR Team
– Person in charge: Hwang Rok- ju
– Contact: 031- 231- 7261
– Email: webmaster@ggcf.or.kr
– Fax: 031- 236- 0166
② In addition to the request for receipt and processing section 1, the information subject may request a request for access to personal information through the website of the Ministry of Public Administration and Security’s Personal Information Protection Portal (www.privacy.go.kr).
▶ Comprehensive support portal for personal information protection → Ministry of Public Administration and Security → Civil complaint → Request for viewing personal information (real name authentication required)
① The information subject may request the viewing of personal information pursuant to Article 35 of the Personal Information Protection Act to the following departments. The Foundation will endeavor to expedite the processing of personal information requests from data subjects.
▶ Receipt / Processing Department for Requesting Personal Information
– Title: Integrated PR Team
– Person in charge: Hwang Rok- ju
– Contact: 031- 231- 7261
– Email: webmaster@ggcf.or.kr
– Fax: 031- 236- 0166
② In addition to the request for receipt and processing section 1, the information subject may request a request for access to personal information through the website of the Ministry of Public Administration and Security’s Personal Information Protection Portal (www.privacy.go.kr).
▶ Comprehensive support portal for personal information protection → Ministry of Public Administration and Security → Civil complaint → Request for viewing personal information (real name authentication required)
Article 13 (Methods for Relieving Infringement of Rights)
① The information subject can inquire about the following organizations for remedies and counseling for infringement of personal information. <The following organizations are separate from the Foundation, and if you are not satisfied with the Foundation’s own handling of personal complaints or damage relief, or if you need further assistance, please contact us.>
▶ Comprehensive personal information support portal (operated by the Ministry of Public Administration and Security)
– Jurisdiction: Report on personal information infringement, apply for consultation, provide data
– Homepage: www.privacy.go.kr
– Phone: 02- 6952- 8650
① The information subject can inquire about the following organizations for remedies and counseling for infringement of personal information. <The following organizations are separate from the Foundation, and if you are not satisfied with the Foundation’s own handling of personal complaints or damage relief, or if you need further assistance, please contact us.>
▶ Comprehensive personal information support portal (operated by the Ministry of Public Administration and Security)
– Jurisdiction: Report on personal information infringement, apply for consultation, provide data
– Homepage: www.privacy.go.kr
– Phone: 02- 6952- 8650
Comments [0]
Leave a comment
You must be logged in to post a comment.