Privacy Policy

HOME HOME Customer Servcie center Privacy Policy
All private information handled by The official website of the Foreign Investment Ombudsman (hereafter referred to as the Ombudsman Website) is collected, retained and managed in accordance with the relevant Acts.
The Personal Information Protection Act suggests general norms for the processing of the personal information. Ombudsman Website shall treat the collected and retained information in compliance with the Act in a legal and appropriate manner in order to conduct public affairs properly and to protect the rights and interests of the users.
Ombudsman Website respects the rights and interests of the users including the request for inspecting, modifying, deleting and suspending the personal information processing regulated by the relevant Act. The users shall file for an administrative appeal in accordance with the Administrative Appeals Act for the infringements on their rights and interests.
Ombudsman Website established the following regulations for the processing of the personal information and shall disclose them to protect the personal information and rights and interests in accordance with Article 30 of the Personal Information Protection Act and smoothly handle the grievances of the users related to their personal information.

Article1 (Purpose of the personal information processing)

  • ① Ombudsman Website handles the personal information for the following purposes. The processed personal information shall not be used for other purposes other than the following and in the case of a change in the purposes, necessary measures shall be taken, such as getting a separate consent in accordance with Article 18 of the Personal Information Protection Act.
  • ② The purpose of the processing of the personal information files that are registered and disclosed by Ombudsman Website in accordance with Article 32 of the Personal Information Protection Act shall be as follows:
    Name of the personal information file Grounds for operation Purpose of the processing
    1 Ombudsman Website member Consent by data subject Provision of information regarding
    foreign-invested companies
    2 News letter Mailing member Consent by data subject Provision of Ombudsman’s
    Newsletter

Article 2 (Processing and retention period of the personal information)

  • ① During the retention period of the personal information in accordance with the Act or when collecting the personal information from data subject, Ombudsman Website shall process and retain the personal information within the processing and retention period that has been consented by data subject.
  • ② The processing and retention period of the personal information shall be as follows:
    Name of the personal information file Grounds for operationPurpose operationPurpose of the processing1I
    1 Ombudsman Website member Consent by data subject 2 years
    2 News letter Mailing member Consent by data subject 2 years

Article 3 (Providing the personal information to the third party)

In principle, Ombudsman Website processes the personal information of a data subject within the scope defined under the purpose for collecting and using the personal information of the data subject and shall not process the information that exceeds the scope of the purpose or provide the information to the third party without the consent from the data subject excluding the following exceptions:

  • 1. When Ombudsman Website obtains a separate consent from the data subject;
  • 2. When there is a special regulation specified under the Act;
  • 3. When Ombudsman Website clearly recognizes the need to provide the personal information to the third party for the interests of the life, physical body or property of the data subject or the third party as the data subject or legal representative is in a situation where he cannot express his intention or Ombudsman Website cannot obtain prior consent of the data subject due to the unclear address and other reasons;
  • 4. When the personal information that is required for statistics and academic research is unrecognizable;
  • 5. When the protection committee has reviewed and decided the case where the matters under the jurisdiction defined by a different Act cannot be executed as the personal information has been used for other purposes or has not been delivered to the third party;
  • 6. When the information is needed to provide it to foreign governments or international organizations to carry out treaties and other international agreements;
  • 7. When it is necessary for investigation of a crime or prosecution;
  • 8. When it is necessary for a court to perform its judicial affairs; and
  • 9. When it is necessary for executing a punishment, care and custody or protective disposition.

Article 4 (Entrustment of the personal information processing)

  • ① Ombudsman Website entrusts the following affairs related to the processing of the personal information to smoothly process the personal information:
    Entrusted affairs Company Name Tel no. Hours maintenance reveiw for
    service provider entrusted
    1 Operation and maintenance of the KOTRA information system SGA Co., Ltd. 070-7308-1004 09:00~18:00 passed
    2 Operation of the customer information center Transcosmos Korea Inc. 82-2-790-8106 9:00~18:00 passed
  • ② I-OMBUDSMAN keeps the contents of the agreement by clearly regulating its role to abide by the Personal Information Protection Act when signing the entrustment agreement, to prohibit providing the personal information to the third party and to follow the liability. Ombudsman Website shall notify the members any changes to the entrusted companies in accordance with the policies of the privacy statement via the website.

Article 5 (Rights and duties of data subject and how to exercise them)

  • ① A data subject (a legal representative shall exercise the rights if the data subject is less than 14 years old) shall exercise the following rights related to the protection of the personal information at any time:
    • 1. Request for inspection of the personal information
    • 2. Request for modification where there is an error
    • 3. Request for deletion
    • 4. Request for suspension of the processing.
  • ② The data subject shall exercise his rights in accordance with Section 1 by submitting the document as provided by Annex 8. Enforcement Ordinance of the Personal Information Protection Act via mail, e-mail or fax and Ombudsman Website shall respond to the request without delay.
  • ③ If the data subject of the personal information requests for modification or deletion of his personal information, Ombudsman Website shall not use or provide the personal information of the player until such modification or deletion is completed.
  • ④ The data subject shall present his legal representative or agent to exercise his rights as provided by Section 1. In such case, the data subject is required to submit the power of attorney in accordance with Annex 11. Enforcement Ordinance of the Personal Information Protection Act.
  • ⑤ The request for suspending the process and inspection of the personal information could be limited in accordance with Article 35.5 and Article 37.2 of the Personal Information Protection Act.
  • ⑥ For modification and deletion of personal information, if other Acts stipulate the particular personal information be collected, the information plyer shall not request for deletion thereof.
  • ⑦ For request to inspect, modify, delete or suspend the process in accordance with the rights of the data subject, Ombudsman Website shall confirm if the requested person is himself or his legal representative.
    * Provide any identification cards (certificate of resident registration, driver’s license, passport, etc.) to identify himself.
    * If the requested person is the legal representative, any identification cards and power of attorney to identify that he is the legal representative of the data subject.
    * [Annex 8. Enforcement Ordinance of the Personal Information Protection Act] Request for inspecting, modifying, deleting and suspending the process of the personal information [ hwp,  PDF]
    * [Annex 11. Enforcement Ordinance of the Personal Information Protection Act] Power of Attorney [ hwp,  PDF]
  • ⑧ Procedures for inspecting, modifying, deleting and suspending the personal information are as follows:

Article 6 (Items for processing the personal information)

  • Ombudsman Website processes the following items for the personal information:
    Name of the personal information file Items for the personal information1
    1 Ombudsman Website member Required Password, real name (Korean or English), company name, company registration no., office no., email address ID
    Optional Department/position, company no., company address, compnay website address
    2 News letter Mailing member Required real name (Korean or English), company name, email address
    When you visit the Ombudsman Website, the information below could be generated and collected: Cookie, IP Address, MAC Addres, Service records, visiting history, Malfunction record

    image6

Article 7 (Procedures and methods of destructing the personal information)

  • ① Ombudsman Website, in principle, shall delete the personal information without delay if its purpose to process the personal information is achieved.
    However, it shall not be applied for the personal information that needs to be preserved in accordance with other Acts. The procedures, terms and methods of destructing the personal information are as follows:
    A. Procedures

    Any unnecessary personal information and personal information file shall be destroyed in accordance with the below procedure of the inside policy under the responsibility of the person in charge of the personal information.

    • - Destruction of the personal information
      The personal information shall be destroyed without delay from the end date of its holding period.
    • - Destruction of the personal information file
      If the personal information file becomes unnecessary due to the achievement of the processing of the personal information file, abolition of the relevant service and the end of the business, the personal information file shall be destroyed without delay from the day that recognizes the processing of the personal information is no longer needed.
    B. Methods
    • - Electronic data shall be destroyed by using technical methods to make it impossible to restore such data.
    • - Paper documents that contain the personal information shall be shredded or incinerated.

Article 8 (Measures to secure the safety of the personal information)

Ombudsman Website shall implement the following technical, managerial and physical measures to secure the safety of the personal information in accordance with Article 29 of the Personal Information Protection Act.

  • 1. Minimum number of staff in charge of the personal information processing and training
    Ombudsman Website shall designate the minimum number of staff to handle the personal information.
  • 2. Restricted access to the personal information
    Ombudsman Website shall carry out necessary measures to restrict access to the personal information through empowerment, change and cancellation of access authorities for the database system that processes the personal information. It shall also operate intrusion prevention systems to deny any unauthorized external access.
  • 3. Preservation of the access records
    Ombudsman Website shall store access records (weblog data, summarized information, etc.) to the personal information data system for at least six months.
  • 4. Encryption of the personal information
    The personal information of the users are stored and managed in an encrypted manner. Ombudsman Website also implements special security measures including encrypting important data when storing or transferring.
  • 5. Installation and periodic updates of computer security programs
    Ombudsman Website shall install and periodically update the computer security programs to prevent the personal information from leakage and damage due to hacking or computer viruses.
  • 6. Access control of the unauthorized personnel
    Ombudsman Website shall operate a separate physical storage facility for its personal information data systems and establish and operate relevant access control procedures

Article 9 (Contact points for Ombudsman Website’s personal information protection)

Personal Information Protection Director Foreign Investment Department Personal Information Protection Director Personal Information Protection Manager Personal Information Protection Officer
Small & Medium Enterprise department
EXECUTIVE VICE PRESIDENT
JAEWON LYU
Tel: 82-2-3460-7400
Department in charge: Foreign
Investment OMBUDSMAN

Department in charge: Foreign
Investment OMBUDSMAN
Director-General

YOUNGSU JEONG

Tel: 82-2-3497-1822

Department in charge: Foreign
Investment OMBUDSMAN

KI HO OH
E-mail: ohkiho@kotra.or.kr
Tel: 82-2-3497-1827
Fax: 82-2-3497-1699

Article 10 (Request for inspection of the personal information)

  • ① A data subject shall request for the inspection of the personal information in accordance with Article 35 of the Personal Information Protection Act via the following team. KOTRA shall strive to swiftly handle the request of the data subject for the inspection of the personal information.
    ► Department in charge
    Team: Foreign Investment OMBUDSMAN
    Officer: KI HO OH
    Contact: Tel 82-2-3497-1827 / E-mail ohkiho@kotra.or.kr / Fax 82-2-3497-1699
  • ② Apart from the Team mentioned in Section 1, the data subject shall be able to request for the inspection of the personal information via the website (www.privacy.go.kr) of the Privacy Information Protection Portal run by the Ministry of Government Administration and Home Affairs.
    Privacy Information Protection Portal → Civil affairs on the personal information → Request for the inspection of the personal information (real name authentication via public I-pin service is required.)

Article 11 (Remedies for infringement on rights and interests)

A data subject shall consult the following organizations for remedies regarding the infringement on the personal information.

  • ► Personal Information Infringement Report Center (Run by the Korea Internet & Security Agency)
    - Description: Report infringement on the personal information, request for consultation
    - Website: http://privacy.kisa.or.kr
    - Tel: 118 (without area code)
    - Address: (58324) 9, Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea, the Korea Internet & Security Agency
  • ► Personal Information Dispute Resolution Committee (Run by the Korea Internet & Security Agency)
    - Description: apply for the personal information dispute resolution, collective dispute resolution (civil resolution)
    - Webiste: http://www.kopico.go.kr
    - Tel: 1833-6972
    - Address: (03171) 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
  • ► Cybercrime Investigation Department: 1301(without area code) (www.spo.go.kr, (cybercid@spo.go.kr), 182(without area code) (cyberbureau.police.go.kr)
    Also, the data subject reserves the right to demand administrative appeals in accordance with the Administrative Appeals Act for any infringement on rights and interests occurred due to the nonfeasance or measures taken by the head of a public institution for the request of the data subject for inspection, modification, deletion or suspension of the personal information processing.
  • ► Please refer to the telephone numbers via the website (www.simpan.go.kr) of the Central Administrative Appeals Commission.

    Article 12 (Amendment to the personal information processing policy)

    • ① The policy shall take into effect on September 23, 2020.
    • ② The previous document could be found below : 
         - Privacy policy, January 1, 2016 ~ June 8, 2020 (Click) ;
         - Privacy policy, June 9, 2020 ~ September 22, 2020 (Click)