Privacy Policy

HOME HOME Customer Servcie center Privacy Policy
All private information handled by I-OMBUDSMAN is collected, retained and managed in accordance with the relevant Acts.
The Personal Information Protection Act suggests general norms for the processing of the personal information. I-OMBUDSMAN shall treat the collected and retained information in compliance with the Act in a legal and appropriate manner in order to conduct public affairs properly and to protect the rights and interests of the users.
I-OMBUDSMAN respects the rights and interests of the users including the request for inspecting, modifying, deleting and suspending the personal information processing regulated by the relevant Act. The users shall file for an administrative appeal in accordance with the Administrative Appeals Act for the infringements on their rights and interests.
I-OMBUDSMAN established the following regulations for the processing of the personal information and shall disclose them to protect the personal information and rights and interests in accordance with Article 30 of the Personal Information Protection Act and smoothly handle the grievances of the users related to their personal information.

Article1 (Purpose of the personal information processing)

  • ① I-OMBUDSMAN handles the personal information for the following purposes. The processed personal information shall not be used for other purposes other than the following and in the case of a change in the purposes, necessary measures shall be taken, such as getting a separate consent in accordance with Article 18 of the Personal Information Protection Act.
  • ② The purpose of the processing of the personal information files that are registered and disclosed by I-OMBUDSMAN in accordance with Article 32 of the Personal Information Protection Act shall be as follows:
    Name of the personal information file Grounds for operation Purpose of the processing
    1 I-OMBUDSMAN member Consent by data subject Provision of information regarding
    foreign-invested companies

Article 2 (Processing and retention period of the personal information)

  • ① During the retention period of the personal information in accordance with the Act or when collecting the personal information from data subject, I-OMBUDSMAN shall process and retain the personal information within the processing and retention period that has been consented by data subject.
  • ② The processing and retention period of the personal information shall be as follows:
    Name of the personal information file Grounds for operationPurpose operationPurpose of the processing1I
    1 I-OMBUDSMAN member Consent by data subject Until the withdrawal of the membership from I-OMBUDSMAN

Article 3 (Providing the personal information to the third party)

In principle, I-OMBUDSMAN processes the personal information of a data subject within the scope defined under the purpose for collecting and using the personal information of the data subject and shall not process the information that exceeds the scope of the purpose or provide the information to the third party without the consent from the data subject excluding the following exceptions:

  • 1. When I-OMBUDSMAN obtains a separate consent from the data subject;
  • 2. When there is a special regulation specified under the Act;
  • 3. When I-OMBUDSMAN clearly recognizes the need to provide the personal information to the third party for the interests of the life, physical body or property of the data subject or the third party as the data subject or legal representative is in a situation where he cannot express his intention or I-OMBUDSMAN cannot obtain prior consent of the data subject due to the unclear address and other reasons;
  • 4. When the personal information that is required for statistics and academic research is unrecognizable;
  • 5. When the protection committee has reviewed and decided the case where the matters under the jurisdiction defined by a different Act cannot be executed as the personal information has been used for other purposes or has not been delivered to the third party;
  • 6. When the information is needed to provide it to foreign governments or international organizations to carry out treaties and other international agreements;
  • 7. When it is necessary for investigation of a crime or prosecution;
  • 8. When it is necessary for a court to perform its judicial affairs; and
  • 9. When it is necessary for executing a punishment, care and custody or protective disposition.

Article 4 (Entrustment of the personal information processing)

  • ① I-OMBUDSMAN entrusts the following affairs related to the processing of the personal information to smoothly process the personal information:
    Entrusted affairs Company Name Tel no. Hours
    1 Operation and maintenance of the KOTRA information system SGA Co., Ltd. 070-7308-1004 09:00~18:00
    2 Operation of the customer information center Leading I Co., Ltd. 82-2-390-4200 09:00~18:00
  • ② I-OMBUDSMAN keeps the contents of the agreement by clearly regulating its role to abide by the Personal Information Protection Act when signing the entrustment agreement, to prohibit providing the personal information to the third party and to follow the liability. I-OMBUDSMAN shall notify the members any changes to the entrusted companies in accordance with the policies of the privacy statement via the website.

Article 5 (Rights and duties of data subject and how to exercise them)

  • ① A data subject (a legal representative shall exercise the rights if the data subject is less than 14 years old) shall exercise the following rights related to the protection of the personal information at any time:
    • 1. Request for inspection of the personal information
    • 2. Request for modification where there is an error
    • 3. Request for deletion
    • 4. Request for suspension of the processing.
  • ② The data subject shall exercise his rights in accordance with Section 1 by submitting the document as provided by Annex 8. Enforcement Ordinance of the Personal Information Protection Act via mail, e-mail or fax and I-OMBUDSMAN shall respond to the request without delay.
  • ③ If the data subject of the personal information requests for modification or deletion of his personal information, I-OMBUDSMAN shall not use or provide the personal information of the player until such modification or deletion is completed.
  • ④ The data subject shall present his legal representative or agent to exercise his rights as provided by Section 1. In such case, the data subject is required to submit the power of attorney in accordance with Annex 11. Enforcement Ordinance of the Personal Information Protection Act.
  • ⑤ The request for suspending the process and inspection of the personal information could be limited in accordance with Article 35.5 and Article 37.2 of the Personal Information Protection Act.
  • ⑥ For modification and deletion of personal information, if other Acts stipulate the particular personal information be collected, the information plyer shall not request for deletion thereof.⑦ For request to inspect, modify, delete or suspend the process in accordance with the rights of the data subject, I-OMBUDSMAN shall confirm if the requested person is himself or his legal representative.
    * Provide any identification cards (certificate of resident registration, driver’s license, passport, etc.) to identify himself.
    * If the requested person is the legal representative, any identification cards and power of attorney to identify that he is the legal representative of the data subject.
    * [Annex 8. Enforcement Ordinance of the Personal Information Protection Act] Request for inspecting, modifying, deleting and suspending the process of the personal information
    * [Annex 11. Enforcement Ordinance of the Personal Information Protection Act] Power of Attorney
  • ⑧ Procedures for inspecting, modifying, deleting and suspending the personal information are as follows:

Article 6 (Items for processing the personal information)

  • I-OMBUDSMAN processes the following items for the personal information:
    Name of the personal information file Items for the personal information1
    1 I-OMBUDSMAN member Required Password, real name (Korean or English), company name, company registration no., office no., email address ID
    Optional Department/position, company no., company address, compnay website address

    image6

Article 7 (Procedures and methods of destructing the personal information)

  • ① I-OMBUDSMAN, in principle, shall delete the personal information without delay if its purpose to process the personal information is achieved.
    However, it shall not be applied for the personal information that needs to be preserved in accordance with other Acts. The procedures, terms and methods of destructing the personal information are as follows:
    A. Procedures

    Any unnecessary personal information and personal information file shall be destroyed in accordance with the below procedure of the inside policy under the responsibility of the person in charge of the personal information.

    • - Destruction of the personal information
      The personal information shall be destroyed without delay from the end date of its holding period.
    • - Destruction of the personal information file
      If the personal information file becomes unnecessary due to the achievement of the processing of the personal information file, abolition of the relevant service and the end of the business, the personal information file shall be destroyed without delay from the day that recognizes the processing of the personal information is no longer needed.
    B. Methods
    • - Electronic data shall be destroyed by using technical methods to make it impossible to restore such data.
    • - Paper documents that contain the personal information shall be shredded or incinerated.

Article 8 (Measures to secure the safety of the personal information)

I-OMBUDSMAN shall implement the following technical, managerial and physical measures to secure the safety of the personal information in accordance with Article 29 of the Personal Information Protection Act.

  • 1. Minimum number of staff in charge of the personal information processing and training
    I-OMBUDSMAN shall designate the minimum number of staff to handle the personal information.
  • 2. Restricted access to the personal information
    I-OMBUDSMAN shall carry out necessary measures to restrict access to the personal information through empowerment, change and cancellation of access authorities for the database system that processes the personal information. It shall also operate intrusion prevention systems to deny any unauthorized external access.
  • 3. Preservation of the access records
    I-OMBUDSMAN shall store access records (weblog data, summarized information, etc.) to the personal information data system for at least six months.
  • 4. Encryption of the personal information
    The personal information of the users are stored and managed in an encrypted manner. I-OMBUDSMAN also implements special security measures including encrypting important data when storing or transferring.
  • 5. Installation and periodic updates of computer security programs
    I-OMBUDSMAN shall install and periodically update the computer security programs to prevent the personal information from leakage and damage due to hacking or computer viruses.
  • 6. Access control of the unauthorized personnel
    I-OMBUDSMAN shall operate a separate physical storage facility for its personal information data systems and establish and operate relevant access control procedures

Article 9 (Contact points for I-OMBUDSMAN’s personal information protection)

Personal Information Protection Director Foreign Investment Department Personal Information Protection Director Personal Information Protection Manager Personal Information Protection Officer
Management support department
TAESIK LEE Vice president
Tel: 82-2-3460-7200
Department in charge: Foreign
Investment OMBUDSMAN

Department in charge: Foreign
Investment OMBUDSMAN
Director-General

SHINHAK KANG

Tel: 82-2-3497-1822

Department in charge: Foreign
Investment OMBUDSMAN

YOON-HEE CHA
E-mail: yhcha@kotra.or.kr
Tel: 82-2-3497-1823
Fax: 82-2-3497-1699

Article 10 (Request for inspection of the personal information)

  • ① A data subject shall request for the inspection of the personal information in accordance with Article 35 of the Personal Information Protection Act via the following team. KOTRA shall strive to swiftly handle the request of the data subject for the inspection of the personal information.
    ► Department in charge
    Team: Foreign Investment OMBUDSMAN
    Officer: YOON-HEE CHA
    Contact: Tel 82-2-3497-1823 / E-mail yhcha@kotra.or.kr / Fax 82-2-3497-1699
  • ② Apart from the Team mentioned in Section 1, the data subject shall be able to request for the inspection of the personal information via the website (www.privacy.go.kr) of the Privacy Information Protection Portal run by the Ministry of Government Administration and Home Affairs.
    Privacy Information Protection Portal → Civil affairs on the personal information → Request for the inspection of the personal information (real name authentication via public I-pin service is required.)

Article 11 (Remedies for infringement on rights and interests)

A data subject shall consult the following organizations for remedies regarding the infringement on the personal information.

  • ► Personal Information Infringement Report Center (Run by the Korea Internet & Security Agency)
    - Description: Report infringement on the personal information, request for consultation
    - Website: http://privacy.kisa.or.kr
    - Tel: 118 (without area code)
    - Address: (138-950) 135 Jungdaero, Sonpa-gu Seoul-si, Personal Information Infringement Report Center, the Korea Internet & Security Agency
  • ► Personal Information Dispute Resolution Committee (Run by the Korea Internet & Security Agency)
    - Description: apply for the personal information dispute resolution, collective dispute resolution (civil resolution)
    - Webiste: http://privacy.kisa.or.kr
    - Tel: 118 (without area code)
    - Address: (138-950) 135 Jungdaero, Sonpa-gu Seoul-si, Personal Information Infringement Report Center, the Korea Internet & Security Agency
  • ► Cybercrime Investigation Department: 82-2-3480-3571 (www.spo.go.kr, cybercid@spo.go.kr)
  • ► Cyber Terror Response Center: 1566-0112 (www.netan.go.kr)
    Also, the data subject reserves the right to demand administrative appeals in accordance with the Administrative Appeals Act for any infringement on rights and interests occurred due to the nonfeasance or measures taken by the head of a public institution for the request of the data subject for inspection, modification, deletion or suspension of the personal information processing.
  • ► Please refer to the telephone numbers via the website (www.simpan.go.kr) of the Central Administrative Appeals Commission.

Article 12 (Amendment to the personal information processing policy)

  • ① The policy shall take into effect on January 1, 2016.