KFPI legally processes and safely manages personal information in compliance with the 「Personal Information Protection Act」 and related laws to protect the freedom and rights of information subjects. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, the following personal information processing policy is established and disclosed to inform data subjects of the procedures and standards for personal information processing and to promptly and smoothly handle complaints related thereto.

This Privacy Policy applies to the following websites operated by the Processor.

- Hansik Portal(www.hansik.or.kr)

Indication of Key Personal Information Processing Details(Labeling)

Collection of general personal information

Collection of general personal information

- Name, contact information, email
※ Check the text of the personal information processing policy for details

1 unique identification information

1 unique identification information

- resident registration number

Retention period and destruction

Retention period and destruction

- Personal information (integrated member information) is kept for 2 years (or destroyed upon withdrawal)
- Some personal information is kept or destroyed in accordance with relevant laws

Purpose of personal information processing

Purpose of personal information processing

- Membership registration and management
- Korean Food Promotion Agency business processing

Providing and consigning personal information

Providing and consigning personal information

- Third party provision: Korea Standards Association
- Personal information consignment: Timonet Korea Co., Ltd. and 1 others

Personal Information Grievance Department

Personal Information Grievance Department

- Information Technology Team
Tel: 02-6320-8485
Email: cornbomi@hansik.or.kr

※ Hovering over the table of contents will display the main contents of the personal information processing.
※ For detailed information on personal information processing, please refer to the main text of the personal information processing policy below.

Table of Contents

Article 1
Purpose of processing personal information

Article 2
Processing items and retention period of personal information

Article 3
Status of personal information file registration

NEW

Article 4
Provision of personal information to third parties

Article 5
Criteria for determining when additional use or provision of personal information occurs continuously

NEW

Article 6
Consignment of processing personal information

Article 7
Destruction of personal information

Article 8
Rights, obligations and methods of exercise of the information subject and legal representative

Article 9
Measures to ensure the safety of personal information

Article 10
Matters related to installation, operation and refusal of automatic personal information collection devices

NEW

Article 11
Chief Privacy Officer

NEW

Article 12
Request to view personal information

Article 13
Methods of redress for infringement of rights

Article 14
Matters related to processing of pseudonym information

Article 15
How to choose whether sensitive information can be disclosed and whether it should be kept private

Article 16
Processing of personal information of children under the age of 14

Article 17
Results of the Privacy Impact Assessment

Article 18
Personal information protection level evaluation results

Article 19
Installation and operation of fixed and mobile video information processing devices

NEW

Article 20
Changes to the Privacy Policy

[Go to previous Privacy Policy]

※ Selecting the table of contents will take you to the main text.

Article 1 Purpose of processing personal information

• ① Personal information being processed by KFPI will not be used for purposes other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent from the information subject.
  • 1. Integrated membership registration and management
  • - We process personal information for the following purposes: Confirmation of intent to register as a member, identification and authentication of the member in accordance with the provision of membership services, maintenance and management of membership qualifications, Prevention of unauthorized use of services, confirmation of consent of legal representative when collecting personal information of children under the age of 14, various notifications and notices, complaint handling, and dispute resolution.
  • 2. Processing of civil affairs
  • - Personal information is processed for the following purposes: Confirmation of the identity of the complainant, confirmation of the civil affairs, contact/notification for fact-finding, notification of processing results
  • ※ The above indicates the general purpose of processing. For details on the purpose of processing, refer to Article 2 of this processing policy.

Article 2 Processing items and retention period of personal information

• ① KFPI processes and retains personal information within the personal information retention and use period in accordance with the law or within the personal information retention and use period agreed to when collecting personal information from the information subject.
• ② KFPI processes the collected personal information and the retention period to the minimum required to achieve the processing purpose.
• ③ KFPI processes the following personal information without the consent of the data subject based on legal grounds.

Personal Information File Name

NO	Personal Information File Name	Processing basis	Purpose of processing	Personal information item
				1	Information on the counterparty to the contract	Article 116 of the Enforcement Decree of the Act on Contracts to Which the State is a Party	Handling contract conclusion work	Name, date of birth, home address, mobile phone (contact number), E-Mail
2	Employee Personnel Information	Article 41 of the Labor Standards Act and Article 20 of the Enforcement Decree, Article 145 of the Enforcement Decree of the Employment Insurance Act	Handling internal HR tasks	Name, date of birth, home contact number, home address, mobile phone (contact number), e-mail, resident registration number Other (emergency contact number, family information, education, career, qualification, military service, entry/exit information)

• ④ KFPI processes the following personal information with the consent of the data subject in accordance with Article 15, Paragraph 1, Subparagraph 1 and Article 22, Paragraph 1, Subparagraph 7 of the Personal Information Protection Act.

개인정보 처리 및 보유 기간 안내표

NO	Personal Information File Name	Purpose of processing	Personal information item		Retention period
			Essential	Choice
1	List of Korean food research academic seminar participants	Seminar Notice	Name, email, contact information (mobile phone), affiliation, position	-	1year
2	Integrated Member Information	Integrated service information provision and membership classification	Name, email, Home address, contact information (mobile phone)	Occupation	until the withdrawal of membership
3	List of participants in the young chef training curriculum support project	Education business operation, follow-up management and information provision, job search information provision	Name, date of birth, contact information (mobile phone), email, education, career, similar achievements	-	5years
4	Korean food professional training information	Business operation, follow-up management and information provision	Name, email, contact information (cell phone), date of birth, home address, affiliation, education, qualifications, career, awards	-	5years
5	Consent to use portrait rights, copyrights, and personal information	video production	Name, contact information (mobile phone), photo, video	-	10years
6	HANSIK SAPCE E:EUM docent information	Trainee selection and curriculum operation, 1365 volunteer registration and management, docent activity support and activity fee payment	Name, date of birth, home address, contact information (cell phone), email, affiliation, qualifications, education, career, awards	-	2years
7	List of Hansik Portal reservations	Manage Bookers	Name, email, contact information (mobile phone), age range, gender, nationality	-	2years
8	List of Hansik Magazine subscribers	Magazine Distribution	Name, email, nationality, gender, age range	-	5years
9	List of reporters	Management of KFPI reporters entering and exiting	Name, affiliation, email	-	5years
10	Contact information for informants of local food documentation project	Report on the local food documentation project	Name, contact information, address	-	10years
11	HANSIK SAPCE E:EUM 'Friends Nanumi' Volunteer Group Information	Volunteer Group Management	Name, date of birth, email, contact number, affiliation, 1365 ID	-	2years

• ⑤ If there is no login record for more than 1 year, the account will be converted to a dormant account, and the integrated membership information of members who have not logged in for more than 1 year after conversion to a dormant account will be deleted.
• ⑥ For more detailed information on the processing of personal information other than what is described, you can check the list of personal information files disclosed by KFPI in accordance with the instructions in the <Personal Information File Registration Status> section below.

Article 3 Status of personal information file registration

• ① Detailed information on personal information files held by KFPI can be found through the link below.

Personal Information Protection Commission’s Personal Information Portal → Personal Services → Request to exercise information subject rights, view personal information, etc. → Search for personal information files → Search for “KFPI” in the institution name search

The list of personal information files

Article 4 Provision of personal information to third parties

• ① KFPI processes the personal information of the data subject only within the scope specified in the purpose of processing personal information, and provides personal information to third parties only in cases corresponding to Articles 17 and 18 of the Personal Information Protection Act, such as consent from the data subject or special provisions of the law. In other cases, the personal information of the data subject is not provided to third parties.
• ② KFPI may provide personal information to third parties in the following cases.
  • 1. When separate consent is obtained from the information subject
  • 2. When there are special provisions in other laws
  • 3. When it is clearly deemed necessary for the urgent benefit of life, body, or property of the information subject or a third party.
  • 4. If personal information is used for purposes other than the intended purpose or does not provide it to a third party, it is impossible to perform the duties prescribed by other laws and the case has been reviewed and resolved by the Protection Committee.
  • 5. When necessary to provide information to foreign governments or international organizations for the implementation of treaties and other international agreements.
  • 6. When necessary for investigation of crime and filing and maintenance of indictment
  • 7. When necessary to carry out the court's judicial duties
  • 8. When necessary for the execution of punishment, custody, and protective measures
  • 9. In case of urgent need for public safety and security, such as public health
• ③ KFPI provides personal information to third parties as follows.

개인정보 보호법

NO	Processing basis	Recipient	Provision purpose	Provided items	Period of retention and use
1	Article 13, Paragraph 2 of the Public Institutions Management Act, Article 17, Paragraph 3 of the Enforcement Decree of the same Act	Korea Standards Association	For the 2024 KFPI Customer Satisfaction Survey, a survey was conducted on those who directly experienced the services provided by the institution.	Name of service received, name (corporation name), affiliation, position, phone number, email address	2024.11.22.~2025.4.30

• ④ Information regarding the third-party provision of personal information that previously occurred at KFPI can be found on the following bulletin board.
Notice board for third-party provision of personal information
• ⑤ In accordance with the “Guidelines for the Processing and Protection of Personal Information in Emergency Situations” jointly announced by relevant government ministries, KFPI may provide personal information to relevant organizations without the consent of the information subject in the event of an emergency such as a disaster, infectious disease, an incident or accident that poses an imminent danger to life or body, or an imminent loss of property. For more information, please refer to the “Guidelines for the Processing and Protection of Personal Information in Emergency Situations.”
Personal information processing and protection rules in case of emergency

Article 5 Criteria for determining when additional use or provision of personal information occurs continuously

• ① KFPI may additionally use and provide personal information without the consent of the information subject in consideration of the matters under Article 14-2 of the Enforcement Decree of the Personal Information Protection Act in accordance with Article 15, Paragraph 3 and Article 17, Paragraph 4 of the Personal Information Protection Act.
• ② The following are the matters that KFPI considers for additional use/provision without the consent of the information subject.
  • 1. Whether the purpose of additional use/provision of personal information is related to the original purpose of collection
  • 2. Whether additional use/provision is predictable in light of the circumstances or processing practices in which the personal information was collected
  • 3. Whether additional use/provision of personal information unfairly infringes upon the interests of the information subject
  • 4. Whether necessary measures to ensure security, such as pseudonymization or encryption, have been taken

Article 6 Consignment of processing personal information

• ① In order to smoothly process personal information, KFPI entrusts the following personal information processing tasks.

개인정보처리위탁

NO	Department	Consignment Information	Purpose of consignment	Trustee Name (Contact Information)	Re-entrustment	Consignment period
1	Information Technology Team	Integrated Member Information	Hansik Portal System Operation Support and Maintenance	Timonet Korea Co., Ltd. (02-518-0549)	X	2024.2.1.~2024.12.31
2	Information Technology Team	Personal authentication information	Operation of website member registration authentication service	Nice Information Service Co.,Ltd. (02-2122-4000)	X	2024.11.1.~ 2025.10.31.

• ② When concluding a consignment contract, KFPI states in the contract or other documents matters related to responsibilities such as prohibition of processing personal information for purposes other than the performance of the consigned work, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and compensation for damages in accordance with Article 26 of the Personal Information Protection Act, and supervises whether the consignee safely processes personal information.
• ③ As a result of checking the status of personal information management for 15 items targeting the personal information trustee, we confirmed that the management level is ‘good.’
• ④ As a result of checking the status of personal information management for 16 items targeting the personal information trustee, we confirmed that the management level is ‘good.’
• ⑤ In the event that the content of the entrusted work or the trustee changes, we will disclose it without delay through this personal information processing policy.

Article 7 Destruction of personal information

• ① KFPI, in principle, destroys personal information without delay once the purpose of processing the personal information has been achieved. The procedures, deadlines, and methods for destruction are as follows.
  • - Destruction Procedure
      Personal information is moved to a separate space immediately after the purpose is achieved and stored for a certain period of time in accordance with internal policies and other relevant laws and regulations before being destroyed. Personal information moved to a separate space will not be used for any other purpose unless required by law.
  • - Destruction period and method
      When personal information becomes unnecessary, such as when the retention period expires, the purpose of processing personal information is achieved, or the relevant business is abolished, it will be destroyed without delay. Personal information recorded and stored in electronic files will be destroyed so that the records cannot be reproduced, and personal information recorded and stored in paper documents will be destroyed by shredding or incineration.
• ② In cases where the retention period for personal information agreed upon by the data subject has expired or the processing purpose has been achieved, but personal information must be retained in accordance with other laws and regulations, the personal information will be transferred to a separate database (DB) or stored in a different location according to the following criteria.
  • 1. Records of transactions such as display, advertisement, contract contents and performance according to Article 6 of the Act on Consumer Protection in Electronic Commerce, etc.
    • - Records on display and advertising: 6 months
    • - Records on contracts or cancellation of subscriptions: 5 years
    • - Records on payment and supply of goods, etc.: 5 years
    • - Records on consumer complaints or dispute resolution: 3 years

Article 8 Rights, obligations and methods of exercise of the information subject and legal representative

• ① The data subject (in the case of a person under the age of 14, the legal representative) may exercise the right to view, correct or delete personal information, suspend processing, withdraw consent, and refuse or explain automated decisions at any time (hereinafter referred to as “exercise of rights”).
  • 1. Request to view personal information
    The data subject may request to view personal information in accordance with Article 35 (Viewing personal information) of the Personal Information Protection Act.
  • 2. Request to correct or delete personal information
    The data subject may request to correct or delete personal information in accordance with Article 36 (Correction or deletion of personal information) of the Personal Information Protection Act.
  • 3. Request to suspend personal information processing and withdraw consent
    The data subject may request to suspend processing in accordance with Article 37 (Suspension of personal information processing, etc.) of the Personal Information Protection Act.
  • 4. Request to refuse or explain automated personal information processing
    The data subject may request to refuse or explain automated decisions in personal information processing in accordance with Article 37-2 (Data subject’s rights regarding automated decisions, etc.) of the Personal Information Protection Act.
• ② The procedures for viewing, correcting, deleting, and suspending processing of personal information are carried out according to the following procedures.
  • 1. The procedures for viewing, correcting, deleting, and suspending processing of personal information
    
  • 2. How to request access to personal information, etc.
        To exercise rights under Paragraph 1, you can apply online through the ‘Personal Information Portal(www.privacy.go.kr)’or apply offline to the department that handles and manages personal information files.

    • 개인정보 신청 방법

      Online (Internet)

      offline (in writing)

      1. Access the ‘Personal Information Portal’ website (www.privacy.go.kr) 2. Click on ‘Personal Information Viewing Request’ in Civil Complaints Center 3. Verify your identity using i-PIN or mobile phone authentication 4. Click on ‘Personal Information File List Search’ to select the organization name and personal information file name 5. Click on ‘Personal Information File List Search’ to select the organization name and personal information file name 6. Fill out the request form and submit the civil complaint

      1. Fill out the personal information access request form and submit it to the personal information file management department ※ When filling out the application form, confirm and write down the name of the personal information file you wish to access and the name of the processing department 2. You must present an ID card such as a resident registration card, driver's license, or passport to verify the information subject ※ If applying through a proxy, you must submit a 'power of attorney'

    • ※ [Personal Information Protection Commission’s Notice on Personal Information Processing Methods, Appendix 8] Personal Information Access Request Form
    Download the Personal Information Access Request Form
    • ※ [Personal Information Protection Commission’s Notice on Personal Information Processing Methods, Appendix 11] Power of Attorney
    Download the power of attorney
• ③ When requesting access, correction/deletion, or suspension of processing in accordance with information subject rights, KFPI verifies whether the person making the request is the person himself or a legitimate agent.
• ④ If the data subject is dissatisfied with the measures taken, such as refusal to exercise rights or partial inspection, he or she may file an objection by submitting an objection application within 30 days from the date of receiving the notification result.
  
  Form of objection to measures such as viewing of personal information
• ⑤ Information subjects using services that involve membership registration may withdraw consent to the collection and use of personal information related to membership registration at any time through ‘Membership Withdrawal’.
• ⑥ If the information subject's consent to the fact that an automated decision will be made has been obtained or has been notified in advance through a contract, etc., or if it is clearly stipulated in the law, refusal of the automated decision is not recognized and only a request for explanation and review is allowed. I do.
• ⑦ Requests for exercising the information subject’s rights may be restricted in the following cases.
  • 1. Restrictions on requests to view personal information
    • 1) When access is prohibited or restricted by law
    • 2) When there is a risk of harm to another person's life or body or unfair infringement on another person's property or other interests
    • 3) In the event that a public institution causes significant disruption when performing the following tasks
      • a. Tasks related to tax imposition, collection, or refund
      • b. Tasks related to performance evaluation or selection of students at schools of all levels under the Elementary and Secondary Education Act and the Higher Education Act, lifelong education facilities under the Lifelong Education Act, and other higher education institutions established under other laws
      • c. Tasks related to examinations and qualification examinations related to academic ability, skills, and employment
      • d. Tasks related to ongoing evaluation or judgment regarding calculation of compensation and benefits, etc.
      • e. Tasks related to audits and investigations in progress under other laws
  • 2. Restrictions on requests for correction/deletion of personal information
    • 1) In cases where special procedures are stipulated in other laws regarding correction or deletion of personal information
  • 3. Restrictions on requests to suspend personal information processing and withdraw consent
    • 1) When there is a special provision in the law or it is inevitable to comply with legal obligations
    • 2) When there is a risk of harm to another person's life or body or a risk of unfairly infringing upon another person's property or other interests
    • 3) When a public institution cannot perform its duties stipulated in other laws if it does not process personal information
    • 4) When it is difficult to fulfill a contract, such as when it cannot provide the service agreed upon with the information subject if it does not process personal information, and the information subject has not clearly expressed its intention to terminate the contract
  • 4. Restrictions on requests for automated personal information rejection, explanation, etc.
    • 1) If the personal information subject to the notification request is included in a personal information file that falls under any of the items in Article 32, Paragraph 2
    • 2) If there is a risk of harm to another person's life or body due to the notification, or a risk of unfairly infringing upon another person's property or other interests

Article 9 Measures to ensure the safety of personal information

• ① KFPI is taking the following safety measures in accordance with Article 29 (Duty of Safety Measures) of the Personal Information Protection Act, such as establishing an internal management plan and keeping access records, to prevent personal information being lost, stolen, leaked, forged, altered or damaged.
  • 1. Establishing and implementing an internal management plan: Establishing and implementing an internal management plan for the safe processing of personal information.
  • 2. Minimization and education of personal information handlers: The person in charge of handling personal information is designated and managed only for the necessary personnel, and education for safe management is provided for handlers.
  • 3. Restrictions on Access to Personal Information: We take necessary measures to control access to personal information by granting, changing, and canceling access to database systems that process personal information, and use intrusion prevention systems to control unauthorized access from outside.
  • 4. Keeping and preventing forgery of access records: We keep and manage records (logs) accessed to the personal information processing system for at least a year, and use security functions to prevent forgery, theft, and loss of access records.
  • 5. Encrypting personal information: The data subject's unique identification information and password are encrypted and managed. It also has separate security features, such as encrypting and using sensitive data when stored and transferred.
  • 6. Technical countermeasures against hacking: In order to prevent leakage and damage of personal information by hacking or com puter viruses, security programs are installed, periodic updates/inspection is conducted, systems are installed in areas where access is controlled from the outside, and technical/physical monitoring and blocking are provided.
  • 7. Access control for unauthorized persons: A separate physical storage place for the personal information system that stores personal information is established and operated with access control procedures for access control are established and operated.
  • 8. Conducting regular self-inspection: In order to secure stability related to the handling of personal information, we conduct regular inspections to protect personal information.

Article 10 Matters related to installation, operation and refusal of automatic personal information collection devices

• ① KFPI does not install or operate devices that automatically collect personal information such as Internet access information files.

Article 11 Chief Privacy Officer

• ① KFPI is responsible for overall management of personal information processing and has designated a personal information protection officer as follows to handle complaints and provide remedies to data subjects related to personal information processing.

  • 개인정보 보호책임자

    Classification	Department	Name	Contact Information
    Chief Privacy Officer	Information Technology Team	Kim Hee Soo	Tel	02-6320-8480
    Personal Information Protection Manager	Information Technology Team	Park Bo Mi	Tel	02-6320-8485
    			Fax	02-6320-8499
    			Email	cornbomi@hansik.or.kr

  • ② The data subject may inquire about all personal information protection-related matters, such as damage relief, that arise while using KFPI’s services to the personal information protection officer and the department in charge. KFPI will respond to and process the data subject’s inquiries without delay.

Article 12 Request to view personal information

• ① The data subject may request access to personal information in accordance with Article 35 of the Personal Information Protection Act to the department below. KFPI will endeavor to ensure that requests for access to personal information are processed promptly.

• Classification

  Classification	Department	Name	Contact Information
  Personal Information Protection Manager	Information Technology Team	Park Bo Mi	Tel	02-6320-8485
  			Fax	02-6320-8499
  			Email	cornbomi@hansik.or.kr

  • - Request procedures, such as viewing personal information through the person in charge
    
• ② If the information subject wishes to request access to personal information for a specific task or department, he or she may do so to the department below.

• 부서 정보

  Department	Contact Information
  Management Support Team	02-6320-8413
  K-Food Content Team	02-6320-8462
  Information Technology Team	02-6320-8485
  Korean Food Education Research Team	02-6320-8453
  Korean Food Culture Space Operation Team	02-6320-8471
  Korean Food Promotion Team	02-6320-8442

• ③ In addition to the viewing request reception and processing department in Paragraph 1, the information subject can also request viewing of personal information through the Personal Information Protection Commission’s ‘Personal Information Portal’ website.
  • - Personal information comprehensive portal → Civil complaints → Request to view personal information, etc. (i-PIN, real name authentication via mobile phone required)
  Personal Information Portal Access Request
  • - Request procedure for viewing personal information, etc. through the personal information portal
    

Article 13 Methods of redress for infringement of rights

• ① KFPI strives to guarantee the information subject's right to self-determination of personal information and to provide consultation and relief for damage caused by personal information infringement. If you need to report or consult, please contact the department in charge below.

• Article 13 Methods of redress for infringement of rights

  Classification	Department	Name	Contact Information
  Personal Information Protection Manager	Information Technology Team	Park Bo Mi	Tel	02-6320-8485
  			Fax	02-6320-8499
  			Email	cornbomi@hansik.or.kr

• ② The data subject may apply for dispute resolution or consultation to an external organization other than KFPI to receive relief for personal information infringement. For reports or consultations regarding personal information infringement, please contact the organizations below.

• 개인정보 침해 신고 기관 정보

  Name of institution	Responsibilities	Contact Information	Website
  Kopico	Report of personal information infringement, request for consultation	(no area code) 1833-6972	www.kopico.go.kr
  Personal Information Infringement Report Center	Request for personal information dispute mediation, collective dispute mediation (civil)	(no area code) 118	privacy.kisa.or.kr
  SUPREME PROSECUTORS' OFFICE REPUBLIC OF KOREA	Investigation of crime related to personal information infringement	(no area code) 1301	www.spo.go.kr
  Electronic Cybercrime Report & Management system		(no area code) 182	ecrm.police.go.kr

• ③ A person whose rights or interests have been infringed due to a disposition or omission (failure to do something that should be done) by the head of a public institution in response to a request pursuant to the provisions of Articles 35, 36, and 37 of the Personal Information Protection Act shall be subject to the Administrative Appeals Act. Administrative judgment may be requested in accordance with the provisions hereof.

• 행정심판위원회

  Name of institution	Responsibilities	Contact Information	Website
  Administrative Appeal	Support for citizens whose rights and interests have been infringed upon by illegal or unfair administrative actions to easily obtain relief	(no area code) 110	www.simpan.go.kr

Article 14 Matters related to processing of pseudonym information

• ① KFPI may use personal information collected for statistical compilation, scientific research, public interest record preservation, etc. by anonymizing it so that specific individuals cannot be identified, but there is currently no information that has been anonymized.If personal information is used by anonymizing it, the relevant information will be disclosed through the personal information processing policy.
• ② When processing pseudonymized information, KFPI will take technical, managerial, and physical measures to ensure safety, such as separately storing additional information to restore pseudonymized information to its original state, in accordance with Article 28-4 of the Personal Information Protection Act (Obligation to Take Safety Measures for Pseudonymized Information, etc)

Article 15 How to choose whether sensitive information can be disclosed and whether it should be kept private

• ① In the process of providing goods or services, KFPI may include sensitive information of the information subject in the information disclosed.
• ② <Sensitive information> refers to personal information that may infringe upon the privacy of the information subject, such as health, political views, etc.
• ③ KFPI is working to reduce the possibility of personal information being disclosed by partially hiding the author's name on citizen participation bulletin boards such as the Citizens' Voice bulletin board.
• ④ When using the bulletin board, the information subject can prevent the disclosure of sensitive information by setting the posting to private.

Article 16 Processing of personal information of children under the age of 14

• ① If consent is required to process the personal information of a child under the age of 14, KFPI obtains consent from the child's legal representative.
• ② When KFPI receives consent from a legal representative regarding the processing of personal information of a child under the age of 14, KFPI may request minimum information from the child, such as the name and contact information of the legal representative. We will verify this fact by having the legal representative indicate whether or not he or she agrees on the website that posted the consent content and notifying the legal representative via text message that the consent has been confirmed.

Article 17 Results of the Privacy Impact Assessment

• ① Among the personal information files operated by KFPI, there are no personal information files subject to a “privacy impact assessment” under Article 33 of the Personal Information Protection Act.
• ② <privacy impact assessment> is an evaluation that analyzes the risk of personal information infringement and derives improvements based on criteria such as the number of information subjects (amount of personal information held) and the processing of sensitive information or unique identification information (resident registration number, etc)
• ③ If the personal information processing system being operated in the future and the system to be built in the future are subject to a “privacy impact assessment,” KFPI will conduct a personal information impact assessment to investigate, analyze, and evaluate the impact on the personal information of the information subject.

Article 18 Personal information protection level evaluation results

• ① In order to safely manage the personal information of information subjects, KFPI receives <Personal Information Protection Level Assessment> conducted by the Personal Information Protection Committee every year in accordance with Article 11-2 of the Personal Information Protection Act.
• ② KFPI received an ‘A’ grade in the 2023 Personal Information Management Level Diagnosis Evaluation.

Article 19 Installation and operation of fixed and mobile video information processing devices

• ① KFPI installs and operates fixed and mobile video information processing devices for fire prevention and safety management.
• ② KFPI installs and operates fixed and mobile video information processing devices for fire prevention and safety management.
• ③ KFPI will take necessary measures without delay when the information subject requests to view, confirm existence, or delete personal video information. However, requests for viewing personal video information may be restricted in accordance with laws and regulations.
• ④ More detailed information on the video information processing equipment installed and operated by KFPI can be found in the ‘Video Information Processing Equipment Operation and Management Policy’ published separately on this website.
Video Information Processing Equipment Operation and Management Policy

Article 20 Changes to the Privacy Policy

• ① This Privacy Policy is effective from August 27, 2024.
• ② This privacy policy has been revised for the following reasons
  • - Update the status of provision of personal information to third parties
  • - Update the status of personal information consignment
  • - Update the contact information of the CPO
  • - Update the contact information for personal information access requests by department
• ③ You can check the changes between the previous privacy policy and the current privacy policy through the following comparison chart.
Privacy Policy Comparison Chart
• ④ ① You can check the previous privacy policy below.
previous privacy policy
• ⑤ The information subject may inquire about the contents of the personal information processing policy after revision of personal information to the personal information department. If you do not agree to the revised personal information processing policy, you may request correction or suspension of personal information processing.