• ① The Agency handles personal information for the following purposes. The personal information being processed is not used for purposes other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent from the data subject.
  • 1. Integrated membership registration and management of the Korean Food Promotion Agency
  • - Personal information is processed for the purpose of confirming membership intention, identifying and certifying oneself according to the provision of membership service, maintaining and managing membership status, preventing fraudulent use of service, confirming the consent of legal representatives when collecting personal information for children under the age of 14, various notices and notices, grievance handling, and preserving records for dispute mediation.
  • 2. Handling of civil complaints
  • - Process personal information for the purpose of identifying the complainant, checking the complaint, contacting and notifying the results of the processing, etc.
• ② The Agency shall process and retain personal information within the period of holding and using personal information under the Act or the period of holding and using personal information received from the data subject.
• ③ The processing and retention periods of each personal information are as follows.

• ① The Agency shall process and retain personal information within the period of holding and using personal information according to laws and regulations or the period of holding and using personal information agreed upon when collecting personal information from the data subject.
• ② The processing and retention periods of each personal information are as follows.

• ① In principle, the agency shall process the personal information of the data subject within the scope specified for the purpose of collection and use, and shall not process or provide it to any third party in excess of the original purpose without the prior consent of the data subject, except in the following cases. However, subparagraphs 5 through 9 are limited to cases of public institutions.
  • 1. In the case of obtaining separate consent from the data subject
  • 2. Where there are special provisions in other laws
  • 3. Where the data subject or his/her legal representative is unable to express his/her intention or cannot obtain prior consent due to an unknown address, etc., and is clearly deemed necessary for the interests of the data subject or a third party's urgent life, body, or property.
  • 4. When personal information is provided in a form that cannot be identified as necessary for the purpose of statistics preparation and academic research.
  • 5. Personal information other than its purpose Where it is impossible to perform the duties under the jurisdiction of other laws unless it is used for a purpose or provided to a third party, and has been deliberated and resolved by the Protection Committee.
  • 6. If necessary to provide foreign governments or international organizations for the implementation of treaties and other international agreements,
  • 7. Cases necessary for the investigation of crimes and the filing and maintenance of prosecution
  • 8. If necessary for the court's performance of judicial affairs
  • 9. If necessary for the execution of sentence, custody, and protective disposition
• ② If personal information is used for any purpose other than its purpose or provided to a third party pursuant to subparagraphs 1 through 9 above, the agency will disclose it on its official gazette or website, as prescribed by Ordinance of the Ministry of Public Administration and Security.
• ③ The Agency provides personal information to third parties as follows.

Shortcut to the notice board provided by a third party of personal information

• ① In order to facilitate the processing of personal information, the Agency is entrusted with the processing of personal information as follows.

  • Personal information processing task consignor information

    No	a contracting company	Purpose of consignment	Consignment Contents	Consignment period
    1	(주)정원엔시스 (02-801-1000)	Korean food gunHair system Operational support and maintenance	Information on integrated members and Korean cuisine cooking professionals (educator, instructor, job seeker)	~ 2019. 12. 31.

• ② When signing a consignment contract, the agency stipulates in documents such as prohibition of personal information processing, technical and administrative protection measures, re-consignment restrictions, management and supervision of the trustee, and compensation for damages other than the purpose of the consignment.
• ③ The Agency conducts training on the trustee at least once a year to prevent the trustee's personal information from being lost, stolen, leaked, altered, or damaged due to the entrustment of work, and oversees whether personal information is handled safely through a status check once a month.
• ④ If the details of the consignment work or the trustee changes, we will disclose it through this personal information processing policy without delay.

• ① The data subject may exercise the right to view, correct, delete, and suspend processing of personal information at any time to the Agency.
The exercise of rights under paragraph 1 of
• 1 can be done in writing, e-mail, and fax through Article 10 (request for access to personal information), and the Agency will take action without delay.
The exercise of rights under paragraph 1 of
• 3 may be carried out through an agent, such as a legal representative of the data subject or a person who has been delegated. In this case, you have to submit a power of attorney according to the form.
• ④ Requests to view and suspend personal information processing may limit the information subject's rights under the Personal Information Protection Act.
• 1. In any of the following cases, the reason may be notified to the information subject and viewing may be restricted or refused.
• - When viewing is prohibited or restricted by law
• - When there is a risk of harming another person's life or body or unfairly infringing on another person's property or other interests.
• - If it causes significant disruption to the Promotion Agency in carrying out any of the following tasks:
• 2. In any of the following cases, the request for suspension of processing may be rejected by the information subject.
• - When there are special provisions in the law or when it is unavoidable to comply with statutory obligations.
• - When there is a risk of harming another person's life or body or unfairly infringing on another person's property or other interests.
• - In cases where the Promotion Agency cannot perform its duties prescribed by other laws if it does not process personal information
• - In cases where it is difficult to fulfill the contract, such as not being able to provide the service agreed upon with the information subject if personal information is not processed, and the information subject does not clearly indicate his/her intention to terminate the contract
• ⑤ A request for correction and deletion of personal information cannot be requested to be deleted if the personal information is specified as a collection target in other laws.
• ⑥ The Promotion Agency checks whether the person who made the request, such as requesting access, requesting correction and deletion, and requesting suspension of processing according to the data subject's right, is the person who made the request or a legitimate agent.

• ① When personal information becomes unnecessary, such as the expiration of the personal information retention period and the achievement of the purpose of processing, the Agency shall destroy the personal information without delay.
• ② If the period of retention of personal information agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information (or personal information file) should be transferred to a separate database (DB) or stored at different storage locations.
• ③ The procedure and method for destroying personal information are as follows.
  • 1. Procedure of Destruction
    The Agency establishes and destroys personal information (or personal information file) that needs to be destroyed. The agency selects personal information (or personal information file) that has been destroyed, and the agency destroys personal information (or personal information file) with the approval of the person in charge of personal information protection. In addition, personal information that has passed the retention period or whose purpose has been achieved is destroyed in accordance with internal policies and other related laws.
  • 2. How to Destroy
    The Agency permanently deletes personal information recorded and stored in electronic file format using a method that cannot be technically restored so that the record cannot be reproduced, and the personal information recorded and stored in paper documents is shredded or incinerated.

• ① The Agency is taking technical, administrative, and physical measures necessary to secure the safety of personal information as follows.
  • 1. Establishing and implementing an internal management plan: Establishing and implementing an internal management plan for the safe processing of personal information.
  • 2. Minimization and education of personal information handlers: The person in charge of handling personal information is designated and managed only for the necessary personnel, and education for safe management is provided for handlers.
  • 3. Restrictions on Access to Personal Information: We take necessary measures to control access to personal information by granting, changing, and canceling access to database systems that process personal information, and use intrusion prevention systems to control unauthorized access from outside.
  • 4. Keeping and preventing forgery of access records: We keep and manage records (logs) accessed to the personal information processing system for at least 6 months, and use security functions to prevent forgery, theft, and loss of access records.
  • 5. Encrypting personal information: The data subject's unique identification information and password are encrypted and managed. It also has separate security features, such as encrypting and using sensitive data when stored and transferred.
  • 6. Technical countermeasures against hacking: In order to prevent leakage and damage of personal information by hacking or computer viruses, security programs are installed, periodic updates/inspection is performed, systems are installed in areas with controlled access from the outside, and technical/physical monitoring and blocking are performed.
  • 7. Access control for unauthorized persons: A separate physical storage place for the personal information system that stores personal information is established and operated with access control procedures for access control are established and operated.
  • 8. Conducting regular self-inspection: In order to secure stability related to the handling of personal information, we conduct regular inspections to protect personal information.

• ① The Agency does not install and operate a device that automatically collects personal information such as Internet access information files.

• ① The Agency is responsible for the processing of personal information, and designates a person in charge of personal information protection as follows to handle complaints from data subjects and remedy damages related to the processing of personal information.

  • Personal Information Protection Officer Guide

    Sortation	name	one's position	Phone number	email
    Director of Personal Information Protection	Woo Seungwan	Management Planning Team Leader	02-6300-2080	woosw@hansik.or.kr

• ② The data subject may contact the person in charge of personal information protection and the department in charge of personal information protection for all inquiries, complaints, and damage relief that occurred while using the service of the Agency. The agency will respond and process the information subject's inquiries without delay.

• ① The data subject may request the following departments to view individual information. The Agency will make efforts to expedite the request for personal information access by the data subject.
  • ▶ Receiver/processor of request for access to personal information
    • Department name: Management Planning Team
    • Manager: Cho Moo-sung
    • Contact information : 02-6300-2083, lexcho@hansik.or.kr, Fax) 02-6300-2085
• ② In addition to the department for receiving and processing requests under paragraph 1, the data subject can request access to personal information through the "Comprehensive Personal Information Protection Portal" website (www.privacy.go.kr) of the Ministry of Public Administration and Security.
  • Ministry of Public Administration and Security Comprehensive Support Portal for Personal Information Protection → Complaints on Personal Information → Request for Access to Personal Information (Real Name Authentication through Public iPin is required)

• ① The data subject may ask the following institutions for damage relief and counseling for personal information infringement.
• • Personal Information Infringement Reporting Center (operation of Korea Internet & Security Agency)
    • - Tasks in charge: Report personal information infringement, request for counseling
    • - Homepage : privacy.kisa.or.kr
    • - Phone call : 118
    • - Address: (58324) 9, Jinheung-gil, Naju-si, Jeollanam-do (Bitgaram-dong 3)01-2) 3rd Floor Personal Information Infringement Report Center
  • Personal Information Dispute Mediation Committee
    • - Duties in charge: Application for dispute mediation of personal information, collective dispute mediation (civil resolution)
    • - Homepage : www.kopico.go.kr
    • - Phone call : 1833-6972
    • - Address: (03171) 4th floor of Seoul Government Complex, 209 Sejong-daero, Jongno-gu, Seoul, Republic of Korea
  • Supreme Prosecutor's Office Cybercrime Investigation Team: 02-3480-3571 (www.spo.go.kr)
  • Police Agency Cyber Security Bureau: 182 (cyberbureau.police.go.kr)

• ① This personal information processing policy has been revised and applied since June 8, 2019.
• ②The previous privacy policy can be found below.

Shortcut to previous content