The Electronics and Telecommunications Research Institute (ETRI) develops and discloses the following personal information handling guidelines to protect personal information in accordance with Privacy Act and take care of related matters quickly and properly.
- Article 1 (Purpose of collection, items, use and period of use of personal information)
We shall NOT collect or use the personal information for any other purposes. If the purpose of use changes, we shall take necessary actions such as getting an approval.
※ For disclosure of the personal information files, follow the following steps; Privacy Information Protection Portal (www.privacy.go.kr) → Civil Petition on Personal Information → Request for Personal Information → [Personal Information File List Search]. - Article 2 (Supply of personal information to third party)
We shall handle personal information within the scope stipulated in Article 1 above. The personal information shall NOT be disclosed to a third party unless the provisions of Articles 17 and 18 (ex: getting approval, particular laws, etc.) met.
- Article 3 (Handling of personal information by proxy)
- ① We shall stipulate the followings (ex: Inhibition of handling personal information with other purposes in accordance with Privacy Act, technical & managerial protection, restriction on reassignment, supervision on assignee, responsibilities such as compensation, etc.) at signing of the assignment agreement and supervise the assignee if he/she safely handles personal information.
- ② If the details or the assignee change(s), it shall be disclosed immediately in accordance with the Privacy Policy.
- Article 4 (Rights and duties and methods of exercising those rights)
- ① The information owners shall have the right to exercise one of the followings for privacy protection against us any time:
- 1. Request for personal information
- 2. Request for correction of errors
- 3. Request for deletion
- 4. Request for stopping the process
- ② The right stipulated in the Paragraph ① above can be executed in writing, on the phone, by email or by fax. Then, we shall take an action immediately.
- ③ If the information owner requests personal information to be corrected or deleted, we shall NOT use or provide the information until it is properly corrected or deleted.
- ④ The right stipulated in the Paragraph ① above can be executed by proxy or legal representative. In this case, a power of attorney prepared in accordance with No. 11 Form of Enforcement Regulation of Privacy Act should be submitted
- ⑤ The information owners shall NOT interrupt us from handling their information and infringe on others' privacy by violating related laws such as Privacy Act.
- ① The information owners shall have the right to exercise one of the followings for privacy protection against us any time:
- Article 5 (Destruction of personal information)
- ① We shall immediately destruct personal information if it become unnecessary because of reasonable reasons such as the expiry of the holding period and achievement of the purpose.
- ② We shall immediately destruct personal information if it become unnecessary because of reasonable reasons such as the expiry of the holding period and achievement of the purpose.
- ③ The personal information shall be destructed as follows:
- 1. Destruction procedure
We shall select the personal information (or personal information file) which is subject to destruction and destruct it after getting an approval from the Privacy Policy Manager. - 2. Destruction method
In terms of destruction of personal information, digital records should not be recovered while paper records should be shredded or incinerated.
- 1. Destruction procedure
- Article 6 (Securing safety of personal information)
- ① We shall take following actions to keep personal information safe:
- 1. Managerial action: Establishment and execution of international management plan, regular staff education, etc.
- 2. Technical action: Restriction on access to personal information processing system, installation of access control system, encryption of identification information, installation of security program, etc.
- 3. Physical action: Restriction on access to a computer room, archive, etc.
- ① We shall take following actions to keep personal information safe:
- Article 7 (Personal information control manager)
- ① We shall be responsible for the duties associated with handling of personal information and have the personal information control manager to handle the personal information-related matters as follows:
- 1. Personal information control manager
- 2. Personal information control staff
- ② Information owners shall contact the personal information control manger and the related department to ask matters associated with the protection of personal information, complaints and compensation. We shall promptly respond to these questions.
- ① We shall be responsible for the duties associated with handling of personal information and have the personal information control manager to handle the personal information-related matters as follows:
- Article 8 (Request for personal information)
- ① The information owners shall have the right to ask for personal information in accordance with Privacy Act. Then, we shall take a prompt action to allow the information owners to read the personal information.
- 1. Department to handle the request for personal information
- 2. Personal information control staff
- ② Information owners are allowed to get access to personal information through the website of Personal Information Protection Portal in addition to through the department to handle the request for personal information above.
Privacy Information Protection Portal → Civil Petition on Personal Information → Request for Personal Information (real-name verification required through the Internet Personal Identification Number (I-PIN))
- ① The information owners shall have the right to ask for personal information in accordance with Privacy Act. Then, we shall take a prompt action to allow the information owners to read the personal information.
- Article 9 (Remedy for infringement on rights and interests)
The information owners shall have the right to ask for consultation and remedy for infringement of personal information.
- ① The organization below is a separate agency which is not related with us. If you are not satisfied with our actions on the handling of the complaints and remedies or want to get more information, feel free to contact us.
- 1. Personal Information Infringement Report Center (operated by Korea Internet Security Agency)
- Website : privacy.kisa.or.kr
- TEL : Just dial 118
- 2. Personal Information Dispute Mediation Committee (operated by Korea Internet Security Agency)
- Website : privacy.kisa.or.kr
- TEL: Just dial 118
- 3. Cyber Crime Investigation Agency: 02-3480-3573 (www.spo.go.kr)
- 4. Cyber Terror Response Center: 1566-0112 (www.netan.go.kr)
- 1. Personal Information Infringement Report Center (operated by Korea Internet Security Agency)
- ② Information owners are allowed to get access to personal information through the website of Personal Information Protection Portal in addition to through the department to handle the request for personal information above.
Privacy Information Protection Portal → Civil Petition on Personal Information → Request for Personal Information (real-name verification required through the Internet Personal Identification Number (I-PIN))
- ① The organization below is a separate agency which is not related with us. If you are not satisfied with our actions on the handling of the complaints and remedies or want to get more information, feel free to contact us.
- Article 11 (Amendment of Privacy Policy)
- ① The Privacy Policy shall become effective on July 31, 2012