Skip to contents
Skip Global navigation
Skip Contents
Skip Footer

ICT Innovatorleading the 4th Industrial Revolution

Privacy Policy

The Electronics and Telecommunications Research Institute (ETRI) develops and discloses the following personal information handling guidelines to protect personal information in accordance with Privacy Act and take care of related matters quickly and properly.

  • Article 1 (Purpose of collection, items, use and period of use of personal information)
    • ETRI shall NOT collect or use the personal information for any other purposes. If the purpose of use changes, we shall take necessary actions such as getting an approval.
    • ETRI shall separately post purpose of collection, items, use and period of use of personal information which is registering and releasing according to Article 32 of the Personal Information Protection Act.

      www.privacy.go.kr
      Bulletin board

  • Article 2 (Supply of personal information to the third party)

    ETRI shall handle personal information within the scope stipulated in Article 1 above. The personal information shall NOT be disclosed to a third party unless the provisions of Articles 17 and 18 (ex: getting approval, particular laws, etc.) met.

    1. 1Where a user specifically consents to a provision of his/her personal information
    2. 2Where another statute provides expressly
    3. 3Where a user or his/her legal representative is incapable of communicating his/her intention or it is impossible to obtain consent from a user or his/her legal representative because his/her whereabouts are unknown but it is considered clearly necessary to urgently provide his/her personal information to a third party for the safety, health, or economic interests of the user or of a third party
    4. 4Where personal information is provided in a form that makes it impossible to identify a specific person, as necessary for compiling statistics or scientific research
    5. 5Where it is impracticable to perform relevant duties prescribed in other Acts unless personal information is provided for any purpose other than its original purpose or is provided to a third party and where such case is deliberated on and determined by the Personal Information Protection Commission
    6. 6Where it is necessary to provide such information to a foreign government or an international organization to implement treaties or other international agreements
    7. 7Where it is necessary to investigate a crime and to file and sustain a prosecution
    8. 8Where it is necessary for a court to proceed with a trial
    9. 9Where it is necessary to enforce a sentence, custody, or protective order imposed

    Bulletin board

  • Article 3 (Handling of personal information by proxy)
    • ETRI shall stipulate the followings (ex: Inhibition of handling personal information with other purposes in accordance with Privacy Act, technical & managerial protection, restriction on reassignment, supervision on assignee, responsibilities such as compensation, etc.) at signing of the assignment agreement and supervise the assignee if he/she safely handles personal information.
    • If the details or the assignee change(s), it shall be disclosed immediately in accordance with the Privacy Policy.
    • ETRI shall separately post matters concerning Outsourced Processing of Personal Information.

      Bulletin board

  • Article 4 (Rights and duties and methods of exercising those rights)
    • The information owners shall have the right to exercise one of the followings for privacy protection against us any time:
      1. 1Request for personal information
      2. 2Request for correction of errors
      3. 3Request for deletion
      4. 4Request for stopping the process
    • The right stipulated in the Paragraph ① by completing the form specified in attached Form 8 of Enforcement Rules to Personal Information Protection Act above can be executed in writing, on the phone, by email or by fax. Then, ETRI shall take an action immediately.
    • If the information owner requests personal information to be corrected or deleted, we shall NOT use or provide the information until it is properly corrected or deleted.
    • The right stipulated in the Paragraph ① above can be executed by proxy or legal representative. In this case, a power of attorney prepared in accordance with Form 11 of Enforcement Rules to Personal information Protection Act should be submitted.
    • Where a user requests permission to inspect his/her personal information or requests ETRI to suspend handling personal information, his/her rights may be limited in the following cases under Article 35 (4) or 37 (2) of the Personal Information Protection Act.
    • No user may request ETRI to delete his/her personal information where such personal information is clearly specified as information subject to collection under any statute.
    • Upon receipt of a request to inspect, correct, or delete personal information or a request to suspend handling personal information, ETRI will verify whether the requesting person is the actual user or his/her legitimate representative.
    • The information owners shall NOT interrupt us from handling their information and infringe on others' privacy by violating related laws such as Privacy Act.

      - A request to [inspect, correct/delete, suspend handling] personal information [attached Form 8 of the Enforcement Rule to Personal Information Protection Act]   Download
      - Power of Attorney [attached Form 11 of the Enforcement Rule to Personal Information Protection Act]   Download

  • Article 5 (Destruction of personal information)
    • ETRI shall immediately destruct personal information if it becomes unnecessary because of reasonable reasons such as the expiry of the holding period and achievement of the purpose, except where it is required to preserve the personal information under an Act.
    • ETRI shall immediately destruct personal information if it becomes unnecessary because of reasonable reasons such as the expiry of the holding period and achievement of the purpose except where it is required to preserve the personal information under an Act.
    • The personal information shall be destructed as follows:
      1. 1Destruction procedure

        We shall select the personal information (or personal information file) which is subject to destruction and destruct it after getting an approval from the Privacy Policy Manager

      2. 2Destruction method

        In terms of destruction of personal information, digital records should not be recovered while paper records should be shredded or incinerated

        Bulletin board

  • Article 6 (Securing safety of personal information)
    • ETRI has taken the following technical, managerial and physical measures necessary for ensuring safety, in compliance with Article 29 of the Personal Information Protection Act:
      1. 1Formulating and implementing internal management plans

        We have formulated and implemented internal management plans in accordance with the guidelines for measures for ensuring the safety of personal information

      2. 2Minimizing and educating personnel authorized to handle personal information

        The number of personnel authorized to handle personal information has been minimized and regular educational programs have been implemented for such personnel

      3. 3Restrictions on access to personal information

        Access to personal information is controlled by granting, amending, or cancelling the authority to access the database system that processes personal information, and unauthorized external access is controlled by operating firewalls for blocking and preventing invasion and intrusion

      4. 4Preserving access records and preventing forgery and alteration of access records

        Log data about access to the personal information processing system (including web logs and summary information) are retained and managed for at least six months

      5. 5Encryption of personal information

        User’s personal information is encoded for storage and management. Furthermore, additional means, such as encrypting essential data for storage and transmission, are used for security

      6. 6Technical measures against hacking

        We have installed security programs and updates and inspects the programs to protect personal information from being leaked externally or destroyed by hacking or computer viruses and has installed its systems in an area with restricted access to technically and physically monitor and block external access

      7. 7Restricting access by unauthorized persons

        The space for the physical storage of the personal information system that keeps personal information, is separated from other areas, and a procedure for controlling access to space, has been established and is implemented.

  • Article 7 (Personal information control manager)
    • ETRI shall be responsible for the duties associated with the handling of personal information and have the personal information control manager to handle the personal information-related matters as follows:
      1. 1Personal information control manager
        - Name : Kim, Kyung man
        - Job Title : Director of General Affairs & Security Department
        - Job Position : Chief administration manager
        - TEL : 042-860-0880
      2. 2Personal information control staff
        - Dept : Information Security Section
        - Person in charge : Chief technical manager Kim, Ki Jae
        - TEL : 042-860-4804, Fax : 042-860-6994,
    • Information owners shall contact the personal information control manager and the related department to ask matters associated with the protection of personal information, complaints and compensation. ETRI shall promptly respond to these questions.
  • Article 8 (Request for personal information)
    • The information owners shall have the right to ask for personal information in accordance with Privacy Act. Then, ETRI shall take a prompt action to allow the information owners to read the personal information.
      1. Department to handle the request for personal information
        - Dept : Information Security Section
        - Person in charge : Chief technical manager Kim, Ki Jae
        - TEL : 042-860-4804, Fax : 042-860-6994,
    • Information owners are allowed to get access to personal information through the website of Personal Information Protection Portal in addition to through the department to handle the request for personal information above.

      www.privacy.go.kr

  • Article 9 (Remedy for infringement on rights and interests)

    The information owners shall have the right to ask for consultation and remedy for infringement of personal information.

    • The organization below is a separate agency which is not related with ETRI. If you are not satisfied with our actions on the handling of the complaints and remedies or want to get more information, feel free to contact us.
      1. 1Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
        - Affairs : Reporting personal information infringement, application for consultation
        - Website : privacy.kisa.or.kr
        - TEL : Just dial 118
      2. 2Personal Information Dispute Mediation Committee
        - Affairs : Personal information dispute mediation application, collective dispute mediation(civil settlement)
        - Website : www.kopico.go.kr
        - TEL: Just dial 1833-6972
      3. 3Cyber Crime Investigation Agency : Just dial 1301 www.spo.go.kr
      4. 4Korean National Police Agency Cyber Bureau : Just dial 182 cyberbureau.police.go.kr
    • Any person whose rights or interests are violated by any disposition or inaction of the head of a public agency with regard to a request made under the provisions of Article 35, 36, or 37 of the Personal Information Dispute Mediation Committee, may file a petition for an administrative hearing in accordance with the provisions of the Administrative Appeals Act.

      ※ Please refer to the information on telephone numbers offered by the Central Administrative Appeals Commission http://www.simpan.go.kr

  • Article 10 (Amendment of Privacy Policy)
    • The Privacy Policy shall becomes effective on March 06, 2017.
    • ETRI shall separately post the former Privacy Policy.
TOP