Underwood International College Personal Information Management Policy
All personal information that Underwood International College (hereinafter referred to as the ‘UIC’) collects, retains and processes is handled on the basis of relevant laws and an agreement of an information owner. UIC establishes and discloses the personal information management policy as below so as to ensure that it respects privacy of information owners and promptly handles relevant requests in accordance with Article 30 of Personal Information Protection Act.
1. Purpose of Processing Personal Information
① UIC processes personal information for the following purposes. The information UIC processes will not be used for anything other than the purposes as stated below. If any changes are made to the intended purposes, UIC shall take necessary steps including gaining a separate consent from an information owner according to Article 18 of Personal Information Protection Act.
1. Membership Registration and Management of Website
UIC manages personal information in order to implement its admission tasks according to the ‘Higher Education Act’ and ‘Higher Education Enforcement Ordinance’. The personal information that UIC processes will not be used other than for the intended purposes, and before changes are made in the policy, or personal information is used beyond the intended purposes, UIC takes necessary steps including gaining a separate consent from an information owner according to Article 18 of Personal Information Protection Act.
② UIC registers and discloses the processed personal information files for the following purposes in accordance with Article 32 of Personal Information Protection Act.
Name of Personal Information File | Applicable Law/ Purpose of Processing | Personal Information Collected in Personal Information File | Retention Period |
---|---|---|---|
List of Freshmen Applicants | Article 73 of the Higher Education Enforcement Ordinance (Processing identification information) | (Required) name, passport number, nationality, country of origin, gender, date of birth, cellphone number, e-mail address, the name of university an information owner graduated from, applying department (Optional) home address, contact number, information pertaining to family members |
4 Years |
Prospective Freshmen Selection Data | Article 35 of the Higher Education Enforcement Ordinance (Admission screening data) Article 73 of the Higher Education Enforcement Ordinance (Processing identification number) |
Name, passport number, contact number, address | 3 Years |
※ For further details, go to the personal information protection general support portal (privacy.kisa.or.kr) → Personal information-related civil complaints → Requests like the inspection of personal information etc. → Search the list of personal information files.
2. Types of Personal Information Processed
The types of personal information processed by UIC are as below.
- List of Freshmen Applicants
(Required) name, passport number, nationality, gender, date of birth, cellphone number, e-mail address, the name of university an information owner graduated from, applying department
(Optional) home address, contact number, information pertaining to family members. - Prospective Freshmen Selection Data Name, passport number, contact number address.
- In the process of using the internet service provided by UIC, the following information may be automatically generated and collected: the user’s IP address, Cookies, MAC address, service usage records, visiting records, wrong usage records, and etc.
3. Personal Information Processing and Retention Period
① UIC processes and retains personal information during the period agreed by the information owner upon collection of his/her personal information.
② The processing and retention period of personal information is as indicated below.
- List of Freshmen Applicants: 4 years
- Prospective Freshmen Selection Data
- 3 Years
4. Provision of Personal Information to Third Party
① UIC provides personal information to a third party only when an information owner gives consent, and it is permitted by Article 17 and Article 18 of Private Information Protection Act.
② The third parties that UIC provides personal information are as stated below.
- Personal information is provided to: Yonsei University Office of Admissions/ Korea Council for University Education/ Korea Council for University College Education
- Purpose of utilizing personal information: To provide data for college admissions statistics
- Personal information provided: Name, applying university, unit name of recruitment
- Retention and utilization period: Until the intended purpose is achieved
※ You have the right to refuse to provide your personal information to a third party, and refusing to provide the information will still qualify your application.
5. Rights and Duties of Information Owners and Method to Exercising Such Rights
① Information owners may at any time exercise the following rights against UIC in order to protect his/her personal information.
- Right to have access to personal information
- Right to request correction of any error
- Right to request deletion of information
- Right to request discontinuation of personal information processing
② The rights referred to in Paragraph 1 above may be exercised by completing the Form 8 of the Attachment and submitting to UIC as hard copy, or by email or facsimile. UIC will immediately take action upon receipt of such request.
③ Upon the request for correction and deletion of personal information from an information owner, UIC will not use or provide the concerned information until such correction or deletion is completed.
④ The rights referred to in Paragraph 1 above may be exercised by a legal agent or an authorized representative of information owner. In such a case, power of attorney as provided in the Form 11 of the Attachment must be submitted.
6. Destroying Personal Information
① When personal information is no longer needed due to the expiration of the term for retaining personal information and fulfillment of the purpose for collecting and utilizing the information, UIC immediately destroys the personal information.
② If the information should be kept stored in accordance with other stipulated laws even though the expiration date of the information storage has lapsed, and the purpose of collecting and retaining personal information has been achieved, the concerned information will be transferred to a separate database or to a different storage location.
③ The procedures for, and methods for destroying personal information are as below.
- Destroying Procedures UIC destroys personal information (or personal information file) subject to disposal based on its disposal policy. UIC selects personal information (or personal information file) that is to be destroyed and deletes it by obtaining an approval from a personal information protection officer of the admissions department.
- Destroying Methods Information recorded and saved in an electronic file format is destroyed to prevent its restoration while printed documents or hardcopy versions that contain personal information are shredded or incinerated.
7. Safety Measures for Personal Information
① UIC takes the following measures to secure safety of personal information.
- Administrative measures: Establishment and implementation of internal management plan, staff training on a regular basis, and etc.
- Technical measures: Restriction of access rights to personal information processing system, installation of security system that controls the access rights, encryption of identification information, and installation of safety program.
- Physical measures: Restriction of access to computer room and data storage room.
8. Person in Charge of Personal Information Protection
① UIC appoints the personal information department and managers responsible for all affairs relating to personal information processing and handling complaints raised by information owners and remedying damages done to information owners.
- Name: Myung-sik Park
- Position: Director of Administration, UIC
- Position: Director of Administration, UIC
Personal Information Manager
- Name: Joon-young Chang
- Position: Admissions Officer, UIC
- Phone: +02-2123-3923
Personal Information Protection Office (Department in charge of personal information protection)
- Department: Personal Information Protection Office, Yonsei University
- Officer in Charge: Hyun-joo Park
- Phone: +02-2123-8500
- E-mail address: privacy@yonsei.ac.kr
② If information owners make any inquiries, report complaints and seek remedies relating to privacy infringement arising from the UIC service, please contact the managers and department in charge of personal information protection. UIC endeavors to handle such requests promptly.
9. Request to Access Personal Information
① Information owners can contact the following department when seeking to access his/her personal information in accordance with Article 35 of Personal Information Protection Act. UIC endeavors to respond to such requests promptly.
Personal Information Manager
- Name: Joon-young Chang
- Position: Admissions Officer, UIC
- Phone: +02-2123-3923
② In addition to the department mentioned in the Paragraph 1, information owners can also contact the personal information protection general support portal privacy.kisa.or.kr → Personal information-related civil complaints → Requests including the inspection of personal information etc. (Personal Identification Number (I-PIN) is required to verify identification).
10. Remedies for Privacy Infringement
Information owners can contact one of the following organizations when seeking remedies and counseling for privacy infringement. (The organizations described below are separate entities of UIC. You may inquire at the following institutions regarding remedy of damages arising from infringement of personal information, if not fully satisfied with the service of UIC in handling complaints related to personal information).
Personal Information Protection Center & Personal Information Dispute Mediation Committee (operated by Korea Internet & Security Agency)
- What they do: take reports on infringement of personal information infringement, provide counseling services
- Website: privacy.kisa.or.kr
- Phone: 118 (without area code)
- Address: Korea Internet & Security’s privacy infringement complaint center, 135 Joongdaero, Songpa-gu, Seoul 138-950, Korea
- Supreme Prosecutors’ Office’s Cybercrime Investigation Department: +02-3480-3573 www.spo.go.kr
- National Police Agency’s Cyber Terrorism Response Department: 1566-0112 www.cyberbureau.police.go.kr
11. Changes in Personal Information Management Policy
This policy will come into effect from May 18, 2016.