All personal information handled by the National Research Institute of Maritime Cultural Heritage are collected, maintained, and processed conforming to related statues such as the Personal Information Protection Act, etc., and the following processing guidelines of personal information are established and made public below in accordance with Article 30 of the Personal Information Protection Act so that the personal information of the subject of information can be protected and related matters can be processed in a fast and smooth manner.
1. Purpose of personal information processing, processing and retention time of personal information, and types of personal information to be processed
☞ Personal Information Protection Commission(www.privacy.go.kr) ▷ Personal Information Complaint ▷ Request of browsing of personal information, etc. ▷ Search list of personal information files ▷ Details can be checked by entering “Cultural Heritage Administration or National Research Institute of Maritime Cultural Heritage”.
2. Matters pertaining to Provision of Personal Information to Third Parties
The National Research Institute of Maritime Cultural Heritage processes personal information only within the scope of the purpose of collection and use of personal information, does not use the personal information beyond the scope of the aforementioned usage, and does not provide the personal information to a Third Party without the consent of the data subject, excluding occasions under Article 18 of the Personal Information Protection Act as stated below.
◻︎ A. Where a data subject specifically consents to provision of personal information
◻︎ B. Where special provisions exist in other statutes
◻︎ C. Where personal information is provided in a manner that makes it impossible to identify a specific person as necessary for compiling statistics, academic research, etc.
◻︎ D. Where personal information is provided in a manner that makes it impossible to identify a specific person as necessary for compiling statistics, academic research, etc.
◻︎ E. Where it is impracticable to perform relevant duties provided for in other statutes unless personal information is provided for any purpose other than its original purpose or is provided to a third party, with the relevant case having been deliberated on and determined by the Personal Information Protection Commission
◻︎ F. Where it is necessary to provide personal information to a foreign government or an international organization to implement treaties or other international agreements
◻︎ G. Where it is necessary to investigate a crime and to file and undergo prosecution
◻︎ H. Where it is necessary for a court to proceed with a trial
◻︎ I. Where it is necessary to enforce a sentence, custody, or protective order that has been imposed
3. Matters pertaining to Outsourced Processing of Personal Information
The National Research Institute of Maritime Cultural Heritage abides with the guidelines in the following document when outsourcing the processing of personal information.
◻︎ A. Matters on prohibition of processing of personal information aside from the purpose of outsourced processing
◻︎ B. Matters on technological and administrative protective measures on personal information
◻︎ C. Matters on safety management of personal information - Matters on the purpose and scope of outsourcing and restrictions on re-outsourcing, matters on securing the safety of personal information, matters on supervision such as inspection of management status of personal information, etc., matters on obligations of the consignee, and indemnification for violations of these obligations.
4. The rights and duties of the data subject and how to exercise such rights
The data subjects have the following rights, and legal representatives of children under the age of 14 may request browsing, correction, deletion, or termination of processing of their personal information.
◻︎ A. The right to request permission to inspect personal information
The personal information collected by the National Research Institute of Maritime Cultural Heritage can be requested for inspection according to Article 35 of the Personal Information Protection Act. However, the request for personal information inspection may be restricted as follows according to Article 35 Paragraph 4 of the Personal Information Protection Act.
▪︎ Where any Act prohibits or restricts such inspection
▪︎ Where it is likely to harm another person’s health or safety or to unfairly violates another person’s property or interests
▪︎ Where it substantially interferes with a public institution performing any of the following business affairs ▪︎ Affairs concerning imposing, collecting, or refunding taxes ▪︎ Affairs concerning assessing academic achievements or selecting new enrollees at schools of each level established under the Elementary and Secondary Education Act or the Higher Education Act; lifelong education facilities established under the Lifelong Education Act; and higher education facilities established under other Acts
▪︎ Affairs concerning the testing of academic skills, aptitudes, skills for employment, and examination of qualifications
▪︎ Affairs concerning evaluating or determining calculation, etc. of damages or benefits
▪︎ Affairs concerning audits and investigations in progress under any other Act
◻︎ B. Request of correction or deletion of personal information
The personal information collected by the National Research Institute of Maritime Cultural Heritage can be requested for correction or deletion according to Article 36 of the Personal Information Protection Act. However, if any Act states the personal information as a target for collection, deletion cannot be requested.
5. Destruction of Personal Information
The National Research Institute of Maritime Cultural Heritage destroys user personal information immediately after the purposes of processing personal information are fulfilled. The procedures, deadlines, and methods for destroying personal information are as follows:
◻︎ A. Procedures for destruction The personal information that a user provides is destroyed in accordance with our internal policies and relevant statutes immediately after the purposes of processing such information are fulfilled, or it is moved to a separate space to be destroyed in accordance with relevant statues and are not used for any other purpose.
◻︎ B. Deadline and methods for destruction - The personal information which is deemed useless as the retention period of the relevant information expires or the purposes of processing such information are fulfilled that are recorded and stored in electronic files will be destroyed by means of low-level formatting or other similar methods to prevent the recovery of the records, while personal information recorded and preserved in paper documents will be destroyed by shredder.
6. Measures for Ensuring Safety of Personal Information
The National Research Institute of Maritime Cultural Heritage takes the following technical and administrative measures necessary to ensure safety of the personal information from loss, theft, leakage, falsification, or damage during collection.
◻︎ A. Minimizing and educating personnel authorized to process personal information The number of personnel authorized to process personal information is minimized and regular educational programs are implemented for such personnel.
◻︎ B. Restrictions on access to personal information Access to personal information is controlled by granting, amending, or cancelling the authority to access the database system that processes personal information and unauthorized external access is controlled through appropriate measures.
◻︎ C. Preserving access logs Log data about access to the personal information processing system is stored and managed for at least 6 months.
◻︎ D. Encryption of personal information The personal information of each user are stored and managed using passwords, etc. Additionally, additional means are used such as encrypting essential data for storage and transmission.
◻︎ E. Installation of security programs and regular maintenance and updates Security programs have been installed and are regularly updated and inspected to protect personal information from being leaked externally or being destroyed by hacking or computer viruses.
◻︎ F. Controlling access by unauthorized persons The area for the physical storage of the personal information system that retains personal information is separated from other areas and a procedure for controlling access to this area is established and implemented.
7. Operation of image information processing equipment
The National Research Institute of Maritime Cultural Heritage is currently installing and operating the image information processing equipment (CCTV) as stated below.
▪︎ Reason and means of installation: Protection of relics, facility management, visitor safety
▪︎ No. of CCTV installations: 79
▪︎ Location of installation: Control room of the National Research Institute of Maritime Cultural Heritage
▪︎ Personnel in charge: Chief of planning and operations of the National Research Institute of Maritime Cultural Heritage
▪︎ Division in charge: Planning and operations division
▪︎ Permission to access image information: Personnel in charge of planning and operations division (061-270-2032)
▪︎ Period of operation: 24 hrs.
▪︎ Period of storage: 30 days
▪︎ Storage location and processing method: Stored in control room of the National Research Institute of Maritime Cultural Heritage
▪︎ Method and location for request for image information: Make request to personnel in charge (planning and operations division)
▪︎ The request for browsing of image information of the data subject must be made through the request form, and it is only allowed if the data subject is filmed or it is clearly required for the benefit of the life, body, and property of the data subject.
▪︎ Internal management plans for technological, administrative, and physical measures for protection of image information, restriction of access or right to access, application of technology for the safe storage and transmission of image information, storage of processing records and measures against forgery and alteration, and the installation of a lock system, etc.
8. Remedies for violation of rights and interests
A data subject may file a report for a breach of privacy due to the unauthorized collection, use, consignment, or damage from the handling of personal information. In addition, you may report the breach of privacy by the following methods: File a report through the homepage or by visit, confirm the target and case for report of violation, conduct an investigation through a visit to the violating institute or document investigation, create a report for the processing and countermeasures, and report the results through the reporter or the Ministry of the Interior and Safety.
Also, the data subject may request damage relief or consultation through the institutions listed below. (the institutions listed below are not related to the National Research Institute of Maritime Cultural Heritage. Thus, please request help from these organizations if the complaint handling of the National Research Institute of Maritime Cultural Heritage was unsatisfactory or if you require more specific help.)
◻︎ A. Personal Information Protection Commission (Report violations of privacy, request consultation, request materials, etc.)
▪︎ Homepage : http://www.privacy.go.kr (Tel : 02-2100-4047)
▪︎ Address: 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea ◻︎ B. Korea Internet & Security Agency (Report violations of privacy, request consultation, etc.) ▪︎ Homepage : http://privacy.kisa.or.kr (Tel : 118)
▪︎ Address : 135, Jungdae-ro, Songpa-gu, Seoul, Republic of Korea (Personal Information Violation Reporting Center) ◻︎ C. Personal Information Dispute Mediation Committee (Request resolution of privacy disputes, resolve group disputes / civil resolution) ▪︎ Homepage : https://kopico.go.kr (Tel : 1833-6972)
▪︎ Address : (03171) 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea, Central Government Complex, 4th floor ◻︎ D. Supreme Prosecutor's Office Cyber Terror Response Center ▪︎ Homepage : http://www.spo.go.kr (Tel : 02-3480-2000) ◻︎ E. Korea National Police Agency Cyber Bureau ▪︎ Homepage : http://cyberbureau.police.go.kr (Tel : 182 without area code)
9. Designation of managers and officers in charge of processing personal information
▪︎ National Research Institute of Maritime Cultural Heritage Personal Information Protection Officer: Chief of planning and operation
▪︎ National Research Institute of Maritime Cultural Heritage Personal Information Protection Officer: Lee Gwang-soo
▪︎ Tel : 061)270-2032
▪︎ Fax : 061)270-2039
▪︎ Email : firstname.lastname@example.org
▪︎ Address: (58699) 136, Namnong-ro, Mokpo-si, Jeollanam-do, Republic of Korea, National Research Institute of Maritime Cultural Heritage
▪︎ Previous privacy policies can be found below.
◻︎ You are currently using a phone number that has been verified through NICE assessment.