Article 1 (Purpose of managing personal information)
(1) KSF shall manage personal information to fulfill the following purposes. Personal information managed by the company shall not be used for purposes other than the following, which, if subject to change, obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act shall be taken as required.
1. Signing up for membership and its management
Personal information shall be managed to fulfill the following purposes: confirming user intent to sign up , self-identification and authentication during the provision of services, maintenance and management of membership, identity verification as per implementation of the limited identification system, prevention of illegal use of services, various notices and notifications and resolution of complaints.
2. Handling civil complaints
The company shall manage personal information to confirm identification of a complainant and verify complaints, as contact for fact-finding inquiries, to send notices, and to make notifications of results.
(2) KSF shall manage personal information files registered and disclosed in accordance with Article 32 of the Personal Information Protection Act for the following purposes
Oder : 1
Name of personal information file : COMEUP Homepage
Ground for operation / Purpose of handling :
Article 39 of Support for Small and Medium Enterprise Establishment Act
1. Operation and management of homepage
2. Event registration and application
Personal information items registered in a personal information file
- Name (Korean or English)
- Affiliation (Company name)
- Email address (Membership approved upon authentication)
- Contact information
Retention period : 5 year
Article 2 (Period of Managing and Retaining Personal Information)
(1) COMEUP Homepage shall manage and retain personal information during the period for managing and retaining the personal information as specified by laws and regulations or as agreed upon during collection from an owner of information.
(2)The period of managing and retaining respective personal information shall be as follows.
1. Signing for membership and its management : Within 1 year or until withdrawal from membership Until pertinent reasons cease to exist if pertaining to the following reasons
a) Until pertinent investigations and inquiries are concluded if ongoing due to violation of related laws and regulations
2. Handling civil petitions : 3 years following conclusion of managing civil complaints
Article 3 (Provision of Personal Information to a Third Party)
(1) COMEUP Homepage shall manage the personal information of an owner of information within a scope as specified in Article 1 (Purpose of Managing Personal Information) and provide personal information to a third party only if it pertains to Article 17 of the Personal Information Protection Act stipulating the consent by an owner of information and special legal provisions.
(2)COMEUP Homepage shall provide the following personal information to a third party.
- A recipient of personal information : COMEUP Advisory Committee and Operation Secretariat, Ministry of SMEs and Startups, Korea Institute of Startup & Entrepreneurship Development (KISED)
- Purposes for which a recipient of personal information uses such information: Notification on event schedule, provision of information on amenities etc.
- Items of personal information to provide : Name, affiliation, email, contact information and etc.
- Period for which a recipient of personal information holds and uses such information: 1 year
Article 4 (Entrustment of Managing Personal Information)
(1) COMEUP Homepage shall entrust management of the personal information as follows in order to efficiently deal with personal information.
Trusting company : ONOFFMIX
Representative : YANG JOONCHEOL
general manager : LEE SEUNGHEE
Contact : 02-6080-5579
Contents of consignment : COMEUP Home page maintenancee
Management status inspection results : Good
Article 5 (Rights and Duties of An Owner of Information and Legal Representatives and Exercising Methods)
(1) An owner of information shall be allowed to make a request for access to his/her own personal information, correction, or deletion, and the suspension of management from the COMEUP Homepage at any time.
(2) The rights specified in paragraph (1) may be exercised via letters, email or fax in accordance with Article 41(1) of the Enforcement Ordinance of Personal Information Protection Act regarding the COMEUP Homepage, and shall be implemented without any delay.
(3) As for the rights specified in paragraph (1), they may be exercised through the legal representative for the owner of information or a proxy. In that case, a power of attorney shall be submitted in a form specified in Appendix Form No. 11 in accordance with the Enforcement Regulation of Personal Information Protection Act.
(4) As for a request to access to his/her own personal information and suspend management of personal information, the rights of an owner of information may be restricted in accordance with Article 35 (5) and Article 37(2) of the Personal Information Protection Act.
(5) If other laws and regulations specify the personal information for collection, it shall not be requested to be deleted.
(6) COMEUP Homepage shall verify that any person who has made a request for access to his/her personal information, to correct, or delete or suspend its handling according to the right of an owner of information is the person in question or his or her legitimate representative.
Article 6 (Personal Information Items to Be Managed)
COMEUP Homepage shall deal with the following personal information items.
1. Sign up for membership and its management and registration and application for participation in events
․ Name (Korean or English), nationality, affiliation (company name), position, email address (Membership approved upon authentication), contact information, and etc.
2. The following personal information items may be collected automatically in the course of using the Internet service.
․ The IP address, cookies, MAC address, service usage records, visit history, faulty use records etc.
Article 7 (Destruction of Personal Information)
(1) COMEUP Homepage shall destroy pertinent personal information without delay if it becomes unnecessary as its retention period expires or its management purpose is achieved.
(2) If it is necessary to retain personal information in accordance with laws and regulations after its retention period expires as consented by an owner of information or purpose of management is achieved, the pertinent personal information (or personal information files) shall be transferred to a separate database or another storage place.
(3) Procedures for and methods of destroying personal information shall be as follows.
1. Procedures for destruction
COMEUP Homepage shall formulate and implement a plan to destroy personal information (or personal information files). It shall select personal information (or personal information files) with reasons for destruction and destroy upon approval from Personal Information Protection Managers.
2. Methods of destruction
Personal information recorded and stored in electronic files shall be destroyed through the use of Low Level Format to keep records from being retrieved while written information is shredded or incinerated.
Article 8 (Measures to Keep Personal Information Secure)
(1) COMEUP Homepage shall take the following measures in order to keep personal information secure.
1. Administrative measures : Formulation and implementation of an internal management plan, regular trainings of employees, etc.
2. Technical measures : Management of authority to access the personal information managing system, installation of an access control system, encryption of unique identification information, and installation of security programs
3. Physical measures : Control of access to the computer room and data storage facility
Article 9 (Matters Related to the Installation and Operation of an Automatic Collector of Personal Information and Rejection)
(1) COMEUP Homepage shall use ‘cookies’ to retain and retrieve information in order to provide customized services to users.
(2) ‘Cookie’ refers to a small amount of information sent to your computer browser by a server (http) used to operate a website, and may also be stored on your computer’s hard disk.
A. Purpose of using cookies: It is used to provide optimized information to users by analyzing the patterns of visit history and usage records, popular search words and secure access status, for each service and websites visited by users.
B. Installation, operation and rejection of cookies: Users can reject to store cookies through the option setting in the Tools > Internet Options > Privacy menu at the top of the web browser.
C. User may have difficulty using customized services if they refuse to store cookies.
Article 10 (Personal Information Protection Managers)
① COMEUP Homepage is responsible for handling personal information and designated as a person in charge of personal information protection as follows for handling personal information complaints and damage relief.
② The information subject can contact the person in charge and the department in charge of personal information protection related to all personal information protection related inquiries, complaints, and damage relief caused by using the service on the COMEUP website, and we will respond and handle the information subject's inquiries without delay.
- Personal Information Protection Officer : Corporate Strategy Department Josh Choi
- The person in Charge of Personal Information Protection : Strategy Development Division of COMEUP HQ Derrick Kang (02-521-2022)
Article 11 (Access of Personal Information)
① The information subject may request the following departments to read personal information under Article 35 of the Personal Information Protection Act, and we will make efforts to expedite the request for personal information access by the information subject.
② In addition to the receiving and processing department of the request for perusal under paragraph (1), the information subject can also request perusal of personal information through the website of the Ministry of Public Administration and Security's 'Comprehensive Support Portal for Personal Information Protection' (www.privacy.go.kr).
▶ The Ministry of Public Administration and Security's comprehensive support portal for personal information protection → civil petitions for personal information → requests for personal information reading, etc. (requires real name verification through public i-pins)
A company in charge of receiving and processing personal information requests company : Corporate Strategy Department
The person in charge : Josh Choi
Contact : 02-521-2022
Article 12 (Remedies Against Infringement of Rights)
An owner of information may inquire about remedies against infringement of rights and counselling with the following institutions
▶ Personal Information Compliance Call Center (Operated by KISA)
- Duties : Report on infringement of personal information and request for counselling
- Homepage : privacy.kisa.or.kr
- Phone : 118
- Address : Personal Information Compliance Call Center
3rd Fl., 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2, Bitgaram-dong)
(zip code: 58324)
▶ Personal Information Dispute Mediation Committee
- Duties : Request for dispute mediation for personal information and settlement for collective disputes
- Homepage : www.kopico.go.kr
- Phone : 1833-6972
- Address : 4th fl., Government Complex-Seoul, 209, Sejong-daero, Jongno-gu, Seoul (03171)
▶ Cyber Crime Investigation Department of Supreme Prosecutors’ Office : 02-3480-3573 (www.spo.go.kr)
▶ Korea National Police Agency Cyber Bureau : 182 (http://cyberbureau.police.go.kr)
- August 25, 2019. ~ May 22, 2020. Personal Information Processing Policy