UIC Newsletter

All personal information that Underwood International College (hereinafter referred to as the ‘UIC’) collects, retains and processes is handled on the basis of relevant laws and an agreement of an information owner. UIC establishes and discloses the personal information management policy as below so as to ensure that it respects privacy of information owners and promptly handles relevant requests in accordance with Article 30 of Personal Information Protection Act.

1. Purpose of Processing Personal Information

① UIC processes personal information for the following purposes. The information UIC processes will not be used for anything other than the purposes as stated below. If any changes are made to the intended purposes, UIC shall take necessary steps include gaining a separate consent from an information owner according to Article 18 of Personal Information Protection Act.

1. Management of Newsletter Recipients UIC processes personal information in order to send UIC newsletter. The information UIC processes will not be used other than the purposes stated as below and when the purposes are changed or the information is used beyond the intended purposes, UIC takes necessary steps to request separate consent from an information owner according to Article 18 of Personal Information Protection Act.

② UIC registers and discloses the processed personal information files for the following purposes in accordance with Article 32 of Personal Information Protection Act.

 ※ For further details, go to the personal information protection general support portal (privacy.kisa.or.kr) → Personal information-related civil complaints → Requests like the inspection of personal information etc. → Search the list of personal information files 

2. Types of Personal Information Processed

The types of personal information processed by UIC are as below.
  1. Newsletter Recipient List
       - Name and e-mail
  2. In the process of using Internet service provided by UIC, the following information may be automatically generated and collected. (if personal information is automatically generated and collected) the user’s IP address, Cookies, MAC address, service usage records, visiting records, wrong usage records, etc.

3. Personal Information Processing and Retention Period

① UIC processes and retains personal information during the period agreed by the information owner upon collection of his/her personal information. .

② The processing and retention period of personal information is four years.

4. Provision of Personal Information to Third Party

① UIC provides personal information to a third party only when an information owner gives consent, and it is permitted by Article 17 and Article 18 of Private Information Protection Act.

② The third parties that UIC provides personal information are as stated below.
     - Personal information provided to: Yonsei University
    - Purpose of personal information utilization: to send UIC newsletter
    - Personal information provided: Name and e-mail
    - Retention and utilization period: until the stated purposes are achieved

※ You have the right not to agree to provide your personal information to a third party, and you can withdraw your consent anytime. However personal information UIC collects is information for better service, therefore if you refuse to provide the information, you will be unable to receive the newsletter.

5. Rights and Duties of Information Owners and Method to Exercising Such Rights 

① Information owners may at any time exercise the following rights against UIC in order to protect his/her personal information. 
    1. Right to have access to personal information
    2. Right to request correction of any error 
    3. Right to request deletion of information
    4. Right to request discontinuation of personal information processing

② The rights referred to in Paragraph 1 above may be exercised by completing the Form 8 of the Attachment and submitting to UIC as hard copy, or by email or facsimile. UIC will immediately take action upon receipt of such request.

③ Upon the request for correction and deletion of personal information from an information owner, UIC will not use or provide the concerned information until such correction or deletion is completed.

④ The rights referred to in Paragraph 1 above may be exercised by a legal agent or an authorized representative of information owner. In such a case, power of attorney as provided in the Form 11 of the Attachment must be submitted. 

6. Destroying Personal Information

① When personal information is no longer needed due to the expiration of the term for retaining personal information and fulfillment of the purpose for collecting and utilizing the information, UIC immediately destroys the personal information.

② If the information should be kept stored in accordance with other stipulated laws even though the expiration date of the information storage has lapsed, and the purpose of collecting and retaining personal information has been achieved, the concerned information will be transferred to a separate database or to a different storage location.

③ The procedures for, and methods for destroying personal information are as below.
    1. Destroying Procedures UIC destroys personal information (or personal information file) subject to disposal based on its disposal policy. UIC selects personal information (or personal information file) that is to be destroyed and deletes it by obtaining an approval from a personal information protection officer of the admissions department.
    2. Destroying Methods   Information recorded and saved in an electronic file format is destroyed to prevent its restoration while printed documents or hardcopy versions that contain personal information are shredded or incinerated.

7. Safety Measures for Personal Information

① UIC takes the following measures to secure safety of personal information.
     1. Administrative measures: Establishment and implementation of internal management plan, staff training on a regular basis, and etc.
    2. Technical measures: Restriction of access rights to personal information processing system, installation of security system that controls the access rights, encryption of identification information, and installation of safety program.
    3. Physical measures: Restriction of access to computer room and data storage room

8. Person in Charge of Personal Information Protection

① UIC appoints the personal information department and managers responsible for all affairs relating to personal information processing and handling complaints raised by information owners and remedying damages done to information owners.

    Person in Charge of Personal Information Protection
       - Name: Myung-sik Park
       - Position: Director of Administration, UIC
       - Phone: 02-2123-3922  

    Personal Information Manager
       -   Name: Minji You
       -   Position: PR Officer, UIC 
       -   Phone: 02-2123-3924

    Personal Information Protection Office (Department in charge of personal information protection)
       - Department: Personal Information Protection Office
       - Manager: Hyun-joo Park
       - Phone: 02-2123-8500, e-mail:privacy@yonsei.ac.kr

② If information owners make any inquiries, report complaints and seek remedies relating to privacy infringement arising from the UIC service, please contact the managers and department in charge of personal information protection. UIC endeavors to handle such requests promptly.

9. Request to Access Personal Information

① Information owners can contact the following department when seeking to access his/her personal information in accordance with Article 35 of Personal Information Protection Act. UIC endeavors to respond to such requests promptly.

    • Personal Information Manager
        -   Name: Minji You
        -   Position: PR Officer, UIC
        - Phone: 02-2123-3924

② In addition to the department mentioned in the Paragraph 1, information owners can also contact the personal information protection general support portal (privacy.kisa.or.kr) → Personal information-related civil complaints → Requests including the inspection of personal information etc. (Personal Identification Number (I-PIN) is required to verify identification)

10. Remedies for Privacy Infringement

Information owners can contact one of the following organizations when seeking remedies and counseling for privacy infringement. (The organizations described below are separate entities of UIC. You may inquire at the following institutions regarding remedy of damages arising from infringement of personal information, if not fully satisfied with the service of UIC in handling complaints related to personal information.)

      • Personal Information Protection Center (operated by Korea Internet & Security Agency)
        - What they do: take reports on infringement of personal information infringement, provide counseling services 
        - Website: privacy.kisa.or.kr
        - Phone: 118 (without area code)
        - Address: Korea Internet & Security’s privacy infringement complaint center, 135 Joongdaero, Songpa-gu, Seoul 138-950, Korea  

     • Personal Information Dispute Mediation Committee (operated by Korea Internet & Security Agency)
       - What they do: receive applications for mediation of personal information-related disputes, and mediate collective disputes (civil resolution)
       - Website: privacy.kisa.or.kr
       - Phone: 118 (without area code)
       - Address: Korea Internet & Security’s privacy infringement complaint center, 135 Joongdaero, Songpa-gu, Seoul 138-950, Korea

    • Supreme Prosecutors’ Office’s Cybercrime Investigation Department: 02-3480-3573 (www.spo.go.kr)

    • National Police Agency’s Cyber Terrorism Response Department: 1566-0112 (www.netan.go.kr)

11. Changes in Personal Information Management Policy

This policy will come into effect from September 12, 2016.