Article 1 (Purpose of Managing Personal Information)
Gwanak-gu uses personal information to perform the following services.
The processed personal information will not be used for any other purpose than provided herein, and, in case of any change in the purpose of use, the district office will request advance consent from its owners.
- Membership joining and management
- The district office uses personal information as part of its service to verify the identity of new members, prevent unwarranted use of membership by malicious members,
confirm the true intent to join the site as a member, verify the ages of new members, verify consent by the legal representative of new members aged under 14,
efficiently operate educational/event programs through online reservation and application services, etc.
- Provision of public service
- The district office uses personal information in providing public services that are closely related to its residents including self-governing administration, traffic, urban planning, cultural arts, environmental protection, etc.
- Handling of civil service
- The office uses personal information to process civil services including civil affair documents-issuing service, tax imposition/collection, delinquency management, etc.
- Web site
- The district office automatically collects the following information for purposes of statistical analyses and smooth communication between users and the Web site to improve the Web site and deliver better service to residents.
- Users’ browser types and OS
- Access path, access log, access IP information, cookies information, etc.
Article 2 (Duration of Managing and Keeping Personal Information and Category)
The district office collects, keeps, processes and deletes the entire personal information in accordance with the related rules and regulations. Such personal information is managed in individual information files, and the information owner can read them on the Personal Information Protection Support Portal
Article 3 (Provision of Personal Information to Third Parties)
In principle, the district office manages personal information within the purposes of collecting and using such information, and, except for the following cases, does not provide personal information to any third parties without the prior consent by the owner of such information.
- Agreed by the owner to providing information to third parties
- Specifically provided in the related regulations
- Necessary for the causes of life, physical safety, and property of third parties, but the owner or the legal representative of such information is not a condition to successfully express his/her opinion or a prior consent by such person may not be attained due to unknown address.
- Deemed necessary for statistical/research purposes; provided the specific persons related to such information are made indiscernible.
- Where the services specifically provided in other laws cannot be performed if such information is not used for other purpose than originally provided or not provided to the third parties; provided such use or provision is examined and determined through the deliberations by the Protection Committee.
- Necessary for the performance of any treaty or international agreement through providing such information to foreign or international organizations.
- Necessary for the investigation of a crime, or prosecution, institution and support of a public action.
- Necessary for a court trial.
- Necessary for taking a measure of care and custody
Article 4 (Commissioned Management of Personal Information)
Management of personal information may be outsourced in the following cases, and the district office makes sure the outsourced service should be performed in strict compliance with the related regulations protecting personal information and preventing providing such information to third parties, keeping the details of the related agreement in the written and electronic forms.
In case of changing the outsourced company, the office will make public the details through the guidelines.
※ Companies commissioned by the district office - 94 companies 수탁기관보기
Article 5 (Rights and Obligations of the Information Owner and their Exercises)
The owner of personal information can exercise the following rights, and the legal representative of the children aged under 14 has the rights to request to read, correct/delete and suspend managing the personal information concerned.
- Request for inspection of personal information
- A. Where an inspection is prohibited or restricted by Acts;
- B. Where it is apprehended that any third person’s life and body may be harmed, or any third person’s property and other interests may be unduly infringed on;
- C. Where a public institution causes any inconvenience while carrying any of the following affairs;
- 1) Affairs concerning the imposition, collection or refund of taxes;
- 2) Affairs concerning grade evaluation or the selection of newly enrolled students at schools of each level under the Elementary and Secondary Education Act and the Higher Education Act, lifelong education centers under the Lifelong Education Act, and other higher education institutions established under other Acts;.
- 3) Affairs concerning tests of academic ability, functions and employment, and qualification evaluation
- 4) Affairs concerning an assessment or decision in progress in connection with the calculation, etc. of compensation or benefits;
- 5) Affairs concerning an assessment an audit and an investigation in progress under other Acts.
- Request for correcting/deleting personal information
- Request for suspending managing personal information
- A. Where there exists special provisions in any Act or it is inevitable to comply with statutory obligations;
- B. Where it is apprehended that any third person’s life and body may be harmed, or any third person’s property and other interests may be unduly infringed on
- C. Where a public institution is unable to carry out its affairs stipulated by or under other Acts unless it manages personal information;
- D. Where it is impractical to perform a contract, such as a failure to provide a subject of information with stipulated services unless the personal information manager manages personal information, and the subject of information fails to clearly express his/her intention to terminate the contract.
- Procedures of the inspection, correction/deletion, management suspension of personal information
- A. The requests for the inspection, correction/deletion, management suspension of personal information are processed in the following procedures:
- B. Methods of Requesting the Inspection, etc. of Personal Information
1) Personal information can be requested online using the Integrated Personal Information Protection Support Portal(www.privacy.go.kr) or offline at the Civil Service and Passport Division located on the first floor of the district office building.
온라인과 오프라인의 개인정보 열람 요구방법
||Offline (Written form)
- Access to the portal(www.privacy.go.kr)
- Civil service for personal info > Request for inspection of personal info > Click [Request for Inspection of Personal Info]
- Identity verification using I-PIN certification
- Select agency thru [Search List of Personal Info Files]
- Select request category (out of inspection, correction/deletion, management suspension)
- Complete and submit request form
- Submit [Request for Inspection of Personal Info] to Civil Service and Passport Division of the district office
- Present ID care (resident registration card, driver’s license, passport, etc. for identity verification
※ Proxy request requires submission of [Letter of Attorney]
※ [개인정보보호법 시행규칙 별지 제8호] 개인정보(열람,정정ㆍ삭제,처리정지)요구서 다운로드
※ [개인정보보호법 시행규칙 별지 제11호] 위임장 다운로드
Article 6 (Disposal of Personal Information)
Upon satisfaction of the purposes of collecting and using personal information, such information is immediately disposed of.
However, excluding the membership information on the Web site, the records of the civil affair documents issued, etc. are disposed of in accordance with the Act on the Management of Public Archives
- In case the owner of personal information grants consent
The personal information whose purpose is satisfied is sent to the separate DB (in case of written documents, stored in the document boxes) during the evaluation process for disposal and is disposed of after a certain period of time
- Disposal methods
- A. Personal information in the form of written document is disposed of using the paper shredder.
- B. Personal information stored in the form of electronic files is disposed of using technological methods that allow no recovery of the information.
Article 7 (Measures to Secure Safety of Personal Information)
The district office takes technological/administrative and physical measures to secure safety of personal information in accordance with Article 29 of the Personal Information Protection Act.
- Encoding of personal information
With the personal information of users is encoded for storage and management, the information can be understood by the users only, and special security measures for provided for important data including encoding or file locking.
- Technological measures against hacking, etc.
The office regularly installs, upgrade and inspects security programs to protect information against hacking trials or computer viruses and prevent the leakage or damage of the personal information, and also installs systems in places inaccessible from outside to monitor and protect the systems both technologically and physically.
- Control of access to personal information management system
The district office takes necessary measures to control access to personal information through grating, changing or cancelling the rights to get access to the database system, and also controls unlawful access by outsiders using the infiltration detection system.
- Streamlining & education of the staff in charge of personal information
The district office appoints only a limited number of staff dedicated to managing personal information.
Article 8 (Operation & Management of Imagery Information Management Equipment)
Gwanak-gu operates and manages the imagery information management equipment as follows:
- Purpose of installing the imagery information management equipment
For public causes including crime prevention, evidence securing, facility safety, fire prevention, providing traffic information and cracking down on regulatory violations
- Quantity, locations and shooting scope of equipment installed
- Chief/department of management and persons accessible to imagery information
- A. Chief: head of department concerned
- B. Persons having access to such information shall be appointed/supervised by dep’t head
- Shooting time, duration/place of maintaining information, and management method
- A. Shooting time: 24 hours/day
- B. Duration of maintaining information: maximum 30 days from shooting
- C. Storing place and management method: Gwanak-gu Integrated Control Center and facilities concerned(district office building, community centers)
- Method/place of reviewing imagery information: request to chief of management concerned
- Taking measures for requests by the information owner for viewing the imagery information:
Request for the inspection of imagery information should be made by submitting the Imagery Information Inspection/Verification Request, and inspection should allowed only when the imagery information contains the image of the person who makes the request or inspection is clearly necessary for the life, body and financial benefits of the owner of personal information.
- Technological, administrative and physical measures to protect imagery information:
Access control and restriction of access rights, employment of safe storage and transmission technologies, keeping the processing records and measures to prevent fakes and forgeries, securing of storing places, installation of the locking system, etc.
Article 9 (Information Owner’s Seeking Remedy Against Infringement)
To seek remedy against infringed personal information, the information owner may submit a request for resolution to the Personal Information Dispute Mediation Committee, the Personal Informational Infringement Report Center of Korea Internet Security Agency, etc.
Refer to the following for further information on reporting and consulting on infringed personal information.
- Personal Information Dispute Mediation Committee
- Services: requests for resolution of personal information-related disputes/collective disputes
- Web site : http://www.kopico.go.kr
- 전화 : 02-2100-2499
- Personal Informational Infringement Report Center (Korea Internet Security Agency)
- Services: reports on infringement of personal information, consultation requests
- Web site : http://privacy.kisa.or.kr
- Phone: (w/o phone exchange number) 118
- Cybercrime Investigation Department of Supreme Prosecutors’ Office
- Cyber Terror Response Center of the Korean National Police Agency
Article 10 (Chief of Personal Information Protection)
In accordance with Article 31 of Personal Information Protection Act, chief of personal information protection is to be appointed who shall be in charge of providing the following services:
- Establishment and implementation of personal information protection plan
- Regular research and improvement of the status and practice of personal information management
- Processing of complaints related to the management of personal information and damage relief
- Establishment of the internal control system for preventing the leakage of personal information and the misuse/overuse of such information
- Establishment and implementation of the educational program on protecting personal information
- Protection, management and supervision of personal information files
- Any other services set forth by the Personal Information Protection Act for the appropriate management of personal information
- 개인정보보호 책임자 : 행정혁신국장 김진두
- 개인정보보호 담당자 : 스마트정보과 이예리
- 전자우편 : email@example.com
- 전화번호 : 02-879-5291
Article 11 (Revision of Personal Information Management Guidelines)
These guidelines shall be applicable from the effective date of revision, and notification may not be given in the case of revision caused due to changes in the quantity of files containing personal information managed per category.
- Effective date: October 22, 2013