- Article 1 (For personal information processing purposes)
- Article 2 (items of personal information being processed)
- Article 3 (During and retaining personal information)
- Article 4 (provided by a third party of personal information)
- Article 5 (Consignment of personal information processing)
- Article 6 (rights, duties and methods of use of the information body)
- Article 7 (Decision of personal information)
- Article 8 (Decision of personal information)
- Article 9 (Safety measures for personal information)
- Article 10 (Personal Information Protection Officer)
- Article 10 (Request to view personal information)
- Article 12 (Relative Bill of Rights)
EcoBank processes the minimum amount of personal information required for the following purposes:
1. Homepage member management
Personal information is processed for the purpose of using the homepage bulletin board, using the membership service and limited user identification system, personal identification, complaints handling, and forwarding notices.
2. Civil treatment
Personal information is processed for the purpose of the public service handling related to personal information such as personal information reading, personal information correction & Middot; deletion, request for suspension of personal information handling, and report of personal information leakage incidents.
The personal information being processed is not used for any other purpose, and if the purpose of use is changed, it will be notified to the users in advance and agreed upon.
Personal information items that are processed for member management and civil service handling are as follows:
|Items of Personal Information||Retention Period||Base of Operation||Purpose of Operation||Items of personal information recorded in the personal information file|
|Membership Information||By the time of one's membership||Consent of Infomation Subjects||
Register and manage membership of homepage
Handling Civil Affairs of Homepage
|name, ID, nickname, password, password verification, E-Mail, email receiving status, I-PIN or Authentication information of the identity verification agency|
The users' personal information processed by Eco Bank processes and retains personal information within the period of personal information retention pursuant to the Act or the period in which personal information is collected from the information subject.
Homepage member management and civil complaints
- Collection base: Article 15 of the Privacy Act, Article 1,
- Retention period: Until member withdrawal
EcoBank processes the users' personal information within the scope specified in Article 1 (for personal information processing purposes) and Personal information will be provided to third parties only in accordance with Article 17 of the Personal Information Protection Act, such as the consent of the information subjects and special regulations of the lawExceptions are made when there are special provisions in other laws or when they fall under Article 18.2 of the Privacy Act, such as criminal investigations.
The National Institute of Ecology outsources the processing of personal information as follows for smooth processing of personal information.
|Trustee Company||Fiduciary Work||Item of Fiduciary||The period of personal information held and used for deposit|
|WAVUS||Building and maintaining the EcoBank||Member Information||By the end of the consignment contract|
EcoBank prohibits the processing of personal information that is not for the purpose of outsourcing under the provisions of Article 25 of the Personal Information Protection Act at the time of concluding the outsourcing agreement. Matters concerning administrative responsibilities, restrictions on subcontracting, management and supervision of the trustee, and responsibilities such as damages are clearly stated in documents such as contracts, and we supervise whether the trustee processes personal information safely.
If the content of the commissioned business or the trustee is changed, it will be disclosed without delay through the processing policy of this personal information.
Information subject (for legal representatives) may at any time exercise the right to personal information protection under any of the following:
1. Personal information access demand
2. Correct errors, etc.
3. Deletion Request
4. Request processing stop
The rights can be prepared in accordance with the form No. 8 of the Enforcement Regulations of the Personal Information Protection Act through written form, e-mail, and transmission (FAX), and the agency will take proper action without delay.
If the main body of the information requests correction or deletion of personal information errors, it shall not use or provide the personal information until the correction or deletion is completed.
The rights may be exercised through an agent, such as a legal representative of the information body or a person who has been entrusted with it. In this case, you must submit a letter of attorney according to the form No. 11 of the Enforcement Rules of the Privacy Act.
The right of the information subject may be restricted under Article 35 paragraph 5 of the Privacy Act or Article 37 paragraph 2 of Article 37.
The request for the correction and deletion of personal information shall not be required if the personal information is specified as the object of collection under another Act.
The person who makes the request for access according to the right of the subject of information, request for correction or deletion, and request for suspension of processing shall confirm whether he or she is a legitimate agent.
※ [Annex 8 to the Enforcement Rules of the Privacy Act] Request for personal information (examination, correction, deletion, disposition)
※ [Annex 11, Enforcement Regulations of the Privacy Act] Delegation
EcoBank destroys the personal information without delay when it becomes unnecessary for the period of personal information retention and the purpose of processing.
If the institution for which the personal information has been agreed by the information subject or the processing purpose has been achieved, the personal information must be kept in a separate database (DB) or a different storage location.
Procedure and procedure for personal information destruction are as follows.
1. Disposal Procedure
EcoBank establishes a plan for destruction of personal information (or personal information files) that should be destroyed, and destroys it with the approval of the personal information protection manager.
A. Disposal of Personal Information: Personal information whose retention period has expired without delay from the end date.
Revocation of personal information files: When the personal information file becomes unnecessary, such as the goal of processing personal information files, the abolition of the service concerned, and the termination of the business, the personal information file is destroyed without delay from the date.
2. Destruction Method
When destroying personal information handled by EcoBank, destroy it using the following methods.
A. In case of electronic file format: use technical method for not playing records
B. In case of records, printed materials, written documents or other recording media other than electronic file types: crushed or incinerated;
Items on the operation and denial of installation of an automatic personal information collection device
According to Article 29 of the "Personal Information Protection Act," EcoBank performs the technical, administrative and physical actions necessary to secure safety as follows:
1. Minimize the designation of personal information providers and trainings
We minimize the designation of personal information providers and provide regular education.
2. Restrict access to personal information
We control access to personal information by granting, changing, and terminating access to the database system that handles personal information.
3. Storage of access records and prevention of tampering
Records of access to the personal information processing system are kept for at least six months, and records of access are managed to prevent forgery, theft, or loss.
4. Encryption of personal information
The users' personal information is encrypted, stored and managed. In addition, sensitive data uses separate security functions, such as cryptographically used for storage and transmission.
5. Technical measures for hacking, etc.
EcoBank installs security programs, periodically updates and checks, and installs systems in an externally controlled area to prevent leakage and damage of personal information caused by hacking or computer viruses.
6. The control of unauthorized personnel
Access control procedures are established and operated separately for the physical storage of personal information systems.
EcoBank has overall responsibility for the processing of personal information, and has designated a personal information protection officer as follows for processing complaints and remedies for information subjects related to the processing of personal information.
Personal Information Protection Officer
Name : Heenam Yoon
Position: Head of EcoBank Team
Contact : 041-950-5621
Fax : 041-950-6143
Personal information protection department
Department : EcoBank Team
Manager : Manseok Shin
Contact : 041-950-5624
Fax : 041-950-6143
If the information subject uses the EcoBank homepage service for any inquiries regarding the protection of personal information, he or she can contact the personal information protection manager and the department in charge regarding matters relating to complaint handling and damage relief. EcoBank will continue to respond to inquiries from the information subject without delay.
The information subject can request the reading of personal information in accordance with the provisions of Article 35 of the Personal Information Protection Law to the following departments. EcoBank strives to expedite the processing of requests to view personal information of information sources.
Receiving and processing department for personal information access
Department : EcoBank Team
Manager : Manseok Shin
Contact : 041-950-5624, firstname.lastname@example.org
Information subject can request viewing of personal information through Receiving and processing department for personal information access or the "Personal Information Protection Comprehensive Support Portal" website(www.privacy.go.kr) of the Ministry of Public Safety.
www.privacy.go.kr → Personal information complaint → Request for access to personal information
The information subject can ask the following institution for damages or advice on personal information infringement.
[The institution below is a separate entity from the National Institute of Ecology, please contact us if you are not satisfied with the results of the National Institute of Ecology's own processing of personal complaints and remedies or if you need further help.]
1. Personal Information Dispute Adjustment Committee(Operate the Korea Internet Promotion Agency) : (Without national interest) 118 (http://privacy.kisa.or.kr)
2. Privacy violation reporting center(Operate the Korea Internet Promotion Agency) : (Without national interest) 118 (http://privacy.kisa.or.kr)
3. Supreme Prosecutors' Office Cyber Crime Investigation Team : 02-3480-3582 (http://www.spo.go.kr)
4. Cyber Terror Response Center : 1566-0112 (http://www.netan.go.kr)
As required by Article 35 of the Privacy Act (reviewing personal information), Article 36 (correction or deletion of personal information), Article 37 (restriction of personal information, etc.) is made by the Head of the public institution.
※ See the Central Administrative Tribunal (http://www.simpan.go.kr) for phone numbers.