Purpose of Personal Information Processing, Processing and Retention Period of Personal Information, Items of Personal Information Processed

AI Grand ICT Research Center's main homepage () does not collect personal information directly, and the personal information files registered and disclosed in accordance with Article 32 of the Personal Information Protection Act can be checked below.

Comprehensive Personal Information Protection Support Portal (www.privacy.go.kr)
Personal Information Complaints
Requests for viewing personal information, etc.
Search personal information file list
Enter “AI Grand ICT Research Center” in the organization name and search

Provision of personal information to third parties

AI Grand ICT Research Center, in principle, processes the personal information of the data subject within the scope specified for the purpose of collection and use, and, except in the cases below, does not process or provide it to third parties beyond the original purpose without the prior consent of the data subject.

In cases where separate consent is obtained from the information subject
In cases where there are special provisions in the law
n cases where the information subject or legal representative is unable to express their intention or where prior consent cannot be obtained due to unknown address, etc., and where it is clearly deemed necessary for the urgent life, body, or property interests of the information subject or a third party
n cases where it is necessary for purposes such as compiling statistics and academic research, and where personal information is provided in a form that does not identify a specific individual
In cases where it is impossible to perform the duties stipulated in other laws if personal information is used for purposes other than the intended purpose or is not provided to a third party, and where it has been deliberated and resolved by the Protection Committee
In cases where it is necessary to provide it to foreign intelligence or international organizations for the implementation of treaties or other international agreements
In cases where it is necessary for the investigation of crimes and the filing and maintenance of public prosecutions
In cases where it is necessary for the performance of court trial duties
In cases where it is necessary for the execution of punishment, custody, and protective measures

Entrustment of personal information processing

n cases where the processing of personal information managed by the AI ​​Grand ICT Research Center is entrusted to another public institution or another specialized institution, personal information learned in the course of work about a person engaged or engaged in such work will not be disclosed Or, in order to prevent the use of the information for improper purposes such as processing without authorization or providing it to others, the entrusted department establishes necessary restrictions or procedures regarding the following matters and requires the entrusted institution to comply with them, and also conducts on-site inspections.

Matters regarding prohibition of re-entrustment
Matters regarding copying of personal information files
Matters regarding inspection of the management status of personal information and education of affiliated employees
Matters regarding compensation for damages in case the entrusted institution violates its obligations Rights and obligations of the data subject and methods of exercising them

Data subjects may exercise the following rights, and legal

representatives of children under the age of 14 may request access to, correction/deletion of, or suspension of processing of the child's personal information.

Request to access personal information

Personal information files held by AI Grand ICT Research Center may be accessed by requesting access to one's own personal information in accordance with Article 35 (Access to Personal Information) of the Personal Information Protection Act. However, requests to access personal information may be restricted as follows pursuant to Article 35, Paragraph 5 of the Act.

When access is prohibited or restricted by law
When there is a risk of harm to another person's life or body or a risk of unfairly infringing upon another person's property or other interests
When it causes significant disruption when a public institution performs any of the following tasks
A. Tasks related to tax imposition, collection, or refund
B. Tasks related to examinations and qualification examinations related to academic background, skills, and employment
C. Tasks related to ongoing evaluations or judgments regarding calculations of compensation and benefits, etc.
D. Tasks related to audits and investigations in progress under other laws

Request for correction/deletion of personal information

You may request correction/deletion of personal information files held by AI Grand ICT Research Center in accordance with Article 36 (Correction/deletion of personal information) of the Personal Information Protection Act. However, if the personal information is specified as a collection target in other laws, you may not request deletion.

Request for suspension of personal information processing

You may request suspension of processing of personal information files held by AI Grand ICT Research Center in accordance with Article 37 (Suspension of processing of personal information, etc.) of the Personal Information Protection Act. However, requests for suspension of personal information processing may be rejected in accordance with Article 37, Paragraph 2 of the Act.

In cases where there are special provisions in the law or it is inevitable to comply with legal obligations
In cases where there is a risk of harm to the life or body of another person or a risk of unfairly infringing upon another person's property or other interests
In cases where public institutions cannot perform their duties stipulated in other laws if they do not process personal information
In cases where it is difficult to fulfill a contract, such as not being able to provide the service agreed upon with the information subject if personal information is not processed, and the information subject has not clearly expressed his or her intention to terminate the contract

Destruction of personal information

In principle, AI Grand ICT Research Center destroys personal information without delay when the retention period for personal information has expired or the purpose of personal information processing has been achieved. The procedures, deadlines, and methods for destruction are as follows.

Destruction procedures

Personal information is destroyed immediately after the purpose is achieved or moved to a separate space and stored for a certain period of time in accordance with internal policies and other relevant laws and regulations. Personal information moved to a separate space will not be used for any other purpose unless required by law.

Destruction Period and Method

When the retention period has expired, the purpose of personal information processing has been achieved, the relevant business has been abolished, or the personal information has become unnecessary, it will be destroyed without delay. Information in the form of electronic files uses a technical method that makes it impossible to reproduce the records. Personal information printed on paper is destroyed by shredding or incineration.

Measures to ensure the safety of personal information

AI Grand ICT Research Center is taking the following technical, administrative, and physical measures to ensure safety in accordance with Article 29 of the Personal Information Protection Act.

Minimization and training of personal information handling staff

We designate and manage only the necessary number of staff handling personal information, and provide training for safe management to handling staff.

Restriction of access to personal information

We are taking necessary measures to control access to personal information by granting, changing, and deleting access rights to the database system that processes personal information, and we are controlling unauthorized access from the outside using an intrusion prevention system.

Retention of access records
We are storing and managing records of access to the personal information processing system (web logs, summary information, etc.) for at least 6 months.

Encryption of Personal Information

Personal information is safely stored and managed through encryption, etc. In addition, separate security functions such as encryption of important data during storage and transmission are used.

Installation of security programs and periodic inspection and update

In order to prevent leakage and damage of personal information due to hacking or computer viruses, we install security programs and periodically update and inspect them.

Access control for unauthorized persons

We have a separate physical storage location for the personal information system that stores personal information and establish and operate access control procedures for it.

Perform regular self-inspections

In order to ensure stability in handling personal information, we regularly conduct personal information protection management inspections including affiliated and subordinate organizations.

Establishment and implementation of internal management plan

In order to safely process personal information, we establish and implement an internal management plan.

Personal information protection manager and person in charge

AI Grand ICT Research Center designates the following personal information protection manager and person in charge to protect personal information and handle complaints related to personal information.

Contact : 051-890-2817

Methods for Redressing Rights Infringement

In order to receive relief for damages caused by personal information infringement, the personal information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency Personal Information Infringement Report Center, etc.

Personal Information Dispute Mediation Committee: (without area code) 118 (privacy.kisa.or.kr)
Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
Supreme Prosecutors' Office Cybercrime Investigation Division: 02-3480-3571 (cybercid@spo.go.kr)
National Police Agency Cyber ​​Terror Response Center: 1566-0112 (www.netan.go.kr)
In addition, a person whose rights or interests have been infringed upon by a disposition or inaction by the head of a public institution in response to a request from a data subject for access to, correction/deletion of, or suspension of processing of personal information may request an administrative appeal in accordance with the Administrative Appeals Act.
For more information on administrative appeals, please refer to the National Human Rights Commission of Korea (www.acrc.go.kr) website.