1. Personal information items to be collected
1.1 All personal information maintained by the National Museum of Modern and Contemporary Art, Korea (hereinafter referred to as the “MMCA”) will be collected and possessed pursuant to relevant regulations or to consent from the information owners. MMCA shall handle personal information as follows:
Items: Name, E-mail of subscribers to the Website ‘Watch and Chill’ watchandchill.kr
Purpose for Preservation: Member management (for E-mailing and etc.)
Basis for Preservation: An agreement on the use of services
Period of Preservation: 3 years (expires along with the cease of the membership)
※ Disclosure of registration matters of personal information from MMCA file Safety Administration Privacy comprehensivesupport portal (www.privacy.go.kr)→ individual complaint information → required inspection of personal information → personal information list browser menu
1.2 Following information will be collected and saved automatically to analyzing statistics for improvement and supplement of the Website. MCA utilizes Google Analytics statistics cookie to determine how many users visit the Website as well as the Website’s traffic.
• Domain of your internet server and addresses of websites that you pass through and visiting time
• The user’s browser type and OS
2. Use and Sharing of Collected Information
2.1 MMCA shall not handle personal information beyond the extent informed or agreed and provide or disclose it to a third party. However, the cases of provision of information by the law or permitted extent of other laws are allowed.
2.2 When signing an entrustment contract with other public organization or other specialized organization, MMCA shall make them comply with the necessary limitation or procedures according to Article 26 (Restrictions on Management of Personal Information Following Entrustment of Affairs) and inspect actual conditions.
2.3 MMCA’s personal information is strictly limited on use and provision. Article 18 (Restrictions on Use and Provision) of Personal Information Protection Act provides the guidelines as follows:
2.3.1 Where he/she has obtained the consent of a subject of information
2.3.2 Where special provisions exist in any other Act
2.3.3 Where it is deemed obviously necessary for physical safety and property interests of a subject of information or a third person when the subject of information or his/her legal representative cannot give prior consent as he/she is unable to express his/her intention or by reason of his/her unidentified address, etc.
2.3.4 Where personal information is necessary for compiling statistics, or scientific research purposes, etc., and the personal information is provided in a form by which a specific individual cannot be identified
2.3.5 Where using personal information for any purpose other than the intended purpose or a failure to provide a third person with such information makes it impossible to perform affairs provided for in any other Act, and this has undergone deliberation and resolution by the Protection Committee
2.3.6 Where it is necessary for providing a foreign government or international organization with personal information in order to implement a treaty or any other international agreement
2.3.7 Where it is necessary for investigating a crime, and instituting and sustaining a public prosecution
2.3.8 Where it is necessary for a court to perform its judicial affairs
2.3.9 Where it is necessary for executing a punishment, care and custody or protective disposition.
3. Removal of Contents
MMCA removes the provided information without haste when the purpose of collecting personal information is achieved. The process and the means of the removal are as follows:
3.1 For the protection of privacy, information provided by users to register membership, etc. is to be deleted after a certain period of sustainment for the purpose of information protection stipulated in the internal policies and related laws. The personal information is not used for other purposes except retention based on the law.
3.2 As for information printed on paper, MMCA uses paper cutters or destroy them by fire. As for digitized files, MMCA uses technical method to irreversibly delete the data.
4. Rights of information providers
Providers of personal information can claim their rights with regard to the protection of their personal information according to the Personal Information Protection Act Chapter 5.
4.1 Accessing provided personal information
4.2 Rectifying provided information and removing it from the Website
4.3 Stopping the provision of personal information
4.4 Method and processes for claiming the rights
4.5 Liability to compensate for damage
5. Inspection, Correction, Deletion, and Suspension of Personal Information
5.1 A subject of information may request inspection, correction, deletion, and suspension of personal information according to the Personal Information Protection Act Article 35 (Inspection of Personal Information), Article 36 (Correction or Deletion of Personal Information), and Article 37 (Suspension, etc. from Managing Personal Information)
• Process to request access: Request in person to department of personal information or “Privacy Information Protection Portal” (www.privacy.go.kr) Complaint of personal information → Request for inspection of personal information and etc. (public I-Pin real name authentication)
• Inquiry: Department of Planning and General Management, MMCA
5.2 Members have the right to access to their own information pursuant to according to the Personal Information Protection Act. However, access may be restricted at any event of the followings pursuant to Article 35 (4) of the Act
5.2.1 Where an inspection is prohibited or restricted by Acts
5.2.2 Where it is apprehended that any third person’s life and body may be harmed, or any third person’s property and other interests may be unduly infringed on
5.2.3 Where a public institution causes any inconvenience while carrying out any of the following affairs
22.214.171.124 Affairs concerning the imposition, collection, or refund of taxes
126.96.36.199 Affairs concerning grade evaluation or the selection of newly enrolled students at schools of each level under the Elementary and Secondary Education Act and the Higher Education Act, lifelong education centers under the Lifelong Education Act, and other higher education institutions established under other Acts
188.8.131.52 Affairs concerning tests of academic ability, functions and employment, and qualification evaluation
184.108.40.206 Affairs concerning an assessment or decision in progress in connection with the calculation, etc. of compensation or benefits
220.127.116.11 Affairs concerning an audit and an investigation in progress under other Acts
5.3 Members who have the right to access to their own information can request correction, deletion, or treatment cessation to the manager of personal information. However, if the personal information is specified in the collection target in other laws and regulations, you will not be able to request the deletion. The process is as follows:
Process to request access: Requesting Person (Information Subject) → Request by Form → Head of Possessing Agency → Decision to be Sent within 10days
6. Reporting infringements
6.1 Any person, who is damaged to their rights or interests damaged by treatment such as disclosure of personal information or the collection, use, offer, commission of personal information without the consent of the information subject, or not in accordance with the law while using the Website is able to report in the following way:
• Submission of Appeal/submitting via the website or visiting in person/corresponding organization
• Investment infringement fact/Check infringement, Visiting and research infringement organization/register book
• Processing/ Provisional Remedy/Remedy report
• Announcement of result/report to claimant and Minister of Security and Public Administration/ result letter of notification
In the event of an infringement of an information subject’s personal information, a complaint may be submitted to the Personal Information Infringement Report Center of the Korea Internet Security Agency (KISA) of Minister of Security and Public Administration (http://www.kisa.or.kr, Tel: 118) according to Personal Information Protection Act Article 62 (Reporting, etc. Facts of Infringements).
7. Administrative and technical Measures for Personal Information
7.1 MMCA maintains administrative and technical safeguards to protect against unauthorized disclosure, use, alteration or destruction of the personal information you submitted
7.2 Passwords are codified in cipher so that the providers might be only people who can manage their own personal information for themselves
7.3 MMCA tries to protect personal information from hackers or computer viruses. The latest vaccine program is used so as not to damage or leakage materials and personal information, and it can secure transmission of personal information on the network through encrypted communication. Proper measures shall be taken to protect the personal information processing system from intrusion by unauthorized parties, using an intruder detection system
7.4 Education and minimum of employees responsible for handling personal information
7.5 MMCA restricts access to personal information to the employees working as the staffs who need to know that information regularly renewed in order to process it and shall attend mandatory educational sessions on the relevant regulations.
8. Relief from Infringement of Rights
The personal information subject can request relief from personal information infringement and counseling. Please contact Institutions below as separate organizations from MMCA, if you need more help or not satisfied with the results from MMCA
8.1 Cyberprivacy Center: Appeal of personal information infringement, Consultation application
• Website: privacy.kisa.or.kr Contact Number: 118
• Postal Address: KISA CYBERPRIVACY Center, Jungdaero 135, Songpa-gu, Seoul 138-950
8.2 Personal Information Dispute Mediation Committee: Personal information dispute mediation application, group conflict adjustment (civil settlement)
• Website: www.kopico.go.kr Contact Numebr: +82-2-405-4710
• Postal Address: Personal Information Dispute Mediation Committee, Jungdaero 135, Songpa-gu, Seoul 138-950
8.3 Cyber Crimes Investigators (Supreme Prosecutor’s Office): +82-2-3408-3573 (www.spo.go.kr)
8.4 Cyber Terror Response Center: +82-1566-0112 (www.netan.go.kr)
9. Contact Information of Personal Information Protection Officer
Personal Information Protection head Officer of ‘Watch and Chill’(watchandchill.kr): Mihwa Park, Head of Dept. of Contemporary Art 1
Adress: Department of Contemporary Art 1 of MMCA, 30 Samcheong-ro, Sogyeok-dong, Jongno-gu, Seoul, 03062, Korea
Personal Information Protection Officer of ‘Watch and Chill’(watchandchill.kr): Jihoi Lee, Curator, Dept. of Contemporary Art 1
Adress: 1st Department of Contemporary Art of MMCA, 30 Samcheong-ro, Sogyeok-dong, Jongno-gu, Seoul, 03062, Korea