PRIVACY POLICY
PRIVACY POLICY
All Personal information that Korea International School, Jeju Campus (KISJ) handles is collected, retained, and processed under relevant statues or with consent of each person whose information becomes subject to this Policy. KISJ has established the following privacy policy to protect users’ rights and interests to handle any complaints regarding personal information from users.
Article 1 (Purpose of processing personal information)
KISJ collects and processes personal information for the purpose stated below.
- Provide academic services
- Member authentication of academic records management system or admission system users
- Prevention of unauthorized server access and fraudulent server use
- Management of academic records, attendance records, and to assist university admission applications, etc.
- Personal information is used as it is required by Primary and Secondary Education Act and other regulations
Article 2 (Collect and Retain Personal Information)
All personal information that KISJ handles is collected and processed under relevant statues or with consent of each user. KISJ destroys a user’s personal information after the retention period. In accordance to the Personal Information Protection Act, KISJ’s process is outlined below.
Personal Information KISJ Collects and Retains
| Retained by | File Name | Purpose | Details of Collected Information | Basis of Retention | Retention Period |
| Admissions Office | Applicant Information | Admissions Review | Consent by information holder (user) | Applicant ID number, photo, personal details (name, gender, nationality, health assessment, resident registration number/alien registration number, address, parent name, occupation of parent, contact number of parent, birth date of parent, nationality of parent, passport copy of parent and student including number, family details), student record, letter of recommendation | 5 years after admission review |
| Registrar | Student record, current student information, graduates information, transferred students information | Management of student records, Certificate issuance, Processing of admission/withdrawal/transfer | Article 25, Elementary & Secondary Education Act Article 3, Regulations on creation & management of student records | Student ID number, personal details (name, gender, nationality, resident registration number/alien registration number, address, parent name, occupation of parent, contact number of parent, birth date of parent, nationality of parent, passport number, family details), photo, student record.
| Permanent |
| ES/MS/HS School office | Management of business staff personal information, Recruitment examine
Students’ field trip | Consent by information holder (user) | Staff: Staff ID number, name, registration number/alien registration number, address, affiliation, contact number, email address, degree of education, work experience, military service, license, qualifications
Student: Student ID number, personal details (name, gender, nationality, Birth date of student, Passport number, address, parent name, parents’ contact number, parents’ bank account number) | 5 years after termination | |
| Asset Management Team | Management of faculty, staff personal information | Consent by information holder (user) | Staff ID number, name, resident registration number/alien registration number, address, affiliation, contact number, email address, personal information. | After task is done | |
| IT Office | Student/Parent portal member information | Access to student information, academic records, and attendance records by student, parents and staff | Article 23-3 Framework Act on Education | Student ID number, password, member type (student/parent), name, gender, nationality, address, parent name, occupation of parent, contact number of parent, birth of parent, nationality of parent, family details, student records, etc. | After member withdrawal |
| IT Office | Mail user information | Management of web mail user | Consent by information holder (user) | Name, email address, Staff ID number | After account termination |
| Accounting Team | Tuition management program | To send Tuition fee invoice, To manage tuition fee | Consent by information holder (user) | Student resident registration number, ID number, name, gender, address Parent’s name, phone number, email address | Student ID number, name : 10 years after graduation
Student resident registration number : Until the next January after graduation
Other information :Upon graduation |
| MS/HS Dorms | Dorm Application and events, activities | Management of student, parent contact info | Consent by information holder | Student ID number, name, gender, address, parent name, contact number of parent, email address. | 5 years after termination |
| Textbook Library/ Textbook | Library user information | Management of book loan/return | Article 38, Library Act, Consent information holder(user), Article 14, School library promotion act | Barcode number, student name, class, student ID number, contact number, list of book loans, photo, address, email address, gender, date of birth, account number of parents | 6 months after graduation/withdrawal |
| Nurse Office | Student health records Assessment of student health Medical form | Management of student health records | Article 9, Regulations on student medical test, Article 14, Guidelines on electronic process & management | Personal details (name, date of birth, gender, name of parent/guardian, address, emergency contacts), health assessment form, medical form, blood type, student health information (previous medical history, current medical issues, medications in use) of student health records | 5 years after graduation/withdrawal |
① The purpose of supply and details of information are as follows:
Provide Personal Information to a Third Party② KISJ handles and retains personal information only for the purpose specified in Article 1. Also, KISJ does not provide personal information collected and retained thereby, to any third party without user’s consent, except in the following cases:
- Where the user specifically consents to provisions of his/her personal information
- Where other statute provides expressly
- Where it is considered necessary for the interests of the users
- Where a user or his/her legal representative is impossible to obtain consent from a user or his/her legal representative because his/her whereabouts are unknown or he/she is unconscious.
- Where personal information is provided in a form that makes it impossible to identify a specific person, as necessary for compiling statistics or scientific research
③ When KISJ provides your personal information to a third party, KISJ will inform you of the following facts to obtain consent from you:
- The name and contact information of the recipient of personal information (or the name of the corporation or organization, if the recipient is a corporation or organization)
- The recipient’s purposes of using personal information and the items of personal information to be provided
- The duration during which the personal information will be retained and used by the recipient
- The fact that the user has a right to refuse to consent and details of any disadvantages
Article 4 (Matters concerning Outsourced Processing of Personal Information)
① KISJ outsources the processing of a user’s personal information for the following purposes below:
| Service Provider | Purpose | Information Delegated | Delegation Period |
| Dongwon Home Food | School meal fee payment and refund | – Student: Name, student ID, allergy information – Parent/guardian: Phone number, bank account number | Until completion of delegated services |
| Hyundai Marine & Fire Insurance | School insurance enrollment | – Student: Name, resident registration number, grade – Parent/guardian (under age 6): Name, resident registration number | Until completion of delegated services |
| Happy Express | School bus operation | Name, student ID, parent/guardian phone number | Until completion of delegated services |
| Sejoong Travel, Gangsan Travel, Soho Travel | – Booking of flights, accommodation, etc. – Travel insurance enrollment | Name, grade, resident registration number, parent/guardian phone number | Until completion of delegated services |
| Elle School Uniform | School uniform supply | Name, grade, address, parent/guardian phone number | Until completion of delegated services |
| Lotte Courier, CJ Courier | Shipment processing | Name, grade, address, parent/guardian phone number | Until completion of delegated services |
| Shinhan Card | Student transportation (Prepaid and Debit Card) | School, Grade, Class, Name, Student ID, Bank Account Number, Resident Registration Number, ID Photo, Mobile Phone Number, Guardian Name, Guardian Phone Number | Until completion of delegated services |
| PowerSchool | Academic management system | Same as personal information collected | Until completion of delegated services |
| MAIA Learning | College admissions platform | Same as personal information collected | Until completion of delegated services |
– Student management – Email system | Same as personal information collected | Until completion of delegated services | |
| College Board | Exams such as AP, PSAT | Name, address, date of birth, test results | Until completion of delegated services |
Outsourced Personal InformationPersonal Information for overseas transferring students
| Service Provider | Purpose of Use | Information Provided | Retention Period |
| PowerSchool | Academic record management | Same as personal information collected | 5 years after graduation/transfer |
| MAIA Learning | College admissions platform | Name, grade, academic transcripts | 5 years after graduation/transfer |
| Destiny | Textbook and library loan management | Name, student ID, gender, date of birth, grade, email address, photo | 5 years after graduation/transfer |
| SNAP | Health management system | Medical information | 5 years after graduation/transfer |
– Student management, etc. – Email system | Same as personal information collected | 5 years after graduation/transfer | |
| College Board | Exams such as AP, PSAT | Name, address, date of birth, test results | 5 years after graduation/transfer |
| Service Provider | Destination Country | Transfer Time | Transfer Method | Recipient |
| PowerSchool | United States | From the start of services related to intended use | Cloud network service | International Support +1 916-288-1881 |
| MAIA Learning | United States or European countries (in compliance with internal Google policies) | From the start of services related to intended use | Cloud network service | MaiaLearning Inc. +1 855-268-2771 |
| Destiny | United States | From the start of services related to intended use | Cloud network service | Follett Software +1 800-323-3397 |
| SNAP | United States | From the start of services related to intended use | Cloud network service | PSNI, LLC +1 800-889-7627 |
| United States | From the start of services related to intended use | Cloud network service | Google Cloud Support Team (Data Protection Team) +1 646-257-4500 | |
| College Board | United States | From the start of services related to intended use | Cloud network service | College Board Customer Service +1-212-713-8000 |
② When KISJ contracts outsourced process of personal information, KISJ stipulates compliance with laws and regulations related to personal information protection, prohibition of third party provision of personal information, and burden of liability.
Article 5 (Right and Responsibility of Information Entity and Exercise Method)
① As a user, one can exercise the following rights:
- Request to browse, modify the personal information
- Request to rectify and suspend the incorrect information
- Request to delete
② If any user requested to rectify or delete his/her personal information by request form, we will complete the request and send the notification within 10 days.
Article 6 (Destruction of personal information)
Personal information is destroyed when the purpose has been fulfilled. The procedure of the destruction of personal information, deadline and method is as below.
- Procedure: Personal information is moved to a separate database once the purpose has been fulfilled. In accordance with the school policy and other related laws, the information is saved for a certain period of time and destroyed later. All information moved to the database is used for other purposes unless enforced by law.
- Deadline: Personal information will be destroyed within 5 days after the personal information is not required due to fulfillment of the purpose, deadline of the possession and etc.
- Method: Personal information as electronic files will be destroyed to be irreproducible and the paper type files with personal information will be shredded using the shredder or be incinerated.
Article 7 (Measures to secure safety)
KISJ has taken the following technical and physical measures necessary for ensuring safety, in compliance with Article 29 of the Personal Information Protection Act:
- Formulating and implementing internal management plans: KISJ has formulated and implemented internal management plans in accordance with the guidelines for measures for ensuring the safety of personal information;
- Minimizing and educating personnel authorized to handle personal information: The number of personnel authorized to handle personal information has been minimized and regular educational programs have been implemented for such personnel;
- Restrictions on access to personal information: Access to personal information is controlled by granting, amending, or cancelling the authority to access the database system that processes personal information, and unauthorized external access is controlled by operating firewalls for blocking and preventing invasion and intrusion, while personnel authorized to handle personal information are precluded from accessing the personal information processing system externally via information and communications networks. Furthermore, details on granting, amending, or cancelling authority are recorded, and such records are preserved for at least three years;
- Encryption of personal information: Passwords and identification numbers, among each user’s personal information, are encoded for storage and management. Furthermore, additional means, such as encrypting essential data for storage and transmission, are used for security.
- Technical measures against hacking: KISJ has installed security programs and updates and inspects the programs to protect personal information from being leaked externally or destroyed by hacking or computer viruses and has installed its systems in an area with restricted access to technically and physically monitor and block external access.
- Restricting access by unauthorized persons: The space for the physical storage of the personal information system that keeps personal information, is separated from other areas, and a procedure for controlling access to the space, has been established and is implemented.
Article 8 (Privacy Officer/Access Request)
The persons below have been designated by KISJ as officer and manager to protect personal information and to handle any possible disputes regarding personal information.
| Name | Position | Role | Contact Information |
| Patrick Carroll | School Director | Privacy Officer | 064-741-0600 SchoolDirector@kis.ac |
| Jong Mun Back | Business Director | Privacy Manager | 064-741-0503 jmback@kis.ac |
| Jin Won Lee | IT Team Leader | Access request | 064-741-0550 jlee@kis.ac |
Article 9 (Amend Privacy Policy)
The current Privacy Policy has been revised and applied on February 19th, 2019.