PRIVACY POLICY
PRIVACY POLICY
Korea International School, Jeju Campus (KISJ) Privacy Policy
In accordance with the Personal Information Protection Act, Korea International School, Jeju Campus (KISJ) has established the following privacy policy to protect users’ personal information and rights and interests, and to smoothly handle users’ grievances related to personal information.
Article 1: Purpose of Processing, Retention Period, and List of Personal Information Files Processed
Korea International School, Jeju Campus (KISJ) processes and retains personal information only in accordance with the provisions of laws and with the consent of the data subject, and destroys it without delay when the purpose of processing personal information is achieved. The list of personal information files processed and retained by Korea International School, Jeju Campus (KISJ) based on the provisions of laws and the consent of the data subject is as follows:
| Items Collected | Purpose of Processing | Retention Period |
|---|---|---|
| Name, gender, address, grade, nationality, academic transcript | Academic and study support management | 5 years after graduation/transfer |
| Student residence type (family accompanied, homestay, dormitory, etc.) | Contact in case of emergency, student management, dormitory assignment and creating dormitory living environment | 1 year after graduation/transfer |
| Photos, videos | Registration in academic management programs such as Powerschool Production of publications such as Yearbook, Brochure Promotional materials such as school website, SNS, school events |
5 years after graduation/transfer |
| Guardian (legal representative) information: Name, phone number, address, email address, nationality, occupation, position, company name | Guardian contact in case of emergency, academic information notice, tuition notice and payment guide | 5 years after graduation/transfer |
| Guardian (legal representative) bank account number | Refund account transfer | Until refund processing is completed after graduation/transfer |
| Enrolled sibling information: Name, student ID, grade | Scholarship benefits, coordination of counseling time | 1 year after transfer/graduation |
| Resident registration number, alien registration number | Academic management, school insurance and traveler’s insurance subscription, year-end tax settlement education expenses Hometax upload | 5 years after graduation/transfer |
| Guardian (legal representative) resident registration number | School insurance subscription (under 6 years old) | Until the end of the school insurance contract period |
| Family relation certificate | Reference for student management and counseling | 5 years after graduation/transfer |
| Passport information (foreign nationals) | Flight ticket issuance | 1 year after graduation/transfer |
| Medical information stated in the Medical History Form | Disease management, emergency nursing action in case of emergency, allergy check when providing meals, allergy check when providing meals for outside activities, reference for academic support | 1 year after graduation/transfer |
Korea International School, Jeju Campus (KISJ) does not use personal information for purposes other than the purpose of retention, and will seek prior consent if the purpose of use changes. In addition, the above list of personal information files is kept in the administration office of Korea International School, Jeju Campus (KISJ) and can be requested for viewing at any time.
Article 2: Provision of Personal Information to Third Parties
In principle, Korea International School, Jeju Campus (KISJ) processes users’ personal information within the scope specified in Article 1 (Purpose and Retention Period of Personal Information Processing, Items of Personal Information Processed), and does not process it beyond the original scope or disclose or leak it to a third party without the prior consent of the user. However, in the following cases, personal information may be provided to third parties, and necessary matters such as legal basis, purpose, and scope are posted on the website.
- When separate consent is obtained from the data subject
- When there are special provisions in other laws
- When it is recognized as clearly necessary for the urgent life, body, or property interests of the data subject or a third party, where the data subject or their legal representative is unable to express their intention or prior consent cannot be obtained due to unknown address, etc.
- When necessary for purposes such as statistical compilation and academic research, where personal information is provided in a form that cannot identify a specific individual
- When the duties prescribed in other laws cannot be performed unless personal information is used for purposes other than the intended purpose or provided to a third party, and has undergone deliberation and resolution by the Protection Committee
- When necessary to provide to a foreign government or international organization for the implementation of treaties and other international agreements
- When necessary for the investigation of a crime and the filing and maintenance of public prosecution
- When necessary for the court to perform its judicial duties
- When necessary for the execution of punishment, care and custody, and protective disposition
Korea International School, Jeju Campus (KISJ) provides personal information to the following organizations, and the purpose and scope of provision are as follows:
| Recipient | Purpose | Personal Information Provided |
|---|---|---|
| Korea International School (For Korea International High School students) |
Academic support management and database sharing system operation | Same as the collected personal information items |
| Korea International High School (For Korea International School students) |
Academic support management and database sharing system operation | Same as the collected personal information items |
Article 3: Consignment of Personal Information Processing
For smooth processing of personal information, Korea International School, Jeju Campus (KISJ) consigns personal information processing tasks as follows. The contents of the consigned tasks and the consignees are as follows.
| Consignee (Company) | Purpose | Entrusted Personal Information | Entrustment Period |
|---|---|---|---|
| Dongwon Home Food | Payment and refund of meal expenses | Student: Name, student ID, allergy info Guardian: Phone number, account number |
Until the end of the entrusted task |
| Hyundai Marine & Fire Insurance | School insurance subscription | Student: Name, resident registration number, grade Guardian (under 6): Name, resident registration number |
Until the end of the entrusted task |
| Happy Express | School bus operation | Name, student ID, guardian phone number | Until the end of the entrusted task |
| Sejung Travel, Gangsan Travel, Soho Travel | – Flight, accommodation reservations, etc. – Traveler’s insurance subscription |
Name, grade, resident registration number, guardian phone number | Until the end of the entrusted task |
| Elle School Uniform | Uniform supply | Name, grade, address, guardian phone number | Until the end of the entrusted task |
| Lotte Courier, CJ Courier | Delivery item processing | Name, grade, address, guardian phone number | Until the end of the entrusted task |
| Shinhan Card | Student (Prepaid and Check Card) | School, grade, class, name, student ID, account number, resident registration number, ID photo, mobile phone number, guardian name, guardian phone number | Until the end of the entrusted task |
| PowerSchool | Academic management system | Same as the collected personal information items | Until the end of the entrusted task |
| MAIA Learning | College admission application system | Same as the collected personal information items | Until the end of the entrusted task |
| – Student management, etc. – Email system |
Same as the collected personal information items | Until the end of the entrusted task | |
| College Board | AP, PSAT, etc. test taking | Name, address, date of birth, test results | Until the end of the entrusted task |
When signing an entrustment contract, Korea International School, Jeju Campus (KISJ) specifies in documents such as contracts matters related to responsibilities such as prohibition of processing personal information for purposes other than performing the entrusted tasks, technical and managerial protective measures, restriction on re-entrustment, management and supervision of the consignee, and compensation for damages, in accordance with Article 25 of the Personal Information Protection Act, and supervises whether the consignee processes personal information securely. If the content of the entrusted task or the consignee changes, we will disclose it without delay through the privacy policy.
Article 4: Rights and Obligations of Data Subjects and Legal Representatives and How to Exercise Them
Data subjects and their legal representatives can exercise their rights related to personal information protection against Korea International School, Jeju Campus (KISJ) at any time.
- Request to read personal information
- Request for correction in case of errors, etc.
- Request for deletion
- Request to suspend processing
The exercise of rights pursuant to the above can be done through documents, email, fax (FAX), etc., using the Personal Information Protection Act Enforcement Rule Annex Form No. 8 [Request to Read Personal Information] to Korea International School, Jeju Campus (KISJ), and Korea International School, Jeju Campus (KISJ) will take action without delay.
Article 5: Request for Reading, Correction, and Deletion of Personal Information
The data subject may request reading, correction, and deletion of personal information files processed by Korea International School, Jeju Campus (KISJ) as follows.
â‘ Department in Charge of Receiving and Processing Requests for Reading, Correction, Deletion, and Suspension of Processing of Personal Information
| No. | Personal Information File Name | Department Processing Reading/Correction/Suspension/Deletion | Phone Number |
|---|---|---|---|
| 1 | Student Records | Admissions Counseling Team | 064-741-0509 |
| 2 | Parent Service Applicant List | Administration Office | 064-741-0509 |
| 3 | Student Health Records Management | Nursing Team | 064-741-0587 |
| 4 | School Steering Committee Roster | Administration Office | 064-741-0509 |
| 5 | School Banking CMS Information | Financial Accounting Team | 064-741-0509 |
| 6 | Website Member Information | IT Team | 064-741-0551 |
| 7 | Employee Personnel Records | HR Team | 064-741-0538 |
| 8 | Library Usage Management | Librarian Team | 064-741-0583 |
※ In addition to the department receiving and processing requests for reading in Paragraph 1, the data subject may request to read personal information through the Personal Information Protection Comprehensive Support Portal website (www.privacy.go.kr) of the Ministry of the Interior and Safety.
Ministry of the Interior and Safety Personal Information Protection Comprehensive Portal → Civil Service Center → Request for Personal Information Reading, etc.
(I-PIN or mobile phone authentication under your name is required for identity verification)
② Procedure for Processing Requests for Reading, Correction, Deletion, and Suspension of Processing of Personal Information
③ Restriction on Reading Personal Information
The request to read personal information may be restricted as follows in accordance with Article 35, Paragraph 4 of the Personal Information Protection Act.
- A. When reading is prohibited or restricted by law
- B. When there is a risk of harming the life or body of another person, or there is a risk of unfairly infringing on the property and other interests of another person
- C. When a public institution causes a serious hindrance in performing any of the following duties:
- Duties relating to the imposition, collection, or refund of taxes
- Duties relating to performance evaluation or admission selection at schools of all levels under the Elementary and Secondary Education Act and the Higher Education Act, lifelong educational facilities under the Lifelong Education Act, and higher educational institutions established under other laws
- Duties relating to tests on academic ability, skills, and employment, and qualification screening
- Duties relating to ongoing evaluations or judgments regarding the calculation of compensation, etc.
- Duties relating to audits and investigations in progress under other laws
â‘Ł Request for Correction and Deletion of Personal Information
You may request the correction or deletion of personal information files held by Korea International School, Jeju Campus (KISJ) in accordance with Article 36 (Correction and Deletion of Personal Information) of the Personal Information Protection Act. However, you cannot request deletion if the personal information is specified as an object of collection in other laws and regulations.
⑤ Request for Suspension of Personal Information Processing
You may request the suspension of processing of personal information files held by Korea International School, Jeju Campus (KISJ) in accordance with Article 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act. However, the request to suspend personal information processing may be rejected pursuant to Article 37, Paragraph 2 of the Personal Information Protection Act.
- When there are special provisions in the law or it is inevitable to comply with legal obligations
- When there is a risk of harming the life or body of another person or unfairly infringing on the property and other interests of another person
- When a public institution cannot perform the duties prescribed by other laws unless it processes personal information
- When it is difficult to fulfill the contract, such as not being able to provide the service agreed with the data subject without processing the personal information, and the data subject has not clearly expressed their intention to terminate the contract
â‘Ą The data subject may have an agent make requests for reading, correction/deletion, and processing suspension of personal information in accordance with the methods and procedures prescribed by Presidential Decree, and the legal representative of a child under the age of 14 may request reading, correction/deletion, and processing suspension of the child’s personal information.
⑦ Claim for Damages
A. Regarding personal information files held by Korea International School, Jeju Campus (KISJ), a claim for damages is possible if the data subject suffers damages due to an act violating the Personal Information Protection Act by Korea International School, Jeju Campus (KISJ).
Article 6: Destruction of Personal Information
In principle, Korea International School, Jeju Campus (KISJ) destroys the personal information without delay when the purpose of processing the personal information is achieved. However, this does not apply if it must be preserved under other laws. The procedure, deadline, and method of destruction are as follows.
â‘ Destruction Procedure
The user’s personal information is destroyed immediately or after being stored for a certain period according to internal policies and other related laws and regulations once the purpose of processing has been achieved. At this time, the personal information stored for a certain period will not be used for other purposes unless required by law.
| Departmental Privacy Officer | Chief Privacy Officer | |
|---|---|---|
| Submission of personal information file destruction request | ⇨ | Review of destruction |
| Destruction of personal information file | ⇦ | Approval |
| Report of personal information file destruction results | ⇨ | Deletion of registered disclosed personal information files |
② Destruction Deadline
The user’s personal information is destroyed within 5 days from the end of the retention period if the retention period has expired, or within 5 days from the date when the personal information is recognized as unnecessary, such as when the purpose of processing the personal information is achieved or the corresponding service is abolished.
③ Destruction Method
Personal information printed on paper is destroyed by shredding with a shredder or incinerating.
Information in the form of electronic files uses technical methods (using permanent storage medium data deletion equipment) that make the records unrecoverable.
Article 7: Measures to Ensure the Safety of Personal Information
â‘ Korea International School, Jeju Campus (KISJ) takes technical, managerial, and physical measures necessary to ensure safety in accordance with Article 29 of the Personal Information Protection Act as follows.
② Minimization and Education of Personal Information Handling Staff: We designate a minimum number of employees handling personal information, limit the management of personal information to those in charge, implement measures to manage it, and conduct regular education for all employees and persons in charge of duties.
③ Encryption of Personal Information: Key personal information such as user passwords is encrypted, stored, and managed, and we use separate security features such as encrypting important data during transmission.
â‘Ł Technical Measures Against Hacking, etc.: Korea International School, Jeju Campus (KISJ) installs security programs and conducts regular updates and inspections to prevent the leakage and damage of personal information caused by hacking or computer viruses.
⑤ Restriction of Access to Personal Information: We control access to personal information by granting, changing, and revoking access rights to the database system that processes personal information, and we use an intrusion prevention system to control unauthorized access from outside.
â‘Ą Access Control for Unauthorized Persons: The personal information processing system is installed in a restricted area from outside access, and an access control system is established and operated.
⑦ Retention of Access Records: Records of personal information handlers accessing the personal information system are kept and managed for at least 6 months.
⑧ Compliance with “Criteria for Measures to Ensure the Safety of Personal Information” (Ministry of the Interior and Safety Notice No. 2011-43): The processing of personal information not listed above is safely handled in accordance with the “Criteria for Measures to Ensure the Safety of Personal Information.”
Article 8: Chief Privacy Officer / Privacy Officer
Korea International School, Jeju Campus (KISJ) designates a Chief Privacy Officer and Privacy Officer as follows to protect personal information and handle complaints related to personal information.
| Chief Privacy Officer | Privacy Officer | ||
|---|---|---|---|
| Chief Officer | Jong-Moon Baek | Officer | Jin-Won Lee |
| Phone | 064-741-0503 | Phone | 064-741-0550 |
Article 9: Remedies for Infringement of Rights and Interests
Data subjects may apply for dispute resolution or counseling to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency (KISA) Personal Information Infringement Report Center, etc. to receive relief for personal information infringement. For other reports and counseling on personal information infringement, please contact the institutions below.
- Personal Information Dispute Mediation Committee: (Without area code) 118
- E-Privacy Mark Certification Committee: 02-580-0533-4
- Supreme Prosecutors’ Office Cybercrime Investigation Division: 02-3480-2000
- National Police Agency Cyber Terror Response Center: 1566-0112
Article 10: Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
The website operated by Korea International School, Jeju Campus (KISJ) uses ‘cookies’ that store and frequently retrieve user information to provide personalized services to users. A cookie is a small amount of information sent by the server (http) used to operate a website to the user’s computer browser, and may be stored on the hard disk in the users’ PC computer.
Article 11: Changes to Privacy Policy
This Privacy Policy is effective from the date of implementation, and if there are additions, deletions, and corrections of changes according to laws and policies, the changes will be notified through announcements from 7 days prior to implementation.