Privacy Policy

KAIST Community-Global Connection has established and disclosed the following personal information processing policy to protect the information subject’s personal information and to handle related complaints promptly and smoothly pursuant to Article 30 of the Personal Information Protection Act.

[Key Personal Information Processing Logo]
General Personal Information Collection icon

General Personal Information Collection

 Purpose of Processing Personal Information icon

Purpose of Processing Personal Information

 Personal Information Retention Period icon

Personal Information Retention Period
Provision of Personal Information To Third Party icon

Provision of Personal Information To Third Party

 Entrustment of Personal Information Processing icon

Entrustment of Personal Information Processing

 requests for access to personal information icon

Requests for Access to Personal Information

Article 1: Purpose of Processing Personal InformationPurpose of Processing Personal Information icon

In accordance with Article 32 of the Personal Information Protection Act, KAIST Community-Global Connection uses and discloses personal information for the following purposes.

  • Management of User Data

    KAIST Community-Global Connection uses personal information to verify identity, confirm members' intent to subscribe, authenticate ID, maintain and manage membership, and send out various notifications for service provision.

  • Service Provision

    The purpose of processing personal information is to provide services on KAIST Community-Global Connection, such as Alumni Reporter Activity Report, Bulletin Board information, etc.

Article 2 Personal Information Processing and Retention Period General Personal Information Collection icon Personal Information Retention Period icon

  • Type of Information

    (Required) KAIST Community-Global Connection User ID, password, name (first or last name), admission year, and degree obtained

    (Department, course, graduation year), email address

    (Optional) Name of institution and country of current employment

  • Data Collection Method

    Synchronize personal information from the KAIST system or collect data from the information subjects' registrations with KAIST Community-Global Connection.

  • Legal Grounds for Data Retention

    Consent of the information subject

  • Retention Period

    Until the date of membership withdrawal (The information subject can withdraw membership at My Page)

Article 3 Provision of Personal Information to Third Parties Provision of Personal Information To Third Party icon

KAIST Community-Global Connection processes users' personal information within the scope specified in Article 1 (Purpose of Processing Personal Information) and does not process the information beyond its original scope or provide it to third parties without the user's prior consent.

Article 4 Entrustment of Personal Information Processing Entrustment of Personal Information Processing icon

KAIST Community-Global Connection entrusts the following task to ensure smooth information processing.

Name of the personal information file Entrusted Company Scope of Entrusted Task
User information Whisker Maintenance & repair of the KAIST Community-Global Connection website

Under Article 26 of the 「Personal Information Protection Act」, KAIST Community-Global Connection prohibits the use of personal information for any purpose other than that for which it was intended, takes technical and managerial protection measures, restricts the reconsignment of personal information, manages and supervises consignees, and supervises whether the consignee handles personal information safely. Changes to the entrusted business or consignee will be disclosed immediately through the privacy policy.

Article 5 Destruction Procedures and Methods of Personal Information Destruction Procedures and Methods of Personal Information icon

The KAIST Community-Global Connection discards personal information without delay once the retention period has expired or when its purpose has been served

  • Destruction Procedure

    KAIST Community-Global Connection selects the personal information for which the reasons for destruction occurred and destroys it with the approval of KAIST's personal information protection officer

  • Destruction Method

    Personal information in electronic files is destroyed using technical methods so that the records cannot be reproduced. Personal information recorded and kept on paper documents is shredded or incinerated to destroy it

Article 6 The Information Subject's Rights and Obligations, and How to Exercise Them Rights·Obligations of Information Subject and Methods of Exercising Them icon

  • Information subjects may exercise the following rights and request access, correction, deletion, or suspension of the processing of personal information.
    • Request for access to personal information
    • Request for correction in case of  an error
    • Request for deletion
    • Request for suspension of processing
  • Information subjects can exercise their rights under paragraph (1) on KAIST Community-Global Connection through written document, email, or facsimile (FAX) in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act.
  • The exercise of rights under paragraph (1) may be conducted through an information subject's statutory agent or a delegated person. In such cases, the information subject must submit the power of attorney in the attached Form of "Enforcement Rules of the Personal Information Protection Act."
  • Information subjects’ rights to request for access to personal information and suspend information processing can be limited under Articles 35 (4) and 37 (2) of the Personal Information Protection Act.
  • A request for correction or deletion of personal information cannot be made in cases where certain data is mandatorily required under other laws and regulations.
  • KAIST Community-Global Connection verifies the person making the request for access, correction, deletion, or suspension of processing based on their rights is the owner of the information or a legitimate agent.

Article 7 Security Measures for Personal Information Protection Security Measures for Personal Information Protection icon

  • Conduct regular self-audit

    Self-auditing is being conducted regularly (on a quarterly basis) in order to ensure the safety of handling personal information.

  • Minimize and train the person who handles the personal information

    Measures for designating and training a small number of officers to handle and manage personal information are being implemented.

  • Establish and implement an internal management

    For the safe processing of personal information, internal plans for managing personal information are being established and implemented.

  • Technical measures for preventing∙mitigating hacking incidents, etc.

    <KAIST Community-Global Connection> is committed to preventing the loss or damage of personal information by installing security programs that are regularly updated and inspected. Moreover, the systems are installed in an area with restricted access to technically and physically monitor and block external access.

  • Encryption of personal information

    A password for each user's personal information is encrypted for storage and management, making it available only to the information subject. Furthermore, essential data for storage and transmission is encrypted or locked using a separate security function. 

  • Storage and prevention of fabrication and alteration of access records

    Access records for processing personal information are stored and managed for a minimum of one year, and records of additional personal information of more than 50,000 information subjects, or treatment of unique identification information or sensitive information are stored and managed for a minimum of two years. To prevent any forgery, theft, or loss of access records, security functions are used.

  • Restriction of access to personal information

    Necessary measures are taken to control access to personal information by granting, changing, and canceling access to the database system that processes personal information and by controlling unauthorized access from outside using the intrusion prevention system.

  • Use locking devices for document security

    Documents and supplementary storage mediums containing personal information are stored in an area that is secured with locking devices

  • Access control against unauthorized persons

    A separate physical site is being established for storing personal information, and access control procedures are being implemented and enforced.

Article 8 Establishment and operation of automatic collection tool and the refusal of users Establishment and operation of automatic collection tool and the refusal of users icon

KAIST Community-Global Connection does not use ‘cookies’ that store and periodically recall the information subjects’ information.

Article 9 Personal Information Manager Personal Information Manager icon

KAIST Community-Global Connection designates a personal information manager and a personal information protection manager as follows to protect personal information and handle complaints raised by information subjects related to personal information processing.

Personal Information Manager Personal Information Protection Manager
Administrative Team ISSS ISSS
Staff in Charge Joo Yong Lee Yeji Kim
Phone Number 042-350-2489 042-350-2487
Email issst@kaist.ac.kr

Article 10 Team responsible for handling requests for access to personal information requests for access to personal information icon

Under Article 35 of the Personal Information Protection Act, the information subject may request access to their personal information from the following team. In response to the request for access to personal information, KAIST Community-Global Connection will do its best to expedite the process.

Name of the personal information file Team in Charge Contact number
User information ISSS 042-350-2487 / issst@kaist.ac.kr

Article 11 Remedies for infringement of information subjects' rights and interests Remedies for infringement of information icon

Information subjects may seek mediation or consultation with the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency's Personal Information Infringement Reporting Center for infringement of their personal information. Please contact the following organizations for additional information regarding other breaches of personal information.

  • Personal Information Dispute Mediation Committee: (without country code) 1833-6972 (www.kopico.go.kr)
  • Personal Information Infringement Reporting Center: (without country code) 118 (privacy.kisa.or.kr)
  • Supreme Prosecutors' Office: (without country code) 1301 (www.spo.go.kr)
  • National Police Agency: (without country code) 182 (ecrm.cyber.go.kr)

When a public institution's head has acted in a manner that violates the rights or interests of individuals by refusing to comply with a request under Article 35 (Access to Personal Information), Article 36 (Correction/Deletion of Personal Information), and Article 37 (Suspension of Processing Personal Information, etc.), an individual may file an administrative appeal.

※ For more information on administrative appeals, please refer to the website of the Online Administrative Appeals (www.simpan.go.kr)

Article 12 Changes in personal information processing policies Changes in personal information processing policies icon

  • Personal information processing policies came into effect on December 16, 2022.