본문 바로가기 대메뉴 바로가기

미래를 혁신하고 세계를 선도하는 UST

Homepage Guide

Privacy Policy

Personal Information Processing Policy

UST regards your personal information as highly important. We adhere to the Personal Information Protection Act and related legislation when processing your personal information.

- All personal information collected, retained, and processed by the University of Science & Technology (referred to UST below) are based on related legislation or are based on individual consent. The [Personal Information Protection Act] provides general standards on processing personal information, and UST acts in accordance with these legislations and regulations when collecting, retaining, and processing personal information. Personal information will be lawfully and appropriately processed for proper performance of public services, and to protect the rights and interests of the nation. In addition, as stated in related legislation and regulations, UST respects the right to inspect personal information, the right to make revisions, and other individual rights and interests. If any individual endures a violation of their rights and interests stated above, they have the right to claim an administrative trial in accordance with the Administrative Appeals Act.

UST, in accordance with Article 30 of the Personal Information Protection Act, will protect the individual’s personal information and their rights and interests. The following personal information processing policies are established and made public for the smooth processing of difficulties. In case revisions are made to these policies, they will be announced on the related homepage bulletin board.

Article 1 Purpose of Personal Information Processing

UST processes personal information for the following purposes. Personal information will not be processed or used for other purposes than the ones stated below. In case usage purposes change, UST will receive separate approval (as stated in Article 18 of the Personal Information Protection Act) and take required measures

  • A. Provided Services

    Personal information is processed to provide services related to specific projects conducted by UST such aseducation, research.

  • B. Civil Affairs

    Personal information is processed for reading, revisions, deletions, requests for processing suspension, reporting leaks, and other civil affairs related to personal information.

  • C. Others

    CCTVs will be installed and operated for facility safety, prevention of fires andcrime , securing evidence, and other public interests.

Article 2 Personal Information File Status

The purpose of processing personal information files that are registered and open to public, and relevant information in accordance with Article 32 of the Personal Information Protection Act are as follows.

Personal Information File Status – Name of personal information file, Basis for Operation, Processing Purposes
Name of personal information file Basis for Operation Processing Purposes
Status of issuing student grades Article 4 of Enforcement Decree of Higher Education Act (University Regulations) Systematic management of student grades and relevant information
Management of international students Standardized work procedure related to international students and language course students (Ministry of Education) Support for international students for their stable living environment in Korea
Status of student accident insurance application Studentaccident insurance application
Status of graduates’ career paths Internal Regulations Career consulting and management
Management of newly registered students Article 35 of Enforcement Decree of Higher Education Act (Data for Admission Screening) Manage university register by selecting new students, admissions processes and data transfer
List of admission applicants Article 35 of Enforcement Decree of Higher Education Act (Data for Admission Screening) Conduct tasks for admissions types
University registrar Article 4 of Enforcement Decree of Higher Education Act (University Regulations) To systematically manage student’s current university register

For more information on personal information files, visit the Ministry of Public Administration and comprehensive support portal for personal information protection(www.privacy.go.kr) → Personal information civil complaint → Request for access to personal information and more → Use the search menu for the personal information file list

Article 3 Personal Information Processing and Retention Period

UST processes, uses, and retains personal information within the period as stated by relevant legislations or as stated in the consent form signed during the information collection.

Article 4 Providing Personal Information to Third Parties

UST provides personal information to third parties only the case subject to Article 17 and Article 18 of the Personal Information Protection Act such as receiving individual’s approval and specially prescribed in legislation.

In addition, UST will announce the usage, legal basis, purpose, scope, and more on the relevant homepage bulletin board when providing personal information to third parties (as stated in Paragraph 4, Article 18 of the Personal Information Protection Act).

Article 5 Personal Information Processing Commission

UST is commissioning personal information processing if necessary, within the bounds of relevant purposes.

In addition, when contracting a commission, UST clearly states that personal information cannot be processed for other purposes than the ones stated, as well as technical and managerial protective actions, limits on re-consignments, damage compensations and more (in accordance with the Personal Information Protection Act). A consignee provides education and oversees personal information processing for safety.

In case of commissioning personal information processing, relevant information will be provided on the homepage bulletin board (as stated in Paragraph 2, Article 26 of the Personal Information Protection Act).

Article 6 Rights and Duties of Information Provider and Related Exertion Methods

The information provider (if under 14 years of age, their legal representative) will be able to exercise their rights at any time as the following :

  • Request for access to personal information
  • Request revisions if there are errors
  • Request deletion
  • Request processing suspension

If the individual writes, signs, electronically submits, faxes, etc. the form as enclosed in Attachment 8 of the Personal Information Protection Act to exercise their rights as stated in Paragraph 1, UST will promptly take the appropriate measures

In case the information provider requests revisions due to errors or deletion, UST will not use or provide his/her personal information until this process is finalized

The rights ascribed in Paragraph 1 can be exercised by the information provider’s legal representative, entrusted individual, or other representatives. In this case, the individual must submit a proxy statement in accordance with the Enforcement Decree of Personal Information Protection Act (Attachment form 11 ).

Access to personal information and requests for processing suspension may be limited due to Paragraph 5, Article 35 and Paragraph 2, Article 37 of the Personal Information Protection Act.

In case of requesting personal information revision or deletion, if that personal information is clearly stated as collection items of other legislation, the information provider may not be able to request deletion.

UST will check if requests to share, revise, delete, or suspend personal information processing are made by the information provider or a lawful representative.

Article 7 Personal Information Processing Items

The personal information items processed from the personal information files that are registered and shared in accordance with Article 32 of the Personal Information Protection Act are as follows.

Personal Information Processing Items – Name of Personal Information File, Personal Information Items, Responsible Team
Name of Personal Information File Personal Information Items Responsible Team
Status of issuing student grades Name, academic records (final score, grade, GPA), contact information Academic Affairs Team
Management of international students Name, Campus, major, nationality, passport information, resident registration number Student Support Team
Status of student accident insurance application Name, Campus, major, nationality, degree, Year of admission, graduation, etc. Student Support Team
Status of graduates’ career paths Name, social security number, Gender Student Support Team
Management of newly registered students Name, Test registration number, degree, major, tuition fee status, English grades, faculty advisor, date of birth, etc. Student Affairs Team
List of admission applicants Name, picture, date of birth, social security number, phone number, Email, Address, Military service, alma mater, guardian identity, etc. Student Affairs Team
University registrar student number, Name, date of birth, Gender, course(Master’s, Doctoral, etc.), nationality, Campus, major, Current academic record, Address, phone number, Email, etc. Student Affairs Team

Article 8 Personal Information Destruction Processes and Methods

UST processes, uses, and retains personal information within the period as stated by relevant legislations or as stated in the consent formduring the information collection.

  • Destruction Processes
    • Unnecessary personal information and personal information files are internally processed by the responsible chief for personal information protection as follows.
    • Destruction of personal information: personal information that has passed the permitted retention period is promptly shredded on the expiration date.
    • Destruction of personal information files: when the purpose for processing personal information files has been achieved, the relevant services are repealed, the project is completed, or for any other reason that the personal information file is no longer needed, the files are shredded promptly on the day they are determined as such.
  • Deletion Methods
    • Electronic information is destroyedby the technical method that the records cannot be regenerated.
    • Personal information written on paper are shredded through a shredder or incinerated.

Article 9 Measures to Ensure Personal Information Security

In accordance with Article 29 of the Personal Information Protection Act, UST is taking technological, managerial, and physical measures necessary to ensure security as follows. UST establishes and implements internal management plans complying with the internal management guidelines provided by the the Ministry of Public Administration.- Designate and minimize the responsible staff that handle personal information to implement personal information management measures

  • Take the measures to limit access to database that processes personal informationbygrant, change, or cancel access,And prohibit unauthorized external access through firewall systems.
  • Store and manage records from the personal information process system (web log, summary information, etc.) for at least 6 months,and initiate security functions to prevent accessed records from being tampered, stolen, or lost.
  • Safely save and manage personal information through passwords and other security measures. In addition, use separate security functions to save or transfer important data (using passwords, etc.)
  • Install security programs to prevent hacking or computer viruses from leaking or damaging personal information, and initiate periodical renewal and reviews
  • Designate a separate physical storage area of the personal information system that stores personal data with controllingaccess under established plans

Article 10 Operating and Managing Video Information Processing Equipment

UST installs and operates video information processing equipment in accordance with Paragraph 1, Article 25 of the Personal Information Protection Act for the following purposes.

  • Facility safety and fire prevention
  • Crime prevention and securing evidence for safety of client and employee
  • Prevent vehicles from being stolen or damaged

Installed numbers, location and recording range of video information processing equipment are as follows

Installed numbers, location and recording range of video information processing equipment - Category, Installed number, Installed locations and recording range
Category Installed number Installed locations and recording range
Outdoors 9 Entrance, exit connecting to KRISS, front of the north gate, auditorium rear #1, auditorium rear #2, main gate car access road, entrance to basement parking lots, entrance of the main gate panorama, exit of the main gate panorama
Indoors Main Building 1F 17 Entrance, hallways, north gate, auditorium #1, auditorium #2, communications room
Main Building 2F North gate, stairs, auditorium
Main Building 3F Hallways, stairs
Main Building 4F North gate, stairs
Main Building 5F Multipurpose room
Basement 1F Panorama #1, #2
E/V Indoors

Recording time, storage period, location, and processing methods for video information are as follows.

Recording time, storage period, location, and processing methods for video information are as follows. - Recording time, Storage period, Storage location
Recording time Storage period Storage location
24 hours 30 days from record date 1F reception

Processing Method: Record and manage items related to usage requestof personal video information under the reasons of other purposes, third party provision, destruction, sharing, and when the storage period expires, permanently remove footage so that it cannot be restored (if printed, shredded or incinerated).

Confirmation methods and location of personal video information are as follows.

  • Confirmation method: contact the responsible staff for video information management in advance and visit the institution to view footage with staff authorized to access.
  • Confirmation location: 1F reception

The information provider can request access, existence confirmation or deletion at any time from the video information processing operator. However, this is limited to the individual’s footage regarding urgent life matters, physical condition, and property profits. UST will promptly take proper measures to access, confirm existence, or delete footage upon request.

UST safely manages processed video information through measures including encryption. In addition, access rights to personal information are provided in discriminatory manner as a policy to secure personal video information protection. To prevent tampering and alterations to personal video information, UST is recording and managing production dates, purpose/name/time of sharing, etc. UST has also installed a lock device to secure physical safety of personal data.

Article 11 Responsible manager and staff for Personal Information Protection

UST has designated the following responsible chief, manager and staff for personal information protection to protect personal information and process relevant complaints.

Personal Information Protection Representative - Category, Affiliation/Position, Name, E-mail, Phone number
Category Affiliation/Position Name E-mail Phone number
Responsible Chief for Personal Information Protection (Responsible for managementof personal video information ) Dean of Office of Management & Planning Song Byeongyun bysong@ust.ac.kr 042-865-2310
Responsible Manager forPersonal Information Protection Team Manager of Infrastructure Management Team Choi Eunyeong eychoi79@ust.ac.kr 042-865-2380
Responsible Staff forPersonal Information Protection Information Technology Team Hwang Youngsun hys8908@ust.ac.kr 042-865-2381
Person Authorized to Access Video Information Team Manager of Infrastructure Management Team Choi Eunyeong eychoi79@ust.ac.kr 042-865-2380

Article 12 Request for Access to Personal Information

The information provider can requestfor access topersonal information in accordance with Article 35 of the Personal Information Protection Act. The informationprovider can request the responsible team for each personal information file as stated in Article 6 for responsible staff for personal information protection.

To request access to personal information :Visit the comprehensive support portal for personal information protection of the Ministry of Public (www.privacy.go.kr) → Personal information civil complaint → Request for access to personal information and more → Use the search menu for the personal information file list

Article 13 How to Relief Damage Arised from Infringement of Rights and Interests

The information provider can ask and receive damage relief and counseling regarding personal information infringement from the following institutions.

  • Personal Information Infringement Reporting Center(operated by the Korea Internet and Security Agency)
    • Matters under jurisdiction: reporting infringement of personal information, applying for counseling
    • Homepage: privacy.kisa.or.kr
    • Phome Number: No area code 118
    • Address: Personal Information Protection Division IT Venture Tower, 135 Jungdae-ro, Songpa-gu, Seoul, Korea, 05717
  • Supreme Prosecutors’ Office-Department of Cyber Crime Investigation: 02-3480-3571(www.spo.go.kr, cybercid@spo.go.kr)
  • Korean National Police Agency’s Cyber Terror Response Center: No area code 182(cyberbureau.police.go.kr)

Article 14 Changes in Personal Information Processing Policies

This personal information processing policy is effective from January 1, 2019