- All personal information collected, retained, and processed by the University of Science & Technology (referred to UST below) are based on related legislation or are based on individual consent. The [Personal Information Protection Act] provides general standards on processing personal information, and UST acts in accordance with these legislations and regulations when collecting, retaining, and processing personal information. Personal information will be lawfully and appropriately processed for proper performance of public services, and to protect the rights and interests of the nation. In addition, as stated in related legislation and regulations, UST respects the right to inspect personal information, the right to make revisions, and other individual rights and interests. If any individual endures a violation of their rights and interests stated above, they have the right to claim an administrative trial in accordance with the Administrative Appeals Act.
UST, in accordance with Article 30 of the Personal Information Protection Act, will protect the individual’s personal information and their rights and interests. The following personal information processing policies are established and made public for the smooth processing of difficulties. In case revisions are made to these policies, they will be announced on the related homepage bulletin board.
UST processes personal information for the following purposes. Personal information will not be processed or used for other purposes than the ones stated below. In case usage purposes change, UST will receive separate approval (as stated in Article 18 of the Personal Information Protection Act) and take required measures
Personal information is processed to provide services related to specific projects conducted by UST such aseducation, research.
Personal information is processed for reading, revisions, deletions, requests for processing suspension, reporting leaks, and other civil affairs related to personal information.
CCTVs will be installed and operated for facility safety, prevention of fires andcrime , securing evidence, and other public interests.
The purpose of processing personal information files that are registered and open to public, and relevant information in accordance with Article 32 of the Personal Information Protection Act are as follows.
| Name of personal information file | Basis for Operation | Processing Purposes |
|---|---|---|
| Status of issuing student grades | Article 4 of Enforcement Decree of Higher Education Act (University Regulations) | Systematic management of student grades and relevant information |
| Management of international students | Standardized work procedure related to international students and language course students (Ministry of Education) | Support for international students for their stable living environment in Korea |
| Status of student accident insurance application | Studentaccident insurance application | |
| Status of graduates’ career paths | Internal Regulations | Career consulting and management |
| Management of newly registered students | Article 35 of Enforcement Decree of Higher Education Act (Data for Admission Screening) | Manage university register by selecting new students, admissions processes and data transfer |
| List of admission applicants | Article 35 of Enforcement Decree of Higher Education Act (Data for Admission Screening) | Conduct tasks for admissions types |
| University registrar | Article 4 of Enforcement Decree of Higher Education Act (University Regulations) | To systematically manage student’s current university register |
For more information on personal information files, visit the Ministry of Public Administration and comprehensive support portal for personal information protection(www.privacy.go.kr) → Personal information civil complaint → Request for access to personal information and more → Use the search menu for the personal information file list
UST processes, uses, and retains personal information within the period as stated by relevant legislations or as stated in the consent form signed during the information collection.
UST provides personal information to third parties only the case subject to Article 17 and Article 18 of the Personal Information Protection Act such as receiving individual’s approval and specially prescribed in legislation.
In addition, UST will announce the usage, legal basis, purpose, scope, and more on the relevant homepage bulletin board when providing personal information to third parties (as stated in Paragraph 4, Article 18 of the Personal Information Protection Act).
UST is commissioning personal information processing if necessary, within the bounds of relevant purposes.
In addition, when contracting a commission, UST clearly states that personal information cannot be processed for other purposes than the ones stated, as well as technical and managerial protective actions, limits on re-consignments, damage compensations and more (in accordance with the Personal Information Protection Act). A consignee provides education and oversees personal information processing for safety.
In case of commissioning personal information processing, relevant information will be provided on the homepage bulletin board (as stated in Paragraph 2, Article 26 of the Personal Information Protection Act).
The information provider (if under 14 years of age, their legal representative) will be able to exercise their rights at any time as the following :
If the individual writes, signs, electronically submits, faxes, etc. the form as enclosed in Attachment 8 of the Personal Information Protection Act to exercise their rights as stated in Paragraph 1, UST will promptly take the appropriate measures
In case the information provider requests revisions due to errors or deletion, UST will not use or provide his/her personal information until this process is finalized
The rights ascribed in Paragraph 1 can be exercised by the information provider’s legal representative, entrusted individual, or other representatives. In this case, the individual must submit a proxy statement in accordance with the Enforcement Decree of Personal Information Protection Act (Attachment form 11 ).
Access to personal information and requests for processing suspension may be limited due to Paragraph 5, Article 35 and Paragraph 2, Article 37 of the Personal Information Protection Act.
In case of requesting personal information revision or deletion, if that personal information is clearly stated as collection items of other legislation, the information provider may not be able to request deletion.
UST will check if requests to share, revise, delete, or suspend personal information processing are made by the information provider or a lawful representative.
The personal information items processed from the personal information files that are registered and shared in accordance with Article 32 of the Personal Information Protection Act are as follows.
| Name of Personal Information File | Personal Information Items | Responsible Team |
|---|---|---|
| Status of issuing student grades | Name, academic records (final score, grade, GPA), contact information | Academic Affairs Team |
| Management of international students | Name, Campus, major, nationality, passport information, resident registration number | Student Support Team |
| Status of student accident insurance application | Name, Campus, major, nationality, degree, Year of admission, graduation, etc. | Student Support Team |
| Status of graduates’ career paths | Name, social security number, Gender | Student Support Team |
| Management of newly registered students | Name, Test registration number, degree, major, tuition fee status, English grades, faculty advisor, date of birth, etc. | Student Affairs Team |
| List of admission applicants | Name, picture, date of birth, social security number, phone number, Email, Address, Military service, alma mater, guardian identity, etc. | Student Affairs Team |
| University registrar | student number, Name, date of birth, Gender, course(Master’s, Doctoral, etc.), nationality, Campus, major, Current academic record, Address, phone number, Email, etc. | Student Affairs Team |
UST processes, uses, and retains personal information within the period as stated by relevant legislations or as stated in the consent formduring the information collection.
In accordance with Article 29 of the Personal Information Protection Act, UST is taking technological, managerial, and physical measures necessary to ensure security as follows. UST establishes and implements internal management plans complying with the internal management guidelines provided by the the Ministry of Public Administration.- Designate and minimize the responsible staff that handle personal information to implement personal information management measures
UST installs and operates video information processing equipment in accordance with Paragraph 1, Article 25 of the Personal Information Protection Act for the following purposes.
Installed numbers, location and recording range of video information processing equipment are as follows
| Category | Installed number | Installed locations and recording range | |
|---|---|---|---|
| Outdoors | 9 | Entrance, exit connecting to KRISS, front of the north gate, auditorium rear #1, auditorium rear #2, main gate car access road, entrance to basement parking lots, entrance of the main gate panorama, exit of the main gate panorama | |
| Indoors | Main Building 1F | 17 | Entrance, hallways, north gate, auditorium #1, auditorium #2, communications room |
| Main Building 2F | North gate, stairs, auditorium | ||
| Main Building 3F | Hallways, stairs | ||
| Main Building 4F | North gate, stairs | ||
| Main Building 5F | Multipurpose room | ||
| Basement 1F | Panorama #1, #2 | ||
| E/V | Indoors | ||
Recording time, storage period, location, and processing methods for video information are as follows.
| Recording time | Storage period | Storage location |
|---|---|---|
| 24 hours | 30 days from record date | 1F reception |
Processing Method: Record and manage items related to usage requestof personal video information under the reasons of other purposes, third party provision, destruction, sharing, and when the storage period expires, permanently remove footage so that it cannot be restored (if printed, shredded or incinerated).
Confirmation methods and location of personal video information are as follows.
The information provider can request access, existence confirmation or deletion at any time from the video information processing operator. However, this is limited to the individual’s footage regarding urgent life matters, physical condition, and property profits. UST will promptly take proper measures to access, confirm existence, or delete footage upon request.
UST safely manages processed video information through measures including encryption. In addition, access rights to personal information are provided in discriminatory manner as a policy to secure personal video information protection. To prevent tampering and alterations to personal video information, UST is recording and managing production dates, purpose/name/time of sharing, etc. UST has also installed a lock device to secure physical safety of personal data.
UST has designated the following responsible chief, manager and staff for personal information protection to protect personal information and process relevant complaints.
| Category | Affiliation/Position | Name | Phone number | |
|---|---|---|---|---|
| Responsible Chief for Personal Information Protection (Responsible for managementof personal video information ) | Dean of Office of Management & Planning | Song Byeongyun | bysong@ust.ac.kr | 042-865-2310 |
| Responsible Manager forPersonal Information Protection | Team Manager of Infrastructure Management Team | Choi Eunyeong | eychoi79@ust.ac.kr | 042-865-2380 |
| Responsible Staff forPersonal Information Protection | Information Technology Team | Hwang Youngsun | hys8908@ust.ac.kr | 042-865-2381 |
| Person Authorized to Access Video Information | Team Manager of Infrastructure Management Team | Choi Eunyeong | eychoi79@ust.ac.kr | 042-865-2380 |
The information provider can requestfor access topersonal information in accordance with Article 35 of the Personal Information Protection Act. The informationprovider can request the responsible team for each personal information file as stated in Article 6 for responsible staff for personal information protection.
To request access to personal information :Visit the comprehensive support portal for personal information protection of the Ministry of Public (www.privacy.go.kr) → Personal information civil complaint → Request for access to personal information and more → Use the search menu for the personal information file list
The information provider can ask and receive damage relief and counseling regarding personal information infringement from the following institutions.
This personal information processing policy is effective from January 1, 2019