Asia Design Platform

Article 1 (Purpose)

Design Council Busan (DCB) puts stress on member’s personal information collected from the Asia Design Platform (ADP), and complies with privacy protection regulations through laws and regulations related to personal information (privacy) in relation to privacy protection;, such as the Act on Telecommunications Network Use Promotion and Information Protection, Privacy Protection Act, Telecommunications Business Act, and Communication Secret Protection Act, and Privacy Protection guidelines enacted by the Korea Communications Commission.
The DCB will do its best for members to ensure that their’ personal information will not to be abused and will not to be leaked through ADP’s Privacy Handling Policy. DCB tries to let our members know about how and for what purpose the members-provided personal information is used, and what actions are taken to protect their the personal information. However, the details of the Privacy Handling Policy are subject to change depending on the change of the government’s laws, regulations and guidelines, or for the purpose of providing a better service offering.
Therefore, the members need to visit the site frequently and check the details. The ADP will notify the revision of the Privacy Handling Policy through the platform notices (or individual notification).

Article 2 (Purpose of Personal Information Collection)

• 1. The DCB collects personal information for the following purpose. The handled personal information shall not be used for any the purpose other than the following purpose. If the use purpose of use is changed, the DCB plans to take necessary action such as receiving consent under Article 18 of the Privacy Protection Act.
• 2. If the ADP collects user’s personal information, ADP shall do so by receiving the user’s consent. We shall not collect information including race, user’s native place, user’s legal domicile, ideology, political inclination, criminal record, and health status that may be concerned to breach user’s basic human rights except by user’s consent or regulations of legislations.
• 3. The ADP uses the collected members’ personal information for the following purpose:
  ① Performance of service offering contract and the settlement of service fees - Offering contents, user-customized service, service purchase and fees payment, banking transactions, user authentication, and banking service
  ② Management of members - User verification, individual user identification, defective member’s illegal use and unauthorized use prevention, confirmation of intention to gain membership, limit to membership and the number of gaining membership, checking the status of legal proxy’s consent upon personal information collection for children under 14, confirmation of follow up legal proxy’s consent, preservation of record for dispute coordination, civil petition handling including complaints handling, and delivery of notices
  ③ Utilization for new service development, marketing, and advertising - New service (content) development and specialization, delivery of advertising information including events, service offering and posting ads according to statistical characteristics, identification of connection frequency, and statistics of member’s service use
  ④ If a member uses the service after the execution day, the member is deemed to consent to the revised terms of service. If a member does not give consent to the revised terms of service, he/she may terminate the terms of service.

Article 3 (Personal Information Handling and Preservation Period)

• 1. DCB shall handle and preserve member’s’ personal information during the personal information preservation and use period at ADP according to the laws and regulations or within the agreed preservation and use period of personal information upon collection of the information from the users.
• 2. Each personal information handling and preservation period is as follows:
  1) ADP membership and management: by the withdrawal from the ADP of the individual members, designer members, corporate members, design corporate members, and evaluation members
  1-1) However, by the time the cause concerned expires in each of the following causes:
  ① By the end for investigation and inquiry when investigation and inquiry are underway under the relevant laws and regulations;
  ② By the time when claims and obligations are settled if claims and obligations remain according to the use of the ADP
  2) Offering goods and services: By the time the supply of goods and services is completed and by the time of fees payment completion
  However by the end of the period concerned in each of the following causes:
  ① Record on marking, advertising, contract details, and performance under the Act for Consumer Protection in E-commerce;
  - Record on marking and advertising: 6 months
  - Records on contract, withdrawal of subscription, payment, and supply of goods: 5 years
  - Record on consumer complaints or dispute handling: 3 years
  ② Preservation of communication fact confirmation data under Article 41 of the Communication Secret Protection Act
  - Subscriber’s telecommunications date, starting and closing time, the other party subscriber number, usage count, outgoing message base station location tracing data: 1 year
  - Computer communications, Internet log record data, and connection place tracing data: 3 months

Article 4 (Offering Personal Information to a Third Party)

• 1. The DCB shall not use the personal information collected at the ADP for any purpose other than the collection and use purpose and, or shall not provide the information to any third party without the user’s consent.

Article 5 (Commissioning Personal Information Handling)

• 1. DCB commissions personal information handling as follows for smooth personal information handling:
• 2. Maintenance of the ADP 1) The commissioned (commissioned company): Design Geulggol 2) Details of commissioned work: ADP platform, DB, etc.
• 3. The DCB specifies following matters in documents: prohibition of personal information handling except for the commissioned work performance purpose, technical and managerial protection actions, limit of recommissioning, management and supervision of the commissioned, and responsibility such as compensation for damages upon signing the contract for commissioning under Article 25 of the Privacy Protection Act. The DCB oversees whether the commissioned safely handles the personal information.
• 4. If the details of commission work or the commissioned changes, the DCB will publicly notify it without delay through the Privacy Handling Policy.

Article 6 (Rights and Obligations of the Information Owners and Exercise Method)

• 1. The information owners can exercise the right to privacy protection right in each of the following to the DCB at anytime:
  1) Request to read/check personal information;
  2) Demand forto correctioncorrect if an error exists;
  3) Request to delete;
  4) Demand to suspend handling
  ① The exercise of the right in 1 above can be carried out to DCB through the ADP, FAX, telephone, and email, and the DCB will immediately take action immediately.
  ② If an information owner demands to correct or delete the error of personal information, the DCB will not use or provide the personal information until correction or deletion is completed.
  ③ The right to exercise under 1 above can be made through a proxy including the information owner’s legal proxy or an empowered person. In this case, the power of attorney in accordance with attached form 11 in the Enforcement Regulations of the Privacy Protection Act shall be presented.
  ④ Any information owner shall not breach his/her or others’ personal information and privacy handled by the DCB through violation of the relevant laws and regulations including the Privacy Protection Act.

Article 7 (Handled Personal Information Items)

DCB handles the following personal information items at the ADP:

• 1. Common collected information
  - Email address, name, password, country, address, telephone number (general telephone or cellphone): member identification and complaint handling according to the use of the service provided by ADP. However service use record, connection log, cookie, connection IP information, and payment record can be created and collected.
• 2. Corporate member
  - Company name, CEO, business registration certificate: Use of the service including ADP’s contest hosting and participation cost setting upon participation in the IBDA
• 3. Design corporate member
  - Company name, CEO, business registration certificate: Use of the service including ADP’s contest hosting and participation cost setting upon participation in the IBDA.
  - Confirmation certificate of design company and evidence document of southeast region design company: design company approval to participate in the ADP’s design company support projects and the use of the service concerned
• 4. Judge
  - Education Educational background and career : evaluation of appropriateness as an evaluator of all competitions including IBDA and performing contest consulting held by ADP
• 5. The following information can be automatically created and collected in the other use process or project handling process:
  - IP address, date and time of visit, service use record: prevention of illegal use and unauthorized use

Article 8 (Destruction of Personal Information)

• 1. The DCB destroys the personal information immediately when the personal information is no longer required due to the expiration of the preservation period and achievement of handling purpose of personal information collected from the ADP.
• 2. ADP membership and management: by the time when withdrawal of business/organization homepage
  2-1. However, if there is a need to preserve under the relevant laws and regulations, the ADP stores the membership information for a certain period of time prescribed by the relevant laws and regulations as follows:
  1) There is a need to preserve under legislation such as the Commercial Law
  ① Basis of record preservation on contract or withdrawal of subscription: preservation period under Article 6 of the Act for Consumer Protection in E-commerce and Article 6 of its Enforcement Ordinance: 5 years
  ② Basis of record preservation on payment and supply of goods: preservation period under Article 6 of the Act for Consumer Protection in E-commerce and Article 6 of its Enforcement Ordinance: 5 years
  ③ Basis of record preservation on consumer complaints or dispute handling: preservation period under Article 6 of the Act for Consumer Protection in E-commerce and Article 6 of its Enforcement Ordinance: 3 years
  ④ Basis of record preservation on member identification: preservation period under Article 44.5 of the Act on Telecommunications Network Use Promotion and Information Protection and Article 29 of its Enforcement Ordinance: 6 months
  ⑤ Basis of record preservation on connection: preservation period under Article 15.2 of the Communication Secret Protection Act and Article 41 of its Enforcement Ordinance: 3 months
  ⑥ Basis of illegal use record preservation: preservation period under the ADP Policy on Exclusion of Illegal Use: 1 year
  ⑦ Basis of record preservation on the collection, handling, and use of credit information: preservation period under the Act on Credit Information Use and Protection: 3 years
  ⑧ Basis of record preservation on marking and advertising: preservation period under the Act for Consumer Protection in E-Commerce: 6 months
  2) Personal information is preserved for the agreed period if the ADP notices the preservation period in advance, and if the period does not expire, and if ADP receives consent individually.
  3) The preservation and use period of the collected personal information is from the time of signing the service contract signing (becoming the member) until the termination to the service contract (including application for withdrawal and withdrawal by ADP’s authority). At the time of termination, the ADP immediately destroys personal information except the data to be stored for a certain period of time according to the preservation causes specified above. In case personal information handling is commissioned to a third party, the commissioned is instructed to destroy the personal information.
• 3. How to destroy
  1) The user’s personal information is immediately destroyed after the collection and use purpose is fulfilled. Personal information printed out on paper is crushedshredded using a shredder crusher or through incineration, and personal information stored in an electronic file is destroyed using a technical method that does not permit the to restoration ofrestore the record.

Article 9 (Action to Ensure Personal Information Safety)

DCB takes the following actions to ensure the safety of personal information from the ADP:

• 1. Managerial action: establishment and enforcement of internal management plans and periodic staff training
• 2. Technical action: management of an access right to the personal information processing system, installation of an access control system, encoding identification information, and installation of a security program
• 3. Physical action: control of access to the a computer room and an archive

Article 10 (Installation, Operation, and Rejection of Automatic Collection Device of Personal Information)

• 1. The DCB (ADP) uses cookie cookies that stores store and frequently imports the user information to provide individually customized information to the users.
• 2. Cookie is small amount of information sent by the server (http) used for the operation of Website to user’s computer browser, and it is also stored on the hard disk within user’s’ PC.
  1) Use purpose of cookies: Cookies are Cookie is used to provide optimized information to the user by identifying visit and use type of each service and Websites visited by the user, popular search words, and status of security connection.
  2) Installation, operation, and rejection of cookies: Users can reject the storage of cookies through the Tool at the top of the Web browser> Internet option> Personal information menu option setup.
  3) If the user rejects the storage of cookies, difficulties may occur for the customized service use.

Article 11 (Responsible Person for Privacy Protection)

• 1. The DCB is responsible for ADP’s personal information (privacy) handling, and designates the responsible person for personal information protection as follows for information owner’s complaint handling and damage relief related to personal information handling.
  
  1) Responsible person for privacy (personal information)
  protection Name: Lee Jin-Ho
  Job title: Team Leader of Global Cooperation
  Team Tel: +82-51-790-1092, kjw@dcb.or.kr
  ※ If you call, you will be connected to the Privacy Protection Dept.
  
  2) Privacy Protection Dept.
  Dept. name: Global Cooperation Team
  Person in charge: Kim Jin-Woo
  Tel: +82-51-790-1092, kjw@dcb.or.kr
• 2. Any information owners can inquire about all privacy protection matters, complaint handling, and damage relief occurring while using the ADP’s service (or projects) to the responsible person responsible for Privacy Protection and the Privacy Protection Dept. The DCB will immediately answer and handle the inquires of the information owners.

Article 12 (Relief Method of Rights and Interests Infiltration)

Any information owners can inquire about damage relief and consultation on privacy infiltration to the following institutions:

▶ Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
- Duties: personal information infringement report and application for consultation
- Homepage: privacy.kisa.or.kr
- Tel: 118
- Address: Personal Information Infringement Report Center, 3F, 9, Jinheung-gil (301-2, Bitgaram-dong), Naju-si, Jeonnam, 58324, South Korea

▶ Personal Information Dispute Mediation Committee
- Duties: application for personal information dispute mediation, group dispute mediation (solution as civil affairs)
- Homepage: www.kopico.go.kr
- Tel: 1833-6972
- Address: 4F Central Government Complex, 209, Sejongdae-ro, Jongro-gu, Seoul, 03171, South Korea

▶ Cyber Crime Investigation Team of Supreme Prosecutors’ Office: +82-2-3480-3573 (www.spo.go.kr)

▶ Cyber Bureau of Korean National Police Agency: 182 (http://cyberbureau.police.go.kr)

Article 13 (Change of Privacy Handling Policy)

This Privacy Handling Policy shall take effect from November 1, 2020.
The Privacy Handling Policy shall take effect from July, 1, 2024.