1. Items of personal information to be collected
IWPG collects the following personal information to apply for membership service.
￭ Collection items: name; bank account information (account name, account number, date of birth of the account holder) in case of CMS membership fee payment; credit card information (card number, expiration date), login ID, password, country of residence, in case of credit card membership fee payment; residence area, mobile phone number, e-mail, occupation, position, branch of subscription, motivation to join, access log record, service use record
￭ Personal information collection method: website (membership registration, membership fee payment), written application form, telephone consultation
2. Purpose of collection and use of personal information
IWPG uses the collected personal information for the following purposes.
￭ Membership fee management: Membership fee withdrawal, membership fee details management, membership fee report
￭ Member management: Member identification; management of membership information including membership fees, membership identification, etc.
￭ Provision of services: Sending member newsletters and receipts for payment of membership fees, information services such as participation in events, member announcements, newsletters, and contents
3. Retention and use period of personal information
IWPG destroys the information without delay and without exception after the reason for collecting and using personal information is terminated after a member withdraws. However, the following information is retained for the period specified for the reasons below.
￭ Membership fee payer records and past records when re-registering
– Name, email, registration and withdrawal date, activity participation record
– Retention period: permanent
￭ Payment information for issuance of membership fee payment receipts, etc.
– Reason for retention: Based on Article 112-2 of the Corporate Tax Act and Article 208-3 of the Enforcement Decree of the Income Tax Act
– Retention period: 5 years
4. Personal information destruction procedure and method
￭ Destruction procedure
After the purpose is achieved, the member's information is transferred to a separate DB (separate filing cabinet in the case of paper), and is stored for a certain period of time and then destroyed according to the reasons for information protection according to internal policies and other related laws (refer to the retention and use period).
Personal information transferred to a separate DB is not used for purposes other than simple preservation unless required by law.
￭ Destruction method
Personal information stored in file format is deleted using a technical method that cannot reproduce the record.
Personal information printed on paper is destroyed by shredding or incineration.
5. Provision of personal information
In principle, IWPG does not provide members' personal information to outside sources. However, the following cases are exceptions.
￭ In case users agree in advance at the request of IWPG
￭ In the event of a request from an investigative agency in accordance with the provisions of the law or according to the procedure and method specified in the law for the purpose of investigation
￭ Rules for the establishment and supervision of non-profit corporations under the jurisdiction of the Ministry of Gender Equality and Family and its affiliated offices (Article 8 of the same Act) Other reference materials can be ordered or office and property conditions can be inspected.
￭ Documents on settlement of accounts and reports on assets contributed to public interest corporations (Article 41 of the Enforcement Decree of the Increased Tax Act)
￭ Obligation to undergo external accounting audit (Article 50 of the Increasing Tax Act, Article 3 of the Act on External Audit of Stock Companies)
￭ Obligation to disclose financial statements (Article 50 of the Increasing Tax Act)
￭ Obligation to prepare, store, and submit the issuance of membership fee payment receipt (Article 112-2 of the Corporate Tax Act, Article 208-3 of the Enforcement Decree of the Income Tax Act)
6. Consignment of collected personal information
IWPG entrusts and operates an external professional company as follows for the membership fee payment deposit and withdrawal service, fulfillment of rights as a member, and service stabilization.
￭ When consigning to a PG company for approval and settlement of membership fee payment
1) Person who receives personal information: [NICE Payments Co., Ltd.] THE BILL cash management service
– Purpose of using personal information of the recipient: Approval and settlement of membership fee payment by CMS method
– Personal information items to be provided: bank name, account number, name, account holder's date of birth, membership fee payment amount
2) Person who receives personal information: [NICE Payments Co., Ltd.] THE BILL cash management service
– Purpose of using personal information of the recipient: Credit card/mobile phone membership fee payment approval and settlement
– Personal information collection items: Refers to all information for each payment method presented through the Account/Credit Card Automatic Withdrawal Application Form' provided by the corporation', and the applicant's name, email address, contact information, mobile phone number, and payment method selection information, bank name (card company), business number, account holder name (card holder name), account (credit card) number, date of birth, card expiration date, etc.)card name, card number, mobile phone number
7. Rights of users and legal representatives and how to exercise them
Members and legal representatives may view or modify their registered personal information or the personal information of children under the age of 14 at any time, and may request termination of membership.
Click 'Change Personal Information' (or 'Edit Member Information') to view and modify personal information of members or children under the age of 14, and click 'Membership Withdrawal' to cancel membership (withdrawal of consent) to complete the identification process. You can view, correct or withdraw directly after going through. Or, if you contact the person in charge of personal information management in writing, by phone or by email, we will take action without delay.
If a member requests correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that the correction can be made.
IWPG processes personal information that is canceled or deleted at the request of a member or legal representative as specified in the retention and use period of personal information collected by IWPG, and is processed so that it cannot be viewed or used for any other purpose.
8. Measures to ensure the safety of personal information
In accordance with Article 29 of the Personal Information Protection Act, IWPG takes technical/administrative and physical measures necessary to ensure safety as follows
￭ Minimization and training of personnel handling personal information
We are implementing measures to manage personal information by designating employees who handle personal information and minimizing them by limiting them to those in charge.
￭ Establishment and implementation of internal management plan
We have established and implemented an internal management plan for the safe processing of personal information.
￭ Encryption of personal information
The user's password is encrypted and stored and managed, so only the person can know it, and for important data, separate security functions such as encrypting files and transmission data or using the file lock function are used.
￭ Technical measures against hacking, etc.
In order to prevent leakage and damage of personal information by hacking or computer viruses, we install a security program, periodically update and inspect, install a system in an area where access is controlled from outside, and monitor and block technically/physically.
￭ Restriction of access to personal information Necessary measures are taken to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and unauthorized access from outside by using an intrusion prevention system. Are in control.
Membership registration and information change All information related to login related to web pages is encrypted and cannot be decrypted. In addition, we do not provide an administrator function that handles large amounts of personal information on the website.
9. Personal information management
IWPG appoints the relevant department and personal information manager as follows in order to protect members' personal information and to handle complaints related to personal information.
￭ Personal information manager
– Name: Eunyoung Lee
– Affiliation and position: General Director of the Department of Information and Communication
– Phone number: 02-577-7440
– Email: mail.iwpg.org