Privacy Policy

The Korea institute of sport science of Korea sports promotion foundation(hereinafter referred to as KISS) establishes and discloses the following personal information processing policies to protect the personal information of the information subject and to handle complaints quickly and smoothly under article 30 of the personal information protection act.

1. purpose of collecting

The purpose of processing personal information is to identify yourself and use the academic journal system (online thesis submission, examination, management). It is collected through the homepage and the basis for retention is with the consent of the information subject. KISS holds and uses the Personal Information maintenance 3 years.

2. Personal information processing items

• ● IJASS, KJASS system member information
• - Required Information: Name, E-mail, IP, Cookie, Access log, Nationality, Affiliation, Degree, Major filed
• - Optional Information: Mobile phone number, ORCID ID
• ● During the process of using the Internet service, the following personal information items may be automatically generated and collected.
• - IP address, cookie, service usage history

3. Entrustment of Management of Personal Information

KISS entrusts the personal information of members

• ● Consignee (Consignee): M2PI Co., Ltd
• ● Contents of entrusted work: System maintenance
• ● Consignment period: 1 year

According to Article 26 of the Personal Information Protection Act, KISS stipulates the prohibition of personal information processing, technical and management protection measures, restrictions on re-entrustment, management and supervision of the trustee, and supervises the safe handling of personal information. If the contents of the entrusted work or the trustee changes, we will disclose it through this personal information processing policy without delay.

4.Procedure and Method of Destruction of Personal Information

When personal information becomes unnecessary, such as the elapse of the period of personal information retention and the achievement of the purpose of processing, KISS shall destroy the personal information without delay.

If the personal information period agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information shall be transferred to a separate database (DB) or stored differently.

- Procedures for Destruction
KISS selects personal information that has caused the reason for destruction and destroys the personal information with the approval of KISS's personal information protection manager.

- How to destroy it
KISS selects personal information that has caused the reason for destruction and destroys the personal information with the approval of KISS's personal information protection manager.
Information in the form of an electronic file uses a technical method in which records cannot be reproduced.

5. Rights and obligations of data subject and legal representative

● The information subject may exercise the right to view, correct, delete, and stop processing personal information at any time.

● The exercise of rights under paragraph (1) may be conducted in writing, electronic mail, facsimile transmission (FAX), etc. pursuant to Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and KISS　will take action without delay.

● The exercise of rights under paragraph (1) may be conducted through a legal representative of the information subject or an agent, such as a person delegated.In this case, "Notification of the method of processing personal information (No. 2020-7)" You have to submit a power of attorney according to attached Form 11.

● The rights of the data subject may be restricted pursuant to Articles 35 (4) and 37 (2) of the Personal Information Protection Act.

● Requests for correction and deletion of personal information cannot be requested if other laws specify that the personal information is subject to collection.

● KISS　checks whether it is the person who made the request, such as a request for reading, correction or deletion, or a request for suspension of processing, or a legitimate agent.

6. Securing the safety of personal information

● Establishing and implementing an internal management plan
We have established and implemented an internal management plan for the safe processing of personal information.
● 2Minimize and educate employees handling personal information
We are implementing measures to manage personal information by designating employees who handle personal information and minimizing them by limiting them to those in charge.
● Restriction of access to personal information
We take necessary measures to control access to personal information by granting, changing, and canceling access to the database system that processes personal information, and use the intrusion prevention system to control unauthorized access from outside.
● Storage of access records and prevention of forgery
Records of access to the personal information processing system are kept and managed for at least one year, but if personal information is added to more than 50,000 data subjects, or unique identification or sensitive information is processed, it is kept and managed for at least two years. In addition, we use security features to prevent forgery, theft, and loss of access records. ● Encryption of personal information
The user's personal information is encrypted, stored, and managed, so only you can know it, and important data uses separate security functions such as encrypting files and transmission data or using file lock functions.
● Technical countermeasures against hacking, etc
In order to prevent personal information leakage and damage caused by hacking or computer viruses, security programs are installed, periodically updated, and checked, systems are installed in areas with controlled access from the outside, technically and physically monitored and blocked.
● Access control for unauthorized persons
There is a separate physical storage place where personal information is stored, and access control procedures are established and operated.
● Use of locks for document security
Documents and auxiliary storage media containing personal information are stored in a safe place with a lock.

7. Installation and operation of an automatic personal information collection device

● In order to provide individual customized services to users, KISS uses "cookie" that stores information on use and calls it from time to time.
● Cookies are a small amount of information sent by the server (http) used to run the website to the user's computer browser and are also stored on the user's hard disk within the user's PC computer.
A. Purpose of use of cookies: It is used to provide optimized information to users by identifying the type of visit and use of each service and website visited by users, popular search terms, security access, etc.
B. Installation, operation, and rejection of cookies: You can refuse to save cookies by setting options on the Tools > Internet Options > Privacy menu at the top of your web browser.
C. Refusing to save cookies may cause difficulties in using customized services.

8. Personal Information Protection Officer

KISS is in charge of personal information processing and designates a person in charge of personal information protection as follows to handle complaints and remedy damages of data subjects related to personal information processing.

The data subject can contact the person in charge of personal information protection and the department in charge of all personal information protection inquiries, complaints, damage relief, etc. arising from using the service (or business) of KISS. KISS will answer and handle inquiries from the information subject without delay.

9. Request for access to personal information

The data subject may request the following department to view personal information under Article 35 of the Personal Information Protection Act.
KISS will try to expedite the processing of requests for access to personal information by the information subject.

10. Infringement of rights and interests of data subjects

In order to receive relief for personal information infringement, the information subject may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Reporting Center, etc.