Privacy Policy

Effective Date: February 26, 2025

The Korean Today Global Media Network (hereinafter referred to as the “Company”) establishes and discloses the following privacy policy to protect the personal information of data subjects and to handle related grievances promptly and smoothly in accordance with Article 30 of the Personal Information Protection Act.

Article 1 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use is changed, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1. Website Membership Registration and Management

• Processing personal information for the purpose of confirming intention to join, identifying and authenticating the individual for membership services, maintaining and managing membership qualifications, preventing misuse of services, and providing various notices and announcements.

1. Provision of Goods or Services

• Processing personal information for the purpose of providing content, subscription applications, customized services, and identity verification.

1. Use in Marketing and Advertising

• Processing personal information for the purpose of developing new services (products) and providing customized services, providing opportunities to participate in events and advertising information, confirming the effectiveness of services, determining frequency of access, or statistics on members’ service usage.

Article 2 (Processing and Retention Period of Personal Information)

① The Company processes and retains personal information within the personal information retention and use period stipulated by law or within the personal information retention and use period agreed upon when collecting personal information from the data subject.

② Each personal information processing and retention period is as follows:

1. Website Membership Registration and Management: Until website membership withdrawal
   However, until the end of the relevant reason in the following cases:

• Until the end of the investigation if investigation or inquiry is in progress due to violation of relevant laws
• Until the end of the complaint handling if complaint handling related to website use is in progress

1. Provision of Goods or Services: Until the completion of supply of goods/services and payment/settlement
   However, until the end of the relevant period in the following cases:

• Records on labeling/advertising, contract details and fulfillment, etc. related to transactions according to the Act on Consumer Protection in Electronic Commerce, etc.
  • Records on labeling/advertising: 6 months
  • Records on contract or withdrawal of subscription, payment of price, supply of goods, etc.: 5 years
  • Records on consumer complaints or dispute handling: 3 years

Article 3 (Provision of Personal Information to Third Parties)

① The Company processes personal information of data subjects only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only in cases corresponding to Article 17 and Article 18 of the Personal Information Protection Act, such as consent of the data subject or special provisions of the law.

② The Company is currently not providing personal information of data subjects to third parties.

Article 4 (Outsourcing of Personal Information Processing)

① The Company outsources personal information processing as follows for smooth processing of personal information tasks:

1. Payment Service

• Recipient (outsourced party): OO Payment
• Content of outsourced work: Processing subscription fee payments

1. Hosting Service

• Recipient (outsourced party): OO Cloud
• Content of outsourced work: Website and system operation

② When concluding outsourcing contracts, the Company specifies in documents such as contracts the prohibition of processing personal information outside the purpose of performing the outsourced work, technical and managerial protection measures, restrictions on re-outsourcing, management and supervision of the outsourced party, and matters concerning liability, including compensation for damages, in accordance with Article 26 of the Personal Information Protection Act, and supervises whether the outsourced party processes personal information safely.

③ If the content of the outsourced work or the outsourced party changes, the Company will promptly disclose it through this privacy policy.

Article 5 (Rights and Obligations of Data Subjects and Legal Representatives and How to Exercise Them)

① Data subjects may exercise rights such as requesting access, correction, deletion, and suspension of processing of personal information to the Company at any time.

② The exercise of rights under paragraph 1 may be made to the Company in writing, by e-mail, by fax, etc. in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the Company will take action without delay.

③ The exercise of rights under paragraph 1 may be made through a legal representative of the data subject or an authorized agent. In this case, a power of attorney according to the form in Appendix 11 of the Notice on Personal Information Processing Methods (No. 2020-7) must be submitted.

④ Requests for access to personal information and suspension of processing may be restricted by the rights of data subjects under Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.

⑤ Requests for correction and deletion of personal information cannot request deletion if the personal information is specified as a collection target in other laws.

⑥ The Company confirms whether the person who requests access, correction, deletion, or suspension of processing is the person themselves or a legitimate agent.

Article 6 (Items of Personal Information Processed)

The Company processes the following personal information items:

1. Website Membership Registration and Management

• Required items: Email, password, name
• Optional items: Contact information, address

1. Provision of Goods or Services

• Required items: Email, name, payment information
• Optional items: Contact information, address

1. The following personal information items may be automatically generated and collected during the use of Internet services:

• IP address, cookies, visit date and time, service usage records, device information

Article 7 (Destruction of Personal Information)

① The Company destroys the relevant personal information without delay when personal information becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the processing purpose.

② If personal information needs to be preserved in accordance with other laws despite the expiration of the personal information retention period agreed upon by the data subject or the achievement of the processing purpose, the Company preserves the personal information by moving it to a separate database (DB) or changing the storage location.

③ The procedures and methods for destroying personal information are as follows:

1. Destruction procedure

• The Company selects personal information for which destruction reasons have occurred and destroys the personal information with the approval of the Company’s personal information protection officer.

1. Destruction method

• Information in electronic file form is processed using technical methods that cannot reproduce the records.
• Personal information printed on paper is destroyed by shredding with a shredder or by incineration.

Article 8 (Measures to Ensure the Security of Personal Information)

The Company takes the following measures to ensure the security of personal information:

1. Administrative measures

• Establishing and implementing internal management plans, regular employee training, etc.

1. Technical measures

• Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, etc., installation of security programs

1. Physical measures

• Access control for computer rooms, data storage rooms, etc.

Article 9 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)

① The Company uses ‘cookies’ that store and retrieve usage information to provide individual customized services to users.

② A cookie is a small amount of information sent to the user’s computer browser by the server (http) used to operate the website and may be stored on the hard disk of the user’s PC computer.

• Purpose of using cookies: They are used to provide optimized information to users by understanding the visiting and usage patterns of each service and website visited by users, popular search terms, secure connection status, etc.
• Installation, operation, and refusal of cookies: You can refuse to store cookies through the option settings in the tools > Internet options > privacy menu at the top of your web browser.
• If you refuse to store cookies, you may have difficulty using customized services.

Article 10 (Personal Information Protection Officer)

① The Company has designated a personal information protection officer as follows to be in charge of and responsible for personal information processing tasks and to handle complaints and damages from data subjects related to personal information processing:

• Personal Information Protection Officer
• Name: 연삼흠 (Yeon Sam-heum, 筵三欽)
• Position: Youth Protection Officer
• Contact: +82-1599-1045, global@thekoreantoday.net

② Data subjects may inquire about all personal information protection-related inquiries, complaints, and remedies for damages that occur while using the Company’s services (or business) to the personal information protection officer. The Company will respond to and handle inquiries from data subjects without delay.

Article 11 (Request for Access to Personal Information)

Data subjects may request access to personal information under Article 35 of the Personal Information Protection Act to the following department. The Company will endeavor to promptly process the data subject’s request for access to personal information.

• Department receiving and processing requests for access to personal information
• Department name: Customer Support Team
• Person in charge: Personal Information Protection Manager
• Contact: +82-1599-1045, global@thekoreantoday.net

Article 12 (Remedies for Rights Infringement)

Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency’s Personal Information Infringement Reporting Center, etc. to receive remedies for personal information infringement. Please contact the following agencies for reporting or consultation regarding other personal information infringement:

1. Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Reporting Center: (without area code) 118 (privacy.kisa.or.kr)
3. Supreme Prosecutors’ Office: (without area code) 1301 (www.spo.go.kr)
4. National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)

For dispositions or omissions by the head of a public institution regarding requests based on the provisions of Article 35 (Access to Personal Information), Article 36 (Correction and Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act, those whose rights or interests have been infringed may request administrative appeals according to the Administrative Appeals Act.

※ For more information on administrative appeals, please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr).

Article 13 (Changes to the Privacy Policy)

① This privacy policy is effective from February 26, 2025.

② Previous privacy policies can be viewed below:

• Example: Applied from January 1, 2024 to February 25, 2025 (link)