The Korea Association of Machinery Industry, the secretariat hosting the Korea International Machinery Expo, has the following policies to protect users' personal information and their rights and interests in accordance with the Personal Information Protection Act and to smoothly handle users' grievances related to personal information.
When the Association revises its privacy policy, the changes will be announced in a notice (or individual notice) on its website.
This policy takes effect from January 1, 2024.
1. Purpose of processing personal information
The Association processes personal information for the following purposes. The processed personal information will not be used for any purpose other than the following, and prior consent will be sought if the purpose of use is changed.
• Homepage membership and management
Personal information is processed for the purpose of confirming membership intention, identification and certification according to the provision of membership services, maintenance and management of membership status, identification due to the implementation of a limited identification system, prevention of illegal use of services, confirmation of consent from legal representatives when collecting personal information for children under the age of 14, various notices and notices, grievance handling, and preserving records for dispute mediation.
• Processing of public complaints
Personal information is processed for the purpose of identifying the complainant's identity, checking public complaints, contacting and notifying the facts, and notifying the results of the processing.
• Provision of goods and services
Personal information is processed for the purpose of providing services, sending bills, providing contents, providing customized services, self-authentication, age authentication, payment and settlement, and collection of bonds.
• Utilization for marketing and advertisement
Personal information is processed for the purpose of developing new services (products) and providing customized services, event and advertising information as well as opportunities to participate, services and advertising based on demographic features, verifying the validity of services, identifying access frequencies, or statistics on members' service use.
2. Personal information file status
• Exhibitor membership joining and management
1) Company information
<Essential items>
Business registration number (Log-in ID), main E-mail address (initial password), Company name (Korean, English), Name of representative (Korean, English), Company contact (phone number), Address (Korean, English), Service use history, connection log, cookie, connection IP information, payment history
<Optional items>
Company fax number, website, business status, category, copy of business registration certificate, E-mail for tax bill, address for receiving post mail, company logo
2) Participant information
<Essential items>
Name of official (Korean), position (Korean), phone number, E-mail address
• <Optional items>
Name of official (English), Department (Korean, English), Position (English), Fax number, mobile phone number
3. Processing and retention period of personal information
• The Association processes and holds personal information within the period of possession and use of personal information under the Act or the period of use that has been agreed upon when collecting personal information from the information subject.
2. The Association holds the membership information of the website until the time of membership withdrawal. Yet, if there is no history of use for more than 1 year under the Information and Communication Network Act, it is regarded as a dormant account and stored separately. In particular, for members who have not visited the website for more than 1 year, he or she is notified three months in advance.
4. Matters of providing personal information to third-party
• The Association can provide personal information to a third-party only if it falls under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the data subject and special provisions of the law.
5. Consignment of personal information
[ Off-line exhibition ]
• The Association entrusts the processing of personal information as follows for the smooth processing of the personal information.
- Entrusted person (trustee) : FAMPPY Co. ltd.
- Details of consignment : Website system management
2. When signing a consignment contract, the Association shall provide a contract with matters related to liability such as prohibition of processing of personal information other than the purpose of performing consignment business, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and compensation for damages in accordance with Article 25 of the Personal Information Protection Act, and oversees whether the trustee handles personal information safely.
3. If the contents of the consignment business or the consignee change, we will disclose it through this personal information processing policy without delay.
[ On-line information ]
• The Company entrusts the processing of personal information as follows for the smooth processing of the personal information.
- Entrusting person : Korea Association of Machinery Industry
- Entrusted person : FAMPPY Co. ltd.
- Details of consignment : Management of KIMEX online exhibition platform
- Details of consignment: Website system management
6. The rights and obligations of the information subject and the legal representative and the users of how to exercise them may exercise the following rights as personal information subjects.
• The information subject can exercise the rights to view, modify, delete, cease processing and etc. of personal information at any time to the Association.
• The exercise of the rights pursuant to Paragraph 1 can be done in writing, telephone, e-mail, fax, etc. to the Association in accordance to Article 41 (1) of Personal Information Protection, and the Association will take action without delay.
• The exercise of rights pursuant to Paragraph 1 can be done through an agent such as a legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with the form of Attachment 11 of the Enforcement Regulations of the Personal Information Protection Act.
• Requests for viewing ceasing of personal information processing may restrict the rights of the data subject under Articles 35 (5) and 37 (2) of the Personal Information Protection Act.
• Requests for modification and deletion of personal information cannot be requested if the personal information is specified as the subject of collection in other laws and regulations.
6. The Association checks whether it is the person who made the request for viewing, modification or deletion, or suspension of processing in accordance with the data information's rights, or whether it is the person who made the request.
7. Destruction of personal information
When the purpose of personal information processing has been achieved, the Association will destroy the personal information in accordance to the following procedures, period, and methods.
• Destruction procedure
The information entered by the user is transferred to a separate DB after achieving the purpose (separate documents in the case of paper) and stored for a certain period of time in accordance with internal policies and other relevant laws and regulations, and then destroyed immediately. In this case, personal information transferred to the DB will not be used for any other purpose except for what is in accordance with the law.
• Destruction period
The user's personal information shall be destroyed within 5 days from the end of the retention period, and within five days from the date when the personal information becomes unnecessary, such as achieving the purpose of processing the personal information, abolishing the service, or terminating the project.
• Destruction method
Personal information in the form of electronic files is destroyed using method where the records cannot be reproduced.
8. Installation and operation and objection of automatic personal information collection device
• The Association uses ‘cookie’ that frequently store and find information about the information subject.
• Cookies are very small text files that the server used to operate the company's website sends to the user's browser and are stored on the computer hard disk of the information subject. A. Purpose of using cookie: It is used to provide optimized services for the users by identifying visits, use type, popular search, security connection for services and websites the users have visited. B. How to reject cookie installation and operation: You can reject saving cookies through the tools at the top of the web browser> Internet Options> Personal Information> Advanced> Select Setting Method. C. However, if you refuse to save cookies, some services that are tailored may be difficult to use.
9. Person in charge of personal information protection
The Association has designated the person in charge of personal information protection as follows to take full responsibility for the handling of personal information and to handle complaints and relief from damages of the information subject related to personal information processing.
[ Off-line exhibition ]
• ▶ Personal information protection officer
Position : Chief of administration and planning
Contact : 02-369-7955
※ Connected to the department in charge of personal information protection.
▶ Department in charge of personal information protection
Department : IT Team
Officer : Chief of IT
Contact : 02-369-7805
[ On-line exhibition ]
• ▶ Personal information protection officer
Department : Exhibition Team
Officer : Chief of Exhibition
Contact : [tel : 02-369-7800], [info@kimex.org], [fax : 02-369-7899]
▶ Personal information protection officer
Department : Exhibition Team
Officer : Lee Hye-in
Contact : [tel : 02-369-7800], [exhibit@koami.or.kr], [fax : 02-369-7899]
The information subject can inquire to the person in charge of personal information protection and the department in charge of all personal information protection related inquiries, complaint handling, damage relief, etc. that occurred while using the Association’s service. The Association will respond and handle inquiries from the information subject without delay.
10. Change of personal information processing policy
This privacy policy is applied from the date of implementation, and in case of addition, deletion and modification of the policy in accordance to Decree and Regulations, this will be notified through a notice 7 days prior to the implementation date of such changes.
11. Measures to secure safety of personal information
In accordance with Article 29 of the Personal Information Protection Act, the Association takes the following technical, administrative, and physical measures necessary to ensure safety.
• Carrying out regular self-audit
In order to secure stability related to handling personal information, the Association conduct self-audit regularly (once every quarter).
• Minimization and education of officer handling personal information
The Association are implementing measures to manage personal information by designating officers who handle personal information and minimizing it by limiting it to the person in charge.
• Designing and implementing plans for internal management
The Association design and implement plans for internal management for the safe processing of personal information.
• Technical countermeasures against hacking, and etc.
In order to prevent leakage and damage of personal information by hacking or computer viruses, the Association installs security programs, periodically updates and inspects them, and installs systems in areas with controlled access from outside, and monitors and blocks them technically and physically.
• Encryption of personal information
As for the user's personal information, the password is encrypted, stored and managed, so that this can be known only to that specific individual, and important data uses separate security functions such as encrypting files and transmission data or using file lock functions.
• Prevention of storage and forgery of access history
History of access to the personal information processing system are stored and managed for at least 6 months, and security functions are used to prevent forgery, theft, and loss of access history.
• Restriction access for personal information
We take necessary measures to control access to personal information through granting, changing, and cancelling access to the database system that processes personal information, and use an intrusion prevention system to control unauthorized access from outside.
• Use of lock device for document safety
Documents containing personal information and auxiliary storage media are stored in a safe place with locks.
• Control of access for unauthorized persons
We have a separate physical storage place where personal information is stored, and access control procedures are established and operated.
12. Remedy for infringement of rights and interests
The information subject may contact the following organizations for damage relief, consultation, etc. for personal information infringement.
< The following institutions are separate from our Association, and if you are not satisfied with how the Association handles the personal information complaint, damage relief, or in case when you need more detailed help, please contact the following institutions. >
▶ Personal Information Infringement Report Center (Run by Korea Internet & Security Agency)
- Responsible work : Reporting of infringement of personal information, request for consultation
- Webpage : privacy.kisa.or.kr
- Contact : (Without area code) 118
- Address : KISA, 9 Jinheung-gil, Naju, Jeollanam-do, Republic of Korea
▶ Personal Information Dispute Mediation Committee
- Responsible work : Request of conflict mediation on personal information, group conflict mediation (resolving in civil terms)
- Webpage : www.kopico.go.kr
- Contact : 1833-6972
- Address : 4th floor of Seoul Government Complex 209, Sejong-daero, Jongno-gu, Seoul
▶ Supreme Prosecutors' Office Cyber Crime Investigation Division:
- (Without area code) 1301, cid@spo.go.kr (www.spo.go.kr)
▶ National Police Agency Cyber Safety Guardian
- (Without area code) 182 (cyberbureau.police.go.kr)
In addition, a person whose rights or interests have been violated due to dispositions or omissions made by the head of a public institution regarding the request of the data subject to access, modification, deletion, and ceasing of processing of personal information may request an administrative trial as prescribed by the Administrative Trial Act.
☞ Please refer to the contact number of Online Administrative Appeals (www.simpan.go.kr)
