1. Collection and Use of Personal Information
The School collects personal information for the following purposes. The School does not use the personal information for any purpose other than that set forth herein. However, the School shall ask for consent beforehand if the purposes change.
a. Admission Support and Education Management: Personal information is collected for the purposes in relation to applicant review for admission, admission work, learning development, research, health, field trip, sports activity, library, and all other education management provided by the School; as well as administrative tasks such as verification of self, personal identification, prevention of unqualified or unauthorized student admission, age verification, other record keeping for students.
b. Providing Various Services: Personal information is collected for the purposes in relation to providing services such as School introduction and announcement, providing educational contents, issuing of certificates, and admission related information.
c. Utilizing as School Material: Personal information such as photo and video are collected for the purposes of providing educational content and the creation of marketing materials for the School.
2. Duration of Collection and Retention of Personal Information
As a general rule, once the purposes of collection and use of the personal information are achieved, it is without delay destroyed. However, the personal information may be retained under the School rule or other law and the relevant regulation of the law will be followed.
3. Provision and Sharing of Personal Information to or with a Third Party
As a general rule, the School collects personal information within the boundaries stipulated by law and will not collect additional information outside the original boundaries or provide the information to any third party without consent, except as set out below.
● If a consent was received in advance to provide and share the information to the third party;
● If the information is required or requested by law or competent authority;
● If the personal information is needed to perform the services under contract and for financial and/or technical reason it is extremely difficult to receive the usual consent; or
● If the personal information is changed so that it is impossible to identify a particular individual.
4. Outsourcing of Processing of Personal Information
As a general rule, the School does not outsource any processing of personal information to others without the student and/or parent’s consent. However, the School is outsourcing the personal information for the purpose of providing services such as bus, meal, tuition payment, and etc. as below.
When contracted for outsourcing, the School will abide by the Personal Information Protection Act to generate a written document regarding responsibilities of management and compensation for damages such as the boundary and purpose of the outsourcing work performance, prohibition of collecting personal information beyond the given boundary, technical/managerial protection action, re-outsourcing restriction, safety securing action, and examination of current personal information management condition; the School educates and manages the third party service providers to securely manage the personal information.
5. The Rights, Responsibilities, and Methods of Action of the Owner of Information As the owner of personal information, the students and parents can exert the following rights.
a. Request to access its personal information
According to the Personal Information Protection Act Article 35, you may request to access personal information files. However, upon the request to access personal information, the access may be restricted under the Article 35-5 of the law. We may refuse to satisfy your request:
b. Request to modify/remove personal information
- ● If the access is prohibited by any law or regulation;
- ● If there is apprehension that life/body of any other person may be harmed or that the property and other interest of any other person may be unjustly infringed upon;
You may request modification or removal of your personal information file(s) to the School under the Personal Information Protection Act Article 36. However, your request may be restricted if your personal information is required to be kept in storage pursuant to applicable law or regulation.
c. Destruction of Personal Information
- ● If the modification/removal is prohibited by any law or regulation;
● If the handling of personal information is inevitable to perform obligations in compliance with applicable law or regulation; or
● If, without handling the personal information, it is impossible to perform a contract with the customer (such as a contract for provision of service), where the customer has not expressly made it clear that he/she intends to terminate the contract.
As a general rule, once the purposes of collection and use of the personal information are achieved, the School destroys your personal information without delay. The following are the process, duration, and method of destruction.
- ● Process of Destruction
Once the purposes of information entered by the user are achieved, the information will be transferred to a different database (hard copy information will be transferred to a different file). The information will then be either kept on file for a certain period of time prescribed in internal policies or applicable laws or be destroyed without delay. The personal information, which was transferred to a different database, will not be used for any other purposes unless required by law.
● Duration of Destruction
Once the personal information retention period expires, the personal information of the user will be destroyed within five (5) days of the retention expiration date. When the retention of personal information become no longer necessary due to achievement of personal information collection purposes, discontinuance of relevant service, closure of business, etc., the personal information will be destroyed within five (5) days of the date that the personal information is recognized to be unnecessary.
● Method of Destruction
Information in the form of electronic file will be destroyed by technical means making the records non reproducible. Personal information printed on paper will be destroyed by shredding or incinerating the paper documents.
6. Safeguards to Protect Personal Information
Under the Article 29 of the Personal Information Protection Act, the school takes the following technical/managerial as well as physical safeguards to ensure security of your personal information.
a. Minimization and Training of Employees who handle Personal Information: The School designates and limits the number of employees who handle personal information to manage the personal information.
b. Establishment and Enforcement of Internal Management Plan: In order to securely collect personal information, the School establishes and enforces the internal management plan.
c. Technical Anti-hacking Measures: To prevent leak and/or damage of your personal information as a result of intrusion to our information such as hacking, computer virus, etc., the School operates intrusion detection firewall systems, performs periodic update/inspection, and installs systems in the areas where the outsiders have no access to monitor and block them technically and physically.
d. Encryption of Personal Information: The School grants, modifies, and cancels the access authority of the database system that collects personal information. We also block unauthorized access from the outside using the firewall system.
e. Restriction of Unauthorized Access: The School stores personal information in a physically separated space and restricts its access.
7. Filming of CCTV
The School installs signboards regarding CCTV
so the owner of personal information can easily recognize the CCTV
installed and managed by the School under the Personal Information Protection Act.