Asia Pacific Music Meeting 2021
Loading
Follow us:

APaMM Privacy Policy

Processing policy of personal information

 

Ulsan Arts & Culture Foundation (hereinafter “the Foundation”) establishes and discloses privacy policies as follows, in order to protect personal information of data subjects and redress relevant grievances in a prompt and smooth manner pursuant to article 30 of the Personal Information Protection Act, during the operation of the Asia Pacific Music Meeting (hereinafter “UlsanAPaMM”) organized by the Foundation.

Moreover, the Foundation respects the rights and interests of users, which include the rights to request for access to and correction of personal information held by the Foundation as stipulated by applicable laws and regulations. Data subjects may apply for dispute resolution or consultations, etc. to Personal Information Dispute Mediation Committee, Personal Information Infringement Report Center and the like with regard to violation of their rights and interests pursuant to applicable laws and regulations.

 

Article 1 (Purpose of processing personal information)

The Foundation shall process personal information for following purposes. The personal information processed by the Foundation shall not be used for purposes other than the following. Any change in the purpose of using personal information shall require necessary measures, including the consent of data subjects under article 18 of the Personal Information Protection Act:

 

1) Signing up for the official UlsanAPaMM website & management of membership

Confirm the person’s intention to sign up for the website; identify and authenticate the user for provision of membership-only services; maintain and manage the membership status; ensure user authentication following the implementation of limited self-authentication system; prevent improper use of the service; and provide various notices and information.

2) Redressing grievances & complaints

Validate the identity of the complainant; check details of the grievances/complaints; communicate and inform the complainant to investigate factual information; and notify the complainant of the results of redressing his/her grievances/complaints.

3) Development of new services and marketing campaigns

Develop new services and provide customized services; offer services and display advertisements according to statistical characteristics; check the validity of services; provide advertisement information (e.g. events) and opportunities to take part in such events; identify frequency of access; and create statistics on the member’s use of services

4) Mutual exchange between the UlsanAPaMM Committee and its members

5) Inclusion in the official UlsanAPaMM website and program book

 

Article 2 (Period for processing and retaining personal information)

The Foundation shall process and retain personal information within the period for retaining and using such personal information set by laws and regulations, or within the period consented to by data subjects in the course of collecting personal information.

 

The period for processing and retaining personal information is as follows. The Foundation shall retain personal information for each of the following period until the period prescribed by applicable laws and regulations or until the reason for retaining and using such information ceases to exist.

1) Information collected for signing up for the website and management of membership: until the user withdraws membership from the website of public institutions

2) If investigations or inspections on breach of applicable laws and regulations are in process: until the end of such investigations or inspections

3) If bonds or debts remain outstanding from the use of the website: until the bonds or debts are settled and repaid

4) The data subject’s log records (i.e. communication via computers, Internet) and access track records (pursuant to Protection of Communications Secrets Act): three months

5) Records on personal information, etc. stated on the Membership Application Form (Act on Promotion of Information & Communications Network Utilization and Information Protection, etc.”): 12 months

 

Article 3 (Provision of personal information to a third party)

The Foundation shall provide personal information to a third party in cases specified in article 17 and 18 of the Personal Information Protection Act (i.e. consent of the data subject, special provisions in the law), and only for the following purposes, which include operation of the UlsanAPaMM projects:

1) If the data subject has given his/her consent

2) If such information is required by applicable laws and regulations, or if an investigative agency demands such information pursuant to prescribed procedures and methods for investigative purposes

3) If the UlsanAPaMM Committee or members of the Committee requests personal information of other members of the UlsanAPaMM Forum for mutual exchange. Provided however, the information shall be provided up to a limited extent after reviewing the adequacy of such information requests

4) If it is necessary to provide the information to foreign governments or international organizations to perform international treaties or other international conventions

5) If personal information is provided in a manner keeping a specific individual unidentifiable necessarily for such purposes as compiling statistics or academic research

6) If a superior institution requests such information to supervise and manage its projects

 

It is possible to check the recipient of personal information who is provided with the information through the data subject’s consent, and the purpose of using such information, through “Details of Provision of Personal Information File to a Third Party,” and particulars of information provided to a third party are as follows:

- The recipient of personal information

- The purpose for which the recipient of personal information uses such information

- Particulars of personal information to be provided

- The period for which the recipient retains and uses personal information

 

Article 4 (Outsourcing of the processing of personal information)

The Foundation shall outsource the processing of personal information to facilitate the processing of personal information as follows.

 

The Foundation shall, pursuant to article 25 of the Personal Information Protection Act, specify: that the personal information shall not be processed for purposes other than the intended purposes of the outsourcing; information protection measures at the technical and managerial level; limitations on subcontracting; management and supervision of the outsourcee; compensation liabilities, etc. on documents such as agreements, and supervise the outsourcee’s safekeeping of personal information.

 

The Foundation shall disclose details of the outsourced work and any change in the outsourcee responsible for processing personal information without delay through the Privacy Policy.

 

The processing of personal information outsourced by the Foundation and processed by the outsourcee can be checked on the “Details of Outsourced Work.” Particulars of the outsourced work are as follows:

- Name of the personal information file

- Particulars of the outsourced work

- Name of the outsourcee

- Telephone number of the outsourcee

- Address of the outsourcee

- Opening hours of the outsourcee

 

Article 5 (Rights and obligations of data subjects & their authorized representatives, and the manner of exercising such rights and obligations)

The data subject may, in accordance with article 35 (Access to Personal Information) of the Personal Information Protection Act, exercise his/her rights, which include the rights to demand access to, correction & erasure of, and suspension of processing, his/her personal information at any time.

 

The rights under paragraph 1 above can be exercised to the Foundation via written documents, email or fax pursuant to paragraph 1, article 41 of the Enforcement Decree of the Personal Information Act, and the Foundation shall respond accordingly without delay.

 

The rights under paragraph 1 above can be exercised through the authorized representative or agent of the data subject. In this case, the power of attorney pursuant to Schedule 11 of the Enforcement Rule of the Personal Information Protection Act shall be submitted.

 

Rights of data subjects to demand access to personal information or suspension of processing the information can be limited in following circumstances pursuant to paragraph 5 of article 35 and paragraph 2 of article 37 of the Personal Information Protection Act.

1) If accessing the information is prohibited or restricted by laws

2) If accessing the information is likely to cause harm to the life or body of any other person, or unfairly damages the property and other profits of any other person.

3) If it causes serious hindrances for public institutions as they carry out any one of the following duties

 

Correction or erasure of personal information in personal information files held by the Foundation cannot be demanded if such personal information is expressly stated in other laws and regulations as the information that needs to be collected, pursuant to article 36 (Correction and erasure of personal information) of Personal Information Protection Act.

 

It is possible to demand the suspension of processing personal information files held by the Foundation pursuant to article 37 of the Personal Information Protection Act (Suspension, etc. of processing of personal information). The Foundation must check whether the person demanding access to the information; correction and erasure of personal information; and suspension of processing such information pursuant to rights of the data subject, is the data subject him/herself or a duly authorized representative of the data subject. Provided however, in following cases, demand for suspending the processing of personal information may be rejected pursuant to paragraph 2, article 37 of the Act.

1) If special provisions exist in laws or it is inevitable to observe legal obligations

2) If it is likely to cause harm to the life or body of any other person, or unfairly damages the property and other profits of any other person.

3) If it is inevitable so that a public institution may perform the duties under its jurisdiction as prescribed by statutes, etc.;

4) If failure to process personal information results in difficulties in fulfilling contractual obligations, (i.e. failure to provide services stipulated in the agreement signed with the data subject), and that the data subject has not clearly expressed his/her intention to terminate the agreement

 

Demand for access to, correction or erasure of, and suspension of processing, personal information files held by the Foundation shall be met in following procedures, and the Foundation shall notify the results of the following within 7 days. Demand for access to, correction or erasure of, and suspension of processing, personal information, can be filed to the staff in charge of the official UlsanAPaMM website, by downloading the form in Schedule

 

 

*[Attached] Personal Information Reading, Correction, Deletion Processing Application Form (English/PDF)




 

 

Article 6 (Particulars of personal information to be processed)

The Foundation shall process the particulars of personal information as follows:

1) Signing up for the website & management of membership

- Compulsory: country of origin, name, name of artist, name of the agency/institution, title, job, ID, password, smartphone number, telephone number, telephone number of the agency/institution, email address, i-PIN number, purpose of participation, attendance in the 2021 UlsanAPaMM (yes/no), genre of music, the channel through which the person got to know how to apply for UlsanAPaMM membership, files certifying the institution/agency, and other information that was filled in when signing up for and applying for UlsanAPaMM on its official website

- Optional: application for accommodation during the UlsanAPaMM period (yes/no), application for meals during the UlsanAPaMM period (yes/no), any particulars, application for Ideal Matching (yes/no), music link, website address of the institution, and other information that was filled in when signing up for and applying for UlsanAPaMM on its official website

 

2) Handling of grievances/complaints

- Compulsory: information that was filled in when signing up for and applying for UlsanAPaMM on its official website, including the name, telephone number, address and email address

 

3) Following items may be automatically generated and collected in the course of using Internet services:

- Automatically generated items: IP address, cookies, MAC address, service log, visit log, records of improper use, etc.

 

Article 7 (Destruction of personal information)

The Foundation, according to provisions of article 2, shall destroy all personal information immediately when personal information becomes no longer necessary, for example, due to elapse of the period for retaining personal information, achievement of the purpose of processing such information, etc.

If it is necessary to continue retaining personal information under other laws and regulations, although the period for retaining personal information that had been consented to by the data subject has elapsed, or the purpose of processing such information has been achieved, then the personal information (or personal information file) shall be moved to and kept in a different database or in a different data repository.

The procedure for and method of destroying personal information are as follows:

 

1) Procedure

The Foundation shall establish a plan on destruction of personal information for personal information (or personal information file) subject to destruction, and destroy such information accordingly. The Foundation shall select the personal information (or personal information file) for which a reason for destruction arose, and destroy the personal information (or personal information file) through approval of the Privacy Officer of the Foundation.

 

2) Method

The Foundation shall destroy personal information recorded and saved in the form of electronic files in an irreversible manner, have personal information that had been recorded and saved on a written document either burnt or shredded by a shredding machine.

 

Article 8 (Privacy Officer)

The Foundation shall designate a Privacy Officer to oversee all tasks related to processing of personal information, handle grievances raised by data subjects and remedial compensations with regard to processing of personal information:

 

Privacy Officer

Team: Festival Promotion Team

Title: Team head

Telephone number: +82)52-270-9301

Privacy Manager

Team: Culture Project Support Team

Staff in charge: Gina.Jo

Telephone number: +82)52-270-9302

Email address: UlsanAPaMM@uacf.or.kr

 

The data subject may inquire the personal information protection manager and relevant teams of matters related to personal information protection, handling of grievances and remedies, etc. that arose in the course of using the Foundation’s service (or projects). The Foundation shall answer the inquiries without delay.

 

Article 9 (Amendment of Privacy Policy)

The Privacy Policy of the Foundation shall be effective from the date of its enactment. Any addition, deletion and amendment of the Privacy Policy pursuant to laws, regulations and policies, shall be notified through a public notice at least 7 days prior to the date of such change. Provided however, changes arising from alteration in the volume of personal information files, that are managed and classified into different categories, do not require a public notice.

 

Article 10 (Measures for security in personal information)

The Foundation shall take following measures to ensure security of personal information.

1) Managerial measures: establish and implement internal control plans, provide periodic training sessions to staff members, etc.

Requesting to the server, please wait.