Article 1 (Purpose of Processing of personal information)

Seoul City processes the personal information for the following purposes. Any personal information will not be used for other purposes than the following ones and, upon changes in the purpose of its use, Seoul City will take necessary measures including obtaining a separate consent under Article 18 of the PPA.

1. 1.1 Seoul City processes the personal information at the minimum only if necessary for the purposes such as the provision of Service , the handling of complaints, and the performance of its duties.
2. 1.2 Any matter of personal information processing is posted at the homepage of the Seoul Fashion Week/Trade Show operated by each agencies, offices, departments, headquarters and business place (the “Agencies”) so that the Information Principal will be able to check it.
3. 1.3 Upon accident of divulge of personal information , the responsible person for the personal information (the head of department or the director of agencies) and the person in charge of hangling the personal information (the person in charge by unit duties) will be fully responsible for such divulge under the Standards for Securing Safety of personal information (a notification of the Privacy Protection Commission).

Article 2 (Processing and Retention Period of personal information)

1. 2.1 Seoul City processes and retain the personal information within the period for retention and use under the laws and regulations or the one consented by the Information Principal for retention and use of the personal information in collecting the personal information from the Information Principal.
2. 2.2 The period for processing and retention of the personal information at the homepage of the Seoul Fashion Week/Trade Show.

   2.2 The period for processing and retention of the personal information at the homepage of the Seoul Fashion Week/Trade Show.

   Person to which the personal information is provided (name of Agencies)	Purpose of provision	Items to be provided	Retention period
   Agency for operation of the Seoul Fashion Week/Trade Show and subcontractor for homepage maintenance,	Event operation and management (office routine such as contact for carrying out the event and connecting business matching)	Name, contact (mobile number) of representative, company name, position and email, Homepage, company address (country), company contact	1 year (agency period)

Article 3 (Provision of personal information to 3rd party)

1. 3.1 Seoul City provides the personal information to a 3rd party only when it falls under Articles 17 and 18 of the Privacy Protection Act including the provisions of consent of Information Principal and special provisions of the statutes.
2. 3.2 Any matter of provision of personal information to a 3rd party will be posted in the Noori Home of competent subagencies operated by each Agencies so that the Information Principal will be able to check.

   3.2 Any matter of provision of personal information to a 3rd party will be posted in the Noori Home of competent subagencies operated by each Agencies so that the Information Principal will be able to check.

   Type of collection	Items to be collected	Purpose of processing	Retention period
   Required information	Name, contact (mobile phone number), company name, position, email, homepage, company address (country), company contact, and type of business	Management of business of the event of Seoul Fashion Week/Trade Show (preliminary registration, business matching and sending of the event information)	5 years
   Optional information	Interested brand	Event operation and management	5 years

Article 4 (Consignment of personal information processing)

1. 4.1 In order to smoothly handle the personal information duties, Seoul City consigns the duties of personal information processing as follows and guides so that the Information Principal will be able to check.

   4.1 In order to smoothly handle the personal information duties, Seoul City consigns the duties of personal information processing as follows and guides so that the Information Principal will be able to check.

   Consignee	Description of consigned duties
   (to be determined)	Agency business for Fashion Week Agency business for Trade Show
   Blue Well Co., Ltd.	Duties of opertion and maintenance of homepage

2. 4.2 In concluding a consignment agreement, Seoul City will clearly describe in the documents such as an agreement the matters of prohibition of personal information processing for other purpose than the one consigned, technical and managerial protective measures, restrictions on reconsignment, managemnet and supervision of consignee and responsibility such as damage in accordance with Article 26 of the Privacy Protection Act and supervises whether the consignee safely processes the personal information.
3. 4.3 Upon changes in any detail of consigned duties and consignee, Seoul City will disclose it through this Privacy Protection Policy without delay.

Article 5 (Destruction of personal information )

1. 5.1 If the personal information becomes unnecessary due to the lapse of retention period of personal information and achievement of the purpose of personal information processing, Seoul City will discard such personal information without delay.
2. 5.2 Should the personal information be retained continuously under other laws and regulations even after the retention period of personal information consented from the Information Principal passes by or the purpose of its processing has been achieved, Seoul City will relocated such personal information to a separate DB or retain it at a different place for storage.
3. 5.3 The process and method for discarding the personal information are as follows:
   1. 1. Destruction process

      - Seoul City discards the personal information (or a personal information file) to be destroyed by establishing a destruction plan of personal information.

      - Seoul City selects a personal information for which a reason for destruction occurs and discards such personal information (or a personal information file) with approval of the person responsible from Seoul City for the protection of personal information.

   2. 2. Method of destruction

      - If the personal information is in electronic form: the personal information must be deleted permanently in a way that such personal information will not be restored

      - If the personal information is a record, print, document or other record media other than electronic form: the personal information must be shredded or incinerated

Article 6 (Method of Exercise of Rights and Obligations of Information Principal and Legal Representative)

1. 6.1 Information Principal may exercise its right at any time to request Seoul City to permit access, correction, deletion and suspension of processing of his or her personal information.

   * For any request such as the access to the personal information for a youth under 14, his or her legal representative must directly make such request and the Information Principal, the minor under 14, may exercise his or her right to his or her personal information by him/herself or through his or her legal representative.

2. 6.2 Any exercise of the right may be made through a document, email, fax under Article 41 (1) of the Enforcement Ordinance of the Privacy Protection Act and Seoul City will take measures for this without delay.
3. 6.3 Any exercise of the right may be made through the legal representative such as the legal counsel or the attorney in fact of the Information Principal. In such event, the Information Principal must submit a power of attorney as stated in Appendix Form No.11 of the Notification of the Method of personal information Processing.
4. 6.4 Any request for the access to and processing suspension of personal information may restrict on the right of Information Principal in accordance of Articles 35(4) and 37(2) of the PPA.
5. 6.5 Any request for the correction and deletion of personal information may not be available to the extent that such personal information is clearly classified as the one to be collected under other laws and regulations.
6. 6.6 Upon receipt of any request for access, correction, deletion and processing suspension as a right of Information Principal, Seoul City will check whether the person making such request is such Information Principal or his or her duly authorized representative.

   * Request form for access to personal information [Appendix Form No. 8 of the Notification of Method of personal information Processing] (Click)

   * Power of Attorney Form [Appendix Form No. 11 of the Notification of Method of personal information Processing] (Click)

   

   access of personal information, Application for correction, deletion and processing suspension

   access of personal information

   1. Search of personal information file list
   2. Application for access
   3. dentification of applicant and confirmation of the scope of access of personal information
   4. Confirmation of the restrictions on the access of personal information
      • Notice of access decision (permission/restriction/postphone)
      • Notice of access decision (rejection)

   Application for correction, deletion and processing suspension

   1. Search of personal information file list
   2. Application for correction, deletion and processing suspension
   3. Identification of applicant and confirmation of the scope of access of personal information
   4. Confirmation of the restrictions on the access of personal information
      • Notice of the result of correction, deletion and processing suspension
      • Notice of the restrictions on correction, deletion and processing suspension of personal information (including rejection and the matters of other laws and regulations)

Article 7 (Measures for Securing Safety of personal information )

1. Seoul City takes measures in order to secure the safety of personal information as follows:
2. 1. (1) Managerial measures
      • - Establish and execute an internal management plan for Seoul City in accordance with the Standard for Securing the Safety of personal information
      • - A person in charge of handling the personal information must be designated and managed and a regular education must be conducted for such person without fail.
   2. (2) Technical measures
      • - Control the access to the personal information by giving, change and cancel the right to access to the data base system for processing the personal information
      • - Control any outside unauthorized access by using the firewall system and intrusion protection system
      • - Retain and manage the record of access to the personal information processing system for 1 year at the minimum
      • - The UR’s personal information will be encoded, stored and managed and a separate security function such as the use of the personal information after encoding in case of storing and transmission will be used for any important data
      • - Seoul City must set up a security program in order to prevent the divulge and damage of personal information due to hacking or computer virus, renew and inspect such program on a regular basis, install the system in the controlled area from external access and monitor and block technically and physically.
   3. (3) Physical measures
      • - Secure a separate physical place for the storage of personal information system where the personal information has been stored (data center and cloud center for Seoul City), establish and operate the access control process for such personal information.

Article 8 (Establish, Operation and Rejection of Automatic Collection Devices)

1. 8.1 In order to provide a customized service to the UR, Seoul City uses ‘cookie’ which store and frequently bring about the use information.
2. 8.2 Cookie is a tiny information sent to the computer browser of the US by the server used for operating the website and may be stored in the hard disk in the PC computer of the UR.
   1. 8.2.1 Purpose of use of cookie: Cookie identifies the type of visit and use, popular search work, and secured access to each service and websites visited by the User and is used for providing optimal information to the UR.
   2. 8.2.2 Installation, operation and rejection of cookie: User may reject to store the cookie as follows:

      Example 1) Click [Set up] on the right top of the webbrowser (Chrome) -> [Personal information and security]-> [Site set-up] -> [Cookie and site data] -> Set up the cookie blocking

      Example 2) Click [Set up] on the right top of the webbrowser (Edge) -> [Cookie and site authority]-> Cookie and stored data -> Set up the cookie blocking

      Example 3) Click [Tool] on the top of the webbrowser (Internet Explorer) -> [Internet option]-> [Advanced setting] of personal information menu-> Set up the cookie blocking

   3. 8.2.3 If the User rejects the storage of cookie, he or she may have difficulty in using the customized service.

Article 9 (Matters of Pseudonymous Data)

1. 9.1 Seoul City processes the pseudonymous data under Articles 28-2 and 28-3 of the PPA.

   ※ Description of the details of present condition, provision to 3rd party and consignment of pseudonymous data processing of Seoul City (Click)

2. 9.1 Seoul City takes the following measures in order to secure the safety of pseudonymous data under Article 28-4 (Obligation to take safety measures for pseudonymous data) of the PPA:
3. 1. 9.1.1 Managerial measure: establish and execute internal management plan and provide education for the employees on a regular basis
   2. 9.1.2 Technical measure: install access control system such as control of access right of personal information processing system and the encryption of identifying information and security program
   3. 3. Physical measure: control the access to computer room and data storage room

Article 10 (Matters of Person Responsible for Privacy Protection)

1. 11.1 Seoul City designates the following person responsible for the personal information who will be generally handle the duties of personal information processing, complaints and damage relief of the Information Principal related to the personal information processing:

   11.1 Seoul City designates the following person responsible for the personal information who will be generally handle the duties of personal information processing, complaints and damage relief of the Information Principal related to the personal information processing

   Company ID	Classification	Name of department	Name	Position	Department in charge of privacy protection and contact
   1	개인정보 보호책임자	디지털정책관	이혜경	국 장	* 정보시스템담당관(개인정보보호팀) - 전 화 : 02-2133-2971~2, F A X : 02-2133-1071 - 이메일 : privacy@seoul.go.kr
   2	개인정보 보호담당자	정보시스템담당관	강지원	주무관

Article 11 (Request for Access to personal information)

1. 11.1 Information Principal may file a request for access to the personal information with the following department under Article 35 of the Privacy Protection Act and Seoul City will make its best effort in promptly handling such request:
   ▶ Department of receipt and handling of the request for personal information
   • - Name of department : 정보시스템담당관(개인정보보호팀)
   • - Person in charge : 강지원 주무관
   • - Contact : ☎ 02-2133-2971 또는 privacy@seoul.go.kr
2. 11.2 Information Principal may make a request for personal information through the website of ‘general portal for privacy protection’ of the Privacy Protection Commission other than the department for receiving and handling as set forth in the foregoing Paragraph 11.1.

   ※ Go ‘general portal for privacy protection’ of the Privacy Protection Commission(www.privacy.go.kr) → Civil complaint court → Request for access to personal information(need to receive real name authentication through mobile phone or Ipersonal information N)

Article 12 (Method of Remedy for Right Infringement)

1. 12.1 Information Principal may file an application for a dispute resolution or consultation with the Personal Information Dispute Mediation Committee and the personal information infringement report center of the Korea Internet Development Agency. For other report and consultation of the personal information infringement, please make inquiry to the following agencies:

   12.1 Information Principal may file an application for a dispute resolution or consultation with the Personal Information Dispute Mediation Committee and the personal information infringement report center of the Korea Internet Development Agency. For other report and consultation of the personal information infringement, please make inquiry to the following agencies

   Classification	Name of agency	URL	Tel.
   personal information infringement report center	Korea Internet Development Agency	privacy.kisa.or.kr	118 without local code
   Personal Information Dispute Mediation Committee	Personal Information Dispute Mediation Committee	kopico.go.kr	1833-6972
   Cyber Investigation Section	Supreme Public Prosecutors Office	spo.go.kr	1301 without local code
   Cyber investigation bureau	National Police Agency	police.go.kr	182 without local code

2. 12.2 Any person the right or interest of whom has been infringed due to the disposition or omission of the head of public agencies in terms of his or her request under Articles 35 (Access to personal information ), 36 (Correction and Deletion of personal information ) or 37 (Suspension of personal information Processing) of the Privacy Protection Act may file a claim for administration decision as prescribed in the Administrative Trial Act.

   ※ For details of administrative decision, please refer to the Central Administrative Appeal Commission(http://www.simpan.go.kr/)

Article 13 (Modification of Privacy Protection Policy)

1. 13.1 This Privacy Protection Policy will apply from the 30th day of September 2022.
2. 13.2 Former Privacy Protection Policy may be checked in the followings: