Instructions to protect your personal information(for public institutions)


Collect the minimum amount of information necessary when collecting personal information

Must ask for consent when collecting additional information


Must not collect sensitive information such as resident registration numbers or health information

Must not illegally use resident registration information and other personal information


Must not be used for other purposes or transferred to a third party without the person’s consent

Must not illegally use the information for other purposes or leak to the general public


Reveal the processing policy when using personal information

Reveal the processing policy including consignment of personal information on the homepage or the place of business


Establish safety assurance measures such as internal management plans, firewalls, vaccines, and access control

Strictly take protection measures to prevent leak of personal information by hackers


When requiring membership registration, adopt an alternative that requires resident registration numbers

Adopt another authorization methods other than requiring resident registration numbers such as I-PIN and accredited certificates


Must destroy all documents after using personal information

Must destroy documents after the purpose of collecting information is fulfilled(after the service period is over)


When personal information is leaked, immediately notify the person

When the leak has been acknowledged, notify the fact through documents, phone calls, or email within 5 days


Install instruction board if a CCTV is being used

Notify the relevant parties after setting up the purpose of installation, location, filming area, the person in charge, and operation policy