Because of your wrong password over 5 times, the login is not allowes for 5 minutes.

ACU PROJECT

All personal information handled by ACU-Project services (hereinafter referred to as “ACU”) is collected, retained and managed in accordance with the relevant Acts. The Personal Information Protection Act suggests general norms for processing personal information. ACU will properly and appropriately handle personal information collected, possessed, and processed in accordance with the provisions of the Personal Information Protection Act in order to ensure proper conduct of public affairs and protect the interests of users.
Furthermore, ACU respects the rights and interests of users, including request for viewing, correcting, deleting, and suspending the processing of personal information, as stipulated by the related laws and regulations. Users may, in accordance with the provisions of the Administrative Appeals Act, file an administrative appeal concerning the infringement on their rights and interests.
In accordance with Article 30 of the Personal Information Protection Act, ACU establishes and discloses the following personal information processing policy in order to protect the privacy of personal information of the information subject and to protect the rights and interests of users related to personal information.

Article 1 (Purpose of processing personal information)
ACU processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following. If the purpose of use changes, necessary measures, including receipt of additional consent in accordance with Article 18 of the Personal Information Protection act, will be implemented.
A. Service Provision
ACU processes personal information for the purpose of providing contents and e-learning learning environment.
B. Membership Management
ACU processes personal information for the purpose of member identification concerning the use of membership services, personal identification, prevention of illegal use by members in poor standing, prevention of unauthorized use, confirmation of intent to registration, preservation of records for dispute settlement, securement of a smooth communication path for resolving complaints, and delivery of announcements.
C. Service Improvement
ACU processes personal information for the purpose of development and specialization of new services, provision of services based on statistical attributes, delivery of information and provision of opportunities to participate in events, and statistics about service utilization.
The purpose of processing the personal information files registered and disclosed by ACU Pursuant to Article 32 or the Personal Information Protection Act is as follows.
Name of the personal information file Grounds for operation Purpose of Processing
User registration information file Consent from the user Membership registration and management, processing civil affairs, service improvement
Article 2 (Period of processing and retaining personal information)
ACU processes and retains personal information within the period of retaining and using personal information in accordance with the Personal Information Protection Act, or during the period of using/retaining personal information agreed upon when collecting personal information from the user.
The period of processing and retaining personal information shall be as follows:
Name of the personal information file Grounds for operation Retention period
User registration information file Consent from the user Three years or until the withdrawal of the member from ACU
However, if the reason falls under the following grounds, the information may be retained and read until the relevant reasons exist.
A. For certificate issuance service
- Reason for retention: reissue a certificate upon request for re-issuance of a certificate
- Retention period: until the withdrawal of the member from ACU
- Expected period of viewing: from time to time (upon request for re-issuance of a certificate)
B. Reasons for retaining the information and retention period pursuant to the provisions of related laws and regulations
- Record on consumer complaints or dispute resolution: three years (Article 6 of the Act on Consumer Protection in Electronic Commerce, etc and Article 6 of the Enforcement Decree of the Act)
- Record on access: Three months (Article 15 (2) of the Protection of Communications Secrets Act and Article 41 of the Enforcement Decree of the Act)
ACU uses the personal information of the users within the scope of the notice and does not use the personal information of the user beyond the announced range without the prior consent of the user or disclose the personal information of the user to external parties, except for the following cases.
A. where the users have given a prior consent to ACU; and
B. where it is necessary to retain the information pursuant to the provisions of related laws and regulations, or where there is a request from an investigation agency for the purpose of investigation of a crime or prosecution in accordance with procedures and methods as defined in laws and regulations.
Article 3 (User’s rights and duties, and methods of exercise of rights)
The subject of information, or the user who provides personal information, can exercise the following rights related to the protection of personal information at any time:
A. Request for personal information.
B. Request for correction of errors, etc. if any.
C. Request for deletion.
D. Request for suspension of the processing.
The exercise of rights under Paragraph 1 may be made in writing, e-mail, etc. as provided by the Annex 8 of the Enforcement Ordinance of the Personal Information Protection Act. and ACU will respond to the request immediately.
If the user requests for correction or deletion of his/her personal information, ACU will not use or provide his/her personal information until such correction or deletion is completed.
The exercise of rights pursuant to Paragraph 1 above may be made through the legal representative of the information entity or an agent delegated to it. In this case, the user shall submit a power of attorney according to Annex 11 of the Enforcement Ordinance of the Personal Information Protection Act.
The request for suspending the viewing and processing of personal information may limit the user’s rights in accordance with Article 35(5) and Article 37(2) of the Personal Information Protection Act.
For correction and deletion of personal information, if other Acts stipulate the particular personal information be collected, the user shall not request for deletion thereof.
Upon request for viewing, correction, deletion or suspension of the processing of personal information in accordance with the user’s rights, ACU shall verify the identity of the user or the user’s legal representative.
* [Annex 8. Enforcement Ordinance of the Personal Information Protection Act] Request for viewing, correction, deletion and suspension of the processing of personal information
* [Annex 11. Enforcement Ordinance of the Personal Information Protection Act] Power of Attorney
Article 4 (Items of personal information processed)
ACU processes the following personal information items:
Name of the personal information file Category Retention period
User registration information file Required User ID, password, name, English name, e-mail, student ID, country, university,local standard time
Optional telephone number, major of study,profile photo
During the course of using the Internet service, the following personal information items can be automatically generated and collected.
· IP address, Cookies, service use records, Web access records, etc
The user may refuse the collection of his/her personal information for the ACU membership registration and management. However,
A. Since the required items in Article 4(1) are the minimum information necessary for using the ACU, member registration may limited if the user refuses the collection of the information.
B. Cookie is a temporary file that is created automatically when you access a website and contains information about you. You have the option of installing and collecting cookies and may refuse collection. However, if you refuse to store cookies, you will have difficulty in providing services that require login.
* How to block Cookies
[Chrome]
· Go to the top right icon of the Web browser (Customized and Control Google Chrome button) > click Settings > Show advanced settings > Content setting button in the “Privacy” section > choose “Do not allow” in the “Cookies” section
[Internet Explorer]
· Go to Tools menu at the top of the Web browser > Internet options > “Privacy” tab > click the “Advanced” button
Article 5 (Procedures and methods of deleting personal information)
ACU, in principle, shall delete personal information without delay if its purpose of processing the personal information is achieved. However, this does not apply to the personal information that needs to be preserved in accordance with other Acts. The procedures, terms, and methods of deleting personal information are as follows:
A. Procedures
Any personal information and personal information files that are unnecessary to follow destruction procedures are handled by privacy officer or staff under his/her responsibility in accordance with the internal policy procedures as follows:
- Deletion of personal information.
Personal information whose retention period has expired will be deleted without delay from the expiry date.
- Destruction of personal information files
If a personal information file becomes unnecessary due to the attainment of the purpose of processing the personal information file, abolition of relevant services, and termination of business, the personal information file shall be destroyed without delay from the date when the processing of personal information is recognized as unnecessary.
B. Methods
- Electronic forms of information shall be deleted/destroyed by using technical methods that make it impossible to reproduce records.
- Paper-printed personal information shall be shredded or incinerated.
Article 6 (Measures to ensure the safety of personal information)
ACU, pursuant to Article 29 of the Personal Information Protection Act, takes technical, administrative, and physical measures necessary for securing safety as follows:
A. Establishment and implementation of internal management guidelines ACU establishes and implements its internal management guidelines in compliance with the internal management guidelines of the Korea Education and Research Information Service (KERIS).
B. Designation and minimization of the number of privacy officers ACU has designated and minimized the number of privacy officers, or persons who take charge of handling personal information, and implemented measures to manage personal information.
C. Restricted access to personal information ACU takes necessary measures to control access to personal information through granting, modifying, and terminating rights to gain access to the database system that processes personal information. ACU also controls unauthorized access from outside using an intrusion prevention system.
D. Storage of access records and prevention of forgery ACU stores and manages access records (Web logs, summary information, etc.) in the personal information processing system for at least six months. ACU also takes security measures to prevent forgery, theft, or loss of the access records.
E. Encryption of personal information The user’s personal information is encrypted to be stored and managed. ACU also implements separate security measures for important data through encryption when storing or transferring them.
F. Technical measures to prevent hacking, etc. ACU installs computer security programs and periodically updates and monitors the programs to protect personal information from leakage and damage caused by hacking or computer virus. ACU installs the personal information system in an area where access from outside is restricted and implements technical and physical surveillance of and shutting off access from outside. In addition, ACU monitors network traffic and detects illegal attempts to change information.
G. Access control to unauthorized persons ACU separately sets up physical storage of personal information system, and establishes and operates access control procedures accordingly.
Article 7 (Privacy officer)
ACU has designated the following privacy officers in order to protect personal information and to resolve complaints related to personal information pursuant to Article 31 Paragraph 1 of the Personal Information Protection Act.
KERIS privacy officer ACU Privacy officer
Doo Young Lee Hae Young Han Sang Woo Kim

Education Information Security Division Head

- Email: privacy@keris.or.kr
- Tel: 82-53-714-0248
- Fax: 82-53-714-0196

Academic Information Division Head

- Email: hyhan@keris.or.kr
- Tel: 82-53-714-0374
- Fax: 82-53-714-0194

Academic Information Division Higher Education Information Section (ACU Secretariat) / Researcher

- Email: swkim@keris.or.kr
- Tel: 82-53-714-0311
- Fax: 82-53-714-0194

Article 8 (Request for viewing personal information)
Users may request for viewing their personal information to the personal information protection department pursuant to Article 35 of the Personal Information Protection Act. ACU will endeavor to promptly process the request for viewing personal information from users.
In addition to the Department of Paragraph 1, users may also request for viewing their personal information through the website (www.privacy.go.kr) of the Privacy Information Protection Portal of the Ministry of the Interior.
* Privacy Information Protection Portal of the Ministry of the Interior → Civil affairs on personal information → Request for viewing personal information (Authentication of real name is required through public I-pin service.)
Article 9 (Remedies for infringement on rights and interests)
Users may inquire of the following organizations about remedies, consultation, etc. for damage from infringement on their personal information. As the following organizations are independent of ACU, please inquire of the organizations for further help if you are not satisfied with ACU’s resolution of complaints about personal information or with the outcomes of remedies for damage.
A. Personal Information Infringement Report Center (run by the Korea Internet &Security Agency)
- Job description : Report infringement on personal information, request for consultation
- Website : http://privacy.kisa.or.kr
- Tel : 118 (without area code)
- Address : (05717) 135 Jungdaero, Sonpa-gu, Seoul, Korea, Personal Information Infringement Report Center, the

Korea Internet &Security Agency

B. Personal Information Dispute Resolution Committee (run by the Korea Internet &Security Agency)
- Job description : personal information dispute settlement application, collective dispute resolution (civil resolution)
- Website : http://privacy.kisa.or.kr
- Tel : 118 (without area code)
- Address : (05717) 135 Jungdaero, Sonpa-gu Seoul, Korea, Personal Information Infringement Report Center, the

Korea Internet &Security Agency

C. Cybercrime Investigation Department: 82-2-3480-3571 (www.spo.go.kr, cybercid@spo.go.kr)
D. Cyber Terror Response Center: 1566-0112 (www.netan.go.kr)
Also, any person can request administrative judgment in accordance with the Administrative Appeals Act for any infringement on his/her rights and interests caused by the request from the user for viewing, correction, deletion or suspension of processing personal information.
* Please refer to the telephone numbers on the Central Administrative Appeals Commission's website (www.simpan.go.kr).
Announced date: March 23, 2017.
Effective date: March 30, 2017.