1. Purpose of processing personal information

[ I-DEMIRE website ] ('idemire.kr/' or 'I-DEMIRE') processes personal information for the following purposes and does not use it for any purpose other than the following purposes.
- Confirmation of intention to join membership, authentication of identity according to service provision to members, maintenance of membership, payment of money based on supply of goods or services, delivery of supplies or services, etc.

2. Processing and retention period of personal information

① When collecting personal information from an information subject, the Korean Geoscience Association processes and retains personal information within the agreed period of personal information retention and utilization or the period of personal information retention and use under statutes.
② Specific personal information processing and retention periods are as follows.
- Membership and management : Until the termination of a service contract or membership,
- Service-related supply records, such as contracts, withdrawal of subscriptions, payment and usage details in e-commerce : 5 years

3. The rights and duties of the information subject and the legal representative and the method of their exercise

The information subject may exercise the following rights to personal information protection at any time on the 'Korea Geoscience Association website'.
① Requesting personal information access
② Request correction if there is an error, etc.
③ deletion request
④ processing stop demand

4. Creating items for processing personal information

'I-DEMIRE' handles the following personal information items.
① Providing education-related services
- Required items: e-mail, mobile phone number, home address, loginID, gender, date of birth, name, position, department, company name
② handling of civil complaints
- Required items: e-mail, mobile phone number, home address, loginID, gender, date of birth, name, position, department, company name, connection log, access IP information

5. destruction of personal information

In principle, I-DEMIRE destroys personal information without delay if the purpose of personal information processing is achieved. Procedure, deadline, and method for revocation are as follows.
① Destruction Procedure
The information entered by the user is transferred to a separate DB after achieving the purpose (in case of paper, separate documents) and destroyed immediately after being stored for a certain period of time in accordance with the internal policy and other related statutes. At this time, personal information transferred to DB is not used for any purpose other than by law.
② Destruction Deadline
The user's personal information shall be destroyed within five days from the end of the retention period, or within five days from the date the personal information is deemed unnecessary, such as achieving the purpose of processing personal information, abolishing the relevant service, or terminating the project.

6. Matters concerning the installation, operation, and rejection of personal information collection devices;

①'I-DEMIRE' uses 'cookie' that stores and imports information from time to time to provide personalized service.
② Cookies are small amounts of information sent by the server (http) used to run the website to the user's computer browser and are sometimes stored on the hard disk inside the user's PC computer.
A. Purpose of Cookie: It is used to provide optimized information to users by identifying their visits and usage patterns, popular search terms, security access, etc. for each service and website they visit.
B. Install, Operate, and Deny Cookies: You can refuse to save cookies using Tools at the top of your web browser>Internet Options 옵션Options settings on the Privacy menu. (c) Refusing to save cookies may cause difficulties in using customized services.

7. Preparation of the Personal Information Protection Officer

① 'I-DEMIRE' is responsible for handling personal information, and the person in charge of personal information protection is designated as follows for handling complaints and damage relief of information subjects related to personal information processing.

▶ Personal Information Protection Officer
Name: Yoon Jeung Hyun I Position: Representative I Contact: Tel 82-2-3443-1232, E-mail demire@naver.com

▶ Department in charge of personal information protection
Department name: Medsoft
Contact: Son Soo Dong I: TEL 1600-4605, E-mail sdson@medsoft.co.kr

② The information subject may contact the Personal Information Protection Officer and the department in charge of all personal information protection inquiries, complaints handling, and damage relief that occurred while using the service (or business) of 'I-DEMIRE'. The Korea Geoscience Association website will answer and process inquiries from information subjects without delay.

8. Change of personal information processing policy

This personal information processing policy is applied from the enforcement date, and if there is any addition, deletion, or correction of changes in accordance with statutes or policies, it will be notified 7 days prior to the implementation of the changes.

9. Measures to secure personal information safety

In accordance with Article 29 of the Personal Information Protection Act, I-DEMIRE takes technical, administrative and physical measures necessary to secure safety as follows:

① Conduct regular self-audit
To secure stability related to personal information handling, we conduct self-audit on a regular basis (once a quarter).

② Minimize and train personal information handling staff
We are implementing measures to manage personal information by designating employees who handle personal information and minimizing them only to those in charge.

③ Encryption of personal information
The user's personal information is stored and managed by encryption. Only the user can know the password. Important data uses separate security functions such as encrypting files and transmission data or using file lock function.

④ Storage of access records and prevention of forgery and alteration
We keep and manage records of access to the personal information processing system for at least six months and use security functions to prevent forgery, theft or loss of access records.

⑤ Restricting access to personal information
We take necessary measures to control access to personal information through granting, changing, and revoking access to the database system that processes personal information, and using the intrusion prevention system, we control unauthorized access from outside.

⑥ access control to unauthorized persons
We have a separate physical storage area for personal information and establish and operate access control procedures.