Privacy Policy

Dunia (“Dunia,” “we,” or “our”) discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act of Korea to protect the personal information of users of our website services (“Services”) and to handle related inquiries and complaints promptly and smoothly.

This Privacy Policy may be revised to improve our Services or to reflect changes in applicable laws and regulations.

Article 1 (Purpose of Processing Personal Information)

1) Membership Registration and Management

Dunia processes personal information for the following purposes:

Verification of membership intent
Identification and authentication for membership-based services
Maintaining and managing member qualifications
Identity verification under the limited identification system
Preventing fraudulent or unauthorized use of Services
Verifying legal guardian consent for users under the age of 14
Providing notices and announcements

2) Handling Inquiries and Complaints

Personal information is processed for identifying the complainant, confirming complaint details, communicating for fact-finding, and notifying results.

Article 2 (Processing and Retention Period of Personal Information)

Dunia processes and retains personal information within the period agreed upon by the user or as required by law.
The processing and retention periods for each category are as follows:

1) Membership Registration and Management

Items retained: Name, date of birth, service usage records
Legal basis: Preventing confusion in member service management
Retention period: Until membership withdrawal

2) Information Retained Under Relevant Laws

Items retained: Name, login ID, date of birth, bank account information, payment records
Legal basis: Act on Consumer Protection in Electronic Commerce
Retention period:
- Records related to contracts or withdrawal of subscription: 5 years
- Records of payment and supply of goods/services: 5 years
- Records of consumer complaints or dispute resolution: 3 years
- Records of identity verification: 6 months (under the Act on Promotion of Information and Communications Network Utilization)

Article 3 (Provision of Personal Information to Third Parties)

Dunia processes personal information only within the scope specified in Article 1 and provides it to third parties only when the user consents or when permitted under Articles 17 and 18 of the Personal Information Protection Act.
Dunia provides personal information to the following third parties:

1) Outsourcing for Member Services

Recipient: Human Software Co., Ltd.
Purpose: Member database management, donation payment processing, SMS/email notifications
Items provided: Member information and donation payment information
Retention period: Until donation is discontinued

2) Payment Processing for Donation Approval and Settlement

Recipient: Korea Financial Telecommunications and Clearings Institute (KFTC)
Purpose: Donation approval and settlement
Items provided: Member information and donation payment information
Retention period: Until donation is discontinued

Article 4 (Rights of Data Subjects and How to Exercise Them)

Users have the right to refuse consent to personal information collection and may exercise the following rights at any time:
- Request access to personal information
- Request correction of errors
- Request deletion
- Request suspension of processing
Requests may be submitted to Dunia in writing, via email, or fax using the form provided in Annex Form No. 8 of the Enforcement Rules of the Personal Information Protection Act. Dunia will process such requests without delay.
When a user requests correction or deletion, Dunia will not use or provide the relevant information until the correction or deletion is completed.
Rights may be exercised through the user’s legal representative or an authorized agent. In such cases, a power of attorney must be submitted in accordance with Annex Form No. 11 of the Enforcement Rules.

Article 5 (Items of Personal Information Collected and Processed)

Dunia collects and processes the following personal information:

1) Membership Registration and Management

Required items: Name, ID, password, email, date of birth
Optional items: Phone number, address

2) Automatically Collected Information

During service use, the following information may be automatically generated and collected: IP address, cookies, MAC address, service usage records, visit logs, records of improper use

3) Donation Information

Required items: Account holder name, account holder ID number, bank name, account number, donation amount, withdrawal cycle, withdrawal date

Article 6 (Destruction of Personal Information)

Dunia destroys personal information without delay when the retention period has expired or when the processing purpose has been fulfilled.
If personal information must continue to be retained under other laws despite the expiration of the retention period, such information will be stored separately in a different database or physical location.
The destruction procedures and methods are as follows:

Destruction Procedure

Dunia identifies personal information subject to destruction, obtains approval from the Privacy Officer, and proceeds with destruction.

Destruction Method

Electronic files are permanently deleted to prevent recovery.
Paper documents are shredded or incinerated.

Article 7 (Safeguards for the Protection of Personal Information)

Dunia implements the following measures to ensure the security of personal information:

Administrative measures: Establishment and implementation of internal management plans, periodic employee training
Technical measures: Access control for personal information systems, installation of access control systems, encryption of unique identifiers, installation of security programs
Physical measures: Access restrictions to server rooms and data storage facilities

Article 8 (Personal Information Protection Officer)

Dunia designates the following Privacy Officer to oversee personal information processing and handle inquiries and complaints:

Privacy Officer

Name: Seulgi Lee
Position: Journalist, Dunia
Phone: +82-10-6309-0097
Email: contact@thedunia.org

Users may contact the Privacy Officer or the relevant department regarding any personal information inquiries, complaints, or requests for relief. Dunia will respond promptly.

Article 9 (Request for Access to Personal Information)

Users may request access to their personal information under Article 35 of the Personal Information Protection Act through the department below:

Department in Charge of Access Requests

Department: Editorial Team
Phone: +82-10-6309-0097
Email: contact@thedunia.org

Article 10 (Remedies for Rights Violations)

Users may contact the following independent agencies for assistance, consultation, or dispute resolution related to personal information infringement. These agencies operate separately from Dunia.

▶ Personal Information Protection Portal (Ministry of the Interior and Safety)

Services: Reporting and consultation regarding personal information violations, information resources
Website: http://www.privacy.go.kr
Phone: +82-2-2100-3394

▶ Personal Information Infringement Report Center (Korea Internet & Security Agency, KISA)

Services: Reporting and consultation
Website: https://privacy.kisa.or.kr
Phone: (No area code) 118
Address: 135 Jungdae-ro, Songpa-gu, Seoul, Korea (KISA Personal Information Infringement Center)

▶ Personal Information Dispute Mediation Committee (KISA)

Services: Mediation of personal information disputes, collective dispute resolution
Website: https://privacy.kisa.or.kr
Phone: (No area code) 118
Address: 135 Jungdae-ro, Songpa-gu, Seoul, Korea (KISA Personal Information Infringement Center)

▶ Cyber Bureau, National Police Agency

Services: Criminal complaints or inquiries related to personal information infringement
Website: http://www.netan.go.kr
Phone: +82-2-393-9112 / +82-1566-0112

[Supplementary Provision]

This Privacy Policy is effective as of November 10, 2023.