Privacy Policy

All personal information collected, retained, and managed by Korea University Business School Startup Station (hereinafter referred to as ‘The Startup Station’) is done so pursuant to, and in full compliance with personal information protection rules of relevant Acts and subordinate statutes, such as the Personal Information Protection Act.


1. The Startup Station has implemented the management policy detailed below to protect personal information, rights and interests and effectively resolve complaints raised in connection with personal information pursuant to the Personal Information Protection Act.
2. The Startup Station, in particular, has set forth the Personal Information Management Policy specifically for theonline records database that manages personal information pursuant to Article 30, Paragraph (1) of the Personal Information Protection Act and Article 31, Paragraph (1) of its Enforcement Ordinance.
3. Whenever The Startup Station revises its Personal Information Management Policy, it shall make public the timing of implementation and the revised content via its online database (or a separate notice) to allow those who are the subject of information to reliably and conveniently verify it.


A. Purpose of Managing Personal Information, Management and Retention Period of Personal Information, and Items of Personal Information to be Managed

Go to Personal Information Protection General Support Portal (www.privacy.go.kr) → Personal information-related civil complaints- → Requests such as the inspection of personal information, etc. → Search the list of personal information files

▷ You can inquire after entering ” Korea University ” after entering the ” Korea University “.
– Personal Information File from the Startup Station : The Promoter Information

B. Provision of Personal Information to a Third Party

The Startup Station may manage personal information to fulfill the intended purpose of collection and use in principle andnot handle it beyond the intended purpose and not provide it to a third party without the prior consent of a subject of information except for any of the following cases.
1. Where the consent of a subject of information has been obtained
2. Where special provisions exist in any Act
3. Where it is deemed obviously necessary for the physical safety and property interests of a subject of information or a third party when the subject of information or his/her legal representative cannot give prior consent because he/she is unable to express his/her intention or by reason of his/her lack of current address, etc.
4. Where personal information is necessary for compiling statistics, or scientific research purposes, etc., and the personal information is provided in a form in which a specific individual cannot be identified
5. Where not using personal information for any purpose other than the intended purpose or a failure to provide a third person with such information makes it impossible to perform affairs provided for in any other Act, and this has undergone deliberation and resolution by the Personal Information Protection Committee
6. Where it is necessary to provide a foreign government or international organization with personal information in order to implement a treaty or any other international agreement
7. Where it is necessary to investigate a crime, and institute and sustain a public prosecution
8. Where it is necessary for a court to perform its judicial functions
9. Where it is necessary to execute a punishment, ensure care and custody or enforce protective disposition.

C. Matters Concerning Rights and Duties of a Subject of Information, and How to Exercise Them

A subject of any personal related information managed by The Startup Station may exercise the following rights and a legal guardian of a child under the age of 14 may request inspection, correction, deletion, and suspension of management of the child’s personal information.
1. Request for Inspection of Personal Information : A subject of information referred to above may requestinspection of his/her personal information in the personnel information files retained by The Startup Station pursuant to Article 35 of the Personal Information Protection Act (Inspection of Personal Information). However, the request for the inspection of personal information may be restricted pursuant to Article 35, Paragraph (5) of the Act.
2. Request for Correction/Deletion of Personal Information : A subject of information referred to above may request deletion/correction of his/her personal information in the personal information files retained by The University pursuant to Article 36 of the Personal Information Protection Act (Correction or Deletion of Personal Information), provided that if other Acts and subordinate statutes stipulate that the particular personal information be collected, the request shall not be granted.
3. Request for Suspension of Management of Personal Information : A subject of information referred to above may request the suspension of management of his/her personal information in the personal information files retained by The Startup Station pursuant to Article 37 of the Personal Information Protection Act (Suspension, etc. from Managing Personal Information). However, the request for the suspension of management of personal information may be rejected pursuant to Article 37, Paragraph (2) of the Act.

– if there is a special regulation to comply with the law or comply with the obligations of the law
– If there is concern about other people’s lives, or if they are concerned about other people’s property and other interests
– If a public institution fails to carry out any of the duties prescribed by other laws unless otherwise handled by the public.
– If the information of the contract fails to be disclosed, such as the inability to process the information and the contractual provisions of the

D.Destruction of Personal Information

When the purpose of personal information’s management has been achieved, The Startup Station, in principle, shall destroy the personal information without delay. Procedures for, timing of, and methods for destroying personal information are as follows.
1. Procedures of Destruction : After or as soon as the purpose of retaining personal information has been achieved, it shall be transferred to a separate storage unitand stored for a certain period of time and destroyed pursuant to internal policies and other Acts and subordinate statutes. The personal information transferredto the separate storing place shall not be used for other purposes except as stipulated in Acts.

2. Timing of and Methods for Destruction : When the retention of personal information becomes unnecessary uponits reaching the expiration date, either its management purpose is considered achieved or the relevant service is deemedabolished. Accordingly, the personal information shall be destroyed without delay. Information in the form of an electronic file shall be destroyed via technical methods so as to prevent its recycling. Printed or hardcopyversions of personal information shall be shredded or incinerated.

E. Measures to secure safety of personal information

1. Minimization of the Number of Staff ManagingPersonal Information and StaffTraining : The Startup Station designates and manages just the necessary number of staff who manages personal information and trains such staffers on safe management practices of personal information.
2. Access Restriction of Personal Information : The Startup Station takes necessary measures to control access to personal information by granting, revising, and eliminating access rights to the database system that manages personal information and also controls unauthorized access from external parties through the use of firewall systems.
3. Storage of Access Records : Access records to the Personal Information Management System shall be stored and managed for a minimum of 6 months.
4. Installation and Regular Inspection/Update of Security Programs : Security programs are installed and updated/inspected on a regular basis to prevent unauthorized outflow or alteration of personal information from hacking or computer viruses.
5. Access Control against Unauthorized Persons : The University operates the Personal Information System, which stores personal information at a physically separate storing place and establishes and runs access control procedures.
6. Encryption of Personal Information : Personal information is safely stored and managed via methods such as encryption. Additional security functions are also employed, such as, for example, encrypting important data during storage and transfer.

F. Resolution for Infringement on Rights and Interests

1. A person whose personal information-related rights or interests have been infringed upon may report the infringement to the Center for Reporting Personal Information Infringement Cases
※ The Center for Reporting Personal Information Infringement Cases:(without a telephone exchange number) 118 (extension number 2)
2. A person whose personal information-related rights or interests have been infringed upon by measures taken by the head of a public institution against a request by a subject of information for the inspection, correction/deletion, and the suspension of management of personal information may make an administrative appeal pursuant to the Administrative Appeals Act.
※ Refer to the information provided by the Central Administrative Appeals Commission (www.simpan.go.kr)

G. Personal Information Protection Managers

1. Personal Information Dean: Dean of KUBS
2. Personal Information Manager: Manager Min Hye Yeo of The Startup Station of KUBS
3. For questions, please contact: 02-3290-5360, kubsstartup@korea.ac.kr