• go rss
상단검색

Date   :

~

Sort   :

Privacy Statement

All private information handled by KOTRA is collected, retained and managed in compliance with relevant acts or with the consent of the subject of information.

The Personal Information Protection Act prescribes matters concerning the management of personal information. KOTRA shall treat the collected and retained information in compliance with the Act in a legal and appropriate manner in order to conduct public affairs properly and to protect the rights and interests of all citizens.

Websites operated by KOTRA are as follows (hereinafter referred to as the KOTRA websites). All KOTRA websites will be subject to the privacy policy unless otherwise stated.

1. Purpose of Collection and Use of Personal Information

① KOTRA collects the minimum personal information to provide services, handle complaints and manage business affairs.

② Personal information collected by KOTRA will be used on customer satisfaction evaluation and statistical analyses to provide better services and secure communication route for customers.

2. Period of Maintaining Collected Personal Information

① You need to register on the Invest KOREA website if you want to post any content on the website or receive periodic newsletters. Invest KOREA collects the following personal information upon approval by its members.


  • Essential Items to be entered : ID, password, name(Korean or English), business, company name, title, address, country, ZIP code, telephone number, e-mail address
  • Optional items to be entered : Fax number

② Personal information collected when registering on the KOTRA website shall be retained until a member deletes his/her account. However, such information can be retained after the member deleted his/her account in compliance with relevant laws. Personal information collected by KOTRA by other means shall be treated and retained for a certain period of time that is determined separately.

3. Provision of Personal Information to Third Parties

In principle, KOTRA treats an individual’s personal information as provided by its personal information protection policy, and shall neither use such information beyond the scope nor provide such information to any third person.


  • Where KOTRA has obtained the consent of a subject of information Where special provisions exist in any other Act
  • Where it is deemed obviously necessary for physical safety and property interests of a subject of information or a third person when the subject of information or his/her legal representative cannot give prior consent as he/she is unable to express his/her intention or by reason of his/her unidentified address, etc.
  • Where personal information is necessary for compiling statistics, or scientific research purposes, etc., and the personal information is provided in a form by which a specific individual cannot be identified
  • Where using personal information for any purpose other than the intended purpose or a failure to provide a third person with such information makes it impossible to perform affairs provided for in any other Act, and this has undergone deliberation and resolution by the Protection Committee
  • Where it is necessary for providing a foreign government or international organization with personal information in order to implement a treaty or any other international agreement
  • Where it is necessary for investigating a crime, and instituting and sustaining a public prosecution
  • Where it is necessary for a court to perform its judicial affairs
  • Where it is necessary for executing a punishment, care and custody or protective disposition

4. Entrustment of Personal Information Management

① A subject of information has the following rights in connection with the management of his/her personal information.

  • A right to request an inspection of his/her personal information: A subject of information may request an inspection of his/her personal information in compliance with Article 35 of the Personal Information Protection Act. However, in any of the following cases, such request can be rejected as provided by Acts.
  • 1) Where an inspection is prohibited or restricted by Acts
  • 2) Where it is apprehended that any third person’s life and body may be harmed, or any third person’s property and other interests may be infringed on
  • 3) Where a public institution causes any inconvenience while carrying out any of the following affairs;
    • (i) Affairs concerning the imposition, collection or refund of taxes
    • (ii) Affairs concerning tests of academic ability, functions and employment, and qualification evaluation
    • (iii) Affairs concerning an assessment or decision in progress in connection with the calculation, etc. of compensation or benefits
    • (iv) Affairs concerning an audit and an investigation in progress under other Acts.

  • Correction or deletion of personal information: A subject of information may request to correct or delete his/her personal information in compliance with Article 36 of the Personal Information Protection Act. However, if other Acts stipulates the particular personal information be collected, the subject of information shall not request the deletion thereof.

  • Suspension from managing personal information: A subject of information may request to suspend managing his/her personal information in compliance with Act 37 of the Personal Information Protection Act. However, such request can be rejected in compliance with Article 37 (2) of the Personal Information Protection Act.
  • 1) Where there exists special provisions in any Act or it is inevitable to comply with statutory obligations
  • 2) Where it is apprehended that any third person’s life and body may be harmed, or any third person’s property and other interests may be infringed on
  • 3) Where a public institution is unable to carry out its affairs stipulated by or under other Acts unless it manages the personal information
  • 4) Where it is impractical to perform a contract, such as a failure to provide a subject of information with stipulated services unless the personal information manager manages the personal information, and the subject of information fails to clearly express his/her intention to terminate the contract

  • Methods and Procedures of Inspection, Correction, Deletion and Suspension of Personal Information Management
  • 1) Procedures of inspection, correction, deletion and suspension of the personal information are as follows :
  • Search of personal information file list
    • Request for personal information inspection
    • Confirmation of the subject of information and scope of his/her right of personal information inspection
    • Confirmation of restrictions on the right of personal information inspection
      • Notification of decision on personal information inspection (approval/limitation/ postponement)
      • Notification of decision on personal information inspection (refusal)
        • Inspection
  • Request for correction, deletion, suspension of managing the personal information
  • Confirmation of the subject of information and scope of his/her rights of correction, deletion, suspension of managing the personal information
  • Confirmation of restriction on the rights of correction, deletion, suspension of managing the personal information
    • Notification of decision on correction, deletion, suspension of managing the personal information (approval/limitation/ postponement)
    • Notification of restriction on correction, deletion, suspension of managing the personal information (refusal, matters related to other Act, etc.)
  • 2) Methods of exercising rights: A subject of information can apply for inspection, correction, deletion and suspension of his/her personal information on the Privacy Information Protectio n Portal (www.privacy.go.kr)

☞ A subject of information can inspect his/her personal information by carrying out the following procedures: ▷ Access the Privacy Information Protection Portal (www.privacy.go.kr) ▷ Click on Personal Information Affairs ▷ Click on Request for Inspecting the Personal Information ▷ Type “Korea Trade-Investment Promotion Agency” in the personal information file.

② A subject of information may exercise his/her rights in accordance with Article 38 (1) of the Personal Information Protection Act by submitting the document as provided by Annex 8 of the Enforcement Ordinance of the Personal Information Protection Act via mail, e-mail or fax, and KOTRA shall respond to the request without delay.


③ If a subject of information request to correct or delete his/her personal information, KOTRA shall not use or provide the personal information of the subject of information until such correction or deletion is completed.


④ A subject of information may present his/her legal representative or agent to exercise his/her rights as provided by Article 38 (1) of the Personal Information Protection Act. In such case, the subject of information is required to submit the power of attorney as provided by Annex 11 of the Enforcement Ordinance of the Personal Information Protection Act.


5. Destruction of Personal Information

KOTRA shall delete the personal information without delay if its holding period expires and its management purpose is achieved. Methods of destructing the personal information are as follows.


1. Procedure: After its management purpose is achieved, the personal information shall be destroyed without delay or be transferred and preserved for a specific period of time before it is destroyed pursuant to any other Act or subordinate statute.


2. Term and methods: When personal information becomes unnecessary as its holding period expires, its management purpose is achieved and by any other ground, such personal information shall be destroyed without delay. Electronic data shall be destroyed by using technical methods to make it impossible to restore such data. Paper documents that contain the personal information shall be shredded or incinerated.

6. Measures to Secure Safety of Personal Information

KOTRA implements the following technical, managerial and physical measures to secure the safety of the personal information in compliance with Article 29 of the Personal Information Protection Act.



1. Minimum Number of Personal Information Management Personnel and Training

KOTRA shall authorize the minimum number of personnel to manage the personal information and provide training and education for such personnel to manage the personal information with care.


2. Restricted Access to Personal Information

KOTRA shall implement necessary measures such as empowerment, change and cancellation of access authorities to the personal information data systems in order to strictly restrict access to such personal information. KOTRA shall also operate firewall systems to deny any unauthorized external access.


3. Access Records Management

KOTRA shall store access records to the personal information data system (weblog data, summarized information, etc.) for at least six months.


4. Personal Information Data Encryption

KOTRA shall take measures, such as encryption, etc. which are necessary for securing safety of the personal information. For the data of importance, KOTRA implements special security measures such as encrypted data transfer and storage.


5. Installation and periodic updates of computer security programs

KOTRA shall install and periodically update and inspect computer security programs in order to prevent the personal information from loss, theft, leakage, alternation or corruption.


6. Physical Access Control Against Unauthorized Personnel

KOTRA shall operate a separate physical storage facility for its personal information data systems, and set up and manage access control policies and procedures.


7. Establishment and Implement of Internal Control Plan

KOTRA shall establish and implement an internal control plan to secure safety of the personal information.

7. Remedies for Infringement on Rights and Interests

A subject of information may apply for dispute resolution or counselling service to the personal information dispute resolution committee and personal information infringement report center for any losses and damages occurred from infringement of the personal information.

Also, the subject of information reserves the right to demand administrative appeals for any infringement on rights and interests in accordance with the Administrative Appeals Act if the subject of information requests to inspect, correct, delete or suspend the management of the personal information and a public institution administer fails to appropriately respond or act to such request.


For further details about administrative appeals, please refer to the Anti-Corruption & Civil Rights Commission website (www.acrc.go.kr)

8. Report of Privacy Infringement and KOTRA Privacy Protection Officer

KOTRA has designated the following manager in charge of protecting personal information, in order to protect the rights and interests of all citizens and to conduct public affairs by securing the legality of personal information and appropriateness of procedures.


If there are any questions regarding KOTRA’s privacy policy you may contact us using the information below.

Report of Privacy Infringement and KOTRA Privacy Protection Officer
Invest KOREA Personal Information Manager Invest KOREA General Client Information Manager Invest KOREA General Client Information Administrator
  • Department in charge: Invest KOREA
  • Person in charge: Commissioner Han Ki-won
  • E-mail : kiwon.han@kotra.or.kr
  • Tel: 02-3460-7800
  • Fax: 02-3460-7940
  • Department in charge: Investment Planning Department
  • Person in charge: Director Chung Gwang-young
  • E-mail : gychung@kotra.or.kr
  • TEL : 02-3460-7510
  • FAX : 02-3460-7940
  • Department in charge : Investment Public Relations Team
  • Person in charge : Manager Lee Eun-sook
  • E-mail : cyan@kotra.or.kr
  • TEL : 02-3460-7519
  • FAX : 02-3460-7920

9. Amendment to Personal Information Protection Policy

The new personal information protection policy will go into effect March 27, 2014. The previous personal information protection policy can be found here.