Skip Navigation

Apply

Please select the system you are applying for
Please enter the required information
※ It is used for sending text messages.
Attach the application form file
* Files can be downloaded from each service application page
Please agree to the terms and conditions.
Article 1 (Purpose of Handling Personal Information)

Fintech Center Korea (hereinafter referred to as the “Center”) processes personal information to the minimum extent possible for the following purposes (note that the personal information handled by the Center is not used for any other purposes aside from the prescribed, and if there are any changes to the purposes of use, the necessary measures such as obtaining consent are taken in accordance with Article 18 of the Personal Information Protection Act)

  1. 1. For financial regulatory sandbox application and management processes (accepting the related application form, providing information on the consulting services, compiling statistics, providing support, etc.)
  2. 2. For providing user reviews of financial services
  3. 3. For receiving and answering inquiries.
Article 2 (Personal Information Handling and Retention Periods)

Personal information of users is destroyed without delay as soon as the purpose of collection and use of the personal information in question has been achieved, in principle.

Article 3 (Providing Personal Information to a Third Party)

The Center handles the personal information provided by users within the scope specified with respect to the purpose of use and collection of personal information, in principle, and does not provide it to a third party or handles the information beyond the original scope intended, without obtaining prior consent from the information provider, except for the following cases, provided that subparagraphs 5 to 9 apply to public agencies only

  1. 1. Consent is obtained from the information provider;
  2. 2. It is required by special legal provisions;
  3. 3. Prior consent from the information provider or his/her legal representative cannot be obtained because he/she is incompetent, his/her address is unknown, etc. and providing the information to a third party, etc. is clearly necessary to benefit the information provider or a third party in terms of life, physical condition, and properties
  4. 4. It is necessary for the purpose of statistical compilation, academic research, etc. and the information is provided in such a way that makes it impossible to identify the individual it pertains to
  5. 5. A case in which the duties prescribed by a law, etc. cannot be executed unless the personal information is provided to a third party or used for purposes other than the specified and such has been deliberated on and approved by the Information Protection Commission
  6. 6. It is necessary in order to provide the personal information to a foreign government or an international organization to fulfill a treaty or any other international agreement
  7. 7. It is necessary in order to initiate and continue a criminal investigation and prosecution
  8. 8. It is necessary in order for the court to carry out a trial
  9. 9. It is necessary in order to execute a sentence or a care and custody or protective disposition
Article 4 (Contracting of Personal Information Handling Service)
  1. ① The Center has contracted out the personal information handling service as follows to ensure that it occurs seamlessly:
    • Contractor (service provider): HNINE
    • - Contracted services: System development, maintenance, and repair
    • - Contract period: 1 year
    • - Contact: 02-521-0518
    • - Hours of operation: 09:00 ~ 18:00
  2. ② When a service contract is concluded, the matters concerning prohibition of handling of personal information for purpose other than the prescribed, technical and administrative protection measures, restrictions against subcontracting, supervision and management of the contractor, liability for compensation, etc. are specified in the contract or related documents, in accordance with Article 26 of the Personal Information Protection Act, and the contractor is supervised to monitor whether the personal information in question is being handled in a safe and secure manner.
  3. ③ In case of any changes to the details of the contracted service or a change of contractor, the information is disclosed via the Privacy Policy.
Article 5 (Rights and Obligations of Information Providers and How to Exercise the Rights)
  1. ① Information providers (referring to legal representatives for those under the age of 14) may exercise the following rights with respect to their personal information:
    • View their personal information
    • - Rectify any errors, etc.
    • - Request deletion
    • - Request cessation of handling.
  2. ② Information providers may exercise the rights referred to in Paragraph 1 by providing the required information prescribed in Form No. 8 of the Enforcement Rule of the Personal Information Protection Act in writing or by email, fax, etc. to the Center, and the Center will accede to the request without dely.
  3. ③ If an information provider requests rectification of an error, etc. in his/her personal information or deletion thereof, the Center will not use or provide the said personal information until the rectification or deletion is complete.
  4. ④ Information providers can exercise the rights referred to in Paragraph 1 via a legal representative or any other representative such as a person who has been given the power of attorney. In such cases, a letter of power of attorney drafted in accordance with Form No. 11 of the Enforcement Rule of the Personal Information Protection Act must be submitted.
  5. ⑤ As for the request to view one’s personal information or to cease handling thereof, the rights of the information provider may be limited in accordance with Article 35 (4) and Article 37 (2) of the Personal Information Protection Act. ⑥ With respect to the request correct or delete one’s personal information, the request for deletion will be denied if the personal information is prescribed as information required for collection by another statute.
  6. ⑥ With respect to the request correct or delete one’s personal information, the request for deletion will be denied if the personal information is prescribed as information required for collection by another statute.
  7. ⑦ Where there is a request to view, correct, or delete one’s personal information or to cease handling thereof, the Center will check whether the applicant is the information provider him/herself or a legitimate representative.
Article 6 (Personal Information Items Subject to Handling)

The personal information items handled by the Center are as follows:

  • - Required information
    Name (corporate name), resident registration number (foreigner registration number, corporate registration number, business registration number (if the information provider is a corporate)), address, email address, phone number, academic background, career background, qualifications, job position, and business area
    - Optional information
    Date of busines opening, members of the organization, service, technology, and product descriptions, business model, commercialization plan and execution, and expected results
Article 7 (Destruction of Personal Information)

The Center, in principle, destroys the personal information if its retention period has elapsed or the purpose of handling the said information has been achieved, provided that this may not be the case if retention thereof is required by law. The destruction procedure, period and method are as follows:

  1. 1. Destruction Procedure

    The information entered by a user will be destroyed when the relevant objective is attained after it is retained for a certain period of time prescribed by the internal policy of the Center or any other relevant statutes. In such cases, the personal information transferred to the database will not be used for any purposes other than what is prescribed by the relevant statutes.

    Destruction of personal information
    Personal information will be destroyed without delay on the end date of the retention period.
    - Destruction of the personal information file
    When the personal information file is no longer needed, as the purpose of handling thereof has been achieved, the service concerned has been discontinued, or the business has been closed down, etc., it will be destroyed without delay on the date on which it is deemed that the handling of the personal information in question is unnecessary.
  2. 2. Destruction Method

    Digital personal information is destroyed using a permanent means that renders it impossible to restore or regenerate the information digitally. Personal information printed on paper is destroyed by shredding or incineration.

Article 8 (Technical and Administrative Protection Measures for Personal Information)
  1. ① The Center ensures safety and security of the personal information of users by applying the following technical and administrative measures in order to prevent loss, theft, leakage, tampering, or damage:
    • The Center is dedicated to preventing leakage and damage of the personal information of its members that may potentially be caused by hacking, computer virus, etc.
    • The staff who can handle personal information at the Center is limited to the person(s) in charge of handling personal information, and a password is assigned and updated regularly. The person(s) in charge are trained frequently to be reminded of the need to comply with the Privacy Policy.
  2. ② The Center is not liable for any damages or losses occurring, despite the Center’s fulfillment of its duty to protect personal information, as a result of user negligence, an incident occurring in an area not under the control of the Center, or any other causes that are not attributable to the Center.
Article 9 (Matters Concerning Installation and Operation of Automatic Personal Information Collection Device and Refusal to Consent)

The Center has not inserted a login function on the Financial Regulatory Sandbox website and thus does not operate a device that automatically collects personal information and information on the use of the website.

Article 10 (Personal Information Protection Officer)
1. Personal Information Protection Officer: Chairman of Fintech Center Korea
2. Department in charge of personal information protection: Management Planning Office, Fintech Center Korea (02-6375-1550)
Article 1 (Request to View Personal Information)
  1. 1. Those who have provided their personal information may submit a request to view their personal information, in accordance with Article 35 of the Personal Information Protection Act, to the following department. The Management Planning Office of Fintech Center Korea will do its best to promptly process such requests.
    - Department in charge: Management Planning Office, Fintech Center Korea (02-6375-1550)
  2. 2. Those who have provided their personal information may submit a request to view their personal information via the Personal Information Protection Support Portal (www.privacy.go.kr) of the Ministry of the Interior and Safety, other than the department in charge of receiving and handling requests to view personal information specified in Paragraph 1.
    - Personal Information Protection Support Portal of the Ministry of the Interior and Safety → Personal Information Service → Request to view personal information, etc. (authentication needed)
Article 12 (How to Seek Remedy for Infringement of Rights and Interests)

As a way to seek remedy for damages caused by personal information infringement, Those who have provided their personal information may contact the Personal Information Dispute Mediation Committee, Personal Information Infringement Report Center operating under the Korea Internet & Security Agency, etc. for a resolution of disputes, consultation, etc.

  • - Information Dispute Mediation Committee : 1833-6972 (www.kopico.go.kr)
  • - Personal Information Infringement Report Center : (no area code) 118 (privacy.kisa.or.kr)
  • - Cyber Investigation Division of the Supreme Prosecutors' Office : (no area code) 1301, (www.spo.go.kr)
  • - Cyber Bureau of the National Policy Agency : (no area code) 182 (cyberbureau.police.go.kr)
Article 13 (Revision of the Privacy Policy)

This Privacy Policy shall become applicable starting on July 1, 2020.