Museum Kimchikan homepage
Connection waiting.
Connection is delayed due to high traffic.
Please wait a moment.

Privacy Policy

Pulmuone Co., Ltd. (hereinafter referred to as the "Company") complies with relevant laws and regulations, including the Personal Information Protection Act, to safeguard the personal information of users. Accordingly, the Company hereby establishes and discloses this Privacy Policy as follows.

[Key Processing of Personal Information]
Items Processed:

Items Processed:

Name, Contact Information, etc.

Privacy Support Team:

Privacy Support Team:

Email: museum@pulmuone.com

Phone: 02-2088-8531

[ Table of Contents ]

Article 1 (Purpose of Collection and Use of Personal Information)
Article 2 (Entrustment of Personal Information Processing)
Article 3 (Provision of Personal Information to Third Parties)
Article 4 (Retention and Use Period of Personal Information)
Article 5 (Procedure and Methods for Destruction of Personal Information)
Article 6 (Rights of Users and Legal Representatives and Methods of Exercise)
Article 7 (Measures to Ensure the Safety of Personal Information)
Article 8 (Installation, Operation, and Management of Automatic Personal Information Collection Technologies)
Article 9 (Chief Privacy Officer and Department Responsible for Requests for Access)
Article 10 (Remedies for Infringement on Rights and Interests of Data Subjects)
Article 11 (Duty of Notification)

처리항목 처리항목

Article 1 (Purpose of Collection and Use of Personal Information)

① The Company collects the minimum personal information necessary to provide services to users, distinguished as follows:

  • ● Required Information: Information necessary to perform a contract concluded with the data subject, or to implement measures at the request of the data subject during the process of concluding a contract, pursuant to Paragraph 1(4) of Article 15 of the Personal Information Protection Act.
  • ● Optional Information: Additional information collected at the sole discretion of the user, necessary to provide more specialized services.

② The Company utilizes personal information for the following purposes:

Required/Optional Category Items Collected Purpose of Collection Legal Basis for Collection
Required Reservations for admission and hands-on activities Participant’s name, year of birth (varies by program), guardian’s contact number, email Reservation and management for admissions/hands-on activities Paragraph 1(4) of Article 15 of the Personal Information Protection Act (“Performance of a Contract”)

③ Notwithstanding Paragraph 2, the Company may process a user’s personal information in any of the following cases:

  • ● Where special provisions exist in statutes or where it is inevitably necessary to comply with statutory obligations;
  • ● Where it is necessary to perform a contract concluded with the user, or to implement measures at the request of the user during the process of concluding a contract;
  • ● Where it is explicitly recognized as necessary for the urgent interests of the life, physical well-being, or property of the data subject or a third party;
  • ● Where it is necessary to achieve the legitimate interests of the Company, and such interests clearly override the rights of the data subject.

※ Provided, however, that this shall be limited to cases where there is a substantial relevance to the legitimate interests of the Company and it does not exceed a reasonable scope.

Article 2 (Entrustment of Personal Information Processing)

Article 2 (Entrustment of Personal Information Processing)

① To provide diverse services to users, the Company entrusts a part of personal information processing to third parties as follows:

TProcessor (Delegated Entity) Details of Entrusted Work
UServe Co., Ltd. Website operation and maintenance

② Upon concluding an entrustment contract with the processor disclosed in the preceding paragraph, the Company complies with the following matters prescribed by relevant laws and regulations for the secure protection of users’ personal information:

  • ● The purpose and scope of the entrusted work;
  • ● Matters regarding restrictions on sub-processing;
  • ● Matters regarding measures to ensure the safety of personal information;
  • ● Matters regarding the prohibition of processing personal information for purposes other than the performance of the entrusted work;
  • ● Matters regarding technical and administrative safeguards for personal information;
  • ● Inspection and auditing of the management status of personal information held in connection with the entrusted work.

③ In the event that the details of the entrusted work or the processor change, the Company will disclose such changes through this Privacy Policy without delay.

Article 3 (Provision of Personal Information to Third Parties)

Article 3 (Provision of Personal Information to Third Parties)

The Company shall use the users’ personal information only within the scope notified in Article 1 (Purpose of Collection and Use of Personal Information), and shall not use it beyond the said scope or arbitrarily provide it to third parties, including other individuals. Provided, however, that exceptions may be made in the following cases:

  • ● Where the user consents to the provision to a third party;
  • ● Where special provisions exist in other statutes;
  • ● Where an investigative agency has made a request and a statutory basis for submission exists.
Article 4 (Retention and Use Period of Personal Information)

Article 4 (Retention and Use Period of Personal Information)

The Company shall destroy the personal information of users collected pursuant to Article 1 without delay once the purpose of processing has been achieved or the information is no longer necessary. Provided, however, that if it is necessary to preserve the information pursuant to relevant laws and regulations, such as the Act on the Consumer Protection in Electronic Commerce, the Company shall retain it for the period specified below:

Legal Basis for Preservation Purpose Retention Period
Act on the Consumer Protection in Electronic Commerce Records on consumer complaints or dispute resolution 3 years
Records on labeling and advertising 6 months
Protection of Communications Secrets Act Records on communication confirmation data 3 months
Article 5 (Procedure and Methods for Destruction of Personal Information)

Article 5 (Procedure and Methods for Destruction of Personal Information)

① The Company shall destroy personal information without delay when the personal information becomes unnecessary, such as upon the expiration of the retention period or the achievement of the purpose of processing.

② In the event that personal information collected with the consent of the user must continue to be preserved pursuant to the laws and regulations set forth in Article 4(1) despite the achievement of the purpose of use, the Company shall transfer such personal information to a separate database (DB) or store it in a different location.

③ The procedure and method for destroying personal information are as follows:

  • ● Destruction Procedure: The Company selects the personal information for which reasons for destruction have arisen, and destroys the personal information upon obtaining the approval of the Chief Privacy Officer.
  • ● Destruction Method: Personal information recorded and stored in electronic file formats is destroyed in a manner that renders it unrecoverable, and personal information recorded and stored on paper documents is destroyed by shredding or incineration.
Article 6 (Rights of Users and Legal Representatives and Methods of Exercise)

Article 6 (Rights of Users and Legal Representatives and Methods of Exercise)

① Users may demand access to, or the correction, deletion, or suspension of processing of their personal information at any time.

② Upon a demand for access, correction, deletion, or suspension of processing, the Company shall verify whether the requestor is the user themselves or a legitimate representative. The rights of the user may be restricted pursuant to Article 35(4) or Article 37(2) of the Personal Information Protection Act.

③ With respect to a demand for the correction or deletion of personal information, the deletion thereof may not be demanded if the personal information is explicitly specified as an object of collection under other laws and regulations.

Article 7 (Measures to Ensure the Safety of Personal Information)

Article 7 (Measures to Ensure the Safety of Personal Information)

In processing users’ personal information, the Company devises the following protective measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged:

  • ● Administrative Measures: Establishment and implementation of internal management plans, training for personal information handlers, etc.
  • ● Technical Measures: Management of access authority to personal information processing systems, encryption of personal information, installation of security programs, vulnerability diagnostics, etc.
  • ● Physical Measures: Access control to server rooms, data archives, etc.
Article 8 (Installation, Operation, and Management of Automatic Personal Information Collection Technologies)

Article 8 (Installation, Operation, and Management of Automatic Personal Information Collection Technologies)

① To provide personalized and customized services, the Company uses “cookies” that store and frequently retrieve user information. Cookies are very small text files transmitted to the user’s browser by the server used to operate the website and are stored on the hard disk of the user’s computer.

② The Company uses cookies to identify the preferences and interests of users by analyzing the frequency of access or duration of visits, thereby providing differentiated information according to the user’s areas of interest.

③ The method to allow or reject cookie installation is as follows:

  • ● Microsoft Edge: Settings > Privacy, search, and services > Tracking prevention
  • ● Google Chrome: Settings > Show advanced settings > Privacy > Cookie level settings

④ Where a user refuses to store cookies, difficulties may arise in using customized services.

Chief Privacy Officer Department in Charge of Personal Information

Article 9 (Chief Privacy Officer and Department Responsible for Requests for Access)

Chief Privacy Officer Department in Charge of Personal Information
Name: Dong-hwa Lee (Manager)
Affiliation: Public Relations Office
Email: museum@pulmuone.com
Name: Kyeong-in Na (Team Leader)
Affiliation: Kimchi Museum Team
Email: museum@pulmuone.com

② The Company values users’ opinions, and users have the right to receive faithful answers to their inquiries. To ensure smooth communication, the Company operates its Customer Service as follows:

  • ● Phone: 02-2088-8531
  • ● Address: Museum Kimchikan, 4th-6th Floors, Insadong Maru Main Building, Insadong-gil 35-4, Jongno-gu, Seoul
  • ● Hours of Consultation: Every Tuesday to Sunday, 09:00 - 18:00 (Closed on Mondays, Lunar New Year/Chuseok holidays, New Year’s Day, and Christmas)

③ For any inquiries regarding personal information protection, please contact the Department Responsible for Personal Information or Customer Service disclosed in the preceding paragraph. Your inquiries will be responded and processed promptly.

Article 10 (Remedies for Infringement on Rights and Interests of Data Subjects)

Article 10 (Remedies for Infringement on Rights and Interests of Data Subjects)

Users seeking to report or in need of consultation regarding personal information infringement may contact the following institutions:

  • ● Personal Information Dispute Mediation Committee: 1833-6972 (without area code) / www.kopico.go.kr
  • ● Korea Internet & Security Agency: 118 (without area code) / privacy.kisa.or.kr
  • ● Supreme Prosecutors’ Office: 1301 (without area code) / www.spo.go.kr
  • ● National Police Agency: 182 (without area code) / ecrm.cyber.go.kr
Article 11 (Duty of Notification)

Article 11 (Duty of Notification)

This Privacy Policy is subject to modification in accordance with changes in laws, regulations, policies, internal company operational guidelines, or security technologies. In such an event, the amended Privacy Policy shall be announced without delay. This Policy shall enter into force as of the effective date specified below.

  • Privacy Policy Version: v2.0
  • ● Date of Amendment: Monday, August 26, 2024
  • ● Effective Date: Monday, September 2, 2024