USFK Job Platform

Recruitment Platform for U.S. Forces Korea Veterans (hereinafter referred to as the “Recruitment Platform”) establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to safeguard users’ personal information and to ensure the prompt and efficient handling of any related inquiries or complaints.

Article 1 (Purpose of Processing Personal Information)

The Recruitment Platform processes personal information for the following purposes. Collected and processed personal data will not be used for purposes other than those specified below. In cases where the purpose of use is changed, the Platform will obtain separate consent and take all necessary measures in accordance with Article 15 of the Personal Information Protection Act.

Classification	Purpose	Data Fields	Retention Period
Individual Member Registration	Identity verification, provision of personalized recruitment services, fulfillment of contractual obligations, and notifications regarding amendments to terms and conditions	[Required] Full Name, Username (ID), Password, Email Address, Date of Birth, Gender, Current or Last Rank/Rate/Grade, Service Category while stationed in Korea, Branch while stationed in Korea, Years of Service in Korea, Station Location in Korea, Assigned Unit and Position while stationed in Korea	Until the account is deleted
Business Member Registration	Identity Verification, Provision of Personalized Recruitment Services, Notifications regarding Contract Execution and Terms of Service Updates	[Required] Contact Person’s Name, Phone Number, Email Address, Username, Password	Until the account is deleted
Upload Resume	Provision of job application and resume disclosure services for employment activities	[Required] Full Name, Date of Birth, Gender, Email Address [Optional] Phone number, Address, Education background, Area of expertise, Work experience, Certifications, Cover Letter, Profile photo, verification or certificate of service in Korea, Resume	Until the resume or account is deleted
Post Job Listing	Job Application & Inquiries Employer Verification & Recruitment Data Management Notification of Submission Status & Resolution of customer complaints Provision of Personalized Services	[Optional] Recruiter’s Name, Phone Number, Email	Until the account is deleted

Article 2 (Processing and Retention Period of Personal Data)

① The recruitment platform processes and retains personal data only within the retention and usage period permitted under applicable laws or the period consented to by members at the time of data collection.
② The specific processing and retention periods for each category of personal data are as follows:
- 1. Membership registration and account management: Until the account is deleted
- 2. In the case of ongoing investigations or legal proceedings due to violations of applicable laws: Until the respective investigation or proceeding is concluded
- 3. Records related to misuse or fraudulent activities under internal company policies: Up to 5 years

Article 3 (Provision of Personal Data to Third Parties)

① The recruitment platform provides personal data to third parties only when falling within the scope of Article 17 and Article 18 of the Personal Information Protection Act, such as when explicit member consent has been obtained or when special provisions exist under applicable laws. Personal data will not be processed beyond its originally intended purpose or disclosed to third parties without prior consent from the data subject.

Article 4 (Outsourcing of Personal Data Processing)

① To ensure the smooth handling of personal data processing tasks, the recruitment platform entrusts the following operations:
- 1. Data Processor (Entrusted Party): DaruSoft Co., Ltd.
- 2. Scope of Delegated Tasks: Operation and maintenance of the recruitment platform

Article 5 (Rights and Duties of Members and their Legal Representatives)

① Members may exercise their rights with respect to the recruitment platform at any time, including requests to access, correct, delete, or suspend the processing of personal data.
② Such rights may be exercised via written request, email, or fax in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act. The platform will respond without undue delay.
③ Rights may also be exercised through a legal representative or authorized proxy by submitting a power of attorney in the format prescribed under Form No. 11 of the Enforcement Rules of the Personal Information Protection Act.
④ Requests for access or suspension may be limited under Article 35(5) and Article 37(2) of the Personal Information Protection Act.
⑤ Requests for correction or deletion cannot be accepted if the relevant personal data must be retained by law.
⑥ When responding to a request for access, correction, deletion, or suspension, the platform verifies that the requester is either the data subject themselves or an authorized representative.

Article 6 (Destruction of Personal Data)

Personal data is, in principle, destroyed without delay once the purpose of collection and use has been fulfilled. The destruction process is as follows:

① Destruction Procedure:
- 1. Information entered during sign-up or other activities is transferred to a separate database (DB) once the intended purpose is achieved. It is then retained for a limited time in accordance with internal policies or legal requirements before being permanently destroyed.
- 2. The data retained in a separate DB will not be used for any purpose other than legal obligations.
② Destruction Methods:
- 1. Personal data printed on paper is destroyed through shredding or incineration.
- 2. Personal data stored in electronic file formats is deleted using technical methods that prevent recovery or reconstruction.

Article 7 (Data Security and Protection Measures)

① Data Encryption

Member data is safeguarded with password protection. Files and related datasets are encrypted or secured using file-locking features and additional security measures.

② Personal Data Handling Staff Training

Personnel authorized to handle personal data are kept to the minimum necessary, and they undergo regular training on the adoption of emerging security technologies as well as compliance with data protection obligations. In addition, internal audit procedures are enforced to ensure the integrity and maintenance of security controls.

③ Account and Password Management

The recruitment platform makes every effort to secure member accounts. However, the platform shall not be held liable for issues arising from member negligence, such as password leaks, or inherent risks associated with internet usage.

① The recruitment platform appoints the following officers responsible for overall management of personal data processing, addressing member complaints, and providing remedies for related damages:

Chief Privacy Officer (CPO)

Department : Planning & Membership Division
Contact Person : Managing Director Dongmin Park
Phone : <02-6050-3864>, <pdm@korcham.net>

U.S. Forces Korea Veterans Recruitment Platform Online Membership Data Protection Officer

Department : Americas & Europe Team
Contact Person : Soyoun Park (Team Leader)
Phone : <02-6050-3543>, <syoun@korcham.net>
② protection to the designated privacy officers or department listed above. The platform will respond promptly and appropriately.
③ For additional counseling or concerns regarding personal data protection, please contact the following institutions:
- -Personal Information Infringement Reporting Center : http://privacy.kisa.or.kr / 118
- -Supreme Prosecutors’ Office Cybercrime Division : http://www.spo.go.kr / 1301
- -Korean National Police Agency Cyber Bureau: http ://www.police.go.kr / 182

The Korea Chamber of Commerce and Industry, 39 Sejong-daero, Jung-gu, Seoul 04513, Republic of Korea

TEL: +82-2-6050-3545 / Email: contact@korcham.net

Korea-US Alliance Foundation, 3rd Floor, Maple Building, 24 Yeoui-daero, Yeongdeungpo-gu, Seoul 07320, Republic of Korea

TEL: +82-70-7755-0075 / Email: kusaf2020@gmail.com