The 10^th Global Conference of the Alliance for Healthy Cities

[The 10th Global Conference of the Alliance for Healthy Cities] (hereinafter, the “Secretariat”) is in compliance with the provisions on the protection of the rights and interests of users, including the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Protection of Communications Secrets Act, the Telecommunications Business Act, and the Personal Information Protection Act, as well as the relevant laws and regulations that must be complied with by providers of information and communications services, and has committed their best efforts to establish the personal information processing policy in accordance with the relevant statutes.
This Privacy Policy applies to the users’ use of services (hereinafter, the “Services”) provided by the website [www.afhc2024-seoul.kr/en] (hereinafter, the “Platform”) managed and operated by the Secretariat, and contains the following.

Article 1 (Items of Personal Information Collected and Methods of Collection)

The Secretariat collects the following personal information from users to become members and manage users, facilitate complaints, and provide various Services.
1. personal information

Category : Membership Registration and Registration Procedure
Items to be Collected (Required)
A. Mandatory : Registration Procedure E-mail(ID), Password, Participation Category, Field of Study/Work, Type of Participant, Purpose of Participation, Nationality, Full Name, Phone Number, Company Name, Department, Job Title, Mobile number, Nationality, City, Diet Reqirement, Allergy, Passport information
B. Optional : Office phone number

2. In addition to the personal information items set forth in paragraph 1, IP address, date and time of visit, records of service use, records on bad use, and device information may be collected during the course of using the Services or executing the Platform, and e-mail address or telephone number may be collected during the process of receiving and processing customer inquiries.
3. In the course of using the Services provided by the Secretariat, if the identification of a user and identity of a user and age verification are required, the name, date of birth, gender, domestic foreigner information, mobile phone number or I-PIN Number, encrypted identification connection information (CI), and duplicate membership verification information (DI) may be collected. For minors, legal representative information may be automatically generated and added, and collected.
4. The Secretariat does not collect sensitive personal information that may infringe on the fundamental human rights of users (race, ideas, beliefs, political tendency, criminal records, medical information, etc.).
5. The Secretariat shall not use the personal information collected for any purpose other than the purpose of collection, and in the event that the purposes of collection and use are changed, it shall obtain a separate prior consent from the user.
6. The Secretariat may collect the personal information of the users through the following methods.
- Homepage, mobile device, written form, fax, telephone, consultation board, email, events application, and delivery request
- Collection through generating information collection tools

Article 2 (Purpose of Use of Collected Personal Information)

The Secretariat will use information collected from you for the following purposes.
- Personal information is used for membership registration, smooth consultation with clients, provision of the service promised with users, personal identification in accordance with provision of the service, purchase and payment of fees, provision by the Secretariat of the details of the use of the service, registration of payment methods, etc.
- Personal information is used for member management purposes such as confirmation of intent to join membership, age confirmation and progress of legal representative’s consent, confirmation of identity of user and legal representative, identification of user, intention to withdraw from membership, inquiry or complaint handling, etc.
- Personal information is used to confirm the user protection environment and to check the service use environment and to operate the service in a stable manner, including restricting the use by users who violate laws and regulations and the policies set by the Secretariat (including the terms and conditions of the Services, etc.), preventing and sanctioning acts and unauthorized conducts that interfere with the smooth operation of the service, including fraudulent use, prevention of account theft and fraudulent transactions, delivery of notices, preservation of records for dispute mediation, etc.
- Personal information is used for the purposes of events and promotions, such as providing event information and advertising information, etc. (upon receiving consent to providing marketing and advertising information).

Article 3 (Period of Retention and Use of Personal Information)

The Secretariat shall, in principle, retain the personal information of a user until the withdrawal of a membership. However, for the purpose of preventing disputes related to transactions, etc., the Secretariat shall retain the same for the specified period even after the withdrawal of a membership in the following cases.
A. Grounds for the retention of personal information under internal policies of the Secretariat
- Records of fraudulent use (fraudulent use refers to (1) transactions carried out in a manner or content that violates policies (including terms and conditions, etc.) set by the Secretariat, (2) methods or transactions which infringe upon the rights or interests of the Secretariat, members or third parties, or (3) transactions that amount to (1) or (2))
Reason for preservation: improper use management and taking measures
Preservation period: 6 months
B. If an investigation or inspection, etc. of a user is in progress due to violation of relevant laws and regulations: until the relevant investigation and inspection are completed
C. If a bond or debt relationship remains between the Secretariat and a user: until settlement of the relevant bond/debt relationship is completed
D. In cases where it is necessary to preserve the information in accordance with the provisions of relevant statutes, such as the Commercial Act and the Act on the Consumer Protection in the Electronic Commerce, etc., the Secretariat shall preserve the user’s information for a certain period of time as determined by relevant statutes. In such a case, the Secretariat shall use the information to be preserved only for the purpose of preservation, and the preservation period is as follows.
- Records on processing of consumer complaints or disputes
Reason for preservation: Act on the Consumer Protection in Electronic Commerce
Preservation period: 3 years
- Records on withdrawal of a contract or a subscription, etc.
Reason for preservation: Act on the Consumer Protection in Electronic Commerce
Preservation period: 5 years
- Records on payments and supply of goods, etc.
Reason for preservation: Act on the Consumer Protection in Electronic Commerce
Preservation period: 5 years
- Log records on the use and access of the Services
Reasons for preservation: Protection of Communications Secrets Act
Preservation period: 3 months

Article 4 (Rights and Obligations of the User)

(1) Users may exercise the following rights.
1. Users may exercise their rights to access, correct, delete, or suspend processing personal information, etc. at any time to the Secretariat, and may withdraw their consent to the use of personal information through the membership withdrawal procedure. At this time, the Secretariat shall confirm whether the person who made the above request is the person him/herself or a legitimate representative.
2. The exercise of rights under 1. above may be done to the Secretariat in writing, by e-mail or facsimile (FAX), etc., and the Secretariat shall take measures with regard thereto without delay. However, the name, resident registration number, and foreigner registration number may not be corrected, and the change of the name due to the change in the name and the change of resident (business) registration number due to administrative issues may be exceptionally permitted.
3. The Secretariat may refuse a request to suspend the processing of personal information in any of the following cases.
- When it is specifically stipulated by law or unavoidable in order to fulfill an obligation under law
- Where there is a risk of harming the life/body of another person, or when there is the risk of unjustly infringing upon the assets or other interests of another person
- Where the performance of a contract is difficult, such as it would lead to a failure to provide a service agreed with the data subject, etc., if the personal information is not handled and the data subject failed to clearly express the intent to terminate the contract in question
4. The exercise of rights under 1. above may be done through a legal representative or a person delegated with an authority by a user. In such cases, a power of attorney must be submitted in accordance with Schedule 11 Form of the Enforcement Rules of the Personal Information Protection Act.
5. The request for access to personal information and suspension of handling of personal information may restrict the rights of users by relevant laws (see Articles 35(4) and 37(2)).
6. With regard to the request for correction or deletion of personal information, deletion of personal information cannot be made if the personal information is specified as the subject of collection under other laws. In addition, if a request for correction of an error in personal information is made, the relevant personal information shall not be used or provided until the correction is completed, unless the personal information is requested to be provided in accordance with other laws. If erroneous personal information has already been provided, the results of correction will be notified to a third party so that corrections can be made.
7. In order to protect personal information of children, the Secretariat restricts membership for children under the age of 14.
(2) Users may exercise their rights to access or correct personal information, withdraw consent, exercise the right to veto, and withdraw consent in accordance with the following.

1. Scope of access to and correction of personal information
- Personal information of users held by the Secretariat
- Personal information used by the Secretariat or provided to a third party
- Status of consent to the collection, use, provision, etc. of personal information

2. Method of having access to and correct personal information, withdrawal of consent, exercise of right to refuse consent to transmission of advertising information
Users may exercise their right to refuse consent by contacting the Secretariat’s Secretariat (Customer Center) on the Platform.

Email : info@afhc2024-seoul.kr
* The operational time of the Secretariat is 9 a.m. – 6 p.m. on weekdays (lunch break is from 12 p.m. to 1 p.m.). The Secretariat does not operate on weekends/public holidays.

3. Withdrawal from Membership
- Users may withdraw from membership within the Platform in accordance with the procedures determined by the Secretariat.
(3) As a subject of personal information, the user has the obligation to protect personal information by him/herself as follows.
1. Users must always keep their personal information up to date, and users are responsible themselves for any problems caused by inaccurate information entered by customers.
2. The Secretariat shall not be held responsible for any issues that have arisen from leakage of personal information due to a user’s own negligence, such as the transfer, leasing, loss of an e-mail, password, access medium, etc. or leaving a seat while still logged in, without any cause attributable to the Secretariat, or the hacking incident using a method or technology that cannot be blocked while using the security measures as set forth in relevant laws and regulations, which result from the Internet issues despite the exercise of due care by the Secretariat.
3. The user must ensure that personal information such as email, password, access medium, etc., is not leaked, and cannot transfer or lend it to a third party. The Secretariat shall not be liable for any damages caused by the user’s negligence.
4. If a user registers as a member or uses the services by stealing another person’s personal information, the user may be disqualified and punished in accordance with relevant laws.
5. In accordance with the Personal Information Protection Policy of the Secretariat, the users have the obligation to cooperate with the matters requested by the Secretariat such as periodic changes to passwords for security.
6. Users must abide by this Policy and the laws and regulations related to personal information.

Article 5 (Providing Personal Information to Third Parties)

(1) As a matter of principle, the Secretariat does not provide the personal information of users to a third party or disclose such information outside the scope of the purpose of collection and use. However, if it is necessary to share users’ personal information with partner companies, etc. in order to provide a better service, the Secretariat notifies and asks for consent from the users by providing such information as the recipients, purpose of providing personal information, items of personal information to be provided, period of use, and period of retention. In addition, users’ personal information may be provided in accordance with the provisions of law or at the request of an investigative authority pursuant to the procedures and methods prescribed by law for the purpose of investigation.
(2) The Secretariat does not use the personal information of users for purposes other than the services provided by the Secretariat or provide such information to a third party without the consent of users. If it is provided to a third party as necessary, users shall be notified and a separate consent shall be obtained. However, exceptions are made in each of the following cases.
A. When the user violates the terms and conditions of use of the Secretariat, commits an illegal act that harms others, or damages public morals, and it is deemed that the Secretariat must disclose personal information in order to take legal measures
B. In accordance with the provisions of law or upon request of an investigative authority pursuant to the procedures and methods prescribed by law for the purpose of investigation.
C. For statistics compilations, scientific research, market research, provision of information, and sending e-mails for public notices in a form that does not identify a specific individual
D. When the user has given prior consent

Recipient : EZpmp Co., Ltd. , Pogdesign
Purpose of providing personal information : 1. Registration 2. Event data and relevant statistics 3. Building a working environment for a safe website relevant statistics 4. Building a working environment for a safe website
Categories of personal information to be provided : relevant statistics - Building a working environment for a safe website Email address (ID), name, company name, position, occupation and field, telephone number, mobile phone number, redundant membership confirmation information (DI) hash value, encrypted identification information of the same person (CI), nationality, gender, profile information (SNS account, etc.), language of use, service usage records (subscription date, search list, click information, etc.), connected IP address
Period of retention and use of personal information : Until membership is withdrawn

Article 6 (Entrustment of Handling of Personal Information)

(1) In order to facilitate the provision of services to users and improve the quality of services, the Secretariat may entrust part of the work related thereto to outside companies. The Secretariat shall, in cases where it entrusts an external company with the task of handling personal information, implement measures for protection of personal information of users by means of a contract, etc. such as stipulating compliance with personal information protection-related laws and regulations, compliance with privacy-related confidentiality, prohibition of providing personal information to third parties, burden of liability at the time of an accident, period of entrustment, obligation to destroy personal information after the processing is completed, and implement measures to protect users’ personal information by managing and supervising such compliance.
(2) For the improvement of services and effective handling of tasks, the Secretariat has entrusted handling of personal information as follows.

No. 1
Recipient : EZpmp Co., Ltd.
Purpose of providing personal information : 1. Conference Operations 2. Participant Management & Guidance
Period of retention and use of personal information : Until membership is withdrawn or the entrustment agreement terminates

No. 2
Recipient : Pogdesign
Purpose of providing personal information : Website system maintenance, server management
Period of retention and use of personal information : Until membership is withdrawn or the entrustment agreement terminates

(3) The Secretariat shall, if there is any change in the details of the entrusted business activities to process personal information or the entrustee, disclose it through this Privacy Policy without delay, and this shall substitute the consent to entrustment.

Article 7 (Procedures and Methods for Destruction of Personal Information)

(1) In principle, the Secretariat destroys the personal information of users without delay once the purpose of collection and use has been achieved. However, the Secretariat destroys or separately stores and manages the personal information of users who have not used the Services for 1 year in accordance with the “Personal Information Effectiveness Period” system.
(2) The procedures and methods for the destruction of personal information by the Secretariat are as follows.
A. Destruction procedures: Information entered in by users for membership registration, etc., shall be moved to a separate DB (in case of paper, a separate document cabinet) after the purpose has been achieved and stored for a set period in accordance with internal policy and grounds for information protection under other relevant laws (refer to period of retention and use) and then destroyed. Such personal information is not used for any purpose other than being held and preserved except in accordance with law.
B. Method of destruction: Personal information recorded and stored in paper will be destroyed by shredding with a shredder or incineration, and personal information stored in electronic files will be deleted using technical methods so that records cannot be recovered.

Article 8 (Efforts of Secretariat for Protection of Personal Information)

(1) The Secretariat is taking the following technical/administrative measures in order to ensure safety in the processing of personal information of users so that personal information may not be lost, stolen, leaked, altered or damaged.
A. Encryption of personal information: The Secretariat encrypts personal information of users, such as passwords, payment methods, etc., in accordance with the standards required by law, and is currently preventing attacks and hacking from the outside through devices that block intrusion from the outside. In particular, servers storing user personal information maintain the highest level of security, such as managing them separately without directly connecting them to external Internet lines.
B. Countermeasures against hacking, etc.: The Secretariat is making its best efforts to prevent the leakage or damage of members’ personal information through hacking or computer viruses, etc. The latest vaccine program prevents users’ personal information and materials from being leaked or impaired, and encrypted communications, etc. allow users to safely transmit personal information on the network. The Secretariat is committed to having all possible technological devices to secure other systemic security.
C. Minimization and training of processing personnel: Personal information processing personnel of the Secretariat are limited to persons in charge, and they have a separate password for this purpose which is regularly renewed. The Secretariat continues to make efforts so that personal information protection can be achieved in substance by always emphasizing compliance with the Secretariat’s Privacy Policy through frequent training of persons in charge.
(2) Notwithstanding paragraph 1, the Secretariat shall not be responsible for any problems arising from the leakage/exposure of personal information such as email, password, etc., due to the user’s willful misconduct or recklessness or Internet issues.

Article 9 (Personal Information Protection Officer and Contact Information)

The Secretariat has designated a personal information protection officer in charge of collecting opinions and handling complaints regarding personal information as below. Users may report any complaints related to the protection of personal information, such as inquiries, handling of complaints, damage relief, etc., that may occur while using the services of the Secretariat to the person in charge of privacy protection or the department in charge. The Secretariat will respond and process users’ inquiries and reports promptly.
Personal Information Protection Officer
- Employee Name : Jung yoon, Yoo
- Email : info@afhc2024-seoul.kr
If you require reporting or counseling on infringement on your personal information, please contact the following organizations.
1. Personal Information Infringement Report Center (www.1336.or.kr / 118 without area code)
2. Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
3. Cybercrime Investigation Center, Supreme Prosecutor’s Office
(www.spo.go.kr/minwon / 1301 without area code)
4. National Police Agency Cyber Counterterrorism Center (www.ctrc.go.kr / 02-392-0330)

Article 10 (Duty to Notify)

The Secretariat will inform users through the Platform at least 7 days before making any additions, deletions or modifications to the current Privacy Policy. However, in cases where there are important changes to the rights of members such as the collection and use of personal information, provision to third parties, etc., notice shall be given at least 30 days in advance.

Article 11 (Providing Personal Information to Third Parties)

(1) Outsourcing of Collected Personal Information
The 10th Global Conference of the Alliance for Healthy Cities has outsourced the processing of personal information and registration services to external service providers to ensure smooth operations. In accordance with relevant laws and regulations, we have established the necessary provisions to ensure the safe management of personal information in our outsourcing contracts. Should there be any changes in the details of the outsourced tasks or the service providers, we will notify you of the updated information.
A. EZpmp Co., Ltd. : Conference operations, participant management & guidance
B. Pogdesign : Website system maintenance, server management
(2) Consent for Use of Likeness
The 10th Global Conference of the Alliance for Healthy Cities may utilize videos and photographs taken at the event for record-keeping, promotional, and reporting purposes (including distribution on platforms operated by partner media companies). By attending the event, participants agree that their images and likenesses may be used in content related to the promotion of the 10th Global Conference of the Alliance for Healthy Cities. This includes content produced by the Seoul Metropolitan Government and its agencies (such as EZpmp Co., Ltd.), as well as external media partners (such as news outlets and YouTube creators, hereinafter referred to as "partner media companies"). This also includes the possibility of these materials being distributed on platforms operated by partner media companies.
You have the right to refuse consent for this usage. However, please note that without your consent, participation in the event will not be possible. We appreciate your understanding.

Article 12 (Copyright Protection Policy)

The purpose of this policy is to prevent any damage to copyright holders arising from any unauthorized use, alternation, commercial use, etc. of information provided through event services without indicating the source of such information.

[The 10th Global Conference of the Alliance for Healthy Cities] provides a program that includes a disclosure of contents of presenters. Any and all of such contents are work of such presenters and are protected under the Copyright Act. Therefore, [The 10th Global Conference of the Alliance for Healthy Cities Secretariat] hosting the event informs the users of the following restrictions to prevent any infringement of presenters’ copyright in the course of providing the event services, and receives user’s consent on complying with such restrictions:

Any and all materials (contents of presentation, visually identifiable hardcopies or photographs, audio recordings, and/or video recordings, etc.) shown, heard, obtained, or received through this event, inter alia, conferences cannot be divulged, leaked to others, or used without prior consent of such Right Holder. These restrictions apply not only to commercial purposes but also non-commercial purposes. A user in breach of such restrictions will bear and be liable of any and all disadvantages arising therefrom.

Article 13 (Consent for Use of Likeness)

The 10th Global Conference of the Alliance for Healthy Cities may utilize videos and photographs taken at the event for record-keeping, promotional, and reporting purposes (including distribution on platforms operated by partner media companies). By attending the event, participants agree that their images and likenesses may be used in content related to the promotion of the 10th Global Conference of the Alliance for Healthy Cities. This includes content produced by the Seoul Metropolitan Government and its agencies (such as EZpmp Co., Ltd.), as well as external media partners (such as news outlets and YouTube creators, hereinafter referred to as "partner media companies"). This also includes the possibility of these materials being distributed on platforms operated by partner media companies.

Article 14 (Miscellaneous)

Collection of personal information by webpages linked to the Services provided by the Secretariat is not subject to this Privacy Policy.
Any information not specified in this Privacy Policy shall be in accordance with policies such as the terms of service of the Secretariat.


This Privacy Policy shall be enforced and applied from June 10, 2024.