Global Data and Cyber Handbook

South Korea

Select a Topic
Start Comparison
DPOs and Notification Requirements
Jump to
DPOs and Notification Requirements Start Comparison
Is the concept of data protection officer (DPO) recognized in the jurisdiction?

Last review date: 1 January 2025

Yes

Are there circumstances in which it is mandatory to appoint a DPO or similar position?

Last review date: 1 January 2025

Yes

If yes, under what circumstances?

☒  the organization employs more than a certain number of individuals in the jurisdiction

All personal information controllers, regardless of whether they are public sector bodies, must designate a privacy officer responsible for personal information processing, unless they meet all the requirements to be classified as a small business owner, such as having fewer than 10 regular employees (PIPA, Article 31).

Where a DPO is appointed, does the DPO have to meet specific requirements?

Last review date: 1 January 2025

Yes

Are there obligations to notify, submit filings to, register with or obtain approval from local data protection authorities to collect and/or process personal data generally?

Last review date: 1 January 2025

No

{{ $store.state.loadingScreen.message }} ...