Privacy Policy
Acote Consulting Co., Ltd. (hereinafter referred to as the "Company") highly values the privacy of its users. We strictly adhere to the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and other relevant laws and regulations 2 regarding the protection of personal information. This Privacy Policy outlines how the Company collects, uses, and protects the personal information of users of the K-edical application service (hereinafter referred to as the "Service"). We are committed to ensuring the security and privacy of your personal information. Please note that this Privacy Policy may be amended from time to time to reflect changes in laws, regulations, our terms of service, or internal policies. We will notify users of any changes to this Privacy Policy through the Service or by other appropriate means.
1. Member Management Identifying individual members, verifying enrollment intentions, limiting enrollment and frequency of enrollment, verifying whether the user is under the age of 14, taking measures to restrict the use of services by violating members, preventing the misuse of services by malicious users, preventing unauthorized use, preserving records for handling complaints and disputes, delivering notices, and confirming the intention to withdraw from membership.
2. Providing Services and Improving Functions Developing new services and providing customized services, statistics on members' use of services, improving functions, providing services and advertising based on demographic characteristics, verifying the validity of services, providing events and advertising information and participation opportunities (users' personal information will not be provided to individuals or organizations that have requested advertising), delivering goods or prizes, verifying identity and age, data analysis, performing contracts for the provision of services and settling fees for the provision of services, improving application functions, developing service technology and launching new services, providing personalized services within the platform, analyzing service usage records and access frequency, providing statistical analysis of service usage, and providing advertising services based on service analysis and statistics, applying for event/designated consultation reservations and receiving completion text messages, creating and storing content, earning activity points and exchanging products, providing search results based on location information, and providing customized advertising.
3. Access Restrictions Restricting access to content based on age and preventing the misuse of services.
2. The retention period for each type of personal information is as follows:
1) Membership Registration and Management: Retained until withdrawal and for 5 years from the date of withdrawal, but after withdrawal, it will only be retained and used for the purpose of handling complaints, resolving disputes, and fulfilling legal obligations.
2) Service Provision: Retained until withdrawal and for 5 years from the date of withdrawal, but after withdrawal, it will only be retained and used for the purpose of handling complaints, resolving disputes, and fulfilling legal.
However, if any of the following cases apply, it will be retained until the end of the relevant period even if 5 years have passed since the date of withdrawal:
A. Records of representations, advertisements, contracts, and performance of transactions pursuant to the Act on the Protection of Consumers in Electronic Commerce, etc.
a. Records of representations and advertisements: 6 months
b. Records of contracts or applications for withdrawal, payment, and supply of goods: 5 years
c. Records of consumer complaints or dispute resolution: 3 years
B. Preservation of communication fact verification data pursuant to Article 41 of the Enforcement Decree of the Telecommunications Secrets Protection Act
a. Subscriber's telecommunications time, start and end times, number of the other subscriber, frequency of use, location tracking data of the base station: 1 year
b. Computer communication, internet log records, access log data: 3 months
C. Preservation of commercial books, etc., pursuant to Article 33 of the Commercial Act
a. Commercial books and important documents related to business: 10 years
b. Vouchers or similar documents: 5 years
D. If it is necessary to retain it pursuant to other relevant laws, until the period required by the relevant law
3) Marketing: Until the member withdraws from the service or revokes consent.
3. The retention period for sensitive personal information collected and used by the Company shall be applied mutatis mutandis to the provisions of paragraphs 1 and 2 of this Article.
1) When required by law or when a request is made by an investigative agency or supervisory authority in accordance with the procedures and methods prescribed by law for the purpose of investigation or inquiry.
2) When necessary for billing.
3) When it is necessary to protect the urgent interests of the life, body, or property of the user or a third party, and it is impossible to obtain consent. 2. In principle, the Company shall use or provide personal information to a third party within the scope notified in the "Collection and Use of Personal Information," and shall not use or provide it to a third party beyond such scope. However, the following cases are exceptions:
1) When users have consented to the provision of personal information to the subject of collection and use.
2) When required by law or when a request is made by an investigative agency or supervisory authority in accordance of the procedures and methods prescribed by law for the purpose of investigation or inquiry.
3. In other cases where it is necessary to provide personal information to a third party, the Company may provide personal information to a third party through a lawful procedure such as obtaining the consent of the user. The Company may provide personal information to a third party through a lawful procedure such as obtaining the consent of the user when necessary to fulfill the user's transaction.
4. Users may refuse to consent to the provision of personal information to a third party and may revoke their consent to such provision at any time. If you refuse to consent, you may still use the membership service, but your use of or provision of related services based on the provision to a third party may be restricted. The Company will notify users of any changes to the provision of personal information to a third party through a notice or separate notification.
2. When entering into an outsourcing contract, the Company clearly stipulates in the contract contents such as strict compliance with personal information protection instructions, prohibition of personal information leakage, and liability for accidents in order to ensure the safety of personal information protection.
1) Amazon Web Services: Outsourced tasks: System management - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
2) Line: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
3) WeChat: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
4) Google: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
5) Apple: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
6) Google (Google Ads): Outsourced tasks: Providing customized advertising for customers - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
2. Personal information collected by the Company is stored in a database located overseas within the purposes and scope specified below.
The generated personal information is stored in a database owned by AWS (Amazon Web Services Inc.). AWS only manages the physical management of the server and cannot access the user's personal information. Users may refuse the overseas transfer of personal information through the Company's personal information protection officer and the relevant department. If a user refuses the overseas transfer of personal information, the Company will exclude the user's personal information from the overseas transfer. However, in this case, the use of the Company's services that require the overseas transfer of personal information may be restricted.
1. Member Management Required Items: Name, mobile phone number, email address (ID), password, gender, year of birth, nationality, device information, IP address Sensitive Information: Health-related information included in written posts (including posts written after joining, such as treatment reviews, and photos included in the posts), areas of concern about treatment, and concerns. [When joining as a member through an SNS account]
1) Line: ID, email, profile name, profile image, status message
2) WeChat: ID, email, profile name, profile image, status message
3) Google: ID, email
4) Apple: ID, email
2. Service Provision and Function Improvement
3. Marketing
Marketing Optional Items: Name, phone number, email address, gender, year of birth, nationality, device information, IP address.
1. Destruction Procedures:
Information entered by the user for membership registration, etc., will be transferred to a separate database (or separate documents in the case of paper) after achieving the purpose of collection and will be stored for a certain period in accordance with internal policies and other relevant laws, or will be immediately destroyed. At this time, personal information transferred to a separate database will not be used for any other purpose except as required by law.
2. Destruction Methods:
- Electronic files will be deleted using a technical method that makes it impossible to restore the records.
- Personal information printed on paper will be destroyed by shredding or incineration.
1. To inquire about or modify personal information, users can use the "Change Personal Information" (or "Modify Member Information") function, and to terminate membership, they can use the "Withdraw Membership" function provided in the app.
2. If a user requests correction of errors in personal information, the company will not use or provide the personal information until the correction is completed. Additionally, if the incorrect personal information has already been provided to a third party, the company will promptly notify the third party of the correction results to ensure that the correction is made.
3. Personal information that has been deleted at the request of a user or legal representative will be handled in accordance with the provisions of Article 2, "Processing and Retention Period of Personal Information," and will not be accessed or used for any other purpose.
4. To delete personal information, users can terminate their membership.
1. Encryption of Personal Information Important information such as user passwords is encrypted and stored securely. Only the individual user can verify and modify their personal information.
2. Measures Against Hacking:
1) To prevent the leakage or damage of users' personal information due to hacking or malicious code, the Company operates an intrusion prevention system 24 hours a day to control unauthorized access from the outside, and installs antivirus programs to prevent systems from being infected by malicious code or viruses.
2) Additionally, to protect against damage to personal information, data is backed up regularly, and encrypted communication is used to ensure the secure transmission of personal information over the network.
3) Furthermore, the Company strives to equip itself with the best possible technological methods to ensure the secure handling of personal information.
3. The number of employees handling personal information is minimized, and for employees whose work PCs allow downloading of personal information from the personal information processing system, the external network and internal network are separated to reduce the possibility of personal information leakage. In addition, regular education is provided to personal information handlers and periodic education to all employees to raise awareness of the importance of personal information.
4. A dedicated personal information protection personnel is in place to oversee the implementation of the personal information protection policy and to ensure compliance by personal information handlers. If any problems are identified, immediate corrective measures are taken.
5. In addition to the above efforts, users themselves must be careful not to disclose their passwords or other information to third parties. In particular, please be careful not to disclose your password through a PC installed in a public place. It is recommended that users keep their ID and password confidential and change their passwords frequently.
[Personal Information Manager]
- Department in Charge: Ako Consulting Co., Ltd.
- Personal Information Manager: Kim Chan
- Personal Information Manager: Kim Chan
- Email: [email protected]
If you need to report or consult about personal information infringement, please contact the following organizations:
- Personal Information Infringement Report Center (privacy.kisa.or.kr / 118)
- Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / 1301)
- National Police Agency Cyber Bureau (police.go.kr / 182)
- Personal Information Dispute Mediation Committee (http://www.kopico.go.kr / 1833-6972)
2. If the Company has notified users of the changes as per paragraph 1 and has also notified them that their silence will be deemed as consent, the Company will consider that the user has consented to the changes if the user does not explicitly express their disagreement.
3. Notwithstanding paragraph 2, if the Company collects additional personal information from the user or provides it to a third party, the Company will obtain separate consent from the user.
2. The Company uses personal location information for the purpose of providing the following services to the personal location information subject, and will immediately destroy the personal location information upon achieving the purpose of using and providing the location-based service in accordance with the K-edical Location-Based Service Terms of Use.
- Providing search results and content recommendations or suggestions using location information
- Content tagging for location-based content classification
- Location-based customized advertising
3. Pursuant to Article 16(2) of the Act on the Protection and Utilization of Location Information, the Company automatically records and retains the location information use and provision fact confirmation data for the personal location information subject for six months.
4. When it becomes necessary to destroy personal location information due to the achievement of the purpose of processing personal location information, the Company will destroy it using the following methods that make recovery or reproduction impossible:
- Paper-based personal information: Shredding or incineration
- Electronic files: Deletion using a technical method that makes it impossible to reuse the records
5. When the Company provides personal location information to a third party designated by the user, the Company shall immediately notify the user of the recipient, the date and time of provision, and the purpose of provision through the communication terminal device from which the personal location information was collected. However, in the following cases, the Company shall notify the user through a specific communication terminal device, email address, or online posting designated in advance by the user:
- When the communication terminal device from which the personal location information was collected does not have a text, voice, or video reception function
- When the user has requested in advance to be notified through a communication terminal device other than the communication terminal device from which the personal location information was collected, or through an email address or online posting
6. The rights, obligations, and methods of exercising them by the guardian of a child under the age of 8, etc., are as follows:
- The Company shall deem that a guardian who falls under Article 26(2) of the Act on the Protection and Utilization of Location Information (hereinafter referred to as "guardian") of a child under the age of 8, etc. (hereinafter referred to as "child under the age of 8, etc.") has consented to the use or provision of personal location information if the guardian consents to the use or provision of personal location information for the protection of the life or body of the child under the age of 8, etc
A. Children under the age of 8
B. Persons under guardianship
C. Persons with mental disabilities as defined in Article 2(2)(2) of the Act on the Promotion of Employment of Persons with Disabilities and Rehabilitation who are also persons with severe disabilities as defined in Article 2(2) of the same Act (limited to those registered as persons with disabilities pursuant to Article 32 of the Act on Welfare of Persons with Disabilities)
- A guardian who wishes to consent to the use or provision of personal location information for the protection of the life or body of a child under the age of 8, etc. shall submit a written consent form to the Company, attaching a document certifying that he/she is a guardian.
7. A guardian who consents to the use or provision of personal location information of a child under the age of 8, etc. may exercise all of the rights of the personal location information subject.
8. The Company has designated a location information manager to protect location information and handle complaints related to location information.
- Location Information Manager: Junyeop Kim
- Title: CEO
- Contact: [email protected], 02-3443-6659
1) To provide personalized and customized services, the Company uses "cookies" which store and retrieve user information.
2) A cookie is a very small text file sent by the server operating a website to the user's browser and stored on the user's device.
2. Purpose of Using Cookies The Company uses cookies to collect information about users' visits and usage patterns to various services and websites, popular search terms, product information, and user scale, in order to provide users with optimized and customized information, including advertisements.
3. Installation, Operation, and Refusal of Cookies
1) Users have the option to choose whether to allow cookies to be installed. Users can set options in their web browser to allow all cookies, be prompted each time a cookie is stored, or refuse to store all cookies.
2) The methods for specifying whether to allow cookies to be installed are as follows:
Android: Browser [Internet Settings] - [Advanced - Privacy and Security] - [Allow Cookies]
iOS: [Settings] menu - [Privacy & Security] - Select "Cookies and Other Site Data" - Personalize Content Settings ▷ Cookies
3) If a user refuses to allow cookies to be stored, they may have difficulty using some of the services provided by the Company, such as personalized services
2. Any lawsuit arising out of or in connection with the use of the Services shall be filed in a court having jurisdiction pursuant to the Civil Procedure Act.
[Supplementary Provisions]
1. These Terms and Conditions shall come into effect as of [Date] 2024.
To the extent that there is any inconsistency between the Korean and English versions of this Agreement, the Korean version shall control.
Article 1 Purpose of Collecting and Using Personal Information
The Company collects only the minimum amount of personal information necessary to provide the Service for the following purposes, and will not use the collected information for any other purpose or disclose it to third parties without the user's consent.1. Member Management Identifying individual members, verifying enrollment intentions, limiting enrollment and frequency of enrollment, verifying whether the user is under the age of 14, taking measures to restrict the use of services by violating members, preventing the misuse of services by malicious users, preventing unauthorized use, preserving records for handling complaints and disputes, delivering notices, and confirming the intention to withdraw from membership.
2. Providing Services and Improving Functions Developing new services and providing customized services, statistics on members' use of services, improving functions, providing services and advertising based on demographic characteristics, verifying the validity of services, providing events and advertising information and participation opportunities (users' personal information will not be provided to individuals or organizations that have requested advertising), delivering goods or prizes, verifying identity and age, data analysis, performing contracts for the provision of services and settling fees for the provision of services, improving application functions, developing service technology and launching new services, providing personalized services within the platform, analyzing service usage records and access frequency, providing statistical analysis of service usage, and providing advertising services based on service analysis and statistics, applying for event/designated consultation reservations and receiving completion text messages, creating and storing content, earning activity points and exchanging products, providing search results based on location information, and providing customized advertising.
3. Access Restrictions Restricting access to content based on age and preventing the misuse of services.
Article 2 Processing and Retention Period of Personal Information
1. The Company will process and retain personal information within the retention period stipulated by law or agreed upon by the data subject when collecting personal information.2. The retention period for each type of personal information is as follows:
1) Membership Registration and Management: Retained until withdrawal and for 5 years from the date of withdrawal, but after withdrawal, it will only be retained and used for the purpose of handling complaints, resolving disputes, and fulfilling legal obligations.
2) Service Provision: Retained until withdrawal and for 5 years from the date of withdrawal, but after withdrawal, it will only be retained and used for the purpose of handling complaints, resolving disputes, and fulfilling legal.
However, if any of the following cases apply, it will be retained until the end of the relevant period even if 5 years have passed since the date of withdrawal:
A. Records of representations, advertisements, contracts, and performance of transactions pursuant to the Act on the Protection of Consumers in Electronic Commerce, etc.
a. Records of representations and advertisements: 6 months
b. Records of contracts or applications for withdrawal, payment, and supply of goods: 5 years
c. Records of consumer complaints or dispute resolution: 3 years
B. Preservation of communication fact verification data pursuant to Article 41 of the Enforcement Decree of the Telecommunications Secrets Protection Act
a. Subscriber's telecommunications time, start and end times, number of the other subscriber, frequency of use, location tracking data of the base station: 1 year
b. Computer communication, internet log records, access log data: 3 months
C. Preservation of commercial books, etc., pursuant to Article 33 of the Commercial Act
a. Commercial books and important documents related to business: 10 years
b. Vouchers or similar documents: 5 years
D. If it is necessary to retain it pursuant to other relevant laws, until the period required by the relevant law
3) Marketing: Until the member withdraws from the service or revokes consent.
3. The retention period for sensitive personal information collected and used by the Company shall be applied mutatis mutandis to the provisions of paragraphs 1 and 2 of this Article.
Article 3 Disclosure and Amendment of Terms and Conditions
1. In principle, the Company shall obtain prior consent from the user before providing the user's personal information to a third party. However, the following cases are exceptions:1) When required by law or when a request is made by an investigative agency or supervisory authority in accordance with the procedures and methods prescribed by law for the purpose of investigation or inquiry.
2) When necessary for billing.
3) When it is necessary to protect the urgent interests of the life, body, or property of the user or a third party, and it is impossible to obtain consent. 2. In principle, the Company shall use or provide personal information to a third party within the scope notified in the "Collection and Use of Personal Information," and shall not use or provide it to a third party beyond such scope. However, the following cases are exceptions:
1) When users have consented to the provision of personal information to the subject of collection and use.
2) When required by law or when a request is made by an investigative agency or supervisory authority in accordance of the procedures and methods prescribed by law for the purpose of investigation or inquiry.
3. In other cases where it is necessary to provide personal information to a third party, the Company may provide personal information to a third party through a lawful procedure such as obtaining the consent of the user. The Company may provide personal information to a third party through a lawful procedure such as obtaining the consent of the user when necessary to fulfill the user's transaction.
4. Users may refuse to consent to the provision of personal information to a third party and may revoke their consent to such provision at any time. If you refuse to consent, you may still use the membership service, but your use of or provision of related services based on the provision to a third party may be restricted. The Company will notify users of any changes to the provision of personal information to a third party through a notice or separate notification.
Article 4 Outsourcing of Personal Information Processing
1. To provide improved services, the Company outsources certain services to specialized companies.2. When entering into an outsourcing contract, the Company clearly stipulates in the contract contents such as strict compliance with personal information protection instructions, prohibition of personal information leakage, and liability for accidents in order to ensure the safety of personal information protection.
1) Amazon Web Services: Outsourced tasks: System management - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
2) Line: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
3) WeChat: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
4) Google: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
5) Apple: Outsourced tasks: Verification of SNS membership and account information, customized advertising service - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
6) Google (Google Ads): Outsourced tasks: Providing customized advertising for customers - Retention period of personal information: Upon withdrawal of membership or termination of the outsourcing contract
2. Personal information collected by the Company is stored in a database located overseas within the purposes and scope specified below.
The generated personal information is stored in a database owned by AWS (Amazon Web Services Inc.). AWS only manages the physical management of the server and cannot access the user's personal information. Users may refuse the overseas transfer of personal information through the Company's personal information protection officer and the relevant department. If a user refuses the overseas transfer of personal information, the Company will exclude the user's personal information from the overseas transfer. However, in this case, the use of the Company's services that require the overseas transfer of personal information may be restricted.
| Outsourcing Company | Amazon Web Services Inc. |
|---|---|
| Location of Outsourcing Company | United States |
| Date and Method of Outsourcing | Data was transmitted via SDK and stored on AWS servers starting January 1, 2024 |
| Personal Information Items Outsourced | Gender, region, registration date, in-app behavior logs |
| Outsourced Tasks | Service usage statistics and analysis |
| Retention Period of Personal Information | The retention period aligns with that specified in this Privacy Policy |
Article 5 Personal Information Processed
The Company collects and processes the following personal information. For sensitive personal information, separate consent is obtained from the data subject in addition to the consent for the collection and use of personal information.1. Member Management Required Items: Name, mobile phone number, email address (ID), password, gender, year of birth, nationality, device information, IP address Sensitive Information: Health-related information included in written posts (including posts written after joining, such as treatment reviews, and photos included in the posts), areas of concern about treatment, and concerns. [When joining as a member through an SNS account]
1) Line: ID, email, profile name, profile image, status message
2) WeChat: ID, email, profile name, profile image, status message
3) Google: ID, email
4) Apple: ID, email
2. Service Provision and Function Improvement
| Type | Item |
|---|---|
| Content Usage | [Required Information] Email address (ID), password, gender, year of birth, nationality, device information, areas of interest [Location Information Collected from Location Data Providers] Location data obtained from location data providers [Sensitive Information/Required Information] Health-related information, including specific body parts of concern and detailed concerns, contained in user-generated content (e.g., posts, treatment reviews, and associated photos) |
| Consultation Request | [Required Information] Name, mobile phone number, whether visited the hospital, whether received a consultation, whether had a procedure/surgery, scheduled date for procedure/surgery [Information Collected from the Consulted Hospital] Whether visited the hospital, whether received a consultation, whether had a procedure, scheduled date for procedure [Sensitive Information/Required Information] Desired procedure or surgery information, health-related information contained in evaluation posts written after the consultation request (including photos included in the posts) |
| Prepayment Service | [Required Information] Name, phone number, information on the purchased procedure, payment method (credit card), reservation date and time [Information Collected from the Hospital at the Time of Visit or Procedure] Scheduled date of visit, start time of the paid procedure, operating surgeon [Sensitive Information/Required Information] Information on the purchased procedure, health-related information contained in evaluation posts (including hospital evaluation posts and photos included in the posts) |
| Review Writing | [Required Information] Name of the procedure/surgery experienced by the member, gender, part of the body of the procedure/surgery, hospital and doctor who performed the procedure/surgery, cost of the procedure/surgery, before-and-after photos, and other experience information [If uploading a receipt] Payment date and time, payment destination, purchased service items, payment amount, etc., included in the receipt image file [Sensitive Information/Required Information] Health-related information contained in the written review, areas of concern about the procedure, and concerns |
| Prize Delivery | [Required Information] Name, address, procedure/surgery information |
| Personalized Service | [Optional Information] Areas of interest, photos taken with a platform-linked camera |
Marketing Optional Items: Name, phone number, email address, gender, year of birth, nationality, device information, IP address.
Article 6 Personal Information Destruction Procedures and Methods
The Company, in principle, will promptly destroy personal information once the purpose of processing personal information has been achieved or the retention and use period has expired. The destruction procedures and methods are as follows:1. Destruction Procedures:
Information entered by the user for membership registration, etc., will be transferred to a separate database (or separate documents in the case of paper) after achieving the purpose of collection and will be stored for a certain period in accordance with internal policies and other relevant laws, or will be immediately destroyed. At this time, personal information transferred to a separate database will not be used for any other purpose except as required by law.
2. Destruction Methods:
- Electronic files will be deleted using a technical method that makes it impossible to restore the records.
- Personal information printed on paper will be destroyed by shredding or incineration.
Article 7 Rights of Users and Legal Representatives
Users or their legal representatives may exercise their rights regarding personal information protection at any time. If a user or legal representative does not agree to the company's processing of personal information, they may request to withdraw consent or terminate their membership. However, this may result in the inability to use some or all of the service.1. To inquire about or modify personal information, users can use the "Change Personal Information" (or "Modify Member Information") function, and to terminate membership, they can use the "Withdraw Membership" function provided in the app.
2. If a user requests correction of errors in personal information, the company will not use or provide the personal information until the correction is completed. Additionally, if the incorrect personal information has already been provided to a third party, the company will promptly notify the third party of the correction results to ensure that the correction is made.
3. Personal information that has been deleted at the request of a user or legal representative will be handled in accordance with the provisions of Article 2, "Processing and Retention Period of Personal Information," and will not be accessed or used for any other purpose.
4. To delete personal information, users can terminate their membership.
Article 8 Technical and Administrative Safeguards for Personal Information Protection
To protect users' personal information, the Company has implemented the following technical and administrative safeguards:1. Encryption of Personal Information Important information such as user passwords is encrypted and stored securely. Only the individual user can verify and modify their personal information.
2. Measures Against Hacking:
1) To prevent the leakage or damage of users' personal information due to hacking or malicious code, the Company operates an intrusion prevention system 24 hours a day to control unauthorized access from the outside, and installs antivirus programs to prevent systems from being infected by malicious code or viruses.
2) Additionally, to protect against damage to personal information, data is backed up regularly, and encrypted communication is used to ensure the secure transmission of personal information over the network.
3) Furthermore, the Company strives to equip itself with the best possible technological methods to ensure the secure handling of personal information.
3. The number of employees handling personal information is minimized, and for employees whose work PCs allow downloading of personal information from the personal information processing system, the external network and internal network are separated to reduce the possibility of personal information leakage. In addition, regular education is provided to personal information handlers and periodic education to all employees to raise awareness of the importance of personal information.
4. A dedicated personal information protection personnel is in place to oversee the implementation of the personal information protection policy and to ensure compliance by personal information handlers. If any problems are identified, immediate corrective measures are taken.
5. In addition to the above efforts, users themselves must be careful not to disclose their passwords or other information to third parties. In particular, please be careful not to disclose your password through a PC installed in a public place. It is recommended that users keep their ID and password confidential and change their passwords frequently.
Article 9 Personal Information Manager and Department in Charge
For any inquiries, complaints, or other matters related to personal information arising from the use of the Company's services, users may contact the personal information manager or the department in charge. The Company strives to provide prompt and sincere responses and handling of user inquiries.[Personal Information Manager]
- Department in Charge: Ako Consulting Co., Ltd.
- Personal Information Manager: Kim Chan
- Personal Information Manager: Kim Chan
- Email: [email protected]
If you need to report or consult about personal information infringement, please contact the following organizations:
- Personal Information Infringement Report Center (privacy.kisa.or.kr / 118)
- Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / 1301)
- National Police Agency Cyber Bureau (police.go.kr / 182)
- Personal Information Dispute Mediation Committee (http://www.kopico.go.kr / 1833-6972)
Article 10 Responsibility for Linked Websites
The Company may provide links to other websites for the convenience of users. However, the privacy policy of the Company does not apply to linked websites. Therefore, when you move to an external website through such a link, please review the policies of that service.Article 11 Notification of Changes to the Privacy Policy
1. If there are any changes to the privacy policy, the Company will notify users at least 7 days prior to the effective date of the revised privacy policy through a notice on the homepage or email. However, if there are any significant changes to the content related to the user's rights or obligations, the Company will notify users at least 30 days in advance.2. If the Company has notified users of the changes as per paragraph 1 and has also notified them that their silence will be deemed as consent, the Company will consider that the user has consented to the changes if the user does not explicitly express their disagreement.
3. Notwithstanding paragraph 2, if the Company collects additional personal information from the user or provides it to a third party, the Company will obtain separate consent from the user.
Article 12 Processing of Personal Location Information
1. The Company shall protect users' personal location information in compliance with the Act on the Protection and Utilization of Location Information. Detailed information on the processing of personal location information can be found in the K-edical Location-Based Service Terms of Use.2. The Company uses personal location information for the purpose of providing the following services to the personal location information subject, and will immediately destroy the personal location information upon achieving the purpose of using and providing the location-based service in accordance with the K-edical Location-Based Service Terms of Use.
- Providing search results and content recommendations or suggestions using location information
- Content tagging for location-based content classification
- Location-based customized advertising
3. Pursuant to Article 16(2) of the Act on the Protection and Utilization of Location Information, the Company automatically records and retains the location information use and provision fact confirmation data for the personal location information subject for six months.
4. When it becomes necessary to destroy personal location information due to the achievement of the purpose of processing personal location information, the Company will destroy it using the following methods that make recovery or reproduction impossible:
- Paper-based personal information: Shredding or incineration
- Electronic files: Deletion using a technical method that makes it impossible to reuse the records
5. When the Company provides personal location information to a third party designated by the user, the Company shall immediately notify the user of the recipient, the date and time of provision, and the purpose of provision through the communication terminal device from which the personal location information was collected. However, in the following cases, the Company shall notify the user through a specific communication terminal device, email address, or online posting designated in advance by the user:
- When the communication terminal device from which the personal location information was collected does not have a text, voice, or video reception function
- When the user has requested in advance to be notified through a communication terminal device other than the communication terminal device from which the personal location information was collected, or through an email address or online posting
6. The rights, obligations, and methods of exercising them by the guardian of a child under the age of 8, etc., are as follows:
- The Company shall deem that a guardian who falls under Article 26(2) of the Act on the Protection and Utilization of Location Information (hereinafter referred to as "guardian") of a child under the age of 8, etc. (hereinafter referred to as "child under the age of 8, etc.") has consented to the use or provision of personal location information if the guardian consents to the use or provision of personal location information for the protection of the life or body of the child under the age of 8, etc
A. Children under the age of 8
B. Persons under guardianship
C. Persons with mental disabilities as defined in Article 2(2)(2) of the Act on the Promotion of Employment of Persons with Disabilities and Rehabilitation who are also persons with severe disabilities as defined in Article 2(2) of the same Act (limited to those registered as persons with disabilities pursuant to Article 32 of the Act on Welfare of Persons with Disabilities)
- A guardian who wishes to consent to the use or provision of personal location information for the protection of the life or body of a child under the age of 8, etc. shall submit a written consent form to the Company, attaching a document certifying that he/she is a guardian.
7. A guardian who consents to the use or provision of personal location information of a child under the age of 8, etc. may exercise all of the rights of the personal location information subject.
8. The Company has designated a location information manager to protect location information and handle complaints related to location information.
- Location Information Manager: Junyeop Kim
- Title: CEO
- Contact: [email protected], 02-3443-6659
Article 13 Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
1. Definition of Cookies1) To provide personalized and customized services, the Company uses "cookies" which store and retrieve user information.
2) A cookie is a very small text file sent by the server operating a website to the user's browser and stored on the user's device.
2. Purpose of Using Cookies The Company uses cookies to collect information about users' visits and usage patterns to various services and websites, popular search terms, product information, and user scale, in order to provide users with optimized and customized information, including advertisements.
3. Installation, Operation, and Refusal of Cookies
1) Users have the option to choose whether to allow cookies to be installed. Users can set options in their web browser to allow all cookies, be prompted each time a cookie is stored, or refuse to store all cookies.
2) The methods for specifying whether to allow cookies to be installed are as follows:
Android: Browser [Internet Settings] - [Advanced - Privacy and Security] - [Allow Cookies]
iOS: [Settings] menu - [Privacy & Security] - Select "Cookies and Other Site Data" - Personalize Content Settings ▷ Cookies
3) If a user refuses to allow cookies to be stored, they may have difficulty using some of the services provided by the Company, such as personalized services
Article 14 Governing Law and Jurisdiction
1. The laws of the Republic of Korea shall govern the interpretation of this Agreement and any disputes between the Company and the Member.2. Any lawsuit arising out of or in connection with the use of the Services shall be filed in a court having jurisdiction pursuant to the Civil Procedure Act.
[Supplementary Provisions]
1. These Terms and Conditions shall come into effect as of [Date] 2024.
To the extent that there is any inconsistency between the Korean and English versions of this Agreement, the Korean version shall control.