Online Consultation

HyungInJae Korean Medicine Clinic (hereinafter referred to as the ‘Company’), in accordance with Article 30 of the Personal Information Protection Act, establishes and discloses the following personal information processing guidelines in order to protect the personal information of the information subject and to promptly and smoothly handle any grievances related thereto.

Article 1 (Purpose of Processing Personal Information)
Company processes personal information for the following purposes. The personal information processed will not be used for any purpose other than the following purposes, and if the purpose of use changes, the Company will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1. Homepage membership registration and management
Personal information is processed for the purpose of confirming the intention to join the membership, identifying and authenticating the person in accordance with the provision of membership services, maintaining and maintaining membership, identifying the person in accordance with the implementation of a limited identification system, preventing unauthorized use of the service, confirming the consent of the legal representative when processing personal information of children under the age of 14, various notices and notifications, and handling grievances.

2. Provision of goods or services
We process personal information for the purpose of delivering goods, providing services, sending contracts and invoices, providing content, providing customized services, identification, age verification, payment and settlement of fees, and debt collection.

3. Grievance handling
processes personal information for the purpose of identifying the identity of the complainant, verifying the complaint, contacting and notifying the complainant for fact-finding, and notifying the result of the processing.

Article 2 (Processing and Retention Period of Personal Information)
① The Company shall process and retain personal information within the period of retention and use of personal information in accordance with the laws and regulations or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
② The period of processing and retention of each personal information is as follows.

1. Website membership registration and management: Until withdrawal from the business/organization website
However, if the following reasons apply, until the end of the reason
1) If an investigation or investigation is underway due to violation of relevant laws and regulations, until the end of the investigation or investigation
2) If a debt or debt relationship remains due to the use of the website, until the settlement of the debt or debt relationship

2. Provision of goods or services: Until the completion of the supply of goods and services and the completion of payment and settlement
However, in the following cases, until the end of the period
1) Records on transactions such as display, advertisement, contract contents and performance in accordance with the 「Act on Consumer Protection in Electronic Commerce, etc.」
– Records on display and advertisement : 6 months
– Records of contract or subscription withdrawal, payment, supply of goods, etc.: 5 years
– Records of consumer complaints or dispute handling: 3 years
2) Retention of telecommunication fact verification data pursuant to Article 41 of the 「Protection of Communications Secrets Act」
– Subscriber telecommunication date, start and end time, other subscriber number, usage, and location tracking data of the sending base station: 1 year
– Computer communication, internet log records, and access point tracking data: 3 months

Article 3 (Provision of Personal Information to Third Parties)
① The Company processes the personal information of the information subject only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only in cases falling under Article 17 of the Personal Information Protection Act, such as the consent of the information subject or special provisions of the law.
② The Company provides personal information to third parties as follows:
– Persons to whom personal information is provided: (e.g., OOO Card Co., Ltd.)
– The purpose for which the recipient uses the personal information : (e.g., business partnerships such as joint events and issuance of affiliated credit cards)
– What personal information you provide : (e.g., name, address, phone number, email address, card payment account information)
– Recipient’s retention and use period : (e.g., during the transaction period under the credit card issuance agreement)

Article 4 (Consignment of Personal Information Processing)
① The Company consigns personal information processing as follows to ensure smooth personal information processing.

– Consignee (Trustee): Imweb Corp.
– Contents of consigned business: system provision of shopping mall hosting service, mobile app service, marketing services and add-ons, affiliate service provision and notification talk, friend talk, text message delivery agency service, etc.

– The entrustee (trustee): OOO PG
– the content of the work entrusted: payment and escrow operations

– The recipient (trustee): OOO Courier
– the content of the work entrusted: delivery of goods

– The entrusted person (trustee): OOO Customer Center
– The content of the entrusted services: customer consultation services

– The entrusted person (trustee): OOO
– The content of the entrusted services: identity verification services

② When entering into a consignment contract, the Company specifies in documents such as contracts the prohibition of processing personal information other than for the purpose of performing consignment work, technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and liability for damages in accordance with Article 25 of the Personal Information Protection Act, and supervises whether the consignee handles personal information safely.
③ If the contents of the consignment work or the trustee change, we will disclose it through this privacy policy without delay.

Article 5 (Rights of Users and Their Legal Representatives and How to Exercise Them)

① The information subject may exercise the following personal information protection rights against the Company at any time.
1.Request to view personal information
2. Request for correction of errors
3. Request for deletion
4. Request for suspension of processing
② The exercise of rights under Paragraph 1 may be made in writing, by telephone, e-mail, facsimile transmission (FAX), etc. to the Company, and the Company will take action without delay.
③ If the information subject requests the correction or deletion of errors in personal information, the Company shall not use or provide the personal information until the correction or deletion is completed.
④ The exercise of the rights under Paragraph 1 may be made through an agent, such as the legal representative of the information subject or a person who has been delegated. In this case, a power of attorney in the form of Appendix No. 11 to the Enforcement Rules of the Personal Information Protection Act must be submitted.
⑤ The information subject shall not infringe on the personal information and privacy of the information subject or others processed by the Company in violation of relevant laws and regulations such as the Personal Information Protection Act.

Article 6 (Items of Personal Information Processed)
The Company processes the following items of personal information.

1. Sign up and manage your homepage membership at
Required: (e.g., name, date of birth, ID, password, address, phone number, gender, email address, i-PIN number)
Optional: (e.g., marital status, areas of interest)

2. provide goods or services
Required: (e.g., name, date of birth, ID, password, address, phone number, email address, i-PIN number, credit card number, bank account information, and other payment information)
Optional: (areas of interest, past purchase history)

3. The following personal information items may be automatically generated and collected in the course of using the Internet service.
IP address, cookies, MAC address, service usage history, visit history, bad usage history, etc.

Article 7 (Destruction of Personal Information)
① The Company shall destroy the personal information without delay when the personal information becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the purpose of processing.
② When the personal information retention period agreed to by the information subject has expired or the purpose of processing has been achieved, but the personal information must continue to be preserved in accordance with other laws and regulations, the personal information shall be transferred to a separate database (DB) or preserved in a different storage location.
③ The procedures and methods for destroying personal information are as follows.
1.Destruction Procedure
The Company selects the personal information for which the reason for destruction has occurred and destroys the personal information with the approval of the Company’s personal information protection officer.
2. Destruction Method
The Company destroys personal information recorded and stored in the form of electronic files using methods such as Low Level Format so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents by shredding or incineration.

Article 8 (Measures to ensure the safety of personal information)
The Company takes the following measures to ensure the safety of personal information.
1. Administrative measures: establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures: management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information
, installation of security programs
3. Physical measures: access control to computer rooms, data storage rooms, etc.

Article 9 (Installation, Operation and Refusal of Automatic Collection of Personal Information)
① The Company uses ‘cookies’ to store and retrieve usage information from time to time to provide users with individually customized services.
② Cookies are small amounts of information sent to the user’s computer browser by the server (http) used to operate the website and may be stored on the hard disk of the user’s computer.
Purpose of use of cookies: Cookies are used to provide optimized information to users by identifying the type of visit and use of each service and website visited by users, popular search terms, secure connection, etc.
I. Installation, operation and rejection of cookies: You can reject the storage of cookies by setting the options in the Tools>Internet Options>Privacy menu at the top of your web browser.
D. If you refuse to save cookies, you may have difficulty using our personalized services.

Article 10 (Personal Information Protection Officer)
① The Company is responsible for the processing of personal information in general, and designates a personal information protection officer as follows to handle complaints and remedy damages of information subjects related to the processing of personal information.

▶ Privacy Officer
Name : OOO
Position : OOO
Contact : [phone number], [email], [fax number]
You will be directed to the Privacy Office.

▶ Privacy Department
Department Name : OOO Team
Person in charge : OOO
Contact : [phone number], [email], [fax number]

② The information subject may inquire about all personal information protection-related inquiries, complaints, damage relief, etc. arising from the use of the Company’s services (or business) to the person in charge of personal information protection and the department in charge. The Company will respond to and handle inquiries from the information subject without delay.

Article 11 (Request for access to personal information)
The information subject may request access to personal information pursuant to Article 35 of the Personal Information Protection Act to the following departments. The Company will endeavor to promptly process your request for access to your personal information.

▶ Personal Information Access Request Reception and Processing Department
Department Name : OOO
Person in charge : OOO
Contact : [phone number], [email], [fax number]

Article 12 (Remedies for infringement of rights and interests)
The information subject may contact the following organizations for damage relief, consultation, etc. regarding infringement of personal information.

▶ Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
– Responsibilities: Report personal information infringement, request consultation
– Homepage: privacy.kisa.or.kr
– Phone: (without area code) 118
– Address: (58324) 9, Jinheung-gil, Naju-si, Jeollanam-do (301-2, Light Garam-dong), Korea

▶ Personal Information Dispute Mediation Committee
– Jurisdiction: Personal information dispute mediation application, collective dispute mediation (civil resolution)
– Homepage: www.kopico.go.kr
– Telephone: (without area code) 1833-6972
– Address: (03171) Government of Korea Seoul Office 4F, 209 Sejong-daero, Jongno-gu, Seoul, Korea

Supreme Prosecutors’ Office Cybercrime Investigation Division: 02-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Safety Bureau: 182 (http://cyberbureau.police.go.kr)

Article 13 (Implementation and Changes to the Privacy Policy)
This Privacy Policy is effective as of 20XX. X. Effective with X.