서울페이스21치과병원 Privacy Policy

◆ 서울페이스21치과병원 establishes and discloses the following personal information handling policy in accordance with Article 30 of the Personal Information Protection Act, in order to protect the personal information of data subjects (customers) and to promptly and smoothly handle related complaints.

1. Purpose of Collection and Use of Personal Information
☐ The company uses the collected personal information for the following purposes
• Execution of contracts related to service provision and provision of corresponding content
• Identity verification, prevention of unauthorized or fraudulent use, complaint handling, and delivery of notices
• Use for marketing and advertising, such as providing event and promotional information, offering participation opportunities, providing services and advertisements according to demographic characteristics, and analyzing access frequency or usage statistics
• Verification of the identity of complainants, confirmation of complaints, contacting and notifying for fact-checking, and informing results

2. Items of Personal Information to Be Collected
☐ For membership registration, consultation, and service applications, the following personal information is collected
• Collected items : Name, date of birth, login ID, password, mobile phone number, email address, access log, cookies, service usage record
• Optional items : Branch, area of interest, event selection, signup source, consent to receive mailing or SMS services
• Retention period : Semi-permanent until the user requests withdrawal or refuses communication
• Collection method : Website (membership registration, consultation board, reservation board, simple login, etc.)

3. Retention and Use Period of Personal Information
① The company processes and retains personal information within the period agreed upon by the data subject at the time of collection, or within the period specified by relevant laws and regulations.
② Specific retention and processing periods are as follows 
• Customer registration and management: Until the termination of the service agreement, except in cases where debts or obligations remain, in which case until settlement is complete
• Contracts, cancellations, payments, and records of goods and services supplied in electronic commerce: 5 years
• For diagnostic or treatment purposes: Retained according to the standards of the Medical Service Act
• Even if the purpose of collection or provision has been achieved, personal information may be retained if required by other laws such as the Commercial Act

4. Outsourcing of Personal Information Processing
① The company outsources certain personal information processing tasks to ensure smooth operations, as follows
• Entrusted company (processor) : BRAINMEDI
- Scope of work : Identity verification for membership services, complaint handling, notifications, development of new services (products), customized service provision, and event and promotional information delivery
② When entering into outsourcing agreements, 서울페이스21치과병원 specifies in the contract or related documents the prohibition of use for other purposes, technical and administrative protective measures, restrictions on re-entrustment, management and supervision of entrusted parties, and liability for damages. The entrusted party is monitored to ensure safe handling of personal information.

5. Provision of Personal Information to Third Parties
서울페이스21치과병원 does not provide personal information to third parties without the consent of the data subject, except as permitted under Article 17 of the Personal Information Protection Act or other applicable laws.

6. Rights and Obligations of Data Subjects and Exercise Methods
Data subjects may exercise the following rights concerning personal information with 서울페이스21치과병원 at any tim
① Request access to personal information
② Request correction of errors
③ Request deletion
④ Request suspension of processing
Requests can be made in writing, by email, or by fax using Form No. 8 of the Enforcement Rules of the Personal Information Protection Act, and 서울페이스21치과병원 will take action without delay.
If correction or deletion is requested, the personal information will not be used or provided until the process is completed.
These rights may also be exercised through a legal representative or an authorized agent by submitting a power of attorney according to Form No. 11 of the Enforcement Rules.

7. Processed Personal Information Items 서울페이스21치과병원 processes the following personal information 
• Collected items : Name, date of birth, login ID, password, mobile phone number, email address, access log, cookies, service usage record
• Optional items : Branch, area of interest, event selection, signup source, consent to receive mailing or SMS services

8. Destruction of Personal Information
① 서울페이스21치과병원 promptly destroys personal information when the purpose of processing has been achieved.
When the retention period has expired, destruction occurs within 5 days of the expiration date.
When the information becomes unnecessary (e.g., service termination or business closure), destruction occurs within 5 days of such determination.
② 서울페이스21치과병원 destroys personal information as follows
• Electronic files : Deleted or permanently erased using technical methods preventing recovery
• Paper documents : Shredded or incinerated

9. Use of Automatic Collection Devices (Cookies)
서울페이스21치과병원 uses “cookies” and similar technologies to provide customized services.
• Cookies analyze access frequency and visit times, track user preferences and interests, and provide personalized services through behavioral data.
• Users may configure browser settings to allow all cookies, confirm each time a cookie is stored, or reject all cookies.

10. Measures to Ensure the Security of Personal Information 
서울페이스21치과병원, in accordance with Article 29 of the Personal Information Protection Act, implements the following technical, managerial, and physical measures to ensure information security
• Regular internal audits
onducted annually to ensure the stability of personal information handling
• Minimization and training of staff
Only designated personnel handle personal information
• Establishment and enforcement of internal management plans
To ensure safe processing of data
• Technical measures against hacking and malware
Security programs are installed, updated, and monitored in restricted-access zones
• Encryption
Passwords and important data are encrypted or locked to prevent unauthorized access
• Access control
Database access permissions are granted, modified, or revoked as necessary, and intrusion prevention systems block unauthorized external access

11. Personal Information Protection Officer
서울페이스21치과병원 designates the following Personal Information Protection Officer to oversee all personal information processing, handle related complaints, and provide remedies for damages

• Personal Information Protection Officer
- Name : Choung Han Wool
- Contact : +82 02-556-2021

12. Refusal to Consent
Users (data subjects) have the right to refuse consent to the collection and use of personal information. However, if consent is refused, some services may be restricted.

13. This Privacy Policy shall take effect as of