home

        Personal information policy

        Phil Hospital of Korean Medicine(“The hospital”) values personal information collected, and tries to comply with the Act on Promoting Network Use and Information Protection, and the Personal Information Protection Law.

        Through this privacy policy, the hospital aims to inform the purpose and method of using the collected personal information, and the measures taken in order to protect the information.

        Article 1. Agreement on the collection of personal information

        The hospital shall notify the details of the privacy policy and terms of use upon membership sign-up, and by clicking the sign-up button, users agree on the collection of their personal information. The hospital collects only the minimum amount of information when users sign up. Users have the right to refuse the agreement on personal information collection within the website. However, refusing to the agreement may lead to failure on membership sign-up, or limited access to certain bulletins or pages on the website. Only certain bulletins or pages will be limited, and using the website itself will not be hindered.

        Article 2. Personal Information items to be collected and method of collection
        1. Personal information to be collected
        1. Personal information to be collected
        1. Required information

          ※ Users may refuse to the agreement on required information collection, but the information below are mandatory for service use. Therefore, refusing to the agreement will lead to failure in website membership sign-ups, or service uses.

          1. Membership sign-up: Personal information required for posting/reading on on-line bulletins, and on-line reservations

            • Required information: ID, password(encrypted), name, phone number, e-mail address
            • If required: Nationality, gender, social security number(encrypted), address, postal code

          2. Information required for using each service, service use records

            • Information on service use records
            • Log data, cookies, access hours, keywords searched by the user
            • Device information, access IP address, configuration data, etc.
        2. Optional information

          ※ Users may refuse to the agreement on required information collection, and the information below are not mandatory for service use. Therefore, users can have access to the website after refusing the agreement. If any optional information is needed while using the service, further notice and agreements will be made.

          1. User-provided information regarding recruitment, or any other event participation

        2. Personal information items restricted for collection

        The hospital website will not collect any sensitive information that may infringe the user's privacy, such as ideas or beliefs, membership or withdrawal from labor unions, political views, or biometric information, and so on.

        3. Protection of personal information for children under 14

        In principle, the hospital will not collect any personal information from users under 14. However, if any personal information is collected for medical treatments, the hospital will not share, sell, or trade the information with any third parties without the parents’ consent.

        ※ The website does not go through personal verification process.

        4. Methods of collecting personal information
        1. Collection through website
          The hospital only collects personal information through the website, and if any non-members post articles they will undergo a process of agreement on each personal information policy.
        2. Information collection through cookies
          The hospital website uses cookies to save and load the users’ information. When users access the website, the server will load their browser data, access additional information from the computer and provide services without additional inputs, such as log-in IDs. The cookies will identify the users’ computers, but will not identify each user personally.

        ※ Cookies are small data that the website sends to the users’ computer browsers. Users have choices on whether or not to accept the use of cookies. By adjusting the browser options, users can choose to accept all cookies, or to be notified when cookies are installed, or to reject all cookie uses.

        Article 3. Purpose of collecting and using personal information

        The hospital will collect the users’ personal information to provide services for website use, or any other events. In case any purpose is to be changed, the hospital will seek the users’ consent beforehand.

        1. Personal information to be collected
        1. Checking membership sign-up agreement, personal identification for membership services
        2. Record preservation for any necessary notices, Q&A, or dispute mediation
        3. Preventing non-authorized members from information abuse
        2. Providing customer relations services
        1. Providing medical services including diagnosis or treatments
        2. Providing personalized SMS or e-mails, or diagnosis results
        3. Information on new services or health information contents and events
        4. Research and clinical trials, medical education and practices, examination and clinical statistics
        5. Collection of consumer risk information, under Article 52 of the Framework Act on Consumers
        6. Identifying personal information upon requests regarding any personal information access, correction, deletion, or suspension of processing
        Article 4. Providing personal information to third parties

        The hospital will use the members’ personal information only within the boundary noticed by this Privacy Policy, and will not provide any third parties beyond the said scope. Exceptions are made in cases with the members’ consent, or when there is a request from the government under relevant laws.
        In cases of processing personal information on consignment, the hospital will inform the members beforehand about the items provided, the name of the consignee, and the work's details.

        Article 5. Consignment of the collected personal information

        The hospital is processing personal information on consignment as below for service management, and all necessary matters are executed in accordance with the relevant laws and regulations. The name of the consignee and the designated works are as follows.

        • Consignee : Medi-inside(website development and management)
        • Designated work and information(period : Until end of contract)
          • Website and system management(files and data), cookies, log data(070-8830-8903)
        Article 6. Period and use of personal information

        In principle, any personal information is deleted after the purpose of collecting information is fulfilled, and any personal information of members who has been inactive for over 1 year (showing no actions such as logging in), is also to be deleted or to be stored separately. However, if the information is needed to be stored under relevant regulations, the company will store the members’ personal information as below.

        • Users’ log data or access points: 3 months (Communication Secrets Protection Act)
        • Records of consumer complaints or disputes: 3 years (Act on Consumer Protection in Electronic Commerce)
        • Records on the collection/processing and use of credit information : 3 years (Act on the Utilization and Protection of Credit Information)
        • Records on personal identification : 6 months (Act on Promoting Network Use and Information Protection)
        Article 7. Deleting process and methods for personal information

        Any personal information is deleted after the purpose of collecting information is fulfilled. The deleting process and methods are as follows.

        1. Deleting process
          After the purpose of collecting personal information is fulfilled, the users’ personal information will be deleted within 5 days, after being stored for certain periods mentioned under the company’s policy or related regulations. If any personal information is stored in separate databases, it will not be used for other purposes unless under related laws.
        2. Deleting methods
          Personal information in digital form will be deleted with irrevocable technologies to prevent regenerating data. Any information printed on hard copies will be shredded or incinerated.
        Article 8. User’s rights, duties, and exercise as subjects of personal information

        As subjects of the personal information, users have the following rights.

        1. Browsing and correcting personal information

          Users can always browse or correct their registered personal information. If users wish to browse or correct their personal information, they can click on ‘change member data’ to browse/correct themselves, or send an e-mail to the personal information manager.
          If users request for their personal information to be changed or deleted, the hospital will not use or provide the information until the change or deletion is completed.

          ※ Any rights regarding personal information can be exercised through legal representatives or persons entrusted for the information. In such cases, users will have to submit a letter of attorney in accordance with attached Form 11 of the Enforcement Rules of the Personal Information Protection Act. Any information required to be kept under the law cannot be modified or deleted within the storage period, even with the subject's request.

        2. Withdrawal of agreement on the collection, use, and provision of personal information
          The agreement on the collection, use, and provision of personal information submitted when signing up for the membership can be withdrawn at any times. Withdrawal can be made by sending an e-mail to the website and personal information manager, who will execute any necessary methods including deletion of the information.
        3. User opinions and complaints
          Users can submit any ideas or complaints regarding personal information protection to the hospital. Any complaints regarding personal information can contact the hospital’s personal information manager, and necessary actions will be taken right away.
        Article 9. Personal information policy and management

        In order to protect the users’ personal information and to handle complaints, the hospital has designated personal information manager as follows.

        1. Personal information manager
          1. (1) Name: Cho Eun-Young
          2. (2) Position: Administrator
          3. (3) Affiliate: Phil Hospital of Korean Medicine(Business registration number: 291-92-00353)
          4. (4) Phone number: +82-42-336-1022
          5. (5) E-mail address: choeune12@naver.com
        2. Related organizations

          Users can report any complaints regarding personal information to the personal information manager or related departments. The hospital will give quick, sufficient answers to the user reports.
          If any other reports or consultations need to be made, please contact the following organizations.

          1. KISA(Personal Information Infringement Report Center) ( 118)
          2. Internet Crime Investigation Center, Supreme Prosecutors’ Office (www.spo.go.kr / +82-2-3480-3600)
          3. Cyber Terror Response Center, National Police Agency (https://www.ctrc.go.kr / +82-2-392-0330)
        3. User opinions and complaints
          Users can submit any ideas or complaints regarding personal information protection to the hospital. Any complaints regarding personal information can contact the hospital’s personal information manager, and necessary actions will be taken right away.
        Article 10. Installation and operation of video devices

        The hospital has installed and operates video devices as follows.

        1. Basis and purpose of video device installation
          • Facility safety and fire prevention
          • Crime prevention for customer safety
        2. Number, location, and recording range
          • Number of devices: 10
          • Location and recording range : Hospital’s outpatient ward, corridor lobby
        3. Manager and access authority

          In order to protect users’ video information and to handle complaints regarding personal video uses, the hospital has designated security manager as follows.

          • Video devices manager : Cho Eun-Young
          • Access authority : Kim Seon-Deok
        4. Recording time, data storing period, location, processing method
          • Recording time : 24 hours
          • Data storing period : 15 days from recording
          • Data storing location : Hospital server
        5. Browsing personal video records
          • How to browse : By contacting the video devices manager and visiting the hospital, users can check and browse personal video records.
          • Location :
        6. Requests on video browsing
          Users can always request the video devices manager for browsing, checking or deleting personal video records. However, the requests are limited to their own records, or records required for urgent matters related to the subject's life, physical issues, or properties.
          The hospital will take necessary actions as quickly as possible, when requests are made regarding the browsing, checking, or deleting of personal video records.
        7. Ensuring safety for video records
          All video records processed by the hospital are safely managed through encryption. Also, the hospital provides different access authorities to personal information in order to ensure the safety of video records. The video records’ film dates, browsing purpose, persons, and dates are all recorded and managed in order to prevent any data forgery. Additional physical locking devices are installed for more protection.
        Article 12. Changes on the privacy policy

        This privacy policy was enacted on May 02, 2017, and in case of any amendments in accordance with laws or regulations, changes will be notified on the hospital website 7 days prior to the implementation.

        - Notice date: May 02, 2017 / Enforcement date: May 02, 2017