Privacy Policy

Effective Date: January 30, 2023

Article 1. Consent to Collection of Personal Information

Saeron Clinic (“the Site”) provides a process through which users can review the Terms of Service and this Privacy Policy, and indicate consent by clicking the “Agree” button. By clicking this button, users are deemed to have given consent to the collection and use of their personal information.

Article 2. Items Collected and Purpose of Use

Definition of Personal Information
“Personal information” refers to information related to a living individual that can identify the person, including but not limited to name, contact information, and resident registration number. Even if a single piece of data does not directly identify an individual, if it can be easily combined with other information to do so, it is still considered personal information.

Items and Purpose
- Time of Collection: When submitting online forms
- Required Items: Name, contact number, email
- Purpose: To provide consultation and support related to service use
- Retention Period: Retained for five (5) years

Article 3. Collection of Personal Information via Cookies

1. Purpose of Cookies
- To provide customized information based on user interests
- To analyze access frequency and visit duration for targeted marketing and service improvement
- To track items viewed or purchased for personalized shopping experiences

2. Operation and Refusal of Cookies
Cookies are stored on users’ hard drives. While they identify the user’s device, they do not personally identify the individual. Users may allow or block cookies, or receive a prompt each time a cookie is stored, by adjusting browser settings. However, disabling cookies may restrict access to certain login-based services.

3. How to Disable Cookies
- Internet Explorer: Tools > Internet Options > Privacy tab > Custom settings
- Chrome: Menu > Settings > Advanced > Privacy > Site Settings > Cookies

Article 4. Retention and Destruction of Personal Information

1. Retention and Use Period
Personal information will be destroyed without delay when the purpose of collection has been fulfilled or the user withdraws consent. However, certain records may be retained for a limited period as required by law:
- Consumer Protection Act in E-Commerce
- Records of contracts or withdrawals: 5 years
- Records of payments and supply of goods: 5 years
- Records of customer complaints and dispute resolution: 3 years
- Protection of Communications Secrets Act
- Records of website visits (logs): 1 year

2. Destruction Method
- Procedure: Once the retention period expires, the information is transferred to a separate database or physical storage and then safely destroyed.
- Method:
- Paper documents are shredded or incinerated.
- Electronic files are deleted using a method that ensures data cannot be recovered.

3. Dormant Accounts
In accordance with the Act on Promotion of Information and Communications Network Utilization, the Site may notify users who have not used the service for 12 months that their accounts will become inactive. If the user does not respond within the specified period, their account may be deactivated. Dormant account information will be stored separately and destroyed after the legally mandated retention period. If the user returns, the information may be restored for continued service use.

Article 5. Provision to Third Parties

1. Principle of Non-Disclosure
The Site does not provide personal information to third parties beyond the scope stated in this Privacy Policy.

2. Exceptions
Information may be disclosed in the following cases:
- When required for legal investigations or by lawful authority
- When data is provided in an anonymized format for research, statistics, or marketing
- When otherwise required by applicable laws and regulations

Even in such cases, we strive to limit the scope of disclosure to the minimum necessary.

Article 6. Access and Correction of Personal Information
- Users may request to view or correct their personal information at any time by contacting the Privacy Officer via written request, phone, or email.
- While corrections are being processed, the Site will not use or provide the relevant personal data.
- If incorrect information has already been shared with a third party, the Site will promptly notify them of the correction.

Article 7. Security Measures for Personal Information

In accordance with Article 29 of the Personal Information Protection Act, the Site implements the following security measures:
1. Data Encryption
2. Passwords are encrypted and stored securely. Important data is encrypted or protected using file locking and similar technologies.
3. Technical Protection
4. To prevent leakage or damage from hacking or viruses, security programs are installed and updated regularly. Access to systems is restricted and monitored through physical and technical safeguards.

Article 8. Privacy Officer

The Site has appointed the following Privacy Officer to oversee all matters related to the processing of personal information and to handle related inquiries or complaints:
- Name: Dr. Yongmin Joo
- Position: Chief Director
- Contact: 051-710-1616

External Resources for Complaints or Dispute Resolution:
- KISA Personal Information Infringement Center / 118
- Cyber Bureau of the Korean National Police Agency / 182
- Cyber Investigation Division, Supreme Prosecutors’ Office / 02-3480-3570
- Personal Information Dispute Mediation Committee / 1833-6972

Article 9. Changes to This Privacy Policy

This Privacy Policy is effective as of January 30, 2023.
Any changes required by law or internal policy will be announced at least 7 days prior to enforcement via the Site’s notices page.