언어변경비즈 채널전화걸기장바구니로 이동

Privacy Policy

Orta Clinic Privacy Policy

  • Article 1 (Purpose of Processing Personal Information)
    Orta Clinic (hereinafter referred to as the "Clinic") processes personal information for the following purposes. Personal information being processed will not be used for purposes other than the following, and in the event of a change in the purpose of use, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
    • 1. Management of Website Users: Identifying and managing website users, preventing unauthorized use, and providing notifications and announcements.
    • 2. Provision of Goods or Services: Providing medical treatment and reservations, consultation services, viewing of medical records, health-related content, customized services, payment and settlement, debt collection, marketing, promotions, event management, identifying and resolving customer grievances, and complaint handling.
    • 3. Management of Employees and Affiliated Companies: Managing employee recruitment, employee records, management of trustees and affiliated companies.
  • Article 2 (Processing and Retention Period of Personal Information)
    ① The Clinic processes and retains personal information within the period agreed upon at the time of collection or as prescribed by law.
    ② The retention periods for each purpose are as follows:
    • 1. Management of Website Users: For five years after the termination of the business relationship, unless one of the following applies:
      • 1) In the case of ongoing investigations or proceedings regarding illegal activities, until the completion of such investigations.
      • 2) In the case of remaining obligations or debts, until settlement of said obligations.
    • 2. Provision of Goods or Services: For five years after the termination of the business relationship, unless one of the following applies:
      • 1) Records in accordance with the "Consumer Protection Act in Electronic Commerce":
        • - Records related to advertisements: 6 months
        • - Records related to contracts, cancellations, payments, and service provision: 5 years
        • - Records related to customer complaints and dispute resolution: 3 years
      • 2) Communication data in accordance with the "Protection of Communications Secrets Act":
        • - Subscriber telecommunication records: 1 year
        • - Computer communication and internet log data: 3 months
      • 3) Records in accordance with the "Medical Service Act":
        • - Patient roster: 5 years
        • - Medical records: 10 years
        • - Prescriptions: 2 years
        • - Surgical records: 10 years
        • - Examination results and opinions: 5 years
        • - Radiographs (including images) and reports: 5 years
        • - Nursing records: 5 years
        • - Copies of diagnosis certificates: 3 years
    • 3. Management of Employees and Affiliated Companies:
      • - Employee records: For three years after retirement
      • - Applicant information: For one year after recruitment
      • - Records of affiliated companies and trustees: For five years after the end of the transaction relationship
  • Article 3 (Provision of Personal Information to Third Parties)
    The Clinic processes personal information within the scope specified in Article 1 (Purpose of Processing Personal Information) and only provides personal information to third parties in cases where it complies with Articles 17 and 18 of the Personal Information Protection Act, such as with the consent of the data subject or when there are special provisions under the law.
  • Article 4 (Outsourcing of Personal Information Processing)
    • ① To facilitate smooth processing of personal information, the Clinic outsources the following tasks:
      • Contractor: JeonNeung IT Co., Ltd - Tasks: Customer management, marketing operations, payroll and accounting, system maintenance
      • Contractors: Kakao Corp., Naver Corp., Facebook, Inc., Google LLC - Tasks: Advertising and marketing services for the Clinic
    • ② When signing outsourcing agreements, the Clinic specifies contractual terms in compliance with Article 26 of the Personal Information Protection Act, which include restrictions on processing, security measures, re-outsourcing restrictions, and supervision of contractors, ensuring that contractors securely process personal information.
    • ③ If there is a change in the content of outsourced tasks or contractors, such changes will be disclosed without delay through this Privacy Policy.
  • Article 5 (Rights of Data Subjects and Legal Representatives, and Methods of Exercise)
    ① Data subjects may exercise their rights, such as requests for access, correction, deletion, and suspension of processing of personal information, at any time with the Clinic.
    ② Requests made pursuant to Section 1 can be made in writing, by email, etc., according to Article 41, Clause 1 of the Personal Information Protection Act, and the Clinic will respond promptly.
  • Article 6 (Personal Information Processing Items)
    • 1. Management of Website Users: Name, age verification (over 14), phone number, email address
    • 2. Provision of Goods or Services:
      • Required items: Name, date of birth, gender, address, phone number, email address, payment information
      • Optional items: Interested procedures, past treatment history, medical history, medication information, allergy status
    • 3. Management of Employees and Affiliated Companies:
      • Name, date of birth, address, contact information, work history
      • Name, contact information, workplace, job title
  • Article 7 (Destruction of Personal Information)
    • ① The Clinic destroys personal information without delay when it is no longer necessary, such as after the retention period has expired or the purpose of processing has been achieved.
    • ② When there is a legal obligation to continue retaining personal information, it will be stored in a separate database (DB) or stored in a different location.
  • Article 8 (Measures to Ensure the Security of Personal Information)
    • 1. Administrative measures: Establishment and implementation of an internal management plan, regular employee training
    • 2. Technical measures: Access control management, installation of access control systems, encryption of unique identification information, security programs
    • 3. Physical measures: Access control of computer rooms and data storage rooms
  • Article 9 (Installation, Operation, and Rejection of Automated Data Collection Devices)
    • ① The Clinic uses cookies to provide customized services for users.
    • ② Purpose of using cookies: To analyze user visit patterns, popular search terms, and security access information to provide optimized information to users.
  • Article 10 (Privacy Officer)
    • Name: Kang Hyun-Sun
    • Position: Chief Director
    • Contact: 010-5374-9755, Email: ghanghs93@gmail.com
  • Article 11 (Criteria for Additional Use and Provision)
    In accordance with Articles 15-3 and 17-4 of the Personal Information Protection Act, the Clinic considers necessary factors for additional use and provision without the data subject’s consent.
  • Article 12 (Request for Personal Information Access)
    Data subjects may request access to personal information in accordance with Article 35 of the Personal Information Protection Act.
  • Article 13 (Remedies for Infringement of Rights)
    • 1. Personal Information Dispute Mediation Committee: 1833-6972
    • 2. Personal Information Infringement Report Center: 118
    • 3. Supreme Prosecutors' Office: 1301
    • 4. Cyber Bureau, National Police Agency: 182
  • Article 14 (Installation and Operation of Video Surveillance Devices)
    • 1. Basis for installation: Facility safety and fire prevention
    • 2. Installation location: Clinic’s medical offices, hallways
    • 3. Responsible Officer: Chief Director Park Ki-Beom
  • Article 15 (Application and Modification of the Privacy Policy)
    This Privacy Policy is effective as of November 13, 2024.