Privacy Policy
This Privacy Policy describes how information provided or collected when a user (hereinafter referred to as ¡°User¡±) who has agreed to this policy uses the application available on the website or platform of HUEMEDICAL Co., Ltd. (hereinafter referred to as ¡°Company¡±) is processed.
The Company values the privacy of its Users and, through this Privacy Policy, informs Users about the purposes and methods by which the Company uses the personal information provided by Users, as well as the measures taken to protect personal information.
This policy takes effect from January 2, 2024, and any revisions will be announced through notices on the website (or via individual notice in writing, fax, email, etc.).
1. Information Collected and Collection Methods
(1) Types of Personal Information Collected
The Company collects the following personal information:
ᆞ Information provided by the User:
The Company may collect information that the User directly provides.
|
Service Name |
Items Collected |
|
User history mgmt |
Name, Date of Birth, Phone Number |
ᆞ Collection Methods
The Company collects information through:
∙ Written forms, fax, phone, email, Hueband app, etc.
∙ Information provided by partner companies
2. Use of Collected Information
The Company uses the collected User information for the following purposes:
∙ To assist primary physicians in diagnosis as a supplementary tool
∙ To respond promptly to customer service requests (device A/S)
∙ To comply with applicable laws or legal obligations
If the Company intends to use information for purposes other than those specified in this Privacy Policy, the Company will obtain the User¡¯s consent.
3. Sharing of Collected Information
The Company does not share Users¡¯ personal information with third parties except in the following cases:
ᆞ Sharing with affiliates, partners, and service providers
- When affiliates, partners, or service providers perform services such as device malfunction analysis on behalf of the Company
ᆞ When the User has given prior consent
- When the User chooses to share personal information with a specific company to receive information on its products or services
- Any other case where the User has provided prior consent
ᆞ When required by law
- When disclosure is legally required
- When requested by investigative authorities in accordance with legally prescribed procedures and methods for investigation purposes
4. User Access Rights and Choices
Users, or their legal representatives, as the subjects of the information, may exercise the following rights regarding the collection, use, and sharing of personal information by the Company:
- Right to access personal information
- Right to correct or delete personal information
- Right to suspend processing of personal information
- Right to withdraw previously given consent
To exercise these rights, contact the Company¡¯s representative line, relevant department (or personal information manager), or place of purchase by written request, phone, or email. The Company will promptly take action unless there is a valid legal reason to refuse such a request.
5. Security
The Company takes the security of Users¡¯ personal information very seriously and has implemented the following measures to prevent unauthorized access, disclosure, use, or modification of personal information:
∙ Encryption of Personal Information
- Transmission of personal information over encrypted channels
- Storage of important information such as passwords in encrypted form
∙ Measures Against Hacking, etc.
- Installation of systems in access-controlled areas to prevent leakage or damage from hacking or computer viruses
∙ Establishment and Implementation of Internal Management Plans
∙ Installation and Operation of Access Control Devices
∙ Measures to Prevent Forgery or Alteration of Access Records
6. Protection of Children¡¯s Personal Information
The Company does not intentionally collect information from children under the age of 13, or the minimum age equivalent under applicable law. Products and services are primarily intended for patients or relevant medical personnel.
If it becomes necessary to collect personal information from a child under the age of 13 (or equivalent), the Company will take additional steps to protect children¡¯s personal information, including:
- Obtaining guardian consent before collecting the child¡¯s personal information or sending product/service information directly to the child
- Notifying the guardian of the items collected, purpose, and whether the information will be shared
- Granting the legal guardian the right to access, correct, delete, suspend processing, or withdraw consent regarding the child¡¯s personal information
7. Changes to the Privacy Policy
The Company reserves the right to revise or change this policy at any time. In such cases, the Company will notify Users via the website (or by written notice, fax, email, etc.), and where required by law, obtain the User¡¯s consent.
8. Retention and Use Period of Personal Information
The Company will promptly destroy personal information when the collection and use purposes have been achieved, when there is no longer a legal or business need, or when requested by the User. However, where retention is required by law, the Company will store the information for the period specified by applicable laws.
|
∙ Records on consumer complaints or dispute resolution: 3 years (pursuant to the Act on the Consumer Protection in Electronic Commerce, etc.) |
9. Destruction Procedure and Method
The
Company will promptly destroy personal information once its purpose has been
fulfilled, unless retention is required by law. Information stored separately
will not be used for any other purpose except as required by law.
Paper records: shredded or incinerated
Electronic files: deleted using technical methods that make restoration
impossible
10. Technical, Administrative, and Physical Safeguards
|
Category |
Safeguards |
|
Technical |
Use of secure servers for encrypted transmission, encryption of sensitive information, installation and operation of antivirus software, installation and operation of access control devices, establishment and implementation of internal management plans |
|
Administrative |
Designation of personal information protection officer, employee training, establishment and implementation of internal management plans, password rules to prevent guessing, secure storage of access logs to personal information processing systems, differentiated access rights |
|
Physical |
Establishment and operation of entry control procedures for storage facilities, storage of documents or media containing personal information in locked, secure locations |
11. Personal Information Protection Officer
Name: Kangwoon Son
Position: Head of Technical Research Institute
Phone: +82-1660-1619
Email: md@jasanmns.co.kr
12. Responsible Department
The Company has designated the following department to protect Users¡¯ personal information and handle related complaints:
- Department: Technical Research Institute
- Address: 128, Songsansandan-gil, Songsan-myeon, Hwaseong-si, Gyeonggi-do, Republic of Korea
- Phone: +82-1660-1619
Last Updated: December 2023