Privacy Policy
HERIBio (hereinafter ‘company’) does its best to protect users’ rights and interests by setting the Privacy Policy in accordance with the relevant complies with applicable laws, personal information protection regulations and guidelines of the Republic of Korea, which must be obeyed by information service providers.
This Privacy Policy applies to all services related to Dr.HERi operated by the company (hereinafter referred to as ‘Dr.HERi’), and includes the following articles.
The meaning of the terms used in this Privacy Policy shall be in accordance with the relevant statutes and the company’s Terms of Service and other matters shall be subject to general correlation.
1. Collected personal information and collection method
Article 1. Collected personal information
Company collects the personal information required to provide the service when users sign up for the use of Dr.HERi service.
1. Email and password will be collected as a mandatorily for member register.
2. Information registered directly by the member, profile photo information, URL and images entered by the member when registering banner in the “Advisor” feed are collected optionally.
3. When a member requests “full member” approval after signing up, information registered by the member including name, registration number of license/identity card/student ID, date of birth’ are collected as a required item.
4. Information such as email is collected as a required item when consulting or inquiring through the customer center.
5. Environmental information such as OS version, terminal information, etc. and information generated during service use, such as type and frequency of use, are collected.
6. IP Address, device information, date of visit, service use records and bad use records can be generated and collected.
7. Additional personal information may be collected during the event and prize request process. If additional personal information is needed to be collected, the member shall be informed and be asked for agreement of ‘the items of personal information collected, the purpose of the collection and use of personal information and the period of personal information possession and use’.
Article 2. Collection method of personal information
Company collects personal information using methods below.
1. Personal information, which the person has agreed to be collected and entered for signing up, is collected
2. During the consultation process through the customer center, members’ personal information such as name, email and phone number can be collected.
3. Generated information, such as device information, can be automatically generated and collected while using mobile app.
4. Personal information can be provided by an external company or organization affiliated with the company. In such cases, we obtain agreement to be provided members’ personal information from the outside partnerships due to relevant laws.
5. Information in such as profession license/identity card and student ID are collected in image form only for those members who applied for promotion of full member.
2. Purpose of personal information collection and utilization
Company uses personal information only for the purpose of managing the members of Dr.HERi’s service, providing, developing and improving the service.
1. For confirmation of intention to sign up for service use, identification of members, secure smooth communication, introduction of new information and notification and analysis of visits and service records.
2. For providing service to members to read and write postings and comments.
3. To provide “implant Master” service based on profession certification information registered by members.
4. To provide Dr.HERi services, discover new services and improve existing service.
5. To analyze service use and connection frequency, statistics on service use, service analysis and statistics to provide customized services and publish advertisements.
6. In addition to providing Dr.HERi services (including advertising), it is used to discover new service elements, such as demographic analysis, to provide customized services and to improve existing services.
7. For member protection and service operation, such as limiting use of the statutes and the terms and conditions of Dr.HERi, preventing and imposing sanctions on members who violate the terms and conditions of the service, preventing account theft, revising the terms and conditions, preserving records for dispute settlement, and processing customer inquiries.
8. For marketing and promotion purposes, such as providing event information and participation opportunities, delivery of prizes and advertisement information.
3. Providing and consigning personal information
The company shall not provide personal information to third parties or external parties without prior consent from the members.
However, we provide personal information only in the events that the member directly agreed to provide personal information while using the service AND when the member is obliged to provide personal information to company accordance with the relevant statutes.
Article 1 Provision of personal information to third parties
1. In case there was a prior agreement of members
2. In case there is a special regulation in the law or there is a request from the investigative agency according to the procedures and methods set forth in the law for the purpose of investigation.
4. Personal Information Retention and Utilization Period
In principle, the company deletes the members’ personal information without delay when it leaves the member.
However, if company obtained members’ separate agreement for the period of personal information storage, or if the statute imposes an obligation to store information for a certain period, the personal information shall be kept safely for that period.
1. Storage according to internal policy
– Fraudulent use records are kept for one year to prevent fraudulent use.
2. Storage according to relevant law
– Storing records regarding contract or withdrawal of subscription: 5 years
– Storing records on consumer complaints or dispute handling: 3 years
– Storing records related to visits : 3 months
5. Elimination of personal information
In case of eliminating personal information, it is destroyed in a way that cannot be restored.
In addition, information imposed by the statute on preservation obligations also shall be deleted in ways that it cannot be restored without delay after the period has elapsed.
Electronic files are safely deleted using technical methods to prevent recovery and playback and printed materials are destroyed by grinding or incineration.
Image files such as job licenses/identity/student ID cards collected from sub members who applied for promotion of full member shall be deleted immediately after use for authentication purposes.
The company separately stores and manages the personal information of the members who have not used the service for one year under the relevant act in law. However, this does not apply if the validity period of personal information is set to be until withdrawal from the membership.
6. Users’ right
1. The member can check or modify his or her personal information in ‘Settings’ at any time after logging in to the Dr.HERi app. However, it is not possible to withdraw application of full member or modify job information.
2. The member may withdraw his/her consent to collect and use personal information at any time through deleting account in Dr.HERi.
3. If a member requests correction of personal information errors, company shall not use or provide such personal information until the correction is completed. In addition, if the wrong personal information has already been provided to a third party, we will notify the third party of the correction result without delay so that the correction can be made.
7. Users’ obligations
Members have the right to his or her personal information be protected and also have the obligation not to infringe on other people’s information.
Be aware to not leak personal information of members, including passwords, and be careful not to damage other people’s personal information, including posts.
The member himself/herself is responsible for accidents caused by inaccurate information entered by the member. The member is responsible for preventing accidents by accurately entering personal information in the latest state.
Copyright for all posts belongs to the author of each post. The company is not involved in any legal dispute related to this.
If a member fails to fulfill his/her responsibilities and damages other’s information and dignity, he/she may be punished by the relevant law.
8. Technical and Management Protection Measures for Personal Information
The company is seeking the following technical/management measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in handling the members’ personal information.
1. Countermeasures against hacking
The company is doing its best to prevent the leakage or damage of members’ personal information by hacking or computer viruses.
We prevent leakage or damage of members’ personal information or data, and ensures safe transmission of personal information on the network through cryptographic communication.
Also, we use the intrusion prevention system to control unauthorized access from outside.
2. Minimize and educate the person handling personal information
The company’s personal information handler is limited to those in charge of performing the relevant duties directly and the company regularly renews them by giving them a separate password. Also, we always emphasize compliance with the company’s personal information protection policies and personal information processing policies through occasional training for the person in charge.
3. Operation of the team dedicated to personal information protection
The company checks the implementation of the company’s personal information protection policy and personal information processing policy and compliance of the person in charge through the in-house personal information protection team, so that if a problem occurs, it can be corrected immediately.
However, the company is not liable for any problems caused by the leakage of personal information due to the member’s carelessness or by the company’s non-intentional or non-significant negligence.
9. Report personal information related complaints
All personal information related complaints arising from the use of the company’s services may be reported to the company. The company will respond quickly to the member’s report.
If you need to report or consult on other personal information violations, please contact the following agency.
– Personal information infringement report center, KISA of Republic of Korea
– Cyber Investigation Division, Supreme Public Prosecutor`s Office of Republic of Korea
– National Police Agency of Republic of Korea
10. Others
We inform you that this Dr.HERi’s Privacy Policy does not apply to other services such as websites linked to Dr.HERi to collect personal information.
11. Obligation of notification
If the contents of the current personal information processing policy are added, deleted, or modified, it will be notified through HERIbio’s website or ‘notices’ within the service at least 7 days before the enforcement date.
However, if a significant change in user rights occurs, it shall be notified at least 30 days in advance, and if necessary, it may be re-approved by the user.
Announcement date: 30th October, 2020
Enforcement date: 30th October, 2020