Privacy Policy – Rejuel Clinic Gangnam
Rejuel Clinic Gangnam (hereinafter referred to as “the clinic”) prioritizes user privacy and complies with the Personal Information Protection Act.
1. Collection of Personal Information
The clinic collects only the necessary personal information for medical services:
• Mandatory for Medical Services: Name, resident registration number (or foreigner registration number), address, phone number, medical history, and family medical history.
• For Additional Services: Name, date of birth, phone number, address, email.
• For Website Registration: Name, date of birth, gender, email, address, contact number.
• For Kiosk Management: Insurance claims, infectious disease screening.
2. Purpose of Collection & Use
• Medical diagnosis and treatment.
• Additional services such as appointment scheduling and medical record management.
• Website membership management and service provision.
3. Retention & Disposal of Information
• Medical records are retained in compliance with Medical Law (e.g., medical records must be kept for 10 years).
• Personal information is stored only for the agreed period and will be securely disposed of once it is no longer required.
• Destruction Methods:
o Electronic data: Irreversibly deleted using secure digital erasure methods.
o Paper records: Shredded or incinerated to prevent data recovery.
4. User Rights & Data Access Requests
• Users and legal representatives may request access, correction, or deletion of personal data.
• Data legally required to be retained cannot be modified or deleted during the mandatory retention period.
5. Third-Party Disclosure
The clinic does not disclose personal information to third parties except in the following cases:
1. For statistical, research, or survey purposes, where the data is anonymized.
2. When required by law (e.g., tax regulations, health insurance policies, criminal investigations).
3. In urgent situations, such as the protection of life, health, or property, where user consent cannot be obtained.
6. Outsourcing of Personal Information Processing
• If the clinic entrusts personal information processing to third parties, contractual obligations ensure compliance with privacy laws and security measures.
• Any changes in outsourcing arrangements will be disclosed in this policy.
7. Data Protection Officer
The clinic has designated a Privacy Protection Officer responsible for handling data security and privacy inquiries.
8. Security Measures
• The clinic employs robust security measures, including firewalls and encryption, to protect personal data.
• Employees handling personal data receive ongoing security training.
• System access is restricted to authorized users with regular password updates required.
9. Policy Updates & Notifications
• This privacy policy was enacted on December 23, 2021.
• Any updates will be announced at least 7 days before implementation via the clinic’s website.