Medilogis Co., Ltd. (‘medilogis.net’ hereinafter referred to as ‘Medilogis’) protects the personal information and rights of users in accordance with the Personal Information Protection Act and resolves user complaints related to personal information.
To ensure smooth processing, we have the following processing policy.

If MediLogis Company revises its personal information processing policy, it will notify you through website notices (or individual notices).

○ This policy takes effect from January 1, 2017.

1. Purpose of processing personal information

MediLogis processes personal information for the following purposes. Processed personal information will not be used for purposes other than the following, and prior consent will be sought if the purpose of use changes.

A. Website membership registration and management

Personal information is processed for the purpose of identification and authentication in accordance with the provision of membership services.

B. Providing goods or services

Personal information is processed for the purposes of providing services, providing customized services, and billing/settlement.

C. Use in marketing and advertising

Personal information is processed for the purpose of verifying the validity of the service.

2. Personal information file status

1. Personal information file name: Android app privacy policy
– Personal information items: email, mobile phone number, service use record, access log, cookie, access IP information, payment record
– Collection method: website, Collection through creation information collection tool
– Basis for retention: None
– Retention period: Destruction without delay
– Relevant laws and regulations: Records on collection/processing and use of credit information: 3 years, payment and Records on supply of goods, etc.: 5 years, records on contracts or cancellation of subscription, etc.: 5 years, records on labeling/advertisement : 6 months

3. Entrustment of personal information processing

1. MediLogis entrusts personal information processing tasks as follows to ensure smooth personal information processing.

2. When concluding a consignment contract, MediLogis prohibits processing of personal information other than for the purpose of performing consignment work in accordance with Article 25 of the Personal Information Protection Act, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of the consignee, compensation for damages, and other responsibilities. is specified in documents such as contracts, and we supervise whether the trustee handles personal information safely.

3. If the contents of the entrusted work or the trustee changes, we will disclose it through this personal information processing policy without delay.

4. Rights and obligations of information subjects and methods of exercising them. Users, as subjects of personal information, can exercise the following rights.

① The information subject may exercise the following rights related to personal information protection against MediLogis at any time.
1. Request to view personal information
2. Request for correction if there is an error, etc.
3. Request for deletion
4. Request to suspend processing
② The exercise of rights under Paragraph 1 can be done in writing, e-mail, facsimile (FAX), etc. to MediLogis in accordance with the form in Appendix 8 of the Enforcement Rules of the Personal Information Protection Act, and the name of the institution/company ('Site URL') (hereinafter referred to as ‘site name) will take action regarding this without delay.
③ If the information subject requests correction or deletion of errors in personal information, the organization/company name ('Site URL' hereinafter 'site name) may use the personal information in question until correction or deletion is completed. Not provided.
④ Rights under paragraph 1 may be exercised through an agent, such as the information subject's legal representative or a person authorized to do so. In this case, you must submit a power of attorney in the format of Appendix 11 of the Enforcement Rules of the Personal Information Protection Act.

5. Fill out the items of personal information being processed

1. MediLogis processes the following personal information items.

6. Destruction of personal information

In principle, MediLogis destroys the personal information without delay when the purpose of processing personal information has been achieved. The procedures, deadlines and methods for destruction are as follows.

-Destruction Procedure: The information entered by the user is transferred to a separate database after the purpose is achieved (separate documents in the case of paper) and stored for a certain period of time or immediately destroyed in accordance with internal policies and other relevant laws. At this time, personal information transferred to the DB will not be used for any other purpose unless required by law. - Destruction period: If the personal information retention period has elapsed, the personal information of the user will be deleted within 5 days from the end of the retention period. When personal information becomes unnecessary, such as achieving the purpose of processing personal information, abolition of the relevant service, or termination of business, the personal information will be destroyed within 5 days from the date when processing of personal information is deemed unnecessary.

-Destruction method
Information in the form of electronic files uses technical methods that do not allow the records to be reproduced.
Personal information printed on paper is destroyed by shredding or incineration.

7. Measures to ensure the stability of personal information

In accordance with Article 29 of the Personal Information Protection Act, MediLogis is taking the following technical, managerial and physical measures to ensure safety.

1. Conduct regular self-audit
To ensure the stability of personal information handling, we conduct self-audits on a regular basis (quarterly).

2. Minimization and training of employees handling personal information
We are implementing measures to manage personal information by designating employees who handle personal information and limiting it to the person in charge.

3. Establishment and implementation of internal management plan
To ensure safe processing of personal information, we have established and implemented an internal management plan.

4. Technical measures against hacking, etc.
MediLogis installs a security program to prevent leakage and damage of personal information due to hacking or computer viruses, conducts periodic updates and inspections, and controls access from outside.
We install systems in designated areas and monitor and block them technically and physically.

5. Encryption of personal information
The user's personal information is stored and managed with an encrypted password, so only the user can know it. Important data can be stored and managed by encrypting files and transmission data or using the file lock function.
We are using separate security features, such as using

6. Storage of access records and prevention of forgery and falsification
We store and manage records of access to the personal information processing system for at least six months, and use security features to prevent access records from being forged, altered, stolen, or lost.

7. Restrictions on access to personal information
Necessary measures are being taken to control access to personal information by granting, changing, and deleting access rights to the database system that processes personal information, and an intrusion prevention system is in place.
We use this system to control unauthorized access from outside.

8. Use of locking device for document security
Documents and auxiliary storage media containing personal information are stored in a safe place with a lock.

9. Access control for unauthorized persons
We have a separate physical storage location where personal information is stored and have established and operated access control procedures for it.

8. Written by Personal Information Protection Manager

1. MediLogis is responsible for overall management of personal information processing, and has established personal information protection measures as follows in order to handle complaints and provide relief for damage from information subjects related to personal information processing.
The owner is being designated.

▶ Personal information protection officer
Name: Seo Hwi-seok
Contact:031)-8042-7660, cafeseo@medilogis.net
※ You will be connected to the personal information protection department.

▶ MediLogis will respond and process inquiries from information subjects without delay.

9. Changes to personal information processing policy

1. This personal information processing policy is applied from the effective date, and if there are additions, deletions, or corrections of changes in accordance with laws and policies, they will be notified through notices 7 days prior to the implementation of the changes.