Privacy Policy

(Company Name) (hereinafter referred to as the "Company") complies with the relevant legal regulations on the protection of personal information, including the Act on Promotion of Information and Communication Network Utilization and Information Protection, the Personal Information Protection Act, the Communication Privacy Act, and the Electric Communications Business Act, which information and communication service providers must adhere to. We have established a privacy policy in accordance with the relevant laws and make every effort to protect the rights and interests of users. This Privacy Policy applies only to the services provided by the Company's "Application Name" and contains the following contents.

Article 1 (Collection Items and Purpose of Use of Personal Information)

The Company collects the following personal information. The personal information being processed will not be used for purposes other than the following purposes, except for special reasons such as obtaining separate consent under Article 18 of the Personal Information Protection Act or when there is a specific provision in other laws.

Purpose of Use Items to Be Collected Retention Period
Membership Registration and Service Provision
  • Email (SNS account UID)
  • Language
  • Nationality
 Until withdrawal of membership
Profile Creation and Use of Medical Questionnaire System
  • Profile Name
  • Gender
  • Date of Birth
  • Height, Weight
  • Smoking Status, Alcohol Consumption Status
 Until profile is deleted or membership is withdrawn
Customer Support and Response
  • User Name
  • User Phone Number
  • User Email
 Retained for 5 years after completion of support
Participation in Events
  • Shipping Address for Products
  • Recipient Name
  • Recipient Phone Number
 Retained for 5 years after the event
Statistical Management and Customized Service Provision for System and Service Improvement
  • Device Unique Value, Device Model Name, Operating System, App Version
 Retained, excluding personal information
Provision of Summary Services for Symptom Questionnaires (Including Sensitive Information)
  • [Sensitive Information] Major Symptoms, Coexisting Symptoms, Health Information (Blood Pressure, Fasting Blood Sugar, Oxygen Saturation, Body Temperature, Respiratory Rate, Heart Rate, Alcohol Consumption, Smoking Status, etc.), Underlying Disease History (Presence or Absence of Hypertension, Diabetes, Past Surgery and Hospitalization History, Cancer Diagnosis History, etc.), Family History, Prescription History, and Medication Status, and all other information entered by users while using the SymptomMy App, except personal information
 Retained, excluding personal information

Article 2 [Provision of Personal Information]

  1. 1. The company obtains the prior consent of the member to provide the member's personal information to a third party within the scope notified for the purpose of collecting and using personal information. Without the prior consent of the member, the company will not provide personal information to a third party beyond that scope. However, there are exceptions as follows:
    1. When the member has given written consent.
    2. When the company is obligated to submit the member's personal information under the regulations of the law.
    3. When it is necessary for statistics, academic research, or market research and is provided in a form that cannot identify specific individuals.
  2. The company obtains the prior consent of the member to provide sensitive information to a third party within the scope notified for the purpose of collecting and using sensitive information. Without the prior consent of the member, the company will not provide sensitive information to a third party beyond that scope. However, there are exceptions as follows:
    1. When the member has given written consent or when the member has shared it directly.
    2. When the company is obligated to submit the member's personal information under the regulations of the law.
    3. When it is necessary for statistics, academic research, or market research and is provided in a form that cannot identify specific individuals.

Article 3 (Procedure and Method of Personal Information Disposal)

The personal information of users is disposed of without delay when the personal information becomes unnecessary due to the expiration of the retention period, achievement of the purpose of collecting and using personal information, etc. The company's procedure and method for disposing of personal information are as follows:

  1. Disposal Procedure
    1. The company records and manages matters related to the disposal of personal information, and the disposal is carried out under the responsibility of the personal information protection manager. The personal information protection manager verifies the disposal results.
    2. In cases where it is necessary to retain personal information in accordance with other laws, the company may not dispose of the user's personal information exceptionally.
  2. Disposal Method
    1. Personal information stored in paper or other records is shredded or incinerated.
    2. Personal information stored in electronic files is permanently deleted in a manner that cannot be restored (or using technical methods that cannot reproduce the records).
  3. Method of Retaining Undisposed Information The company stores and manages personal information in a manner that separates it from other personal information when retaining personal information in accordance with laws, and, except for cases prescribed by law, it does not use it for purposes other than retention.

Article 4 (Rights and Obligations of Data Subjects and Methods of Exercising Them)

  1. Users may request to view their personal information, the status of the company's use of their personal information, or provision to third parties at any time through the "SymptomMy" service provided by the company, and may request correction if there are errors. They may also request withdrawal (membership withdrawal).
  2. To view and correct personal information, or to request withdrawal (consent withdrawal) for personal information retrieval and modification of users or children under 14 years of age, you can click on "Change Personal Information" (or "Edit User Information," etc.) and go through the identity verification process to view and correct the information or withdraw.
  3. In cases of the preceding two paragraphs, the company immediately investigates the personal information and takes necessary measures such as correction, deletion, etc. according to the user's request, and informs the user of the results. The company does not use or provide the personal information until the necessary measures are taken.
  4. Users may request the company to suspend the processing of their personal information at any time, and in this case, the company immediately suspends all or part of the processing of personal information according to the user's request and takes necessary measures such as destruction of the information.
  5. If you have any comments or questions regarding personal information, please contact the personal information protection manager and the responsible person in writing, by phone, or by email, and we will receive and respond to your request after confirmation.
  6. When logged in, users should be especially careful not to leak personal information to others around them.

Article 5 (Technical and Managerial Measures for the Protection of Personal Information)

The company has established the following technical and managerial protection measures to ensure the security of personal information and to prevent the loss, theft, leakage, alteration, or damage of personal information when processing personal information of users.

  1. The company minimizes personal information without real-name authentication, and sensitive information is stored separately without personal information.
  2. Countermeasures against hacking
    The company makes its best effort to prevent the leakage or damage of a member's personal information due to hacking or computer viruses. In addition, to prevent damage to personal information, the company regularly backs up data, and ensures the security of transmitting personal information on the network through encrypted communication, and so on.
  3. Minimizing and educating employees
    The company restricts access to the minimum personnel with access to user's personal information, and except for those who perform tasks related to user's personal information directly, such as salespersons who deal with users directly, personal information protection managers and their agents, and others who must handle personal information in the course of their business, access is strictly limited. We emphasize compliance with the personal information processing policy by providing frequent education to responsible employees. However, the company is not responsible for any problems that occur due to the user's own negligence or problems on the Internet such as ID and password leakage.

Article 6 (Installation, Operation, and Rejection of Personal Information Automatic Collection Devices)

No personal information automatic collection devices are used.

Article 7 (Information on the Use of Third-party Modules)

For the purpose of paying the advertising costs for the "SymptomMy" application service published on third-party media, and for analyzing customer service usage, third-party modules may be installed in the "SymptomMy" application. The installed third-party modules are as follows:

  1. iOS
    [Firebase For iOS]
    • Provider: Google
    • Purpose of Use: Analysis of user service usage
    • Information Provided: Unidentifiable device information
  2. Android
    [Firebase For Android]
    • Provider: Google
    • Purpose of Use: Analysis of user service usage
    • Information Provided: Unidentifiable device information

Article 8 (Contact Information of the Personal Information Protection Manager and Responsible Person)

  1. You can report all complaints related to the protection of personal information that arise while using the company's services to the personal information protection manager. The company will respond promptly to your reported matters.

    Personal Information Management Manager:
    • Name: Lee Chan-hyung
    • Affiliation/Position: CEO of Media Ark Co., Ltd.
    • Phone number: 070-8064-5458
    • Email address: service@mediark.io
  2. If you need to report other personal information infringements or need counseling, please contact the following agencies:
    • Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code)
    • Personal Information Dispute Mediation Committee (kopico.go.kr / 1833-6972)
    • Cyber Crime Investigation Department of the Supreme Prosecutor's Office (www.spo.go.kr / 02-3480-3571)
    • Cyber Safety Bureau of the National Police Agency (www.ctrc.go.kr / 182 without area code)

Article 9 (Scope of Application)

We inform you that this "Privacy Policy" does not apply to the collection of personal information by other websites linked to the "SymptomMy" application. Furthermore, this "Privacy Policy" applies only to members who have entered into a service agreement with the company and is not applicable to members who have been granted rights under the terms of use agreement with the company. The personal information processing policy applicable to members shall be confirmed through the personal information protection manager (or personal information protection manager) of each company (organization).

Article 10 (Notification Obligation)

The personal information processing policy may be revised for legal reasons or to reflect changes in services. When the personal information processing policy is changed, the changes will be posted, and the revised policy will take effect seven days after the posting date.

Supplementary Provisions

  1. This policy is announced on October 25, 2023.
  2. This policy takes effect on November 1, 2023.