WhatsApp
Youtube
Instagram
Tiktok
Close

Personal Information Consent Policy

In relation to your appointment request with Fitting Clinic, we must obtain your consent to collect and use the personal information you provide, in accordance with Articles 15 and 22 of the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection.

By signing below, you agree that Fitting Clinic may collect and use your personal information as follows:

1. Required Collection and Use of Personal Information
1) Purpose of Collection and Use To process appointment requests and provide related services.
2) Items of Personal Information Collected • Personally identifiable information (name, email, contact number, etc.)
3) Retention and Use Period • Until the purpose of collection and use has been fulfilled from the date of consent.

2. Consent to Receive SNS/Marketing Information
① Consent to Receive SNS/Marketing
Please be aware that your collected personal information may be used to send promotional event messages, consultation messages, or reservation confirmation messages.

※ Please be advised that you have the right to refuse consent; however, refusing may make your application or reservation request impossible to process.
Login Join

Privacy Policy

PRIVACY POLICY

Fitting Clinic (“the Clinic”) establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to ensure that related inquiries and complaints are handled promptly and smoothly.

Article 1 (Purpose of Processing Personal Information)
The Clinic collects and uses personal information for the following purposes.
All information provided by users will be used only for the purposes stated below. If the purpose of use changes, prior consent will be obtained.
        •        Identity verification for medical treatment, examinations, and reservation inquiries
        •        Medical services for diagnosis and treatment
        •        Administrative tasks related to billing, payment, refunds, and insurance claims
        •        Issuance and delivery of statements, certificates, medications, products, and test results
        •        Outsourced tests and external laboratory services (online/offline)
        •        Communication for handling inquiries, complaints, and patient support
        •        Legal and administrative compliance required for medical quality control and clinic operations
        •        Statistical analysis necessary for education and clinical research (minimum identifiable data only)
        •        Notifications about clinical information, academic updates, and clinic announcements

Article 2 (Retention and Use Period of Personal Information)
The Clinic retains and processes personal information only within the period permitted by law or within the period agreed to by the data subject at the time of collection.
        •        Membership information: Until membership termination or removal
        •        Survey/event information: Until the corresponding event or survey is completed
        •        Medical records: Retained in accordance with Article 15 of the Medical Service Act (“Retention of Medical Records”)
        ◦        Retained items: name, address, resident registration number, and medical information
        •        Even after the purpose of collection is fulfilled, personal information may be retained if required under the Commercial Act or other applicable laws.

Technical Measures for Personal Information Protection
The Clinic implements the following technical safeguards to prevent loss, theft, leakage, alteration, or damage of personal information:
        •        Encryption of files and data transmission; storage of critical data using secure lock functions
        •        Use of authentication and encryption systems to protect personal information transmitted over networks
        •        Firewalls and intrusion prevention systems for blocking unauthorized access
        •        24-hour monitoring with intrusion detection systems for each server

Article 3 (Rights, Obligations, and Exercise Methods of Data Subjects)
When a customer requests access, correction, or deletion of personal information, the Clinic sincerely responds to the request and processes it without delay. The Clinic does not provide access, correction, or deletion procedures for personal information via telephone, postal mail, FAX, or other application methods, only through an in-person visit by the customer.
        •        Access to Personal Information: Customers may visit the Clinic to request access to their personal information, and the Clinic will respond promptly.
        •        Correction and Deletion of Personal Information:
        1        If a customer requests correction or deletion of personal information, and the Clinic determines that correction or deletion is necessary (such as when an error is found), the Clinic will proceed without delay. The Clinic may request supporting evidence necessary to confirm the facts of the correction or deletion.
        2        When requesting access, correction, or deletion of personal information, the customer must present identification (such as a Resident Registration Card, passport, or driver's license) to verify their identity.
        3        If the Clinic has a legitimate reason to refuse access, correction, or deletion of all or part of the personal information, the Clinic will notify the customer and explain the reason.
        4        The legal representative of a child under the age of 14 may request access, correction, deletion, or suspension of processing of the child's personal information and must submit proof of relationship and identity.

Article 4 (Items of Personal Information Processed and Methods of Collection)
When collecting personal information, the Clinic provides prior notice of the scope and purpose of collection in the application form or terms of use, in accordance with relevant laws. The collected personal information items are as follows:
Items Collected Upon Website Membership Registration
        •        Items Collected: Name, ID, Password, Email, Gender, Date of Birth, Home Address, Mobile Phone Number, Telephone Number, Access Logs, Cookies, Access IP Information.
        •        Method of Collection: The following information may be automatically generated and collected during the use of services (Membership Registration, Online Reservation, Online Consultation, Post-Surgical Consultation) or during the provision of services:
        ◦        Service usage records, access logs, cookies, access IP information.
Items Collected During Medical Treatment
        •        Required Items: Name, Gender, Date of Birth, Contact Information (including guardian's contact), Address, Email, Height, Weight, Blood Type, Previous Surgery History.
        •        Health Information: Personal health information deemed necessary by the medical staff for providing medical services, such as medical history and family history.
Items Collected When Paying Medical Fees
        •        For Credit Card Payments: Card company name, card number, and other card payment approval information.
        •        For short-term collection of personal information for a specific purpose, separate notice will be provided.
Methods of Personal Information Collection
        •        Collection through the website, written forms, fax, telephone, consultation bulletin boards, email, events, and consultation applications.

Article 5 (Destruction of Personal Information)
① When personal information becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose, the Clinic will destroy the relevant personal information without delay.
② If personal information must be preserved continuously in accordance with other laws, despite the expiration of the retention period agreed upon by the data subject or the achievement of the processing purpose, the personal information will be transferred to a separate database (DB) or stored in a different location.
③ The procedures and methods for the destruction of personal information are as follows:
        1        Destruction Procedure: The Clinic selects personal information for which a reason for destruction has occurred and proceeds with destruction after obtaining approval from the Clinic's Personal Information Protection Officer.
        2        Destruction Method: Personal information recorded and stored in electronic file formats is destroyed using methods such as low-level formatting so that the records cannot be reproduced. Personal information recorded and stored on paper documents is destroyed by shredding or incineration.

Article 6 (Measures to Secure Safety of Personal Information)
The Clinic takes the following measures to ensure the safety of personal information:
        1        Administrative Measures: Establishment and implementation of internal management plans, regular staff training, etc.
        2        Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs.
        3        Physical Measures: Access control for computer rooms, data storage rooms, etc.

Article 7 (Provision and Sharing of Personal Information)
The Clinic will not use your personal information or provide it to third parties or other companies/institutions beyond the scope notified in the 'Purpose of Personal Information Collection and Use,' except with your consent or as stipulated by relevant laws. However, exceptions are made in the following cases:
        •        Submission of medical records to the Health Insurance Review and Assessment Service for claiming medical benefits under the National Health Insurance Act.
        •        Where users have consented to disclosure in advance.
        •        Where required by law, or where investigative agencies request information through the procedures and methods prescribed by law for investigation purposes.
        •        Where provided in a form that does not identify specific individuals for purposes of statistical compilation or academic research.

Article 8 (Installation/Operation of Automatic Personal Information Collection Devices and the Right to Refuse)
The Clinic operates 'cookies,' which frequently store and retrieve your information. A cookie is a small text file sent by the server used to operate the Clinic's website to your browser and is stored on your computer's hard disk. The Clinic uses cookies for the following purposes:
        •        To analyze the connection frequency or visit time of members and non-members, and to determine user preferences and interests, using this as a standard for service reorganization.
        •        To provide differentiated information based on individual interests by checking your visit count during various events conducted by the Clinic.
You have the option to accept or refuse cookie installation. You can set your web browser to accept all cookies, confirm each time a cookie is saved, or refuse the saving of all cookies. If you refuse cookie installation, there may be difficulties in providing some services.

Article 9 (Personal Information Protection Officer)
① The Clinic is responsible for overseeing all matters related to the processing of personal information, handling grievances of data subjects regarding personal information processing, and providing remedy for damages. The Clinic has designated the following Personal Information Protection Officer:
▶ Personal Information Protection Officer
        •        Entity: Fitting Clinic
        •        Inquiries: fittingclinic@gmail.com
② Data subjects may inquire about all matters related to personal information protection, grievance handling, and damage relief arising from using the Clinic's services to the Personal Information Protection Officer and the relevant department. The Clinic will respond to and process inquiries from data subjects without delay.

Article 10 (Remedies for Rights Infringement)
Data subjects may contact the following institutions for remedies for damages and consultation regarding personal information infringement.
        •        These institutions are separate from the Clinic. Please contact them if you are not satisfied with the Clinic's self-resolution of personal information complaints or require more detailed assistance.
▶ Personal Information Infringement Report Center (Operated by KISA)
        •        Jurisdiction: Reporting personal information infringement, counseling application
        •        Website: privacy.kisa.or.kr
        •        Phone: 118 (no area code)
        •        Address: (58324) 3F, Personal Information Infringement Report Center, 9, Jinheung-gil, Naju-si, Jeollanam-do
▶ Personal Information Dispute Mediation Committee
        •        Jurisdiction: Personal information dispute mediation application, group dispute mediation (civil resolution)
        •        Website: www.kopico.go.kr
        •        Phone: 1833-6972 (no area code)
        •        Address: (03171) 4F, Government Complex Seoul, 209, Sejong-daero, Jongno-gu, Seoul
▶ Supreme Prosecutors' Office Cyber Crime Investigation Department: 02-3480-3573 (www.spo.go.kr) ▶ National Police Agency Cyber Bureau: 182 (http://cyberbureau.police.go.kr)

Article 11 (Installation and Operation of Video Information Processing Devices)
① The Clinic installs and operates video information processing devices as follows:
        1        Legal Basis/Purpose of Installation: Facility safety and fire prevention within the Clinic.
        2        Number, Location, and Scope of Recording: Installed in the building lobby and exhibition rooms; the recording scope covers the entire space of the main facilities.
        3        Manager-in-Charge, Department, and Access Authorities: Fitting Clinic
        4        Video Information Recording Time and Processing Method:
        ◦        Recording Time: 24 hours
        ◦        Processing Method: Controlled by the control room
        5        Method and Location for Video Information Confirmation: Upon request to the Manager-in-Charge (Management Support Team).
        6        Measures Regarding Data Subject's Request for Access to Video Information: Must be requested via an Application Form for Access/Confirmation of Existence of Personal Video Information. Access is permitted only when the data subject themselves is recorded, or when explicitly necessary for the life, body, or property interests of the data subject.
        7        Technical, Administrative, and Physical Measures for Video Information Protection: Establishment of internal management plans, access control and restriction of access rights, application of safe storage and transmission technology, storage of processing records and prevention of forgery/alteration, provision of storage facilities and installation of locking devices.
        •        Manager-in-Charge & Access Authority: Fitting Clinic
        •        Inquiries: fittingclinic@gmail.com

Article 12 (Changes to the Personal Information Processing Policy)
① This personal information processing policy takes effect on January 15, 2020.

Article 13 (Consignment of Personal Information)
        1        Consignment of Personal Information: To enable users to use the services more conveniently and quickly, the Clinic consigns certain tasks to HA International Co., Ltd. (hereinafter referred to as the Consignee). The Clinic manages and supervises the Consignee to ensure the safe processing of users' valuable personal information and restricts re-consignment to any other company without the prior approval of Fitting Clinic & HA International Co., Ltd.
The consigned tasks are as follows:
        1        Telephone contact and text message transmission for notices related to Fitting Clinic & HA International Co., Ltd.
        ◦        Consent is given to send all events, announcements, and changes to the privacy policy related to Fitting Clinic & HA International Co., Ltd. to the registered contact information.
        ◦        Target: Individuals who directly entered their personal information through the Fitting Clinic & HA International Co., Ltd. related pages.
        ◦        Consignee: HA International Co., Ltd.
        ◦        Purpose: Responding to inquiries, delivering announcements, notifying promotions such as events, marketing, and prize delivery.
For the smooth and stable provision of game services, personal information is stored overseas as follows:
        •        Items: ID (Email), Contact Information, Password
        •        Retention and Use Period: 30 days after membership withdrawal.