Notifications
Back

Privacy Policy

Article 1 (Purpose of Processing Personal Information)

Wellness Healthcare Co., Ltd. (hereinafter referred to as the 'Company') processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

Website Membership Registration and Management

Personal information is processed for the purpose of confirming membership registration intent, identification and authentication for providing membership services, maintaining and managing membership qualifications, preventing misuse of services, and various notices and notifications.

Provision of Goods or Services

Personal information is processed for the purpose of delivering goods, providing services, sending contracts and invoices, providing content, providing customized services, identity verification, payment and settlement of fees, etc.

Use for Marketing and Advertising

Personal information is processed for the purpose of developing new services (products) and providing customized services, providing opportunities for events and promotional information and participation, confirming the validity of services, identifying access frequency, or statistics on members' service usage.

Article 2 (Processing and Retention Period of Personal Information)

① The Company processes and retains personal information within the personal information retention and use period stipulated by law or the personal information retention and use period agreed upon when collecting personal information from the data subject.

② The processing and retention periods for each type of personal information are as follows:

Website Membership Registration and Management

Until website membership withdrawal. However, in the following cases, until the end of the relevant reason:

  • If an investigation or inquiry is ongoing due to violation of relevant laws, until the completion of the investigation or inquiry
  • If there are remaining claims or obligations related to website use, until the settlement of such claims or obligations

Provision of Goods or Services

Until the completion of goods/services supply and payment/settlement. However, in the following cases, until the end of the relevant period:

  • Records on display/advertising, contract details and fulfillment, and transactions according to the "Act on Consumer Protection in Electronic Commerce, etc."
    • Records on display/advertising: 6 months
    • Records on contracts or withdrawal of subscription, payment of price, and supply of goods, etc.: 5 years
    • Records on consumer complaints or dispute handling: 3 years
  • Retention of communication confirmation data in accordance with the "Protection of Communications Secrets Act"
    • Login records: 3 months

Article 3 (Provision of Personal Information to Third Parties)

① The Company processes personal information of the data subject only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only in cases falling under Article 17 and Article 18 of the Personal Information Protection Act, such as the consent of the data subject or special provisions of the law.

② The Company provides personal information to third parties as follows:

  • Recipient: None
  • Purpose of use of personal information by the recipient:
  • Personal information items provided:
  • Retention and use period by the recipient:

Article 4 (Entrustment of Personal Information Processing)

① The Company entrusts personal information processing tasks as follows for smooth personal information business processing:

[Trustee]

  • Content of entrusted tasks: None
  • Entrustment period:

② When concluding an entrustment contract, the Company specifies matters such as prohibition of processing personal information for purposes other than the entrusted task, technical and administrative protection measures, restriction on re-entrustment, management and supervision of trustees, and liability for damages in documents such as contracts in accordance with Article 26 of the Personal Information Protection Act, and supervises whether the trustee processes personal information safely.

③ If the content of the entrusted task or the trustee changes, we will promptly disclose it through this privacy policy.

Article 5 (Rights and Obligations of Data Subjects and Legal Representatives and How to Exercise Them)

① Data subjects may exercise rights such as requesting access, correction, deletion, and suspension of processing of personal information to the Company at any time.

② Rights under paragraph 1 may be exercised against the Company in writing, by email, fax, etc., in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the Company will take measures without delay.

③ Rights under paragraph 1 may be exercised through a legal representative of the data subject or an agent who has been delegated, etc. In this case, a power of attorney in accordance with Form No. 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.

④ The right of the data subject may be restricted in accordance with Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act for requests for access to and suspension of processing of personal information.

⑤ Requests for correction and deletion of personal information cannot be made if the personal information is specified as a collection target in other laws.

⑥ The Company verifies whether the person requesting access, correction, deletion, or suspension of processing is the data subject or a legitimate agent.

Article 6 (Items of Personal Information Processed)

The Company processes the following personal information items:

Website Membership Registration and Management

  • Required items: Name, date of birth, ID, password, address, phone number, email address
  • Optional items: Areas of interest, occupation

Provision of Goods or Services

  • Required items: Name, date of birth, ID, password, address, phone number, email address, credit card information, bank account information
  • Optional items: Areas of interest, past purchase history

The following personal information items may be automatically generated and collected during the process of using internet services:

  • IP address, cookies, MAC address, service usage records, visit records, records of inappropriate use, etc.

Article 7 (Destruction of Personal Information)

① The Company destroys the relevant personal information without delay when personal information becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the processing purpose.

② If personal information must continue to be preserved in accordance with other laws despite the expiration of the retention period agreed upon by the data subject or the achievement of the processing purpose, the personal information is moved to a separate database (DB) or stored in a different location.

③ The procedures and methods for destroying personal information are as follows:

Destruction Procedure

The Company selects personal information for which destruction reasons have occurred and destroys personal information with the approval of the Company's personal information protection officer.

Destruction Method

  • Electronic file format information is destroyed using technical methods that cannot reproduce the records.
  • Personal information printed on paper is destroyed by shredding with a shredder or by incineration.

Article 8 (Measures to Ensure the Safety of Personal Information)

The Company takes the following measures to ensure the safety of personal information:

Administrative Measures

Establishment and implementation of internal management plans, regular employee training, etc.

Technical Measures

Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs

Physical Measures

Access control to computer rooms, data storage rooms, etc.

Article 9 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)

① The Company uses 'cookies' that store and periodically retrieve usage information to provide individual customized services to users.

② A cookie is a small amount of information sent by the server (http) used to operate the website to the user's computer browser and may be stored on the hard disk of the user's PC.

Purpose of using cookies

They are used to provide optimized information to users by understanding the visit and usage patterns for each service and website visited by users, popular search terms, secure access status, etc.

Installation, operation, and rejection of cookies

You can reject cookie storage through option settings in the Tools > Internet Options > Privacy menu at the top of your web browser.

If you reject cookie storage

You may experience difficulties using customized services.

Article 10 (Personal Information Protection Officer)

① The Company designates a personal information protection officer as follows to be responsible for overall personal information processing tasks and to handle complaints from data subjects and provide remedies related to personal information processing:

▶ Personal Information Protection Officer

  • Name: Kim Beom-seok
  • Position: CEO
  • Contact: official@wellness-hc.com

▶ Personal Information Protection Department

  • Department Name: Administrative Department
  • Person in charge: Choi Jun-yong
  • Contact: official@wellness-hc.com

② Data subjects may inquire about all personal information protection-related inquiries, complaint handling, and damage relief that occur while using the Company's services (or business) to the personal information protection officer and the responsible department. The Company will answer and process data subjects' inquiries without delay.

Article 11 (Request for Access to Personal Information)

Data subjects may request access to personal information in accordance with Article 35 of the Personal Information Protection Act to the department below. The Company will strive to process data subjects' requests for access to personal information promptly.

▶ Department Receiving and Processing Requests for Access to Personal Information

  • Department Name: Administrative Department
  • Person in charge: Choi Jun-yong
  • Contact: official@wellness-hc.com

Article 12 (Remedies for Rights Infringement)

Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency's Personal Information Infringement Report Center, etc., to receive remedies for personal information infringement. For other reports and consultations regarding personal information infringement, please contact the following institutions:

  • Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
  • Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
  • Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr)
  • National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)

A person whose rights or interests have been infringed due to a disposition or inaction taken by the head of a public institution in response to a request under the provisions of Article 35 (Access to Personal Information), Article 36 (Correction and Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information, etc.) of the "Personal Information Protection Act" may request an administrative appeal in accordance with the Administrative Appeals Act.

※ For more information on administrative appeals, please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr).

Article 13 (Changes to the Privacy Policy)

① This privacy policy is effective from March 1, 2025.