Privacy Policy

Privacy policy

As one of the world's leading machine builders, InBody Co., Ltd. is committed to contributing to the continued enjoyment of healthier lives of humankind throughout the world and is also committed to protecting users' valuable privacy to the best of our ability.

InBody Co., Ltd. (hereafter “Company”) shall comply with "Act on Promotion of Information and Communications Network Utilization and Information Protection" ("Information and Communications Network Act"), "Personal Information Protection Act", and privacy protection regulations of relevant laws, and InBodyBAND2 global sales site (hereinafter referred to as the "Service") is doing best to protect the rights and interests of users by setting privacy processing policies. The user has the right to refuse to consent to the collection of privacy, and the user may be disadvantaged if he/she refuses to consent.

The Company's privacy processing policy includes the following contents.

1. Privacy items to collect and collecting methods

2. Purpose of collection and use of privacy, and agreement to provide

3. Sharing and providing privacy

4. Consignment of privacy processing

5. Period of use and retention of privacy

6. Procedures and methods of privacy revoke

7. Separate storage and management of privacy for inactive accounts

8. Rights of users and legal representatives and the authority exertion

9. Matters on installation, operation, and rejection of automatic collection device of privacy

10. Technological and administrative protection measures of privacy

11. Contact information of privacy officer

12. Matters concerning the modification of the privacy policy (the obligation to notify the policy change)

1.      Privacy items to collect and collecting methods

A. Items of privacy collection

First, the Company collects the following privacy for providing smooth customer consultation and various services.

<Support>

- Your Name, E-mail address, Address, Phone number, Product Name, Serial Number, and Date of purchase

<Contact Us>

- Your Name, E-mail address

<Sign up for a membership>

-      Your Name, Address, Phone number, E-mail Address, Date of Birth, Gender, Occupation, and Single / Married (Wedding anniversary)

Second, the following information can be automatically generated and collected during the service use process or business process.

- Device information, IP address, date and time of visit, service use history, and wrongful use history

Third, information may be collected only for those service users who have agreed to collect additional privacy during the use of supplementary services, customized services, or events.

B. Methods of privacy collection

The Company collects the privacy in the following ways

< Support >

- The Company collects privacy through data entry during Support service requested by the user.

<Contact Us>

- The Company collects privacy through data entry during the customer counseling service requested by the user.

<Sign up for a membership>

- The Company collects privacy through data entry during the purchase.

<During using a service or business process>

- Automatically generated information such as device information, IP address, date and time of the visit, service use history, wrongful use history can be collected via PC web, mobile web or apps.

2.      Privacy collection, purpose of privacy use and provision agreement

The Company uses the collected privacy for the following purposes.

A. Service provision

Providing content, customized services, delivery or billing, and authentication.

B. User management

Use of the service for the user and authentication according to limited ID verification system, identification of the individual, prevention of wrongful and unauthorized use of the bad user, confirmation of purchase, preservation of records for dispute settlement, dealing with customer service such as complaint handling, and announcement of notice

C. Development of new services and using in marketing advertising

Development of new services and provision of customized services, Provision of services and advertisement in accordance with statistical characteristics, Service validation, Promotion of new or popular products, Provision of event or advertising information and engagement opportunities, Check of access frequency, Provision of optimal service according to user's taste as marketing data through statistical analysis of users' use of services

D. When collecting identifiable privacy and sensitive information, the Company shall notify the user of all matters through the Terms and the privacy processing policy, and the Company deems the user to consent to the collection of privacy by the user's clicking buttons of consent on providing privacy and / or on sensitive information. However, when collecting privacy from children under the age of 14, the Company requires additional consent from the legal representative.

3.      Sharing and providing privacy

The Company shall use privacy within the scope noticed in "2. The purpose of collecting and using privacy", and in principle, the user's privacy is not used or disclosed to the outside beyond the scope of use without the user's prior consent. However, except as follows.

- When users agree to open in advance

- In accordance with the provisions of laws and regulations, or for the purpose of investigation, if the investigation agency is required by the procedures and methods prescribed in the Act.

- When a public institution requests privacy within the range deemed inevitably necessary for the performance of duties prescribed by laws and etc.

4.      Privacy processing consignment and provision for third party

A. The Company may entrust other organizations with the processing work of privacy for the purpose of the provision, "2. The purpose of collecting and using privacy". In this case, the consignee must take appropriate measures to prevent the loss, theft, leakage, alteration or damage of privacy.

B. In order to provide services through online, the Company entrusts privacy processing as described below, and in accordance with relevant laws and regulations, the Company let the trustee be able to manage privacy safely.

- Consignee: Microsoft

- Consignment service contents: Cloud service

- Period of retention of privacy: If users are willing to remove their privacy or until the end of the consignment contract

- Consignee: Lookin’Body Co., Ltd.

- Consignment service contents: System development and operation for service provision, data management

- Period of retention of privacy: If users are willing to remove their privacy or until the end of the consignment contract

- Consignee: Eximbay Inc.

- Consignment service contents: Payment processing (credit card) and payment fraud prevention

- Period of retention of privacy: If users are willing to remove their privacy or until the end of the consignment contract

- Consignee: CJGLS (International) Guro office

- Consignment service contents: Overseas freight transportation operation

- Period of retention of privacy: Disposal upon the end of delivery

C. In principle, the Company does not provide the user's privacy to third parties without their consent, except for the following cases.

- When users agree to open in advance

- When it is needed for statistical writing and academic research, privacy is processed into a form that cannot be recognized as a specific individual.

- If there is a request from the investigating agency, according to procedures and methods prescribed in the Act.

- If act contains special regulations.

5.      Period of use and retention of privacy

The period of retention of privacy is two years. In principle, if the purpose of collecting and using privacy is achieved, the privacy is revoked without delay, and the period of retention and use of privacy can be extended through the re-agreement process before the expiration of the retention period. In addition, even if the Company deletes user's privacy immediately, the Company keeps it for the specified period for the following reasons.

A. Reason for holding information by internal company policy

-Wrongful use history

* Reason for preservation: Prevention of fraudulent use

* Period of retention: 1 year

B. Reason for holding information by relevant laws

If it is necessary to preserve in accordance with the provisions of related laws such as the Commercial Act, "Act on the Consumer Protection in the Electronic Commerce Transactions", and others, the Company preserves the privacy of the user for a certain period determined by the relevant laws and regulations. In this case, the Company will use the information only for the purpose of the preservation and the period of preservation is as follows.

- Website visit history

* Reason for preservation: Protection of Communications Secrets Act

* Period of retention: 3 months

- Records on contract or withdrawal of subscription, etc.

* Reason for preservation: Act on the Consumer Protection in the Electronic Commerce Transactions

* Period of retention: 5 years

- Record of payment and goods supply

* Reason for preservation: Act on the Consumer Protection in the Electronic Commerce Transactions

* Period of retention: 5 years

Records of consumer complaints or disputes

* Reason for preservation: Act on the Consumer Protection in the Electronic Commerce Transactions

* Period of retention: 3 years

- Records about the display advertisement

* Reason for preservation: Act on the Consumer Protection in the Electronic Commerce Transactions

* Period of retention: 6 months

6.      Procedures and methods of privacy revoke

In principle, when the purpose of collecting and using privacy is achieved, the Company will revoke the user's privacy without delay.

The procedure and method of revoking privacy are as follows.

A. Revoke procedure

- Information entered by the user for membership and body composition analysis is transferred to a separate DB after the purpose has been accomplished (in the case of paper, to document box).  And the information is stored and revoked after a certain period of storage in accordance with the internal policy and information protection reasons by relevant Acts. (Refer to "5. The period of retention and use of privacy")

- This privacy will not be used for other purposes except by law.

B. Revoke method

- Privacy printed on paper is crushed by crusher or revoked by incineration.

- Privacy stored in an electronic file is deleted using a technical method that makes it impossible to play the record again.

7.      Separation, preservation, and management of privacy for inactive accounts

The Company converts the user account that does not have service history for more than one year to a inactive account and separately stores and manages the privacy of the account. If an account is switched to a inactive account and privacy is stored and managed separately, all services will not be available, and the user have to go through a separate reinstatement process to use the service again. 

-       Separate storage and management for privacy: Accounts without service history for more than one year

-       Expiration date: At the time of a year from the day of separation storage and management

-       Privacy items that are separately stored and managed: Account information, contact information, privacy, service usage history, counseling record, etc.

8.      Rights of users and legal representatives and the authority exertion

The user and the legal representative may at any time, view or modify the user's privacy or the privacy of children under the age of 14, and may also ask the Company to delete the user's privacy.

To view or modify the privacy of an user or a child under the age of 14, the user can directly access, correct or withdraw the user's privacy after contacting 'Contact Us' through user authentication.

Or contact the privacy officer, by letter, phone, or email, and the action is taken without delay. (Refer to  "11. Contact information of privacy officer")

If a user requests correction of privacy error, the privacy is not used or provided until the correction is completed. In addition, if the Company has already provided incorrect privacy to a third party, it will notify the third party without delay to correct the privacy.

The Company shall treat the privacy that is terminated or deleted at the request of the user or legal representative in accordance with "5. Period of preservation and use of privacy" And the Company manages it not to be read or used for other purposes.

9.      Matters on installation, operation, and rejection of automatic collection device of privacy

In order to provide personalized and customized services, the Company uses 'cookies' that store and retrieve user information frequently. A cookie is a very small text file sent to the user's browser by the server used to run the website and is stored on the user's computer's hard disk.

A. The purpose of the cookie

- Cookies are used in order to provide users with optimal information by understanding the types of visits and usage of each page of services visited by users.

B. Cookie installation / operation and denial

- The user has the choice of installing cookies. Therefore, the user can allow all cookies, check each time a cookie is saved, or refuse to save all cookies, by setting options in the web browser.

However, if the user refuses to store cookies, some services may not be used properly.

- How to clear stored cookies

①    Select [Internet Options] from the [Tools] menu.

②    Click the [General] tab.

③    Click the [Delete] button in the 'Browsing history'.

- How to specify whether to allow cookie installation (for Internet Explorer)

① Select [Internet Options] from the [Tools] menu.

② Click the [Privacy] tab.

③ Click the [Advanced] button in the settings.

④ Choose among Allow, Block, and Prompt, and then click the [OK] button.