Privacy policy
As one of the
world's leading machine builders, InBody Co., Ltd. is committed to contributing
to the continued enjoyment of healthier lives of humankind throughout the world
and is also committed to protecting users' valuable privacy to the best of our
ability.
InBody Co., Ltd. (hereafter “Company”) shall comply with "Act on Promotion of Information and Communications Network Utilization and Information Protection" ("Information and Communications Network Act"), "Personal Information Protection Act", and privacy protection regulations of relevant laws, and InBodyBAND2 global sales site (hereinafter referred to as the "Service") is doing best to protect the rights and interests of users by setting privacy processing policies. The user has the right to refuse to consent to the collection of privacy, and the user may be disadvantaged if he/she refuses to consent.
The Company's privacy processing policy
includes the following contents.
1. Privacy items to collect and
collecting methods
2. Purpose of collection and use of
privacy, and agreement to provide
3. Sharing and providing privacy
4. Consignment of privacy processing
5. Period of use and retention of
privacy
6. Procedures and methods of privacy
revoke
7. Separate storage and management of privacy
for inactive accounts
8. Rights of users and legal
representatives and the authority exertion
9. Matters on installation, operation,
and rejection of automatic collection device of privacy
10. Technological and administrative
protection measures of privacy
11. Contact information of privacy
officer
12. Matters concerning the modification
of the privacy policy (the obligation to notify the policy change)
1. Privacy
items to collect and collecting methods
A.
Items of privacy collection
First,
the Company collects the following privacy for providing smooth customer
consultation and various services.
<Support>
- Your Name, E-mail address,
Address, Phone number, Product Name, Serial Number, and Date of purchase
<Contact Us>
-
Your Name, E-mail address
<Sign up for a membership>
-
Your Name, Address, Phone number,
E-mail Address, Date of Birth, Gender, Occupation, and Single / Married
(Wedding anniversary)
Second,
the following information can be automatically generated and collected during
the service use process or business process.
-
Device information, IP address, date and time of visit, service use history,
and wrongful use history
Third,
information may be collected only for those service users who have agreed to
collect additional privacy during the use of supplementary services, customized
services, or events.
B.
Methods of privacy collection
The
Company collects the privacy in the following ways
<
Support >
-
The Company collects privacy through data entry during Support service
requested by the user.
<Contact
Us>
-
The Company collects privacy through data entry during the customer counseling
service requested by the user.
<Sign
up for a membership>
-
The Company collects privacy through data entry during the purchase.
<During
using a service or business process>
-
Automatically generated information such as device information, IP address,
date and time of the visit, service use history, wrongful use history can be
collected via PC web, mobile web or apps.
2. Privacy
collection, purpose of privacy use and provision agreement
The
Company uses the collected privacy for the following purposes.
A.
Service provision
Providing
content, customized services, delivery or billing, and authentication.
B.
User management
Use
of the service for the user and authentication according to limited ID
verification system, identification of the individual, prevention of wrongful
and unauthorized use of the bad user, confirmation of purchase, preservation of
records for dispute settlement, dealing with customer service such as complaint
handling, and announcement of notice
C.
Development of new services and using in marketing advertising
Development
of new services and provision of customized services, Provision of services and
advertisement in accordance with statistical characteristics, Service
validation, Promotion of new or popular products, Provision of event or
advertising information and engagement opportunities, Check of access
frequency, Provision of optimal service according to user's taste as marketing
data through statistical analysis of users' use of services
3. Sharing
and providing privacy
The
Company shall use privacy within the scope noticed in "2. The purpose of
collecting and using privacy", and in principle, the user's privacy is not
used or disclosed to the outside beyond the scope of use without the user's
prior consent. However, except as follows.
-
When users agree to open in advance
-
In accordance with the provisions of laws and regulations, or for the purpose
of investigation, if the investigation agency is required by the procedures and
methods prescribed in the Act.
- When a public institution
requests privacy within the range deemed inevitably necessary for the
performance of duties prescribed by laws and etc.
4. Privacy
processing consignment and provision for third party
A. The Company may entrust other
organizations with the processing work of privacy for the purpose of the
provision, "2. The purpose of collecting and using privacy". In this
case, the consignee must take appropriate measures to prevent the loss, theft,
leakage, alteration or damage of privacy.
B. In order to
provide services through online, the Company entrusts privacy processing as described
below, and in accordance with relevant laws and regulations, the Company let
the trustee be able to manage privacy safely.
- Consignee:
Microsoft
- Consignment
service contents: Cloud service
- Period of
retention of privacy: If
users are willing to remove their privacy or until the end of the consignment
contract
- Consignee:
Lookin’Body Co., Ltd.
- Consignment
service contents: System development and operation for service provision, data
management
- Period of
retention of privacy: If
users are willing to remove their privacy or until the end of the consignment
contract
- Consignee:
Eximbay Inc.
-
Consignment service contents: Payment processing (credit card) and payment
fraud prevention
- Period of retention of privacy: If
users are willing to remove their privacy or until the end of the consignment
contract
Kinds |
Retention period |
Record
of electronic financial transactions exceeding KRW 10,000 per case, record of
contract or withdrawal of subscription, record of payment settlement and
supply of goods |
5
years |
Records
of consumer complaints or disputes |
3
years |
Record
of electronic financial transactions of less than KRW 10,000 per case |
1
years |
Record
of identity verification |
6
months |
- Consignee:
CJGLS (International) Guro office
-
Consignment service contents: Overseas freight transportation operation
-
Period of retention of privacy: Disposal upon the end of delivery
C. In
principle, the Company does not provide the user's privacy to third parties
without their consent, except for the following cases.
- When users
agree to open in advance
- When it is
needed for statistical writing and academic research, privacy is processed into
a form that cannot be recognized as a specific individual.
- If there is
a request from the investigating agency, according to procedures and methods
prescribed in the Act.
- If act
contains special regulations.
5. Period
of use and retention of privacy
The
period of retention of privacy is two years. In principle, if the purpose of
collecting and using privacy is achieved, the privacy is revoked without delay,
and the period of retention and use of privacy can be extended through the
re-agreement process before the expiration of the retention period. In
addition, even if the Company deletes user's privacy immediately, the Company
keeps it for the specified period for the following reasons.
A.
Reason for holding information by internal company policy
-Wrongful
use history
*
Reason for preservation: Prevention of fraudulent use
*
Period of retention: 1 year
B.
Reason for holding information by relevant laws
If
it is necessary to preserve in accordance with the provisions of related laws
such as the Commercial Act, "Act on the Consumer Protection in the
Electronic Commerce Transactions", and others, the Company preserves the
privacy of the user for a certain period determined by the relevant laws and
regulations. In this case, the Company will use the information only for the
purpose of the preservation and the period of preservation is as follows.
- Website visit history
* Reason for preservation: Protection of
Communications Secrets Act
* Period of retention: 3 months
- Records on contract or withdrawal of
subscription, etc.
* Reason for preservation: Act on the
Consumer Protection in the Electronic Commerce Transactions
* Period of retention: 5 years
- Record of payment and goods supply
* Reason for preservation: Act on the
Consumer Protection in the Electronic Commerce Transactions
* Period of retention: 5 years
Records of consumer complaints or
disputes
* Reason for preservation: Act on the
Consumer Protection in the Electronic Commerce Transactions
* Period of retention: 3 years
- Records about the display
advertisement
* Reason for preservation: Act on the
Consumer Protection in the Electronic Commerce Transactions
* Period of retention: 6
months
6. Procedures
and methods of privacy revoke
In
principle, when the purpose of collecting and using privacy is achieved, the
Company will revoke the user's privacy without delay.
The
procedure and method of revoking privacy are as follows.
A.
Revoke procedure
-
Information entered by the user for membership and body composition analysis is
transferred to a separate DB after the purpose has been accomplished (in the
case of paper, to document box). And the
information is stored and revoked after a certain period of storage in
accordance with the internal policy and information protection reasons by
relevant Acts. (Refer to "5. The period of retention and use of
privacy")
-
This privacy will not be used for other purposes except by law.
B.
Revoke method
-
Privacy printed on paper is crushed by crusher or revoked by incineration.
-
Privacy stored in an electronic file is deleted using a technical method that
makes it impossible to play the record again.
7. Separation,
preservation, and management of privacy for inactive accounts
The
Company converts the user account that does not have service history for more
than one year to a inactive account and separately stores and manages the
privacy of the account. If an account is switched to a inactive account and
privacy is stored and managed separately, all services will not be available,
and the user have to go through a separate reinstatement process to use the
service again.
-
Separate
storage and management for privacy: Accounts without service history for more
than one year
-
Expiration
date: At the time of a year from the day of separation storage and management
-
Privacy
items that are separately stored and managed: Account information, contact
information, privacy, service usage history, counseling record, etc.
8. Rights
of users and legal representatives and the authority exertion
The
user and the legal representative may at any time, view or modify the user's
privacy or the privacy of children under the age of 14, and may also ask the
Company to delete the user's privacy.
To
view or modify the privacy of an user or a child under the age of 14, the user
can directly access, correct or withdraw the user's privacy after contacting
'Contact Us' through user authentication.
Or
contact the privacy officer, by letter, phone, or email, and the action is
taken without delay. (Refer to "11.
Contact information of privacy officer")
If
a user requests correction of privacy error, the privacy is not used or
provided until the correction is completed. In addition, if the Company has
already provided incorrect privacy to a third party, it will notify the third
party without delay to correct the privacy.
The
Company shall treat the privacy that is terminated or deleted at the request of
the user or legal representative in accordance with "5. Period of
preservation and use of privacy" And the Company manages it not to be read
or used for other purposes.
9. Matters
on installation, operation, and rejection of automatic collection device of
privacy
In
order to provide personalized and customized services, the Company uses
'cookies' that store and retrieve user information frequently. A cookie is a
very small text file sent to the user's browser by the server used to run the
website and is stored on the user's computer's hard disk.
A.
The purpose of the cookie
-
Cookies are used in order to provide users with optimal information by
understanding the types of visits and usage of each page of services visited by
users.
B.
Cookie installation / operation and denial
-
The user has the choice of installing cookies. Therefore, the user can allow
all cookies, check each time a cookie is saved, or refuse to save all cookies,
by setting options in the web browser.
However,
if the user refuses to store cookies, some services may not be used properly.
-
How to clear stored cookies
①
Select
[Internet Options] from the [Tools] menu.
②
Click
the [General] tab.
③
Click
the [Delete] button in the 'Browsing history'.
-
How to specify whether to allow cookie installation (for Internet Explorer)
① Select [Internet Options]
from the [Tools] menu.
② Click the [Privacy] tab.
③ Click the [Advanced] button
in the settings.
④ Choose among Allow,
Block, and Prompt, and then click the [OK] button.