Korean Drug Co. Ltd (hereinafter referred to as "the company")

    regards the protection of personal information of users as very important and compiles with the "act on promotion of information and communication network utilization and information protection".  
    The company provides you with information on how the personal information you provide is used for what purposes and in what manner through it's privacy policy, had what measures are taken to protect personal information. 
    The company will notify you through the website notice (or individual notice) when it amends its privacy policy. 
			
			

		The personal information handling policy of Korean Drug Co. Ltd. contains the following contents;
    1. Items and methods of collecting personal information 
    2. Purposes of collecting and using personal information.
    3. Retention and use period of personal information. 
    4. Procedure and method of destroying personal information. 
    5. Provision of personal information to third parties. 
    6. Handling consignment of personal information. 
    7. Rights of users and legal representatives and methods of exercising them. 
    8. Matters concerning the operations of cookies
    9. Contact information of the person information management officer and person in charge
    10. Obligation to notify



		1. Items and methods of collecting personal information
    The company collects the following personal information for member registration, non-member purchase, consultation, prevention of misuse, etc.;
    - Required item; name, ID, email, phone number, address, IP address, payment records.
    - Optional items; information required by the company for providing personalized services. 



		2. Purpose of collecting and using personal information
    The company uses the collected personal information for the following purposes;

    a. Fulfillment of contracts related to service provision, fee settlement, content provision, purchase and fee payment, item delivery or billing persona  authentication and financial services. 

    b. Member management,
    - Including personal verification, personal identification, prevention of fraudulent and unauthorized use by malicious users confirmation of intent to join, age verification, complaint handling, and notification of important information.  

    c. Utilization in marketing and advertising
    -  Providing advertising information for evets, statistical analysis of access frequency, and members' service usage. 



		3. Retention and use period of personal information 
    The company will generally destroy the collected personal information without delay after the purpose of collection and use has been achieved. However, in cases where it is necessary to retain the information for a certain period of time due to obligations related to transaction management, such as confirmation of contractual or withdrawal of offer, and in accordance with the provisions of relevant laws such as the Act on Consumer Protection in Electronic periods apply;  
    - Records related to contracts or withdrawal of offer; 5 years (Act on Consumer Protection in Electronic Commerce)
    - Records related to payment of fees and supply of goods; 5 years (Act on Consumer Protection in Electronic Commerce) 
    - Records related to consumer complaints or dispute resolution; 3 years (Act on Consumer Protection in Electronic Commerce)
    - Record collected for temporary purpose such as surveys and events; Until the end of the relevant survey or event
    - Records related to personal authentication; 6 months (Act on promotion of information and communication network utilization and information protect, etc.)
    - Record of visits (log records): 3 months (Telecommunications Business Act)



		4. Destruction Procedures and Methods of Personal Information
    The company will generally destroy the collected personal information without delay after the purpose of collection and use has been achieved. 
    The destruction procedures and methods are as follows;

    a. Destruction procedures 
    The personal information entered by users for service usage of other purpose will be transferred to a separate DB (or a separate document box for paper documents) after the purpose has been achieved, and stored for a certain period of time in accordance with internal policies and relevant laws and regulations (refer to retention and use period). Afterward it will be destroyed. 
    The transferred personal information will not be used for any purpose other than retention, except in cases where it is required by law. 

    b. Destruction Methods
    - Personal information printed on paper documents; Shredded or incinerated using a shredder. 
    - Personal information stored in electronic files; Deleted using technical methods that cannot reproduce the records



		5. Provision of personal information to third parties
    The company uses the collected personal information within the scope of consent given by users for the purpose of collection and use, and generally does no disclose the personal information to external parties beyond the scope of consent without prior consent from users. However, the falling exceptions apply;
    - In cases where users have five prior consents. 
    - In cases where there are requests from investigative agencies in accordance with the procedures and methods prescribed by law for the purpose of investigation, or in accordance with the provisions of relevant laws. 



		6. Handling of personal information Entrustment
    If the company entrusts the processing of users' personal information to a third party (hereinafter referred to as the "entrusted') for smooth business operations, the company will notify the users in advance of the details of the entrusted and the content of the entrusted tasks. 
    Currently, the entrusted for the company's  personal information processing and the content of the entrusted tasks are as follows; 

    Recipient of outsourcing (data processor); Content of outsourcing (data processing) 
    [insert delivering company]; Product delivery and delivery location / Provision of arrival information and others services
    In-day; Outsourced operation of customer information database system (database outsourcing)
    [enter the name of identify verification company]; identify verification
    [enter the PG company name]; LG U plus



		7. Rights of users and legal guardians and how to exercise them
    a. Users and legal guardians have the right to access or modify their personal information or request cancellation (withdrawal of consent at any time)

    b. To access or modify personal information of users or children under 14 years of age, users' can click on "change personal information" (or "modify member information",etc..) and to request cancellation (withdrawal of consent), users can click on "withdrawal from membership" after going through the verification process. 

    c. Users can also contact the personal information manager in writing, by phone, or by email, and the company will  take prompt action. 

    d. If a user requests correction of personal information errors the company will not use or provide the personal information until the correction is completed. If incorrect personal information has already been provided to a third party, the correction results will be promptly notified to the third party to ensure that the correction is made. 

    e. The company handles terminated or deleted personal information in accordance with the retention and usage period specified in "3. Retention and usage period of personal information" upon request from users or legal guardians, and does not access or use it for any other purposes. 



		8. Cookie operation
    Cookies are very small text files sent by the server operating the website to your computer's hard disk. The company uses cookies for the following purposes;

    a. Purpose of using cookies 
    Analysis of the frequency and visit time of members and non-members, grasping user preferences and interests, tracking user traces targeted marketing and personalized service provision through understanding the participation level and visit frequency of various events

    You have the option to accept or refuse cookies. Therefore, you can set options in your web browser to allow all cookies confirm each time a cookie is stored, or refuse to store all cookies. 
    - How to configure, example (internet explorer); Web browser upper tool -> internet options -> Privacy and security  
    - If you refuse to allow cookie installation, it may cause difficulties in providing the service. 



		9. Personal information manager and contact information
    The company has designated the following department and personal information manager to protect customer's personal information and handle complaints related to personal information.

    Customer service and Personal information manager; Ra So Young 
    Phone; 02-529-6100 (EXT 350)
    Email; neuromed@nicepharma.com

    a. You can report all complaints related to personal information protection while using the company's services to the personal information manager or relevant department.

    b. The company will provide prompt and sufficient response to user reports. 

    c. If you need to report or consult on other privacy breaches, please contact the following organizations;
    - Personal dispute resolution committee (www.1336.or,kr/1336)
    - Internet crime investigation center, Prosecutor's office (http://icic.sppo-go.kr/ 02-3480-3600)
    - Cyber terrorism response center, National police agency (www.ctrc.go.kr / 02-392-0330)


		10. Obligation to notify 
    This privacy policy is effective from January 1, 2020. If there are additions, deletions, or modifications to the content, we will notify you through the notice on our website at least 7 days prior to the changes. 
    We also assign version numbers and revision dates to the privacy policy for easy identification of revisions. 

    This policy is effective from January 1, 2020. 
    Cyber Terrorism Response Center (www.ctrc.go,kr / 02-392-0330)