YONSEI SaeBom Medical Clinic

YONSEI SAEBOM MEDICAL CLINIC

Privacy Policy

Yonsei SaeBom Medical Clinic values the protection of your personal information and handles it in accordance with the Personal Information Protection Act and the source clinic policy.

1. Information We Collect and How We Collect It

The clinic collects only the minimum personal information required to provide its services. During website registration, some fields are required and others are optional. Optional fields, such as email-news consent, do not limit your ability to use the service if left blank.

Medical information

  • Collected items: name, resident registration number, address, contact details, and medical records.
  • Unique identifiers and treatment information must be retained under the Medical Service Act, so separate consent is not required for that retention.

Website membership information

  • Required: email ID and password.
  • Optional: consent to receive emails.
  • The following information may also be collected automatically during service use: service history, access logs, cookies, and IP address information.

Collection methods

  • Website forms, written forms, fax, telephone, consultation boards, and email.

2. Purpose of Collection and Use

All collected information is used only for the purposes stated below. If the purpose of use changes, the clinic will request consent in advance.

Medical information

  • Medical services for diagnosis and treatment, claims, payment, refunds, and related administrative services.

Website membership information

  • Required information: online appointment booking, appointment lookup, and member services.
  • Optional information: hospital news, disease information, and surveys sent by email.

3. Retention Period

Personal information is destroyed without delay once the purpose of collection or receipt has been achieved. However, when storage is required under commercial law or other regulations, the clinic may retain the data for the legally required period.

Medical information

  • Retained in accordance with the statutory record-retention standards under the Medical Service Act.

Website membership information

  • Retained until a member withdraws or is removed from membership.
  • Consumer complaints or dispute records: 3 years under the Act on Consumer Protection in Electronic Commerce.
  • Records related to the collection, processing, or use of credit information: 3 years under the Use and Protection of Credit Information Act.
  • Identity verification records: 6 months under the Act on Promotion of Information and Communications Network Utilization and Information Protection.
  • Visit records: 3 months under the Protection of Communications Secrets Act.

4. Destruction Procedures and Methods

Personal information is destroyed immediately after the stated purpose has been achieved. Information submitted during membership registration is disposed of according to the following procedures.

Destruction procedure

Information entered for services such as membership registration is destroyed as soon as the purpose has been fulfilled.

Destruction method

  • Electronic files are deleted using technical methods that prevent record recovery.
  • Printed records are shredded or incinerated.

5. Disclosure and Sharing of Personal Information

Except where consent has been given or applicable law requires disclosure, the clinic does not use personal information beyond the announced purpose and does not provide it to third parties or outside institutions.

  • Submission of medical records to the Health Insurance Review and Assessment Service for insurance benefit claims under the National Health Insurance Act.
  • Provision of data in a form that cannot identify individuals when needed for statistics or academic research.
  • Submission when required by investigative authorities in accordance with legal procedures.

6. Entrusted Processing

When entrusted processing is necessary for service performance, the clinic enters into contracts and prescribes the measures required to keep personal information secure. The source policy states that entrusted institutions and duties are disclosed when applicable.

7. Rights of Users and Legal Guardians

Registration for children under the age of 14 is handled through a separate form written in language that is easier for children to understand, and the clinic always obtains consent from a legal guardian when collecting personal information.

  • The clinic collects only the minimum legal-guardian information required, such as name and contact information, in order to obtain consent.
  • Legal guardians may request access to, correction of, or deletion of a child’s personal information.
  • A guardian may complete the verification procedure through member-information editing, or contact the privacy officer by letter, phone, or fax to request action directly.
  • The clinic does not provide or share a child’s information with third parties and will suspend use and disclosure until any requested corrections are completed.
  • Personal information that must be retained by law cannot be corrected or deleted during the mandatory retention period.

8. Withdrawal of Consent / Membership Termination

You may withdraw the consent you gave to the collection, use, and provision of personal information at any time.

  • Members may terminate their account directly through the “Membership Withdrawal” function in My Page after identity verification.
  • You may also contact the privacy officer by letter, phone, or fax, and the clinic will promptly take the required steps, including destruction of your personal information.

9. Cookies

The clinic uses cookies, which are very small text files sent by the website server and stored on your computer’s hard drive.

  • Cookies may be used to save or retrieve information necessary for service operation.
  • You may allow all cookies, require confirmation each time a cookie is saved, or block all cookies through your browser settings.
  • If you refuse cookies, some services may be harder to use.

10. Privacy Officer

The clinic designates the following person to protect your information and handle complaints related to privacy.

  • Name: Chae Yong-hyun
  • Title: Director
  • Organization: Yonsei SaeBom Medical Clinic
  • Phone: 02 3395 0011
  • Email: saebom0040@naver.com

If you need additional counseling or wish to report privacy infringement, the source policy also lists the following institutions:

  • Personal Dispute Mediation Committee: http://www.1336.or.kr / 1336
  • Information Protection Mark Certification Committee: http://www.eprivacy.or.kr / (02) 580-0533~4
  • Cyber Crime Investigation Division, Supreme Prosecutors’ Office: http://www.spo.go.kr / (02) 3480-3573
  • Cyber Terror Response Center, Korean National Police Agency: http://www.ctrc.go.kr / (02) 392-0330

11. Security Measures

  • The clinic maintains multiple technical safeguards to protect personal information.
  • All transmitted information is stored and managed in a secure system protected by firewalls.
  • Administrative procedures for access and management are maintained, the number of personnel handling personal information is minimized, and ongoing security training is carried out.
  • Authorized system users are designated and their passwords are assigned and renewed regularly.

12. Notice of Policy Changes

This privacy policy was first enacted on September 13, 2013. If laws, policies, or security technologies change, the clinic will announce the reason and details of any addition, deletion, or revision at least seven days before the updated policy takes effect.

  • Announcement date: May 21, 2019
  • Effective date: May 21, 2019