Privacy Policy of Promedius Inc.

Privacy Policy of Promedius Inc.

Promedius Inc. (hereinafter referred to as the “Company”) places great importance on the protection of users’ personal information and complies with the Personal Information Protection Act of the Republic of Korea. Pursuant to Article 30 of the said Act, the Company hereby establishes and discloses this Privacy Policy to protect the personal information of data subjects and to ensure the prompt and smooth handling of complaints thereon.



Article 1 (Purpose of Processing Personal Information, Items Processed, and Retention Period) 

The Company collects and uses personal information to the minimum extent necessary for providing its services, in accordance with the Personal Information Protection Act. As a general rule, the Company does not collect or use users’ personal information without their separate consent unless it is based on specific legal grounds. When it is necessary to collect and use such information during service use, the Company obtains prior consent from the users.

 

①  Cases where personal information is processed without the data subject’s consent, based on separate legal grounds:

Legal Basis

Legal Basis

Legal Basis

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Article 15(1)4 of the Personal Information Protection Act (“Performance of Contract”)

Purpose

Purpose

Purpose

Manufacturing and delivery of medical devices and related services

Manufacturing and delivery of medical devices and related services

Manufacturing and delivery of medical devices and related services

Execution and performance of dealership agreements

Execution and performance of dealership agreements

Execution and performance of dealership agreements

Execution and performance of research agreements

Execution and performance of research agreements

Execution and performance of research agreements

Items Collected

Items Collected

Items Collected

Company name, position, name of contact person, email address, phone number
Company name, position, name of contact person, email address, phone number
Company name, position, name of contact person, email address, phone number
Company name, position, name of contact person, email address, phone number
Company name, position, name of contact person, email address, phone number
Company name, position, name of contact person, email address, phone number
Institution name, hospital name, researcher’s name, department, email,address, contact number
Institution name, hospital name, researcher’s name, department, email,address, contact number
Institution name, hospital name, researcher’s name, department, email,address, contact number

Retention and Usage Period

Retention and Usage Period

Retention and Usage Period

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law

Until the termination of the contract, unless otherwise required by law


② Cases where personal information is processed based on prior consent from the data subject:

Category

Category

Category

Contact via Official Website (Contact Us)

Contact via Official Website (Contact Us)

Contact via Official Website (Contact Us)

Recruitment

Recruitment

Recruitment

Marketing and Advertising

Marketing and Advertising

Marketing and Advertising

Purpose

Purpose

Purpose

Identification of inquiring customer; response to inquiries related to demos, purchases, customer support, partnerships, and others

Identification of inquiring customer; response to inquiries related to demos, purchases, customer support, partnerships, and others

Identification of inquiring customer; response to inquiries related to demos, purchases, customer support, partnerships, and others

Applicant identification, pre-employment screening, resume modification, checking eligibility, notification of results

Applicant identification, pre-employment screening, resume modification, checking eligibility, notification of results

Applicant identification, pre-employment screening, resume modification, checking eligibility, notification of results

Promoting the Company’s products, services, events, and newsletters

Promoting the Company’s products, services, events, and newsletters

Promoting the Company’s products, services, events, and newsletters

Items Collected

Items Collected

Items Collected

Name, job title, email address, phone number, organization (company) name, country of the organization, details of the inquiry
Name, job title, email address, phone number, organization (company) name, country of the organization, details of the inquiry
Name, job title, email address, phone number, organization (company) name, country of the organization, details of the inquiry
Name, date of birth, address, cover letter, resume, education, photo, video, certifications, career details, portfolio, job history, desired position, expected salary, previous salary, referee, application route, and any unstructured information personally provided or uploaded
Name, date of birth, address, cover letter, resume, education, photo, video, certifications, career details, portfolio, job history, desired position, expected salary, previous salary, referee, application route, and any unstructured information personally provided or uploaded
Name, date of birth, address, cover letter, resume, education, photo, video, certifications, career details, portfolio, job history, desired position, expected salary, previous salary, referee, application route, and any unstructured information personally provided or uploaded
Name, position, email, phone number, company, country of the organization
Name, position, email, phone number, company, country of the organization
Name, position, email, phone number, company, country of the organization

Retention and Usage Period

Retention and Usage Period

Retention and Usage Period

3 years from the date of inquiry, unless otherwise required by law

3 years from the date of inquiry, unless otherwise required by law

3 years from the date of inquiry, unless otherwise required by law

2 years

2 years

2 years

Until the data subject withdraws consent

Until the data subject withdraws consent

Until the data subject withdraws consent


Furthermore, in accordance with the Personal Information Protection Act, the Company may use or provide personal information within a scope reasonably related to the original purpose of collection, after comprehensively considering whether the data subject may suffer any disadvantage, whether appropriate security measures such as encryption have been implemented, and other relevant factors.

 

The specific factors considered include:

  • Whether the new purpose is related to the original purpose of collection;

  • Whether additional use or provision is reasonably foreseeable given the context of collection or customary practices;

  • Whether the rights and interests of the data subject are unduly infringed;

  • Whether security measures such as pseudonymization or encryption have been implemented.

 

③  In addition, the Company retains relevant information for the period specified under applicable laws and regulations, such as the Commercial Act and the Protection of Communications Secrets Act, when the protection of personal information is required.

Legal Basis

Legal Basis

Legal Basis

Article 33 of the Commercial Act

Article 33 of the Commercial Act

Article 33 of the Commercial Act

Article 33 of the Commercial Act

Article 33 of the Commercial Act

Article 33 of the Commercial Act

Tax laws (National Tax Basic Act Article 85-3, Corporate Tax Act Article 116, VAT Act Article 71)

Tax laws (National Tax Basic Act Article 85-3, Corporate Tax Act Article 116, VAT Act Article 71)

Tax laws (National Tax Basic Act Article 85-3, Corporate Tax Act Article 116, VAT Act Article 71)

Article 15-2 of the Protection of Communications Secrets Act

Article 15-2 of the Protection of Communications Secrets Act

Article 15-2 of the Protection of Communications Secrets Act

Items to be collected

Items to be collected

Items to be collected

Important business-related documents of the Company
Important business-related documents of the Company
Important business-related documents of the Company
Slips or equivalent documents
Slips or equivalent documents
Slips or equivalent documents
Books and supporting documents related to transactions, tax invoices or receipts
Books and supporting documents related to transactions, tax invoices or receipts
Books and supporting documents related to transactions, tax invoices or receipts
Website access logs
Website access logs
Website access logs

Retention Period

Retention Period

Retention Period

10 years

10 years

10 years

5 years

5 years

5 years

5 years

5 years

5 years

3 months

3 months

3 months


④ The Company processes pseudonymized medical data for the purposes of AI software development and scientific research. The medical data used for research purposes does not include information that could directly identify individuals, such as names or contact details.

Category

Category

Category

Processing of pseudonymized medical data for scientific research

Processing of pseudonymized medical data for scientific research

Processing of pseudonymized medical data for scientific research

Purpose

Purpose

Purpose

AI software development and research activities

AI software development and research activities

AI software development and research activities

Items to be collected

Items to be collected

Items to be collected

Medical imaging data (DICOM, etc.), de-identified (pseudonymized) patient ID, gender, age, imaging date, diagnosis and medical history, test results, medication history, clinical interpretation results, AI analysis results, etc.
Medical imaging data (DICOM, etc.), de-identified (pseudonymized) patient ID, gender, age, imaging date, diagnosis and medical history, test results, medication history, clinical interpretation results, AI analysis results, etc.
Medical imaging data (DICOM, etc.), de-identified (pseudonymized) patient ID, gender, age, imaging date, diagnosis and medical history, test results, medication history, clinical interpretation results, AI analysis results, etc.

Retention and Usage Period

Retention and Usage Period

Retention and Usage Period

Until the conclusion of the research

Until the conclusion of the research

Until the conclusion of the research


⑤ During the use of internet services, information such as IP addresses, cookies, MAC addresses, service usage records, device information, access logs, location information, and camera data may be automatically generated and collected.

 


Article 2 (Provision of Personal Information to Third Parties) 

① The Company does not provide personal information to third parties without the prior consent of the data subject. However, personal information may be provided to third parties in accordance with Article 17 of the Personal Information Protection Act if permitted by a specific provision of law or if unavoidably required to comply with a legal obligation.

② The current status of the Company’s provision of personal information to third parties is as follows:

 

[Researcher Information]

Recipient

Recipient

Recipient

Ministry of Food and Drug Safety (MFDS) (1577-1255)

Ministry of Food and Drug Safety (MFDS) (1577-1255)

Ministry of Food and Drug Safety (MFDS) (1577-1255)

Ministry of Health and Welfare (129)

Ministry of Health and Welfare (129)

Ministry of Health and Welfare (129)

Korea Medical Devices Industry Association (KMDIA) (02-596-7404)

Korea Medical Devices Industry Association (KMDIA) (02-596-7404)

Korea Medical Devices Industry Association (KMDIA) (02-596-7404)

Institutional Review Boards (IRBs) of participating hospitals

Institutional Review Boards (IRBs) of participating hospitals

Institutional Review Boards (IRBs) of participating hospitals

Purpose of Provision

Purpose of Provision

Purpose of Provision

Application for clinical trial approval pursuant to Article 10 of the Medical Device Act

Application for clinical trial approval pursuant to Article 10 of the Medical Device Act

Application for clinical trial approval pursuant to Article 10 of the Medical Device Act

Compliance with sponsor obligations under the Medical Device Act and related statutes in connection with clinical trial conduct

Compliance with sponsor obligations under the Medical Device Act and related statutes in connection with clinical trial conduct

Compliance with sponsor obligations under the Medical Device Act and related statutes in connection with clinical trial conduct

Submission of expenditure reports on economic benefits under relevant laws and regulations

Submission of expenditure reports on economic benefits under relevant laws and regulations

Submission of expenditure reports on economic benefits under relevant laws and regulations

Fulfillment of quarterly reporting obligations and monitoring compliance with the Fair Competition Code for Medical Devices (FCCMD), including lecture/advisory fee limits

Fulfillment of quarterly reporting obligations and monitoring compliance with the Fair Competition Code for Medical Devices (FCCMD), including lecture/advisory fee limits

Fulfillment of quarterly reporting obligations and monitoring compliance with the Fair Competition Code for Medical Devices (FCCMD), including lecture/advisory fee limits

Fulfillment of obligations under relevant laws and regulations such as application, amendment, termination, and reporting of clinical trial protocols, as well as adverse events and protocol deviations

Fulfillment of obligations under relevant laws and regulations such as application, amendment, termination, and reporting of clinical trial protocols, as well as adverse events and protocol deviations

Fulfillment of obligations under relevant laws and regulations such as application, amendment, termination, and reporting of clinical trial protocols, as well as adverse events and protocol deviations

Items Provided

Items Provided

Items Provided

Name, affiliation, phone number
Name, affiliation, phone number
Name, affiliation, phone number
Qualifications of clinical trial researchers (name, affiliation, field of expertise, position, phone number, relevant experience, academic background, clinical trial training history of principal investigator, sub-investigators, and co-researchers)
Qualifications of clinical trial researchers (name, affiliation, field of expertise, position, phone number, relevant experience, academic background, clinical trial training history of principal investigator, sub-investigators, and co-researchers)
Qualifications of clinical trial researchers (name, affiliation, field of expertise, position, phone number, relevant experience, academic background, clinical trial training history of principal investigator, sub-investigators, and co-researchers)
Name, affiliation
Name, affiliation
Name, affiliation
Lecture: Lecture date, location, event name and purpose, speaker's name and affiliation, payment amount, topic Advisory: Date or period, event name and purpose, advisor’s name and affiliation, payment amount, topic
Lecture: Lecture date, location, event name and purpose, speaker's name and affiliation, payment amount, topic Advisory: Date or period, event name and purpose, advisor’s name and affiliation, payment amount, topic
Lecture: Lecture date, location, event name and purpose, speaker's name and affiliation, payment amount, topic Advisory: Date or period, event name and purpose, advisor’s name and affiliation, payment amount, topic
Researcher qualifications (as above), and health information of study subjects (age, gender, medical history, vital signs, and test results from the study process)
Researcher qualifications (as above), and health information of study subjects (age, gender, medical history, vital signs, and test results from the study process)
Researcher qualifications (as above), and health information of study subjects (age, gender, medical history, vital signs, and test results from the study process)

Retention and Usage Period

Retention and Usage Period

Retention and Usage Period

Until the purpose is achieved

Until the purpose is achieved

Until the purpose is achieved

Until the retention period under Article 24 and Annex 3 of the Enforcement Rule of the Medical Device Act

Until the retention period under Article 24 and Annex 3 of the Enforcement Rule of the Medical Device Act

Until the retention period under Article 24 and Annex 3 of the Enforcement Rule of the Medical Device Act

5 years from the date of preparation of the expenditure report pursuant to Article 13-2(1) of the Medical Device Act

5 years from the date of preparation of the expenditure report pursuant to Article 13-2(1) of the Medical Device Act

5 years from the date of preparation of the expenditure report pursuant to Article 13-2(1) of the Medical Device Act

Until the end of the fifth year from January 1 of the year following the lecture or advisory date

Until the end of the fifth year from January 1 of the year following the lecture or advisory date

Until the end of the fifth year from January 1 of the year following the lecture or advisory date

Until the end of the statutory retention period under relevant laws

Until the end of the statutory retention period under relevant laws

Until the end of the statutory retention period under relevant laws


[Adverse Event Information]

Recipient

Recipient

Recipient

MFDS and competent regulatory authorities in countries where the Company’s products are approved

MFDS and competent regulatory authorities in countries where the Company’s products are approved

MFDS and competent regulatory authorities in countries where the Company’s products are approved

Purpose of Provision

Purpose of Provision

Purpose of Provision

Reporting of adverse events in accordance with relevant laws

Reporting of adverse events in accordance with relevant laws

Reporting of adverse events in accordance with relevant laws

Items Provided

Items Provided

Items Provided

Gender, age, test date, analysis results, adverse event log, subject ID
Gender, age, test date, analysis results, adverse event log, subject ID
Gender, age, test date, analysis results, adverse event log, subject ID

Retention and Usage Period

Retention and Usage Period

Retention and Usage Period

Until the expiration of the retention period under applicable regulations

Until the expiration of the retention period under applicable regulations

Until the expiration of the retention period under applicable regulations



Article 3 (Destruction of Personal Information) 

① The Company shall promptly destroy personal information without delay when the retention period has expired or when the purpose of processing has been fulfilled and the information is no longer necessary. However, certain data may be retained for a specified period in accordance with the Company’s internal policies or relevant laws and regulations, even after the purpose of processing has been achieved. In such cases, the separately stored personal information shall not be used for any other purpose unless required by law.

② The Company’s procedures and methods for destroying personal information are as follows:

  • Destruction Procedure: The Company identifies personal information for which the grounds for destruction have arisen and destroys such information with the approval of the Company’s Personal Information Protection Officer.

  • Destruction Method: Personal information recorded and stored in electronic file format is destroyed using technical methods that render the data unrecoverable.Personal information recorded and stored in paper documents is destroyed by shredding or incineration.

 


Article 4 (Installation, Operation, and Refusal of Automatic Data Collection Devices)

① The Company may automatically collect or record certain information, such as IP addresses, service usage records, and web browser cookies, in specific circumstances for the purpose of providing services.

② A cookie is a small data file sent by a web server to a user’s web browser and may be stored on the user’s computer hard drive.

③ Purpose of Using Cookies: Cookies are used to understand the user's visit and usage patterns of each service and website in order to provide optimized information and user experience.

④ Cookie Installation, Operation, and Refusal:

  1. Users may choose to allow or block cookies via their web browser settings:

  • Chrome: Click the ‘⋮’ icon at the top-right corner > Select “New Incognito Window” (Shortcut: Ctrl+Shift+N)

  • Edge: Click the ‘…’ icon at the top-right corner > Select “New InPrivate Window” (Shortcut: Ctrl+Shift+N)

  1. Users may choose to allow or block cookies via their mobile device settings:

  • Chrome (Mobile): Tap the ‘⋮’ icon at the top-right > Select “New Incognito Tab”

  • Safari (Mobile): Go to device Settings > Safari > Advanced > Block All Cookies

  • Samsung Internet: Tap the ‘Tabs’ icon at the bottom > Enable “Secret Mode” > Tap “Start”

⑤ Refusing to allow cookies will not result in any disadvantage or difficulty in using the Company’s website.

 


Article 5 (Rights and Obligations of Data Subjects and Their Legal Representatives, and Methods of Exercising Such Rights) 

① Data subjects may exercise their rights with respect to the Company at any time (hereinafter referred to as “Rights”), including requests to access, correct, delete, suspend processing of, or withdraw consent to the processing of their personal information, and to object to or request an explanation of automated decision-making.

※ For children under the age of 14, only the legal representative may exercise rights. A minor who is 14 years of age or older may exercise their rights directly or through their legal representative.

② The exercise of rights under Paragraph 1 may be made through written documents, email, or other designated means, and the Company will take action without undue delay. When a request for access, correction, deletion, or suspension of processing is made, the Company will verify whether the requester is the data subject or a legitimate representative.

③ If a data subject requests correction or deletion of personal information due to errors, the Company shall not use or provide such personal information until the correction or deletion is completed.

④ The rights under Paragraph 1 may also be exercised by a legal representative or an authorized agent of the data subject. In such cases, a power of attorney must be submitted using the standard form (Annex Form No. 11) as prescribed in the “Notification on the Method of Processing Personal Information.”

⑤ Data subjects must not infringe upon the personal information or privacy of themselves or others in violation of the Personal Information Protection Act or other related laws when exercising their rights.

⑥ The right to request access to or suspension of processing of personal information may be restricted under Article 35(4) or Article 37(2) of the Personal Information Protection Act.

⑦ If the personal information in question is specified as being subject to collection under other laws, deletion may not be possible even upon request.

⑧ Where the data subject has consented to automated decision-making, has been informed through contracts or prior notice, or where such processing is clearly provided for by law, the right to object to automated decision-making does not apply. In such cases, the data subject may only request an explanation or review of the decision. Requests to object to or seek an explanation of automated decision-making may also be denied if there is a legitimate reason, such as where the request could unjustly infringe upon the rights, body, property, or other interests of another person.

⑨ The Company shall verify that the individual exercising the right is the data subject or a duly authorized representative.


 

Article 6 (Measures to Ensure the Security of Personal Information) 

In accordance with Article 29 of the Personal Information Protection Act, the Company implements the following measures to ensure the security of personal information:

  1. Administrative Measures: Establishment and implementation of internal management plans, regular employee training

  2. Technical Measures: Access control, system access logs, encryption, installation of security programs

  3. Physical Measures: Restricted access to personal information storage locations

 

In the case of pseudonymized information, the Company takes the following additional measures: 

  1. Separate Storage of Pseudonymized Information and Additional Information

  • If the additional information is deemed unnecessary, it is securely destroyed.

  1. Access Control Separation

  • Access rights to pseudonymized information and additional information are strictly separated.

  1. Retention of Processing Records

  • Records related to the processing of pseudonymized information are maintained, including:

  • The purpose of processing pseudonymized information

  • The categories of personal data that have been pseudonymized

  • Usage history of the pseudonymized information

  • Third parties, if any, to whom the information has been disclosed

  • Any other matters prescribed by the Personal Information Protection Commission as necessary to manage the processing of pseudonymized data


 

Article 7 (Personal Information Protection Officer) 

The Company has designated the following individual as the Personal Information Protection Officer, who is responsible for overseeing all matters related to the processing of personal information, handling complaints, and providing relief related to data subjects’ rights.

Name

Name

Name

Hyunjin Bae

Hyunjin Bae

Hyunjin Bae

Position

Position

Position

CEO

CEO

CEO

Email

Email

Email

hjbae@promedius.ai
hjbae@promedius.ai
hjbae@promedius.ai

Address

Address

Address

4F, NPS Jamsil Office, 13 Olympic-ro 35da-gil, Songpa-gu, Seoul, Republic of Korea

4F, NPS Jamsil Office, 13 Olympic-ro 35da-gil, Songpa-gu, Seoul, Republic of Korea

4F, NPS Jamsil Office, 13 Olympic-ro 35da-gil, Songpa-gu, Seoul, Republic of Korea

Data subjects may contact the Data Protection Officer for any inquiries or complaints. The Company will respond promptly.


 

Article 8 (Request for Access to Personal Information) 

Data subjects may submit requests to access their personal information under Article 35 of the Personal Information Protection Act to the department listed below. The Company will make its best efforts to process such requests promptly.

Name

Name

Name

Sangjoon Park

Sangjoon Park

Sangjoon Park

Position

Position

Position

Corporate Planning Team Lead

Corporate Planning Team Lead

Corporate Planning Team Lead

Email

Email

Email

admin@promedius.ai
admin@promedius.ai
admin@promedius.ai

Address

Address

Address

4F, NPS Jamsil Office, 13 Olympic-ro 35da-gil, Songpa-gu, Seoul, Republic of Korea

4F, NPS Jamsil Office, 13 Olympic-ro 35da-gil, Songpa-gu, Seoul, Republic of Korea

4F, NPS Jamsil Office, 13 Olympic-ro 35da-gil, Songpa-gu, Seoul, Republic of Korea



Article 9 (Remedies for Infringement of Rights) 

If users wish to report or receive consultation on personal information infringements, they may contact not only the Company’s Personal Information Protection Officer, but also the following government agencies: 

  • Personal Information Dispute Mediation Committee: www.kopico.go.kr / 1833-6972

  • Personal Information Infringement Report Center: privacy.kisa.or.kr / 118

  • Supreme Prosecutors’ Office Cyber Crime Division: www.spo.go.kr / 1301

  • Korean National Police Agency Cyber Bureau: cyberbureau.police.go.kr / 182

 


Article 10 (Installation and Operation of Fixed Video Surveillance Equipment) 

The Company installs and operates fixed video surveillance equipment as follows:

Legal Basis and Purpose of Installation

Legal Basis and Purpose of Installation

Legal Basis and Purpose of Installation

Number, Location, and Coverage of Installed Devices

Number, Location, and Coverage of Installed Devices

Number, Location, and Coverage of Installed Devices

Manager, Responsible Department, and Authorized Personnel

Manager, Responsible Department, and Authorized Personnel

Manager, Responsible Department, and Authorized Personnel

Recording Hours

Recording Hours

Recording Hours

Retention Period of Video Recordings

Retention Period of Video Recordings

Retention Period of Video Recordings

Storage Location and Handling Method

Storage Location and Handling Method

Storage Location and Handling Method

Method and Place for Accessing Footage

Method and Place for Accessing Footage

Method and Place for Accessing Footage

Procedures for Data Subjects to Request Access

Procedures for Data Subjects to Request Access

Procedures for Data Subjects to Request Access

Technical, Administrative, and Physical Measures for Protection of Video Information

Technical, Administrative, and Physical Measures for Protection of Video Information

Technical, Administrative, and Physical Measures for Protection of Video Information

Other Operational and Management Considerations

Other Operational and Management Considerations

Other Operational and Management Considerations

For facility safety and fire prevention

For facility safety and fire prevention

For facility safety and fire prevention

1 in the main entrance lounge, 1 in the back entrance

1 in the main entrance lounge, 1 in the back entrance

1 in the main entrance lounge, 1 in the back entrance

Name: Corporate Planning Team, Ahyoung Lim Manager

Contact Number: +82-2-423-8511

24 hours a day

24 hours a day

24 hours a day

From the time of filming to the contract period

From the time of filming to the contract period

From the time of filming to the contract period

It is stored on S1's own server and permanently deleted in a way that it cannot be restored when the storage period expires.

It is stored on S1's own server and permanently deleted in a way that it cannot be restored when the storage period expires.

It is stored on S1's own server and permanently deleted in a way that it cannot be restored when the storage period expires.

Name: Corporate Planning Team, Ahyoung Lim Manager

Contact Number: +82-2-423-8511

Requests for viewing, provision, or deletion of personal video footage must be submitted through a Personal Video Information Request Form. Access will be granted only when the data subject appears in the footage or when access is clearly necessary to protect the life, body, or property interests of the data subject.

Requests for viewing, provision, or deletion of personal video footage must be submitted through a Personal Video Information Request Form. Access will be granted only when the data subject appears in the footage or when access is clearly necessary to protect the life, body, or property interests of the data subject.

Requests for viewing, provision, or deletion of personal video footage must be submitted through a Personal Video Information Request Form. Access will be granted only when the data subject appears in the footage or when access is clearly necessary to protect the life, body, or property interests of the data subject.

Internal management plans, access control and authority restrictions, secure storage and transmission technology, maintenance of processing logs and tamper prevention, establishment of storage facilities and installation of locks, etc.

Internal management plans, access control and authority restrictions, secure storage and transmission technology, maintenance of processing logs and tamper prevention, establishment of storage facilities and installation of locks, etc.

Internal management plans, access control and authority restrictions, secure storage and transmission technology, maintenance of processing logs and tamper prevention, establishment of storage facilities and installation of locks, etc.

The Company does not operate video surveillance equipment in public areas for purposes not permitted by law, and does not install such equipment in areas where there is a high risk of infringing upon personal privacy, such as bathrooms, restrooms, saunas, or dressing rooms. The Company does not arbitrarily manipulate the equipment or use any audio recording functions.

The Company does not operate video surveillance equipment in public areas for purposes not permitted by law, and does not install such equipment in areas where there is a high risk of infringing upon personal privacy, such as bathrooms, restrooms, saunas, or dressing rooms. The Company does not arbitrarily manipulate the equipment or use any audio recording functions.

The Company does not operate video surveillance equipment in public areas for purposes not permitted by law, and does not install such equipment in areas where there is a high risk of infringing upon personal privacy, such as bathrooms, restrooms, saunas, or dressing rooms. The Company does not arbitrarily manipulate the equipment or use any audio recording functions.



Article 11 (Governing Law)

The Company is established under the laws of the Republic of Korea and is headquartered in the Republic of Korea. This Privacy Policy has been prepared and is operated in accordance with the laws of the Republic of Korea. The interpretation and application of this Privacy Policy shall be governed by the laws of the Republic of Korea.

 


Article 12 (Changes to the Privacy Policy)

  1. This Privacy Policy may be amended due to changes in applicable laws, government policies, the Company’s internal regulations, or advancements in security technology. In such cases, any changes will be announced without delay through the Company's website.

  2. This Privacy Policy shall take effect as of July, 2025.

 

Version Number: 2025-07-31