NextBioMedical Co., LTD ("Company") protects users’ privacy and rights in accordance with the Personal Information Protection Act, and handles
○ This policy is effective starting Jan. 1, 2008.
■ Collected personal data items
The company collects the following personal data below for membership registration and customer feedback.
ο Collected data: Name, date of birth, gender, ID, password, phone, address, mobile, and email
ο Collection: Via website (i.e. membership registration, feedback submission)
■ Purpose of collection and usage of personal data
The company uses the collected personal data for the following purposes.
ο Fulfillment of contracts about service provision and charging content due to service provision
ο Membership management/identification, personal identification, prevention of fraudulent members, and prevention of unauthorized usage
ο Marketing and advertisement, sending information such as events used for advertisement
■ Retention and usage period of personal data
Following the principle, customers' personal data is deleted immediately after the purpose of personal data collection and usage is achieved. Note,
however, that the following data shall be retained for the specified period for the following reasons:
Stored data: Name, date of birth, gender, ID, password, phone, address, mobile, and email
Legal basis: Credit and Information Use and Protection Act
Storage period: 1 year
If necessary due to relevant laws and regulations, the company keeps the user data for a certain time period upon laws and regulations
Records about payment and supply of goods and etc: 5 years (Act on the Consumer Protection in Electronic Commerce, Etc.)
Records about consumer complaints and conflicts: 3 years (Act on the Consumer Protection in Electronic Commerce, Etc.)
Records about collecting and processing of credit information: 3 years (Credit Information Use and Protection Act)
■ Personal data destruction process and method
Following the principle customers' personal data is deleted immediately after the purpose of personal data collection and usage is achieved.
The process and method are as follows:
ο Destruction process
After the purposes are achieved, your personal data provided for membership registration and etc. is moved to separate database (in case of actual paper information, it moves to separate cabinet).
It is then destroyed after being saved for certain time period following the internal policies and other relevant laws (refer to retention and usage period).
Your data transported to the separate database will not be used except when legally necessary
ο Destruction method
- Personal data in electronic format is destroyed by using a technical method that makes the data unreadable.
■ Provision of personal data
The company does not provide personal data for external usage. Cases below are the exceptions: -When users agree in advance
- When we get a request from an investigative agency through certain procedure and method complying with the law
■ Consignment of personal data
The company does not entrust your information to other companies unless you agree. If needed in the future, we will definitely notify you about the
company and contents and get your prior consent
■ Rights of users and legal representatives, and how to exercise said rights Users and legal representatives can always view/modify their own or minor's (under 14), and it is also available to request termination of membership service.
To view/modify user's or minor's (under 14) personal data, click on ‘Modify account.’ To cancel your membership, click on ‘Unsubscribe.’ Then you can
go through the identity verification process, and will be able to view/modify/unsubscribe directly. Also, you can always contact the person in charge of
personal information via letter, phone, or email, and we will take immeidate action.
If you request modification of your personal information, we will not use or provide it until the modification is done. If we ever provide incorrect
personal information to a third party, we will quickly provide the modification as well so that it can be corrected shortly. The company manages personal information that is unsubscribed or deleted following the ‘retention and usage period of personal information collected,’ and that information cannot be viewed or used for other purposes.
■ Matters about installation, operation, and rejection of automatic collection of personal data
We do not operate any of automatic personal information collecting device which collects automatically created personal information while using internet service such as cookies.
Complaints regarding personal data
You can always report any personal information protection related complaints while using the company’s service to the person in charge or the department in charge.
The company will provide sincere and sufficient answers to your report.
If necessary to report or consult about other personal information infringement, please contact the following organizations below.
1. KISA Privacy Center (privacy.kisa.or.kr / +82-118)
2. OPA Privacy Center (eprivacy.or.kr / +82-2-580-0533; 0534)
3. SPO Cyber Crime Center (icic.sppo.go.kr / +82-2-340-3600)
4. NPA Cyber Terror Center (ctrc.go.kr / +82-2-392-0330)