Privacy Policy

Woori Medical Foundation Gimpo Woori Hospital (hereinafter referred to as ‘Hospital’) attaches great importance to the protection of your personal information and complies with the Personal Information Protection Act. In accordance with Article 30 of the Personal Information Protection Act, Woori Medical Foundation Gimpo Woori Hospital establishes and discloses the following personal information processing guidelines to protect the personal information of information subjects and to promptly and smoothly handle complaints related thereto.
Article 1 Purpose of processing personal information Article 2 Processing and retention period of personal information Article 3 Matters concerning provision of personal information to third parties Article 4 Matters concerning entrustment of personal information processing Article 5 Matters concerning the rights and obligations of information subjects and legal representatives and methods of exercising them Article 6 Items of personal information processed Article 7 Matters concerning destruction of personal information Article 8 Matters pertaining to the person in charge of personal information protection Article 9 Matters concerning measures to ensure the safety of personal information Article 10 Matters concerning the installation and operation of automatic personal information collection devices and their refusal Article 11 Remedies for infringement of rights and interests of information subjects Article 12 Matters concerning changes to personal information processing policy Article 13 Judgment criteria for considerations in each subparagraph of Article 14-2, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act in relation to additional use and provision Article 14 Request to view personal information protection
Article 1 Purpose of processing personal information The hospital uses the collected personal information for the following purposes. All information provided by users will not be used for purposes other than those required for the purpose, and prior consent will be requested if the purpose of use changes. 1) Website member information A. Required information: Provision of medical treatment reservation, reservation inquiry, and membership service through the website B. Optional information: Hospital news, disease information, etc. via email, surveys 2) Provision of non-medical services Information on medical appointments, medical information, and hospital news via text message 3) Grievance handling Confirmation of identity of complainant, confirmation of complaint, contact for fact-finding, notification, and processing results We process personal information for purposes such as notification. Article 2 Processing and retention period of personal information The hospital destroys your personal information without delay when the purpose of collecting or providing personal information has been achieved. 1) Medical treatment information Stored in accordance with the medical record storage standards specified in the Medical Service Act 2) Website member information However, even if the purpose of collection or provision has been achieved, your personal information may be retained if there is a need to preserve it pursuant to the provisions of laws and regulations such as the Commercial Act. A. Records of consumer complaints or dispute resolution: 3 years (Act on Consumer Protection in Electronic Commerce, etc.) B. Records on collection/processing and use of credit information: 3 years (Act on Use and Protection of Credit Information) C. Records of identity verification: 6 months (Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.) D. Records of visits: 3 months (Communication Secrets Protection Act) 3) Until services provided other than medical treatment are provided. Article 3 Matters concerning provision of personal information to third parties Except in cases where there is your consent or in accordance with the provisions of related laws, the hospital will in no case use your personal information beyond the scope notified in “Purpose of collection and use of personal information” or disclose it to other people or other companies or institutions. Not provided. However, the following cases are permitted: 1) When separate consent is obtained from the information subject 2) When there are special provisions in other laws 3) In cases where the information subject or his/her legal representative is unable to express his/her intention or cannot obtain prior consent due to unknown address, etc., it is clearly necessary for the urgent benefit of the life, body, or property of the information subject or a third party. When accepted 4) When personal information is provided in a form that does not identify a specific individual as it is necessary for purposes such as statistical compilation and academic research. 5) If personal information is used for a purpose other than its intended purpose or is not provided to a third party, it is impossible to perform the duties prescribed by other laws and the Personal Information Protection Committee has passed deliberation and resolution. 6) When necessary to provide information to foreign governments or international organizations for the implementation of treaties and other international agreements. 7) When necessary for investigation of crime and filing and maintenance of indictment 8) When necessary to carry out the court's judicial duties 9) When necessary for the execution of punishment, custody, and protective measures. Article 4 Matters concerning entrustment of personal information processing The hospital entrusts personal information as follows to provide services, and stipulates necessary matters to ensure that personal information is safely managed when entering into a consignment contract in accordance with relevant laws and regulations. The hospital's personal information consignment processing agency and consignment details are as follows.
Consignment company Consignment work details Retention and use period of personal information
Opencom Co., Ltd. ο Contents of entrusted work: Website membership management, identity verification based on membership service use, complaint handling, delivery of notices, development and specialization of new marketing services (products), delivery of advertising information such as events, other AS centers, web Site and system management ο Entrusted personal information items: name, date of birth, gender, login ID, password, phone number, address, mobile phone number, email ο The consignee can send newsletters to members via email, which are sent not for commercial purposes but to improve public health. Of course, in this case as well, you will have to go through a consent process when registering as a member, and if you do not agree, we will not send it to you. Until the end of the consignment contract
Until the end of the Amis Technology Co., Ltd. server maintenance and system operation consignment contract. Until the end of the consignment contract
Esofting Co., Ltd DB management Until the end of the consignment contract
Greuzen Co., Ltd. Server Network Until the end of the consignment contract
Hi Parking Co., Ltd. parking management Until the end of the consignment contract
S-Tech System Co., Ltd. security Until the end of the consignment contract
Samsung Welstory Co., Ltd. Patient's diet and feeding Until the end of the consignment contract
Ire Safety System Co., Ltd. Environmental cleaning within the hospital Until the end of the consignment contract
ACK Co., Ltd. LIS program maintenance Until the end of the consignment contract
CM Soft Co., Ltd. Comprehensive checkup program maintenance Until the end of the consignment contract
GE Healthcare Comprehensive checkup program maintenance Until the end of the consignment contract
Green Cross Medical Foundation Co., Ltd. Consignment inspection Until the end of the consignment contract
Goliath Co., Ltd. document shredding Until the end of the consignment contract
Fear Nine Co., Ltd. Health checkup questionnaire, result sheet sent, mobile notification message, email Until the end of the consignment contract
LC Tech Co., Ltd. Electronic consent form Until the end of the consignment contract
VUNO Co., Ltd. Cardiac arrest risk prediction program within 24 hours Until the end of the consignment contract
Consignment company Contact information Management status Management status
Opencom Co., Ltd. 1544-4256 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
Ami Technology Co., Ltd. 02-573-3880 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
Esofting Co., Ltd. 02-2028-1104 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
Gruzen Co., Ltd. 02-538-3856 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
Hi Parking Co., Ltd. 070-7119-2562 Personal information protection of
educational evidence
not applicable
S-Tech System Co., Ltd. 02-2142-8151 Personal information protection of
educational evidence
not applicable
Samsung Welstory Co., Ltd. 031-999-1981 Personal information protection of
educational evidence
not applicable
Ire Safety System Co., Ltd. 010-8710-0717 Personal information protection of
educational evidence
not applicable
ACK Co., Ltd. 02-501-3734 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
CM Soft Co., Ltd. 031-906-2990 Personal information protection of
educational evidence
not applicable
GE Healthcare 02-6201-3114 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
Green Cross Medical Foundation Co., Ltd. 1566-0131 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
Goliath Co., Ltd. 031-366-2893 Personal information protection of
educational evidence
not applicable
Fear Nine Co., Ltd. 02-780-8003 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
LC Tech Co., Ltd. 02-761-1416 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
VUNO Co., Ltd. 02-515-6646 Personal information protection of
educational evidence
Personal information protection of
Status Checklist
The provisions to ensure that personal information is safely managed when signing a consignment contract are as follows. 1) Matters pertaining to the prohibition of processing personal information other than for the purpose of performing consignment work 2) Matters regarding technical and managerial protection measures for personal information 3) Matters regarding the purpose and scope of the entrusted work and restrictions on re-entrustment 4) Matters related to supervision, such as checking the management status of personal information 5) Matters related to compensation for damages in case of violation of obligations to be observed by the trustee Article 5 Matters concerning the rights and obligations of information subjects and legal representatives and methods of exercising them 1) The information subject can exercise rights such as requesting the hospital to view, correct, delete, or suspend processing of personal information at any time. 2) To exercise rights under paragraph 1, you may contact us in writing, e-mail, or fax in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the hospital will take necessary measures without delay. 3) The exercise of rights under Paragraph 1 may be done through an agent, such as the information subject's legal representative or a person authorized to do so. In this case, you must submit a power of attorney in the format of Appendix 11 of the Enforcement Rules of the Personal Information Protection Act. 4) Requests to view and suspend personal information processing may limit the information subject's rights pursuant to Article 35, Paragraph 5 and Article 37, Paragraph 2 of the Personal Information Protection Act. 5) Requests for correction and deletion of personal information cannot be requested if the personal information is specified as a collection target in other laws and regulations. 6) The hospital verifies whether the person making the request, such as a request for viewing, a request for correction or deletion, or a request for suspension of processing, is the person or a legitimate agent in accordance with the information subject's rights. 7) The information subject may withdraw his/her consent to the collection, use and provision of personal information at any time when registering as a member. To withdraw membership, log in to the hospital's website and click 『Withdraw Membership』 on the information modification page to go through the identity verification process and withdraw membership directly, or contact the person in charge of personal information protection in writing, by phone, or e-mail, and we will contact you without delay. We will take necessary measures, including destroying personal information. ※ Personal information that is required to be stored by law cannot be modified or deleted within the retention period even upon request. Article 6 Items of personal information processed There are required and optional items when registering as a member, and there are no restrictions on using the service even if you do not enter optional items such as whether to receive emails. The provisions to ensure that personal information is safely managed when signing a consignment contract are as follows. 1) When receiving treatment A. Collection items: Name, resident registration number (domestic), alien registration number (foreigner), address, phone number, mobile phone number B. Health information: Personal information deemed necessary by medical staff to provide medical history, medical records, and medical services 2) Payment of medical expenses When paying by credit card, payment approval information such as card company name and card number 3) Items collected when registering as a member of the website Required items: name, date of birth, gender, login ID, password, mobile phone number, email The following information may be automatically generated and collected during the process of using the service or processing the service provision work. : Service usage records, access logs, cookie access IP information 4) Items collected to provide services other than medical treatment Collection items: name, date of birth, reservation information, medical records, mobile phone number, address 5) Personal information collection method We collect personal information in the following ways. - Written form, fax, phone, website membership registration, website bulletin board, email Article 7 Matters concerning destruction of personal information The hospital destroys personal information immediately after the purpose of collection and use of personal information has been achieved. Destruction procedures and methods are as follows. 1) Destruction procedure The information entered by the user for membership registration, etc. is immediately destroyed according to the destruction method after the purpose has been achieved. 2) Destruction method Personal information stored in electronic file format is deleted using technical methods that render the records unrecoverable. Personal information printed on paper is destroyed by shredding or incineration Article 8 Matters pertaining to the person in charge of personal information protection 1) In order to protect your personal information and handle complaints related to personal information, the hospital has a personal information protection manager as listed below. A. Personal information protection officer Name: Go Do-hyeon Department: Hospital Director Phone number: 031-999-1000 - Medical information section Personal information protection officer and department Position and department: Medical information team leader / Medical information team Contact: 031-999-1827 - Home page section Personal information protection officer and department Position and Department: Public Relations Team Leader / Public Relations Team Contact: 031-999-1623 2) You may inquire about all personal information protection-related inquiries, complaint handling, damage relief, etc. that arise while using the hospital's services (or business) to the personal information protection manager and responsible department. The hospital will respond and process inquiries from information subjects without delay. Article 9 Matters concerning measures to ensure the safety of personal information The hospital is taking the following technical and administrative measures to protect your personal information to prevent it from being lost, stolen, leaked, altered or damaged. 1)Technical measures A. Personal information is protected by a password, and important data is protected through a separate security function by encrypting files and transmission data (resident registration number, password) or using the file lock function. B. We use anti-virus programs to prevent damage caused by server viruses. Antivirus programs are updated periodically, and if you catch a virus, it is treated as soon as a vaccine is available to prevent your personal information from being violated. C. We build a web firewall (National Intelligence Service CC certification (EAL4 level), Korea Information and Communication Technology Association (TTA) GS certification, and National Intelligence Service verified encryption module installed) to prevent your personal information from being leaked by hacking, etc. We block intrusions and monitor intrusions 24 hours a day. D. Additionally, our center uses networks that are separate from the internal network (OCS) and the external network (Internet). 2) Managerial measures A. We strengthen the protection of personal information by managing the access rights of personal information handlers, authentication, password management, access control, and personal information encryption. B. Consignment management of personal information We supervise and manage entrusted individuals to ensure that personal information is not used for unfair purposes, such as leaking, processing without permission, or providing to third parties. ① Matters regarding re-consignment and prohibition of provision to third parties ② Storage and management of written personal information, input and output data ③ Matters related to inspection of personal information management status and training of affiliated employees 3) Physical measures Access control for computer team, data storage room, medical information team, human resources and general affairs team, etc. Article 10 Matters concerning the installation and operation of automatic personal information collection devices and their refusal The hospital operates ‘cookies’ that store and retrieve your information from time to time. A cookie is a very small text file that the server used to run the hospital's website sends to your browser and is stored on your computer's hard disk. The hospital uses cookies for the following purposes: You have the option to install cookies. Therefore, by setting options in your web browser, you can allow all cookies, confirm each time a cookie is saved, or refuse to save all cookies. If you refuse to install cookies, it may be difficult to provide some services. Article 11 Remedies for infringement of rights and interests of information subjects 1) You can report any personal information protection-related complaints that arise while using the hospital's services to the personal information manager. The hospital will promptly and sufficiently respond to users' reports. 2) The organizations below are separate from the hospital. If you are not satisfied with the hospital's own personal information complaint handling and damage relief results, or if you need further assistance, please contact us. A. Personal Information Infringement Report Center (operated by Korea Internet & Security Agency) - Responsibilities: Reporting personal information infringement, requesting consultation - Website: privacy.kisa.or.kr -Phone: (without area code) 118 - Address: Personal Information Infringement Reporting Center, 3rd floor, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2, Bitgaram-dong) (58324) B. Personal Information Dispute Mediation Committee - Responsibilities: Request for personal information dispute mediation, group dispute mediation (civil resolution) - Website: www.kopico.go.kr - Phone: (without area code) 1833-6972 - Address: (03171) 4th floor, Seoul Government Complex, 209 Sejong-daero, Jongno-gu, Seoul C. Supreme Prosecutors' Office Cyber ​​Crime Investigation Unit: 02-3480-3573 (www.spo.go.kr) D. National Police Agency Cyber ​​Security Bureau: 182 (http://cyberbureau.police.go.kr) Article 12 Matters concerning changes to personal information processing policy This personal information handling policy was revised on October 1, 2021, and if there are additions, deletions, or modifications to the content due to changes in laws, policies, or security technology, it will be posted on the hospital website before the changed personal information handling policy is implemented. We will notify you of the reason and contents of the change. Article 13 Judgment criteria for considerations in each subparagraph of Article 14-2, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act in relation to additional use and provision 1) In accordance with Article 15 (3) and Article 17 (4) of the Personal Information Protection Act, Gimpo Woori Hospital may additionally use and provide personal information without the consent of the information subject in consideration of matters pursuant to Article 14-2 of the Enforcement Decree of the Personal Information Protection Act. there is. 2) Accordingly, Gimpo Woori Hospital has considered the following matters in order to further use and provide information without the consent of the information subject. A. Whether the purpose of additional use and provision of personal information is related to the original purpose of collection B. Whether there is a possibility of additional use and provision of personal information in light of the circumstances in which personal information was collected or processing practices. C. Whether the additional use and provision of personal information unfairly infringes on the interests of the information subject D. Whether necessary measures were taken to ensure safety, such as pseudonymization or encryption. Article 14 Request to view personal information protection The information subject may request access to personal information pursuant to Article 35 of the Personal Information Protection Act to the following department. Gimpo Woori Hospital will strive to ensure that the information subject's personal information is viewed and processed promptly. 1) Website personal information viewing request reception and processing department A. Department Name: Public Relations Team B. Contact: 031-999-1953 2) Medical information personal information access request reception and processing department A. Department Name: Medical Information Team B. Contact: 031-999-1827