When collecting personal information, the hospital provides advance notice of the scope and purpose of collection, either at the time of registration or in the Terms of Use, in accordance with relevant laws and regulations. The personal information collected is as follows:

■ Items collected when registering as a member on the website
○ Collected Items: Name, ID, Password, Gender, Date of Birth, Residence Area, Mobile Phone Number, Email, Access Logs, Cookies, Access IP Information
○ Method of collecting personal information: During the process of using website services (membership registration, online reservation, online consultation, post-surgery consultation, promotional media, telephone, bulletin board) or processing of service provision tasks
The following information can be automatically generated and collected.
– Service usage records, access logs, cookies, and access IP information

■ Items collected during treatment
○ Required items: Hospital Registration Number, Name (Korean), Date of Birth, Address, E-mail, Marital Status, Direction of Visit
○ Health Information: Personal health information, such as medical history and family history, that medical staff deem necessary for the provision of medical services.

■ Items collected when paying medical expenses
○ When paying by credit card: Card payment approval information such as card issuer name and card number
In addition, if personal information is collected for a short period for specific purposes, we will provide separate notice before collection.

■ Personal information collection method
○ Collection via website, written forms, fax, telephone, consultation bulletin board, email, etc.

The hospital uses the collected personal information for the following purposes.
All information provided by users will not be used for any purpose other than those required below, and prior consent will be obtained if the purpose of use changes.

○ Identity verification process for treatment/examination/reservation inquiry and treatment
○ Services for diagnosis and treatment
○ Administrative services such as billing, payment, and refund of medical expenses
○ Sending medical bills, statements, certificates, and medicines/items and results
○ Acceptance of online/offline inspections, request for external inspections
○ Securing a communication channel to assist in handling complaints/grievances
○ Legal and administrative responses and measures for quality control of medical services and hospital operation
○ Minimum analysis data required for education and research
○ Guidance on medical treatment information, academic information, and hospital information

In principle, personal information is destroyed without delay once the purpose of collection and use has been achieved. However, the following information is retained for the period specified below for the reasons stated below.

○ Retained Items: Name, Gender, Login ID, Password, Home Phone Number, Mobile Phone Number, Email
○ Basis for Retention: Terms of Use for the Hospital Website / Article 15 of the Enforcement Rules of the Medical Service Act (Retention of Records Related to Medical Treatment)
○ Retention Period: Destroyed upon membership withdrawal / Medical records 10 years

In principle, the hospital destroys personal information without delay after the purpose of collection and use has been achieved. The destruction procedures and methods are as follows.

■ Destruction Procedure
The information you entered for membership registration, etc., is transferred to a separate database (or a separate filing cabinet in the case of paper documents) after the purpose has been fulfilled, and in accordance with internal policies and reasons for information protection under other relevant laws (refer to the retention and usage period)
It is destroyed after being stored for a certain period. Personal information transferred to a separate database is not used for any purpose other than retention, unless required by law.

■ Destruction method
Personal information stored in the form of electronic files is deleted using technical methods that render the records unrecoverable. Personal information printed on paper is shredded or dissolved.

Except where your consent has been obtained or as required by relevant laws and regulations, the Hospital will not, under any circumstances, use your personal information beyond the scope notified in the "Purpose of Collection and Use of Personal Information."
We do not provide this to other individuals, companies, or institutions. However, exceptions apply in the following cases.

○ Submission of medical records to the Health Insurance Review & Assessment Service for claiming medical care benefits in accordance with the National Health Insurance Act
○ Cases where users have consented to disclosure in advance
○ In accordance with the provisions of laws and regulations, or when there is a request from an investigative agency for investigative purposes in accordance with the procedures and methods prescribed by law
○ Cases where data is processed and provided in a form that prevents the identification of specific individuals, as necessary for statistical compilation or academic research

– Personal Information Provider: VIBE Plastic Surgery
– Recipient of personal information: VIBE Plastic Surgery

■ Purpose of Use of Personal Information by the Recipient
○ For the purpose of processing tasks related to patient identification, medical appointments, and cancellations.
○ Information on hospital usage, new hospital services, and event details
○ Mobile notifications regarding medical consultations, appointments, scheduled hospitalizations, and scheduled tests
Items of personal information provided: Name, ID, Password, Gender, Mobile phone number, Email, Residence

■ Retention and Usage Period of Personal Information by the Recipient
○ The retention period for personal information is the same as that of the information collecting agency. However, this applies only in cases resulting from the termination (cancellation) of the contract with the personal information collecting agency.
○ You have the right to refuse consent. Refusal to consent may result in the inability to schedule an appointment, which could impair patient convenience and satisfaction.

If a customer requests access to, correction of, or deletion of personal information, the hospital responds faithfully to the customer's request and processes it without delay.
To protect personal information, we do not provide procedures for accessing, correcting, or deleting customers' personal information through application methods other than a customer's visit, such as telephone, mail, or fax.

■ Access to personal information
Customers may visit the hospital and request access to their personal information, and we will respond promptly.

■ Correction/deletion of personal information
1. If a customer requests the correction or deletion of personal information, or if it is deemed necessary to make such corrections or deletions, such as when it is determined that there are errors in the personal information,
Corrections and deletions will be made without delay. The hospital may request supporting documents necessary to verify the facts regarding the corrections and deletions.
2. When a customer requests to view, correct, or delete his or her personal information, the customer's identity will be verified by presenting an identification document, such as a resident registration card, passport, or driver's license.
3. If the hospital has a legitimate reason to refuse access, correction, or deletion of all or part of personal information, it shall notify the customer and explain the reason.
4. A legal representative of a child under the age of 14 may request access to, correction of, deletion of, or suspension of processing of the child's personal information, and must submit proof of relationship with the child and identification.

You may withdraw your consent to the collection, use, and provision of personal information at any time upon signing up.

To withdraw your membership, click 'Membership Withdrawal' on My Page on the hospital website, complete the identity verification process, and withdraw your membership directly, or
If you contact the Chief Privacy Officer in writing, by phone, or by fax, we will take necessary measures, such as destroying your personal information without delay.

The hospital uses 'cookies' that store and retrieve your information from time to time. A cookie is a server used to operate the hospital's website
It is a very small text file sent to your browser and stored on your computer's hard disk. The hospital uses cookies for the following purposes.

We analyze the access frequency and visit times of members and non-members, identify users' preferences and interests, and utilize this as a benchmark for service reorganization and other initiatives.
○ The frequency of your visits to various events hosted by the hospital is tracked and used as data to provide differentiated information based on your individual interests.

You have the option to control cookie installation. Therefore, by setting options in your web browser, you may choose to allow all cookies, be prompted for confirmation whenever a cookie is saved, or
Alternatively, you can refuse to save all cookies.
If you refuse to install cookies, you may have difficulty providing some services.

The hospital has implemented security measures as technical safeguards for the protection of users' personal information. All information provided by users is safely protected and managed by security equipment, such as firewalls.
In addition, as an administrative measure for the protection of users' personal information, the hospital establishes procedures necessary for accessing and managing users' personal information and limits the number of personnel handling users' personal information to a minimum.
We are conducting continuous security training. In addition, we will designate users of systems that process personal information, assign user passwords, and update them regularly.

This Privacy Policy may be changed in accordance with changes in relevant laws and guidelines or internal operating policies.
If the hospital's "Privacy Policy" is changed, we will announce it through the website (vibeps.com).

[Chief Privacy Officer]

Name: Yoo Young-moon
･ Position: CEO
･ Affiliation: VIBE Plastic Surgery
Phone: 02-517-4888
Email: vibeps.yoo@gmail.com

* Effective Date: September 1, 2021
If you need to report or consult about other personal information infringements, please contact the organizations below.

1. Personal Dispute Mediation Committee (www.1336.or.kr/1336)
2. Information Protection Mark Certification Committee (www.eprivacy.or.kr/02-580-0533~4)
3. Supreme Prosecutors' Office Internet Crime Investigation Center (http://icic.sppo.go.kr/02-3480-3600)
4. National Police Agency Cyber ​​Terror Response Center (www.ctrc.go.kr/02-392-0330)

This hospital informs you of the purposes and methods by which the image information processed at this hospital is utilized and managed through its Image Information Processing Device Operation and Management Policy.

In accordance with Article 25, Paragraph 1 of the Personal Information Protection Act, this hospital installs and operates image information processing devices for the following purposes.

The number of installed image information processing devices, their locations, and shooting ranges are as follows.
Number of units installed: 10 / Installation locations and recording range: Lobby, consultation rooms, inpatient rooms, treatment rooms, operating rooms, etc.

In order to protect the video information of data subjects and to handle complaints related to personal video information, we have appointed a Personal Video Information Protection Officer as follows.
Manager: Yoo Young-moon
Authorized User: Yoo Young-moon

The recording time, storage period, and storage location of the video information are as follows.
Recording Time: 24 hours / Storage Period: Within 14 days from the date of recording / Storage Location: Server room

○ How to check: You can verify by contacting the person in charge of image information management in advance and visiting our hospital.
○ Verification Location: Hospital Server Room

Data subjects may request access to, confirmation of existence of, or deletion of personal video information from the operator of the video information processing device at any time.
However, this is limited to personal video information in which you are filmed and personal video information that is clearly necessary for the urgent benefit of the data subject's life, body, or property.
This hospital will take necessary measures without delay if a request is made to view, confirm the existence of, or delete personal video information.
Notwithstanding a data subject's request for access, etc., the request for access to personal video information may be refused in the following cases, and in such cases, the data subject will be notified of the reasons for refusal and methods of appeal in writing, etc., within 10 days.
○ Cases where personal video information is destroyed after the retention period has expired
○ Other cases where there are justifiable grounds to refuse the data subject's request for access, etc.

The image information processed by this hospital is securely managed through measures such as encryption. In addition, as an administrative measure for the protection of personal image information, this hospital grants differential access rights to personal information, and
To prevent falsification or alteration of personal video information, we record and manage the creation date and time of the personal video information, as well as the purpose of viewing, the viewer, and the date and time of viewing when accessed.
In addition to this, we are installing locking devices for the safe physical storage of personal video information.