Privacy Policy

Introduction

CloudHospital Inc. (hereinafter referred to as the “Company”) pays close attention to the collection and management of personal information and makes every possible effort to protect this data. This Privacy Policy covers the scope and procedures in which a user’s personal information is collected, how the personal information is used, the scope of consignment, and of any third-party provision. In particular, this Privacy Policy explains the matters related to personal information that is collected and used during the course of services based on the terms of use of the Company. Users may browse Company websites and use some services without providing personal information to the Company, but the following procedures for providing personal information are required in order to use the full functions of the services of the entire Company website.

The Company complies with the personal information protection regulations that must be observed as an information and communication service provider, has established a policy for handling personal information based on relevant laws, and is making every effort to protect the interests of users.

The Company publishes its Privacy Policy in the Terms of Use section on its website so that it can be easily viewed by customers at any time.

If you have any questions related to this, please contactinfo@icloudhospital.com.

Purpose of Privacy Policy

The Company collects the personal information of users required to create a website account for the basic purposes of managing authenticated users as well as personal authentication for using the service. This includes all of the following: confirm the user’s intention to join, identify and authenticate basic identities, check whether or not the minimum required qualifications are maintained for service use, avoid attempts to use the service fraudulently by avoiding these qualifications, handle complaints to improve the service quality of the Company, and delivering notices related to the Company’s policies.

The Company may collect the user’s health information and medical records of the medical institution necessary for the efficient provision of medical and non-medical services provided to users through the Terms of Use of the service.

The Company may collect some of the user’s personal and health information for the purpose of providing basic information on various services, promoting new services, and providing opportunities to attend events.

The Company may also collect and process personal information for service inspection statistics and verification purposes for overall service inspection and improvement.

Targets and Methods of Collecting Personal Information

When a user accesses the Company’s website, the Company automatically receives certain technical data, and in addition, the user may provide supplementary information. Among this information, the data information that the Company automatically collects through the user’s access includes information about the computer, phone, tablet, or other device that the user used to access the site, the type of connection with these devices, the operating system of the device, the browser type, IP address, URL, and device identifier.

In addition, the Company uses cookies for analysis purposes, and the user can always disable cookies in the browser settings if necessary.

For users who wish to create an account, the Company will collect the name, mobile phone number, residence address, gender, date of birth, e-mail address, and information related to or account information of debit card or credit card for payment according to the user’s own input. In the case of such information, it is collected by that the method wherein the user voluntarily fills in the necessary entries for creating an account on the website but in exceptional cases, collection may be made via fax, landline, e-mail, or through an in-person consultation method.

On the other hand, a user who wants to receive a higher quality service can provide the Company with information on their health (examination information, counseling information, body specifics, etc.) and information related to medical diagnoses (past visiting medical institutions and medical treatments, consultation records, MRI scans, x-ray scans, records of surgery, or other surgical procedures, etc.) by their choice. In addition, the Company can also collect all information on past medical treatments and counseling from medical institutions instead of the user with the user’s consent.

All of the above items and methods of collection are based on the voluntary consent of the user; the user is free to withdraw these consents and the withdrawal will take effect after such notice of withdrawal reaches the Company.

Processing and Retention Period of Personal Information

The user’s personal information is converted into a state that cannot be processed in the event that a reason such as termination of the contract or withdrawal occurs after the account is created, or a request to withdraw consent to the processing of personal information or deletion of personal information through e-mail or writing. However, if there is a period for which storage is separately specified in the relevant laws, it is necessary to comply within that period.

Consignment of Personal Information and Provision to Third Parties

Users may entrust the processing of collected personal data in order to efficiently operate the Company’s medical service and non-medical service with a third party. The Company may also entrust the data collected from the user to the payment gateway, including the data related to the payment of products the user has selected or the refund of products as withdrawal of the purchase. When these consignments are made, the Company will explain the basic information of the consigned third party such as a medical institution or payment gateway in advance to the user, the content of the consigned business, and the range of personal information to be processed.

In order to provide medical services and non-medical services to users more effectively, the Company can provide the health information and medical diagnosis information provided by the users to medical institutions that cooperate with the Company. In this case, the Company will inform the user in advance of the range of personal information to be provided in connection with this and the medical institution to be provided, and also carry out procedures to receive individual consent for it.

However, the Company may provide personal information to a third party without the user’s consent through anonymity measures as prescribed by the relevant laws and regulations in consideration of whether there is any disadvantage to the data subject to the extent that it is reasonably related to the purpose of collection and whether measures such as encryption have been taken to ensure safety or not.

Persons concerned with the handling of personal information to receive the Company’s services should not obtain consent for obtaining or processing personal information by false or other illegal means or methods in connection with the provision of such personal information to third parties. They also should not disclose personal information revealed in this process or provide it for use by others without authority and will not damage, lose, alter, falsify, or leak the personal information of others without legitimate authority or exceed the permitted authority.

Protection and Management of Personal Information

The Company provides physical, electronic, and procedural safeguards to protect the personal information it collects and manages. For example, the Company takes reasonable operational and technical measures to restrict access to personal information. More specifically, the data received by the Company can only be used by authorized employees and contractors. The Company also uses encryption and other protection devices to ensure that data is secure. These measures have been reasonably designed to help protect personal data from loss, unauthorized entry, disclosure, modification, or destruction.

Despite these efforts by the Company, the websites and network systems are not completely protected nor are the risks completely prevented. Therefore, the Company cannot guarantee the security of information transmitted by the user through the website, and the user must take risks. In this context, if you have any reason to believe that the interaction with the Company’s website or service is no longer secure, please contactinfo@icloudhospital.comin writing.

Personal Information of Minors

The Company does not and will not collect personal data directly from children under the age of 14. The Company may process data from children under the age of 14 only at the request of a parent or guardian and only after confirming the identity of the parent / guardian and their legal right to represent the child. In this regard, if you are a parent or guardian and are interested in your child’s personal data, please contactinfo@icloudhospital.com.

Viewing and Modification of Personal Information

When providing the user’s personal information to the Company, the user is free to exercise the authority to view and modify the information. If you have any further questions regarding this, please email us atinfo@icloudhospital.comand we will do our best to provide assistance.

Transmission of Personal Information

The Company may need to process personal information outside the country in which the user resides during the process of providing services. In such a case, the Company will take appropriate precautions (e.g., contract data protection clauses) to protect the personal information in addition to what is set out in this Privacy Policy.

Updating Privacy Policy

If the Company updates this Privacy Policy due to revision of related laws or changes in circumstances, such changes will be posted on the Company’s website. In addition, if the Company changes the way in which it processes the users’ personal data, the Company will notify the user in advance and request the user’s consent before implementing the change.