Privacy Policy

You can check EDGC’s privacy policy.

The Eone Diagnomics Genome Center Co. Ltd. (the “Company”) places great importance on the personal information of our customers and complies with the regulations and laws of Korea related to personal information protection, such as, the Act on Promotion of Information and Communications Network Utilization and Information Protection Etc., Personal Information Protection Act, Protection of Communications Secrets Act, Telecommunications Business Act, and other relevant privacy protection regulations. The Company strives to inform and notify of the purpose and method on how personal information provided by customers are being used and the measures being taken to protect personal information through the Company’s policy on personal information management. When revising our Privacy Policy on personal information management, the Company will notify and announce on its website (or through individual notice).

1. Collected Personal Information

The Company only collects and stores the minimum and necessary information to provide its services to its members. Information is collected under the following situations below.

First, the Company collects the following personal information once you order the genetic testing on the website:

– Necessary Information : name of the customer (if company, then also the business registration number), e-mail address, phone number, birth day and year, gender, prescribing doctor’s name and hospital division (when applicable), recipient’s address, postal code and phone number

– Optional Information : customer’s height, weight, number of week of pregnancy (if applicable), any clinical symptoms, medical history, family’s medical history

Second, the Company collects the following information when you have ordered the specific service:

– Credit Card Information : Name of the credit card company, credit card number

Third, the Company collects the following information when you make inquiries through the website or telephone.

– Name, e-mail address

2. Method of Collection of Personal Information

The Company uses the following methods to collect and gather your personal information:

– When you purchase the sample collection kit or order the genetic testing: through the consent form and/or testing request form

– When inquiring about genetic testing: through the consultation bulletin board in the website, e-mail address, fax number, telephone number

* Standard information such as, the access log, cookies, and IP addresses may be collected when you make inquiries through website or e-mail.

3. Collection of Personal Information and Its Purpose

The Company collects personal information for the following purposes, and all personal information will only be collected with your consent.

- To use in the process of verification of personal identity when using the genetic testing service

- To use for efficient communications in regards to providing notifications, handling consumer complaints, and related issues when processing the ordered genetic testing service of the individual or medical entity.

- To use as applicable information in order to provide personal customized services and newly developed services

- For basic information to evaluate for clinical testing

- To provide health-related contents and clinical research information

- To deliver and send materials related to the genetic test, to send invoice, for the process and collection of payment

- To gather information for the customers/consumers as under Article 52 of the Framework Act on Consumers

4. Management of Personal Information and the Retention Period

1. The company manages and holds personal information within the retention period approved by the individual/consumer when the information was being gathered and/or within the period as under relevant regulations.

2. Each retention period and management for personal information are as follows:

① EDGC homepage membership registration and management: the retention period is until the withdrawal of membership

However, under the following cases, the retention period is until the following causes have settled and concluded:

- When in case of investigation and inspection of violation of relevant laws, the retention period is until such investigation and inspection is over and completed.

-When in case of any surviving debts, payables and/or liabilities following the use of the homepage, the retention period is until such debts, payables and/or liabilities are settled and/or paid for.

② When personal information is gathered to provide the genetic test:

personal information is stored following the standards stated under medical laws for storing of medical records

③ Reasons for information retention under relevant laws

When necessary to retain information in accordance with relevant laws and regulations such as the Commercial Act, and the Act on the Consumer Protection in Electronic Commerce, etc., the Company shall keep personal information for the duration of time determined by the related laws and regulations. In such cases, the Company will use the information only for the purpose of storage, and the period of retention is as follows:

– Records on agreements or the withdrawal of orders
Grounds for retention : Act on the Consumer Protection in Electronic Commerce, etc.
Period of retention: 5 years

– Records on payment and provision of goods
Grounds for retention : Act on the Consumer Protection in Electronic Commerce, etc.
Period of retention: 5 years

– Records on electronic financial transactions
Grounds for retention : Electronic Financial Transactions Act
Period of retention: 5 years

– Records on handling consumers’ complaints or dispute resolution
Grounds for retention : Act on the Consumer Protection in Electronic Commerce, etc.
Period of retention : 3 years

– Records on website visits
Grounds for retention : Protection of Communications Secrets Act
Period of retention : 3 months

5. Process and Method of Disposal/Destruction of Personal Information

1. In principle, after collecting personal information and achieving the purpose of its use, Company destroys the information immediately without exceptions.

2. When in case personal information has to continually be stored following certain regulations despite having achieved the purpose of use and the elapsing of the permitted retention period by the owner of the personal information, the Company will either move the personal information to a separate database or store the information in a different storage location.

3. The process and method of disposing/destroying personal information are as follows.

① Destruction Process

The information inputted by the user for membership, for genetic testing and etc., shall be moved to a separate database (in the case of physical documents and forms, stored in separate document files) after the purpose of its use is achieved. It shall be destroyed after being retained for a certain period according to the Company’s internal policy and under reasons of information protection based on the relevant laws (refer to “Management of Personal Information and the Retention Period”).

② Destruction Method

Personal information printed out in paper shall be shredded by the shredder or incinerated.
Personal information saved in forms of electronic files shall be deleted by technical methods that render the records irreproducible.

6. Providing Personal Information to a Third Party

The Company only handles the users’ personal information within the scope stated in Article 3 (Collection of Personal Information and Its Purpose), and only under the users’ consent or the permitted scope as under Article 17 and 18 of the Privacy Protection Act, Article 24-2 of Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., and other special laws will the Company share the personal information with a third party.

7. Entrustment/Consignment of Managing Personal Information

1. For an efficient process in management of personal information, the Company entrusts/consigns the following duties of handling personal information:

① Genomic data analysis, storage, and provision of results

② Other information deemed necessary in relation to Section 1 of this provision.

2. After entering into a consignment contract, the Company must state in the document, other than the purpose of the consignment, the provisions regarding compensation, liabilities and duties, management and inspection regarding the consignee, restrictions on reconsignment, technical and managerial protective measures, and restrictions on personal information management, etc. following related regulations, such as, the Privacy Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.. The Company shall also supervise whether the consignee is handling the personal information safely and under discretion.

3. In the case where the consigned work scope/content or the consignee is changed, the Company will promptly notify the users through this Privacy Policy.

8. Rights of the User & Legal Representative and Ways to Exercise the Rights

1. The user may at any time exercise and request the following rights of personal information protection to the Company:

① Request for disclosure of his/her personal information

② Request to correct any errors, mistakes, etc.

③ Request to delete

④ Request to stop managing or processing his/her data

2. The user may exercise of the rights mentioned in the above Section 1 through writing, email, fax, etc. to the Company following the Form 8 in the attachment of the Enforcement Rules to Personal Information Protection Act. The Company will promptly handle your request after verification of the personal identity of the requesting user or the legal representative.

3. When the user requests for correction or deletion of his/her personal information, the Company will not use or provide the personal information until the requested deletion or correction has been completed.

4. The personal information that has been deleted due to the request of the user shall be handled by the Company as stated under Article 4 of this Policy and shall be prohibited to be used or disclosed for any other purposes.

5. The rights as under Section 1 of this provision can be exercised through the user’s legal representative or a delegated person of the user. In such a case, the user must submit the ‘Power of Attorney’ form in accordance with the Form 11 of the Enforcement Rules to Personal Information Protection Act.

9. Installation and Operation of the Automated Personal Information Collection Device, and Its Refusal

The Company operates “cookies,” which frequently save and find information of the user. A cookie is a small text file sent by the server operating the website to the browser of the user and is saved on the hard disk. The Company uses cookies for the following purposes:

1. Purpose of Using Cookies

– In order to provide personalized services on your next visit, Company tracks the information on the web pages that you visit and browse with interest.

– Cookies are used as resources to provide differentiated opportunities for participating in Company’s events based on your number of visits and to provide differentiated information according to individual interests.

The user has a choice in regards to the cookie installation on the website he/she visits. Therefore, the user can permit cookies, check and confirm whenever cookies are saved, or refuse to save cookies by setting the option on the web browser.

2. Cookie Settings (Allow/Refuse)

The user can permit cookies, check and confirm whenever a cookies are saved, or refuse to save cookies by setting the option in the web browser.

Example of Cookie Settings (in the case of Internet Explorer) :
Go to ‘Tools’ in the upper part of the web browser > Internet Options > Personal Information Tab > Set the level you prefer in regards to the handling of personal information. However, please bear in mind that when a user refuses the cookie installation, it may be difficult to provide services that require the users’ login.

10. Measures of Securing Personal Information

The Company considers the following measures to secure to safety of personal information:

1. Managerial Measures: : Set and enforce internal management plans, periodic safety related education for employees, etc.

2. Technical Measures: Management of access control of personal information management system and such, install an access control system, management password encryption, encryption of distinct distinguishable information and such personal information, install security program, transmitting of personal information through encrypted communications, regulation of unauthorized access through firewall, and other related measures.

3. Physical Measures: Limited access to the data processing room, archive and storage room, etc.

11. Person-in-Charge and Request to Disclose Personal Information

The Company has designated the following department and person-in-charge of personal information management to protect the personal information of users/customers and to handle complaints regarding personal information.

Personal Information Management Department: Management Support

TEL : +82-32-713-2176

E-mail : admin@edgc.com

Person-in-Charge of the Personal Information Management: Mr. Yong-hyun, Jung

TEL : +82-32-713-2176

E-mail : yonghyun.jung@edgc.com

You may report all complaints related to personal information from your use of our services to the above Person-in-Charge or the Personal Information Management Department. The Company will respond promptly and adequately to your complaints. If you need to report or consult about other privacy infringements, please contact the following organizations.

– Korean Internet & Security Agency (privacy.kisa.or.kr / +82-2-405-5118)

– ePRIVACY (www.eprivacy.or.kr / +82-2-580-0533 ~ 4)

– Supreme Prosecutors’ Office (www.spo.go.kr / +82-2-3480-2000)

– Korean National Police Agency Cyber Bureau (cyberbureau.police.go.kr / +82-2-392-0330)

12. Changes or Revisions to the Privacy Policy

In case of any content addition, deletion, or modification in the current privacy policy on personal information management, the Company will make an announcement at least 7 days before the revision by posting a notice on the website. In case of any critical changes of user rights, such as in the collection and use of personal information and provision of information to a third party, notifications shall be made at least 30 days before the revisions.

– This Privacy Policy shall be enforced and implemented from 08/28/2018.

– You may refer to the previous versions of our privacy policy by clicking below:

- 07/06/2016 ~ 08/27/2018 enforced (click)

No posts found.