BRIDGING SCIENCE AND PATIENTS

Privacy Policy

Privacy Policy of the Company contains contents as set forth below. 

1. Items and Methods for Personal Information Collection
2. Purpose of Collection and Use of Personal Information 
3. Provision of Personal Information to a Third Party
4. Entrustment of Personal Information Processing 
5. Period for Retention and Use of Personal Information 
6. Procedures and Method for Destruction of Personal Information 
7. Rights of Users and Legal Representatives and the Method of Execution
8. Installation, Operation of Equipment for Automatic Collection of Personal Information and Refusal thereof
9. Technological and Managerial Measures to Protect Personal Information 
10. Contact details of Privacy Officer and Responsible Manager
11. Miscellaneous 
12. Obligation for Notification 


1. Items and Methods for Personal Information Collection
•Items of collected personal information: The personal information items collected by the Company include your name, company, position, contact details and email address at the time when each service is utilized in order to provide reply to your inquiry or newsletter service. 
•	Method of collection of personal information: The Company collects personal information via the Q&A board, newsletter subscription page and IR meeting request page contained in the Company webpage stated above. 

2. Purpose of Collection and Use of Personal Information
The Company collects and uses personal information for the purpose of confirming additional details of customer’s inquiry via the Company webpage and providing notification with respect to the process results. 

3. Provision of Personal Information to a Third Party
The Company shall use personal information of users within the scope specified under Article 2. Purpose of Collection and Use of Personal Information, and shall not use the same exceeding the specified scope or disclose the same to a third party without obtaining prior consent from the user, in principle. Provided, however, cases set forth below shall be considered as an exception. 
(i)	In case users provided prior consent to the disclosure; 
(ii)	In case required by law or by investigation authorities for investigation purposes in accordance with the procedures and methods determined in the relevant law. 

4. Entrustment of Personal Information Processing
The Company does not entrust personal information to a third party. In case of any entrustment required in the future, the Company shall notify via the Company webpage and update the contents of this Privacy Policy. 

5. Period for Retention and Use of Personal Information
Personal information of users shall be promptly destroyed in case the purpose for collection and use of personal information is satisfied, in principle.
Provided, however, in case retention is required for dispute resolution, identity verification, etc. according to internal policies of the Company, following items of information shall be preserved based on the specified grounds for the term set forth below. 
•Items for preservation: name, company, position, contact details, email address
•Grounds for preservation: Credit Information Use and Protection Act
•Term for preservation: 3 years
•Record related to collection, processing and use of credit information: 3 years (Credit Information Use and Protection Act)

6. Procedures and Method for Destruction of Personal Information
Personal information of users shall be promptly destroyed in case the purpose for collection and use of personal information is satisfied, in principle. Procedures and methods for destruction of personal information are as set forth below. 
•Destruction procedure 
Information provided by a user for purposes such as customer inquiry, shall be moved to a separate database after the purpose is satisfied. It will be destroyed after being stored for a certain term in accordance to the internal policies and grounds for information protection as stated in other relevant regulations (refer to the retention and use period). The personal information shall not be used for purposes other than retention, unless required by law. 
•Destruction method 
Personal information printed on paper shall be destroyed by shredding or incineration. Personal information stored in electronic files shall be discarded by applying technical measures that do not allow regeneration. 

7. Rights of Users and Legal Representatives and the Method of Execution
User or legal representative can, at any time, request deletion of personal information provided for purposes such as customer inquiry.
Request for confirmation and destruction of personal information shall be promptly handled by the privacy officer upon your written request, telephone or email. 
Personal information deleted according to request by user or legal representative shall be processed as specified in Article 5. Period for Retention and Use of Personal Information, and shall not be reviewed or used for any other purposes.  

8. Installation, Operation of Equipment for Automatic Collection of Personal Information and Refusal thereof
The Company uses ‘cookies’ to store and retrieve user information from time to time. 
Cookies are a small amount of information sent to the user's computer browser by the server (HTTP) used to operate the website, and are also stored on the hard disk of the user's PC computer.
•Purpose of cookies 
It is used to provide optimized information to users by identifying the types of visits and usage, popular search terms, secure access, news editing, and user size for each service and website of the Company that users visited.
•How to reject cookie settings 
Users have the option when it comes to installing cookies. Therefore, the user may allow all cookies by setting options in the web browser, check each time a cookie is saved, or refuse to save all cookies. To reject the cookie setting, you can allow all cookies by selecting the option of the web browser you use, check each time a cookie is saved, or refuse to save all cookies.

9. Technological and Managerial Measures to Protect Personal Information
The Company takes the following technical/managerial measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in the course of processing users' personal information.
•Measures against hacking, etc.  
The Company is engaging its best efforts to prevent any leakage or damage of members' personal information by hacking or computer viruses. 
In order to prevent damage to personal information, data are frequently backed up, and users' personal information or data are kept from being leaked or damaged by applying the latest anti-virus program, and safe personal information transmission is secured through encrypted communication, etc. In addition, an intrusion prevention system is in place to restrict unauthorized access from outside, and all possible technical devices are furnished to secure systemic security.
•Minimize engaged staff and training  
The Company's personal information processing staff is limited to the person in charge, and a separate password is assigned for this to be updated regularly. Compliance with the Privacy Policy is always emphasized through periodic training for the person in charge.
•Operation of personal information protection agency  
Through the in-house personal information protection agency, etc., we are making efforts to immediately correct and rectify any problems by checking the compliance of the Privacy Policy and the person in charge. However, the Company is not responsible for any problems caused by the leakage of personal information due to the user's carelessness or internet problems.

10. Contact details of Privacy Officer and Responsible Manager
You can report all complaints related to personal information protection arising out of using the Company's services to the person in charge of personal information management or the department in charge.
We assure you that the Company will provide prompt and sufficient answers to your reports.
•Privacy Officer: KyungAh Kim
Telephone number : 82 31 8092 3280
Email address : Kyungah.kim@bridgebiorx.com 
•Responsible Manager: Joengbin Ahn
Telephone number : 82 31 8092 3285
Email address : joengbin.ahn@bridgebiorx.com
If you need to report or consult about other personal information infringement, please contact the following organizations.
Personal Information Infringement Report Center: http://privacy.kisa.or.kr
Contact : 02.405.5118
Information Protection Mark Certification Committee: www.eprivacy.or.kr
Contact : 02.580.0533~4
National Police Agency Cyber Security Bureau: www.ctrc.go.kr
Contact : 02.3150.2659

11. Miscellaneous
Please note that the Privacy Policy does not apply to collection of personal information by websites linked in the Company webpage

12. Obligation for Notification
Any addition, deletion or revision of the current Privacy Policy shall be notified via the ‘Notices’ in the webpage at least 7 days before the effective date. 
  

Date of Notification: 2021.01.29
Date of Enforcement: 2021.01.29