English
Reservation Check / Change
Cart
Search Procedure
English
About UsLocationPrices / Events
Reservation Check / ChangeCartSearch Procedure

Privacy Policy

Privacy Policy

Sia Clinic (hereinafter referred to as “the Clinic”) values the protection of your personal information and complies with the Personal Information Protection Act.  
Through this Privacy Policy, the Clinic informs you of how your personal information is used and processed, and what measures are being taken to protect it.

1. Items and Methods of Personal Information Collection  
2. Purpose of Collection and Use of Personal Information  
3. Retention and Use Period of Personal Information, and Procedures and Methods for Destruction  
4. Installation and Operation of Automatic Data Collection Devices and How to Refuse Them  
5. Rights of Users and Their Legal Representatives and How to Exercise Them  
6. Withdrawal of Consent  
7. Provision and Entrustment of Personal Information  
8. Provision and Entrustment of Personal Information to Third Parties  
9. Personal Information Protection Officer  
10. Measures to Ensure the Security of Personal Information  
11. Obligation to Notify of Policy Changes  

1. Items and Methods of Personal Information Collection  
The Clinic collects only the minimum personal information necessary for service use during online membership registration and reservation.  
Essential information for medical treatment is collected through the creation of a medical card in accordance with the Medical Service Act, without separate consent.  
For additional services (such as marketing), a separate consent form for collection and use must be filled out. Refusal to provide such consent does not affect your ability to receive medical services.  

- Required items: Name, date of birth, gender, address, age, contact number, mobile number, email, clinic registration number, and service application status  
- Health information: Visit details, diagnosis details, prescription details, medical treatment information  
- Payment information: Card company name, card number, and card authorization information  

2. Purpose of Collection and Use of Personal Information  
(1) Required  
- Medical information: To provide medical services for diagnosis and treatment, as well as administrative services such as billing, payment, and refunds  
- Reservation information: To verify identity when making or checking medical reservations; to provide notifications, health information, and surveys via SMS or SNS  
- Other: For the analysis of visitor data to develop new services, for submitting base data for external examination requests, and for collecting consumer safety information under Article 52 of the Framework Act on Consumers  
Also, to restrict or sanction users who violate laws or clinic terms of service, prevent fraudulent use or identity theft, preserve records for dispute resolution, and handle complaints  

(2) Optional  
- Marketing and promotion: Delivering clinic news, procedure and event information, personalized advertising and marketing, and promotional information about cosmetics and other related products  

3. Retention and Use Period of Personal Information, and Procedures and Methods for Destruction  
[Retention and Use Period]  
- The Clinic retains collected personal information for the legally required period — 5 years for patient lists and 10 years for medical records — after which the data will be deleted from the database.  
- If there are remaining claims or obligations, the information will be retained until settlement.  
- Upon request from the provider of the information, personal data will be deleted immediately.  
However, even if the purpose of collection or provision has been achieved, data may still be retained if required by commercial law or other applicable legislation.  

* Records of consumer complaints or disputes: 3 years (Act on the Consumer Protection in Electronic Commerce)  
* Records related to credit information: 3 years (Credit Information Use and Protection Act)  
* Records related to identity verification: 6 months (Act on Promotion of Information and Communications Network Utilization and Information Protection)  

[Procedures and Methods for Destruction]  
- Procedure: Immediately destroy data after the statutory retention period expires.  
- Method: Personal data stored electronically will be permanently deleted using technical methods that prevent recovery; printed data will be shredded or incinerated.  
- Upon termination of a customer management service contract: The contractor must permanently delete all related files and database data within two weeks.  

4. Installation and Operation of Automatic Data Collection Devices and Refusal  
In addition to the above personal information, the Clinic’s services may recognize visitors through cookies, pixel tags, web beacons, and IP addresses for the following purposes.  
By using the Clinic’s website and services, you are deemed to have consented to the use of these technologies.  

Cookies are small text files sent to your web browser by a website or service provider that allow the system to recognize your browser and remember certain information.  
Pixel tags or web beacons are transparent graphic images placed in web pages or emails to verify page or image views, or to instruct the browser to display content from another server.  
IP addresses are online identifiers assigned to users’ devices by their internet service providers.  

Purposes:  
1. To remember content used during past visits and provide an improved user experience on future visits  
2. To analyze website traffic and usage patterns  
3. To analyze traffic in cooperation with third parties under contract, when necessary  
4. For personalized advertising and marketing  
5. To restrict or sanction users who violate laws or clinic terms, prevent fraudulent or harmful activity, preserve records for dispute resolution, and handle complaints  

Cookie Rejection Method:  
Example: You may configure your web browser to allow all cookies, confirm each time before storing, or block all cookies.  
Example (Internet Explorer): Tools > Internet Options > Privacy  
Note: Refusing cookies may result in limited functionality of some services.  

5. Rights of Users and Legal Representatives, and How to Exercise Them  
Reservations for minors are made through separate forms written in easy-to-understand language, and the consent of a legal representative is always required.  
To obtain this consent, the Clinic collects minimal information such as the legal representative’s name and contact details.  
Legal representatives may request access to, correction of, or deletion of a minor’s personal data.  
Such requests can be made via the member information edit page or by contacting the Personal Information Protection Officer by mail, phone, or fax.  
※ Personal information that must be retained by law cannot be modified or deleted during the statutory retention period.  

6. Withdrawal of Consent  
You may withdraw your consent to the collection, use, or provision of optional personal information at any time.  
To do so, contact the Personal Information Protection Officer by mail, phone, or fax. The Clinic will promptly delete your personal data and take necessary actions.  

7. Provision and Sharing of Personal Information  
The Clinic will not use or provide personal information beyond the notified purposes without your consent, except when required by law.  
- Submission of medical records to the Health Insurance Review & Assessment Service for medical cost claims under the National Health Insurance Act  
- Provision of anonymized data for statistical or academic research purposes  
- Submission in response to lawful requests from investigative agencies  

8. Provision and Entrustment of Personal Information to Third Parties  
The Clinic outsources certain operations such as online reservations and text message notifications, and ensures that personal data is safely managed through legally compliant contracts.  

Contractor: WaveCode Co., Ltd.  
Scope of Work: Website operation and management, database management and storage, clinic procedures and events, personalized advertising and marketing, cosmetics and promotional information delivery  
Retention and Use Period: Until the termination of the contract  

9. Personal Information Protection Officer  
Name: Woo Yeol Lee  
Position: Chief Director  
Organization: Sia Clinic  
Phone: +82 02-512-7117  

10. Measures to Ensure the Security of Personal Information  
The Clinic implements technical and administrative measures to protect users’ personal information, including firewalls and security systems.  
Access to personal data is restricted to authorized personnel only, and those employees receive regular security training.  
System users are assigned passwords, which are updated periodically.  

11. Obligation to Notify of Policy Changes  
This Privacy Policy was established on October 22, 2025.  
If there are additions, deletions, or modifications due to changes in laws, policies, or security technologies,  
the revised Privacy Policy and its reasons will be announced on the Clinic’s website at least seven days before implementation.  

Date of Notice: October 22, 2025  
Date of Enforcement: October 22, 2025