Article 1 (Purposes of Personal Information Processing)
The Company processes personal information for the following purposes. The personal information is not used for any other purposes. In case of any change in the purposes, the Company will take the required actions, including obtaining consent under Article 18 of the Personal Information Protection Act.
1. Confirming personal identification and real name for the use of the services
2. Securing communication channels to deliver medical information related to the products and conducting follow-up surveys regarding the administration of the products
3. Processing consumer complaints
4. Improving product R&D
Article 2 (Processing and Retention Period of Personal Information)
① The Company processes and retains personal information in accordance with the period of retention and use specified by the relevant laws and regulations or the period of retention and use consented by information subjects at the time of collecting their personal information.
② The processing and retention periods of personal information items are as follows.
1. Personal identification and real name confirmation for the use of the services: 3 years
2. Records of consumer complaints and dispute resolution: 5 years from the end date of the dispute resolution
3. Medical information related to the products and cases related to the administration of the products: 5 years
4. Product R&D and improvement: Until the achievement of the objectives (for this purpose, after 5 years, the Company retains only abstract information that cannot be used to identify individuals)
Article 3 (Outsourcing of Personal Information Processing)
① To facilitate the processing of personal information, the Company outsources the related tasks as follows.
개인정보처리 취탁 업체 폼
Medipana, KeyDoc, and Crenor Healthcom
Services related to online symposiums
BMM, SPCom, and GH Korea
Services related to off-line symposiums
Services related to information systems
* The list of outsourced companies may be revised from time to time. You can find the information regarding outsourced tasks in your Personal Information Collection and Use Consent Form and other sources.
② In accordance with Personal Information Protection Act, when entering into an outsourcing agreement, the Company includes provisions on the prohibition of personal information for purposes other than the performance of the outsourced works, technical and administrative protection, restriction of sub-outsourcing, supervision of outsourced companies, and liabilities for damages and other matters in the agreement and other related documents, and supervises the outsourced companies to ensure secure processing of personal information.
Article 4(Rights and Obligations of Information Subjects)
① An information subject may exercise the following rights regarding the protection of personal information at any time against the Company.
1. Request for access to personal information
2. Request for correction of errors, if any
3. Request for deletion
4. Request for the suspension of processing
② An information subject may exercise the rights specified in Paragraph (1) above using Attached Form No. 8 of the Enforcement Rules of the Personal Information Protection Act, via written documents, email, or fax. In such cases, the Company will promptly take the required actions.
③ In case of a request for the correction or deletion of personal information from an information subject, the Company does not use or disclose the relevant personal information until the correction or deletion is complete.
④ An information subject may exercise the rights under Paragraph (1) through his/her legal representative or any other person authorized by the subject, in which case the information subject should submit a letter of authorization using Attached Form No. 11 of the Enforcement Rules of the Personal Information Protection Act.
Article 5 (Personal Information Items Processed By the Company)
The Company processes the following personal information items.
1. Personal identification and provision of product services:
names, telephone numbers, email addresses, and occupations
2. Other information items that may be automatically generated and collected during service use on the Internet:
IP addresses, cookies, MAC addresses, service use records, visit records, and records of improper use
Article 6 (Disposal of Personal Information)
① In cases where a retention period of personal information expires or the personal information is otherwise rendered unnecessary by reasons including the achievement of the purpose of processing, the Company promptly disposes of the personal information.
② In cases where the Company is required by a relevant law or regulation to retain personal information past the retention period consented by the information subject or the purpose of processing has been achieved, the Company retains the personal information by transferring it to a separate database or changing the storage location.
③ The Company disposes of personal information as follows.
The Company selects the personal information to be disposed of and disposes of the personal information after obtaining
approval from the Personal Information Protection Officer.
The Company disposes of personal information recorded and stored in electronic files by deleting the files beyond restoration,
and personal information recorded and stored in paper documents by shredding or incinerating the documents.
Article 7 (Installation and Operation of Automatic Personal Information Collection Devices)
① To facilitate the operation of the Company’s website, the Company uses “cookies” that store and loads user information.
② Cookies are small bits of information sent from the website’s server to the browsers in users’ computers. Some of them are stored in the user’s hard disk drive.
1. Purpose of use: Collection of information on the services and websites visited by users for the stable operation of the website
2. Cookie Installation, Use, and Refusal: You can refuse to store cookies by changing the setting at the Tools > Internet Option >
Personal Information menu on the top of the web browser screen.
3. Your refusal to store cookies does not disadvantageously affect your use of the website.
Article 8 (Measures for Security of Personal Information)
The Company takes the following measures to keep personal information secure.
1. Administrative measures: Establishment/implementation of internal management plans, regular training of employees, etc.
2. Technical measures: Management of access to systems processing personal information, installation of access control systems, encryption of identifiable information, installation of security programs, etc.
3. Physical measures: Access control to computer rooms and data storage rooms
Article 9 (Personal Information Protection Officer)
① The Company has appointed the following persons as its Personal Information Protection Officer for the coordination of all tasks related to the processing of personal information, addressing information subjects’ complaints regarding the processing of personal information, and providing remedies for damages.
Name: Director Moon Byung-gwan, Position: Operation Support
Contact information: 043-717-7000, IT@celltrionph.com
② Please contact the Personal Information Protection Officer for any question, complaint, and remedy related to personal information during the use of the Company’s services. The Company will promptly respond to and process your inquiry.