Privacy Policy

The privacy policy is effective March 5, 2024.

AIDOT Inc. (hereinafter "AIDOT") processes and safely manages personal information legally in compliance with the Personal Information Protection Act and related laws and regulations to protect the freedom and rights of information subjects. In accordance with Article 30 of the Personal Information Protection Act and related laws and regulations, we inform the information subject of the procedures and standards for processing personal information. We have established and disclosed our privacy policy as follows so that we can handle complaints quickly and smoothly.

Article 1 Purpose of processing personal information

1.      AIDOT processes personal information for the following purposes. Personal information will not be used for any purpose other than the following. If the purpose of use changes, we will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

①     Homepage inquiries: Responding to inquiries about products and services, customer support, and site usage

②     Clinical activities: Conducting medical research and development work, such as selecting consulting physicians for clinical activities and conducting clinical activities

③     Recruitment: Recruiting employees

Article 2 Items and methods of processing personal information

1.      “AIDOT” processes the following personal information items.

①     contact through the homepage: name, email address, phone number

②     clinical organization and clinical professional’s name, date of birth, contact number, email, work address, major and position, education and experience

③     applicant's resume description

2.      “AIDOT” collects personal information in the following methods.

①     receiving inquiries through the website

②     collecting through expert utilization and consulting contracts related to the conduct of clinical trials

③     collecting through job applications (written submissions) from applicants

3.      AIDOT has established a procedure for the information subject to select "agree" or "disagree" about AIDOT’s personal information collection and use agreement or each of the terms of use. If user selects "Agree", we will assume that user has consented to the collection of the personal information.

Article 3 Retention and use period of personal information

1.      AIDOT processes and retains personal information within the personal information retention and use period agreed upon when collecting personal information from the information subject (user). Once the purpose of collection and use has been fulfilled, we will destroy the information without delay.

2.      However, if personal information is required to be retained for a certain period of time by law, we will retain personal information for that period of time. Pseudonymized medical data is used for scientific research purposes and is retained and used until the end of the research.

3.      The processing period and retention period of each personal information is as follows.

①     personal information collected when inquiring on the website: until 3 years after customer inquiry

②     personal information agreed to be provided in clinical activities: until the agreed period

③     job application resumes and personnel record cards: until the period agreed upon during internal procedures (however, if not hired, until 3 years after the end of the recruitment process)

Article 4 Destruction procedures and methods of personal information

1. AIDOT destroyies the personal information without delay when it becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the purpose of processing.

2.     The process and methods for destroying personal information are as follows

ㆍ     Destruction procedure: Select the personal information for which the reason for destruction has occurred, and destroy it without delay within 5 days after the purpose of processing is achieved, unless other laws and regulations require the retention of personal information.

ㆍ     Destruction method: Personal information recorded and stored in the form of electronic files is destroyed by using a technical method that makes it impossible to reproduce the record, and personal information recorded and stored in paper documents is destroyed by shredding or incineration.

3.     If personal information retention period agreed to by the information subject has expired or the purpose of processing has been achieved, but the personal information have to continue to be retained in accordance with other laws and regulations, the personal information is transferred to a separate database(DB) or preserved in a different storage location.

Article 5 Provision of personal information to third parties

1. “AIDOT” provides personal information to third parties only in cases falling under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the information subject and special provisions of the law. However, we may provide personal information to third parties in the following cases.

①     when separate consent is obtained from the information subject

②     In cases where the company cannot fulfill its duties prescribed by other laws unless it uses personal information for purposes other than its purpose or provides it to a third party, after deliberation and resolution by the Protection Committee.

③     In accordance with the provisions of laws and regulations or upon request of investigation agencies for the purpose of investigation.

2. If we provide personal information to third parties, we will inform user to the following items and obtain user’s consent.

①     the person to whom personal information is provided

②     purpose of use of personal information (if provided, it means the recipient’s the purpose of use)

③     items of personal information to be used or provided

④     period of retention and use of personal information (if provided, it means the recipient’s period of retention and use)

⑤     the fact that user has the right to refuse consent and, if there are any disadvantages for refusing consent, the content of the disadvantages.

Article 6 Consignment of personal information processing

This website does not entrust the processing of personal information.

However, if AIDOT entrusts a third party to process personal information, the details of the entrusted work and the entrustee will be posted on the service homepage.

Article 7 Rights and obligations of the information subject and legal representative and how to exercise them

1. The information subject(user) may exercise the right about personal information preserved in AIDOT whenever user may open, revise, delete, request to suspend processing etc. However, the exercise of the rights may be limited by obligations under applicable laws and regulations.

ㆍ     request open to personal information

ㆍ     request correction of errors, etc.

ㆍ     request for deletion

ㆍ     request to suspend processing

ㆍ     exercise consent withdrawal right

2.     The exercise of the rights under Paragraph 1 may be made through telephone contact or e-mail in accordance with Article 41 Paragraph 1 of the Enforcement Decree. If users fill out a request for access to personal information in accordance with the form in Appendix 8 of the Enforcement Regulations of the Personal Information Protection Act. The users contact us at the email or number listed below, their personal information will be deleted immediately through the identification process, and AIDOT will take action without delay.

ㆍ     E-mail : marketing@aidot.ai

ㆍ     Contact number : 02-6497-8800

3.     If the information subject requests the correction or deletion of errors in personal information, AIDOT will not use or provide the personal information until the correction or deletion is completed.

4.      The exercise of the rights under Paragraph 1 may be made through a representative, such as the legal representative or authorized person of the information subject. In this case, you need to submit a power of attorney (Annex 11 to the Notification of the Processing of Personal Information (No. 2023-12)).

5.      The rights of the information subject may be limited by Article 35 (4) and Article 37 (2) of the Personal Information Protection Act when requesting to view and suspend the processing of personal information.

6.      A request for correction or deletion of personal information may not be made if the personal information is subject to collection under other laws.

7.     AIDOT verifies whether the person making the request, such as a request for access, correction, deletion, or suspension of processing in accordance with the rights of the information subject, is the person or an authorized representative.

Article 8 Measures to ensure the safety of personal information

“AIDOT” takes the following measures to ensure the safety of personal information

1.     Administrative measures

ㆍ    We establish and implement an internal management plan to safely manage personal information.

ㆍ    We minimize the number of people who have access to key personal information such as unique identification information and sensitive information.

ㆍ    We provide regular training on personal information protection, and thoroughly manage and supervise to ensure compliance with laws and regulations on personal information protection.

2.     Technical measures

ㆍ    We encrypt key personal information and manage access rights differentially so that only those who need it for business purposes can access it.

ㆍ    We operate a server access control system and access record forgery/alteration prevention device to block access by unauthorized persons and respond to external intrusions such as hacking.

ㆍ    We install security programs to prevent unauthorized transmission of personal information to the outside world.

ㆍ    Personal information is transmitted securely by encrypting the transmission section of personal information.

3.     Physical Measures

ㆍ    We take protective measures to prevent physical access, such as locks, to safely store personal information processing systems.

ㆍ    We operate protected areas such as computer rooms and data storage rooms to control access.

Article 9 Chief privacy officer

“AIDOT” is responsible for the processing of personal information in general, and designates chief privacy officer as follows to handle complaints and damage relief of information subjects related to the processing of personal information. You can inquire about all personal information protection-related inquiries, complaints, damage relief, etc. that occurred while using the service (or business) of "AIDOT" to the chief privacy officer and the department in charge, and "AIDOT" will respond and process your inquiries without delay.

Chief privacy officer

-       Name : Kim deokyeol

-       Department / Job Title : Business Planning and Strategy / Director

-       Contact : marketing@aidot.ai

Article 10 Purpose of automatic collection of personal information and refusal of collection

"AIDOT" does not use 'cookies' that store and retrieve user's information from time to time.

Article 11 Remedies for infringement of the rights and interests of the information subject

The information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency Personal Information Infringement Report Center, etc. to receive relief due to personal information infringement. Please contact the following organizations to report or consult about other personal information infringements.

①     Personal Information Dispute Mediation Committee (without area code) 1833-6972 (www.kopico.go.kr)

②     Personal Information Infringement Report Center (without area code) 118 (privacy.kisa.or.kr)

③     Supreme Prosecutor’s Office (without area code) 1301 (www.spo.go.kr)

④     National Police Agency (without area code) 182 (ecrm.cyber.go.kr/minwon/main)

A person whose rights or interests have been infringed by an action or omission taken by the head of a public institution may file an administrative appeal as prescribed by the Administrative Appeals Act for requests under the provisions of Articles 35 (Access to Personal Information), 36 (Correction and Deletion of Personal Information), and 37 (Suspension of Processing Personal Information) of the Personal Information Protection Act

Article 12 Changes to the Privacy Policy

This Privacy Policy is effective as of March 5, 2024. The following changes have been made from the previous Privacy Policy