top of page

privacy policy

Bredis Healthcare Co., Ltd. complies with personal information protection regulations under relevant laws and regulations, including the Personal Information Protection Act, and its Privacy Policy is as follows.

 

This Privacy Policy takes effect on the date of implementation. Any additions, deletions, or amendments made in accordance with laws, regulations, or the policy will be notified through announcements on the website (or individual notices).​

 

​​

 

Article 1. Purpose of Personal Information Processing

The Company processes personal information for the following purposes. Processed personal information will not be used for any purpose other than those listed below. If the purpose of use changes, the Company will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the “Personal Information Protection Act.”

 

<Purpose of Processing>

a. Responding to and handling customer inquiries: regarding services, products, academic conferences, recruitment, etc.

 

 

Article 2. Period of Processing and Retention of Personal Information

Personal information is processed and retained within the period specified by law or within the period agreed upon by the data subject at the time of collection.

The specific periods for processing and retention of each type of personal information are as follows.

 

a. Customer inquiries: 3 years

 

 

Article 3. Matters Concerning the Provision of Personal Information to Third Parties

The Company does not provide users’ personal information to external parties. However, in the following cases, personal information may be provided to relevant authorities without the data subject’s consent.

 

When required by law, or when there is a request from an investigative agency in accordance with the procedures and methods prescribed by law for investigative purposes

(Legal Basis: Article 17(1)(2), Article 15(1)(2), and Article 18(2)(2) of the “Personal Information Protection Act”)

 

 

Article 4. Matters Concerning the Outsourcing of Personal Information Processing

 

A. Website Outsourcing Provider: WIX

b. Recruitment Website Outsourcing: GREETING

 

When entering into an outsourcing contract, the Company specifies in the contract or other documents matters related to the prohibition of processing personal information for purposes other than the performance of outsourced duties, technical and administrative protective measures, restrictions on re-outsourcing, management and supervision of the contractor, and liability for damages, in accordance with Article 26 of the “Personal Information Protection Act.” The Company also supervises the contractor to ensure that personal information is processed securely.

Article 5. Matters Concerning the Rights and Obligations of Data Subjects and the Methods for Exercising Such Rights
 a. Data subjects may exercise the following rights related to the protection of personal information at any time with respect to the information held by the Company.
 1) Request to access personal information
 2) Request for correction if there are errors in personal information
 3) Request for deletion
 4) Request for suspension of processing
b. The rights described in subparagraph (a) may be exercised by submitting a written request for personal information (access, correction, deletion, suspension of processing) via mail, telephone, email, or fax.
 C. The rights described in Section A may be exercised through a representative, such as the data subject’s legal representative or an authorized agent. In such cases, a Power of Attorney for Personal Information Processing must be submitted.
 D. Requests for access to personal information and suspension of processing may be restricted pursuant to Article 35(5) and Article 37(2) of the Personal Information Protection Act.
 E. Requests for correction or deletion of personal information cannot be made if such information is explicitly designated as subject to collection under other laws or regulations.
F. We verify whether the person making a request for access, correction, deletion, or suspension of processing under the data subject’s rights is the data subject themselves or a legitimate representative.
<Request Form for Personal Information (Access, Correction, Deletion, Suspension of Processing)> <Power of Attorney for Personal Information Processing>

Article 6. Items of Personal Information Processed
 We collect only the minimum necessary personal information required to provide services, and the items of personal information collected are as follows.
 a. Required Items: Company information, job title, name, mobile phone number, email address
 b. When using external platforms: Information entered during the recruitment and product purchase stages is subject to the privacy policy of the relevant service provider (platform).

Article 7. Procedures and Methods for the Destruction of Personal Information
   The Company shall destroy personal information without delay when it is no longer necessary, such as upon the expiration of the retention period or the achievement of the processing purpose.
   If the retention period for personal information for which consent was obtained from the data subject has expired or the processing purpose has been achieved, but the information must be retained in accordance with Article 3, the Company shall transfer such personal information to a separate database (DB) or store it in a different location.
a. Destruction Procedure: Personal information for which grounds for destruction have arisen shall be destroyed upon approval by the Personal Information Protection Officer.
 b. Destruction Method: Personal information stored in electronic file format shall be deleted using technical methods that render the records irrecoverable, and personal information printed on paper shall be destroyed by shredding or incineration.

 

Article 8. Measures to Ensure the Security of Personal Information

The Company implements the following measures to ensure the security of personal information:

a. Administrative Measures: Establishment and implementation of internal management plans; regular employee training

b. Technical Measures: Management of access permissions to personal information processing systems; retention and review of access logs; installation and updating of security software; vulnerability assessments of personal information processing systems

c. Physical Measures: Access control for computer rooms, document storage facilities, etc.; CCTV systems, etc.

Article 9. Remedies for Infringement of Rights

Data subjects may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency (KISA) Personal Information Infringement Reporting Center, or other relevant bodies to seek redress for personal information infringements. For other reports or consultations regarding personal information infringements, please contact the following agencies.

A. Personal Information Dispute Mediation Committee: (Toll-free) 1833-6972 (www.kopico.go.kr)

B. Personal Information Infringement Reporting Center: (Toll-free) 118 (privacy.kisa.or.kr)

C. National Police Agency: (Toll-free) 182 (ecrm.police.go.kr)

Any person whose rights or interests have been infringed upon due to a disposition or omission by the head of a public agency in response to a request made pursuant to the provisions of Article 35 (Access to Personal Information), Article 36 (Correction and Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act may file an administrative appeal in accordance with the Administrative Appeal Act.

▶ Central Administrative Appeals Commission: (Toll-free) 110 (https://www.simpan.go.kr)

Article 10. Data Protection Officer

Data subjects may contact the Data Protection Officer regarding all matters related to personal information protection, including inquiries, complaint handling, and redress for damages arising from the use of the Company’s services.

a. Data Protection Officer

Name: Kim Hye-won

Department: Brand Communication

Contact (Email): hwkim@bredis.co.kr

Article 11. Changes to the Privacy Policy

This Privacy Policy is effective as of April 17, 2026. The previous Privacy Policy can be viewed below.

- Effective Date: April 17, 2026

(main)   Bredis Healthcare / Representative: Hwang Hyun-doo

Copyrights ⓒ 2023 Bredis Healthcare Inc. All Rights Reserved

Room 206, 57, Achasan-ro 17-gil, Seongdong-gu, Seoul

Business Registration Number | 441-86-02877

Contact | 02-6959-7657 Email | info@bredis.co.kr

privacy policy

bottom of page