Privacy Policy
Privacy Policy
CJ Bioscience (hereinafter referred to as ‘the Company’ or “we”) values your privacy and protection of your personal information. This Privacy Policy explains how the Company collects, stores, uses, shares, transfers, deletes, and processes information collected from or about you (“Personal Information”) by the Company. The Company strictly adheres to the Personal Information Protection Act and other applicable domestic laws related to personal information protection in the operation of the Ezbiome.app service.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.
By using our service, you hereby consent to our Privacy Policy and agree to its terms. Please be aware that if you do not provide us with your Personal Information, certain services may be unavailable to you.
Personal Information We Collect
When you register on our website to utilize the services offered, the Company may ask for your contact information, including but not limited to items such as, name, email address, institution name, role, job title, and country.
Collection of Personal Information
The Company uses collected Personal Information solely for the following purposes, member management, service development/provision and improvement, and creating a safe internet usage environment, including to:
Confirm a user’s intention to register or leave Ezbiome.app, primarily for member management purposes
Provide, operate, and maintain our website
Understand and analyze how you use our website
Convey changes to terms and conditions, announcements, updates, provide responses to inquiries or questions about service usage, and handle complaints for service operation
Communicate with you, either directly or through one of our partners, including for customer service, to provide you with event information and participation opportunities, as well as for marketing and promotional purposes
Find and prevent fraud
Provision and Delegation of Personal Information to Third Parties
As a principle, the Company does not provide Personal Information externally without the user’s consent. However, Personal Information may be provided to third parties in the following cases:
When consent is obtained from the user
When there are special provisions in law
When the information subject or legal representative is unable to express their intent, or when it’s impossible to obtain prior consent due to reasons such as unknown addresses, and it’s clearly recognized as necessary for the urgent life, bodily, or property interests of the information subject or a third party
The Company entrusts the processing of Personal Information to Amazon Web Services (AWS) in order to provide service stability and the latest technology to users. AWS does not have access to the user’s Personal Information and does not independently use or share the user’s Personal Information under any circumstances.
| Entrusted Company | Contents of Entrusted Tasks | Personal Information Retention & Usage Period |
|---|---|---|
Amazon Web Services Inc. | Retention of Personal Information Collected During Membership Registration and Service Use | Until the time of member withdrawal or the end of the entrusted contract |
Disposal of Personal Information
As a principle, the Company promptly destroys user’s Personal Information when the user withdraws from our website service or as long as needed for the specific business purpose or purposes for which it was collected. However, if separate consent is obtained from the user for the retention period of Personal Information, or if the law imposes an obligation to keep the information for a certain period, the Personal Information will be securely stored for that period. Whenever possible, we aim to anonymize the information or remove unnecessary identifiers from records that we may need to keep for periods beyond the specified retention period.
Act on the Consumer Protection in Electronic Commerce, Etc.
Records regarding the contract or subscription withdrawal, etc. : Stored for 5 years
Records regarding the payment and supply of goods, etc. : Stored for 5 years
Records regarding the consumer complaints or dispute settlement : Stored for 3 years
Protection of Communications Secrets Act
Login information : 3 months
The Company destroys Personal Information for which the collection and usage purpose has been achieved, such as upon member withdrawal and the expiration of the personal information retention period consented to by the user, in a way that it cannot be recovered or reproduced.
Personal Information that is recorded or stored in electronic file format is safely deleted using technical methods to prevent recovery or reproduction, and physical copies, such as printouts, are destroyed by methods like shredding or incineration.
Rights and methods of exercise for users and legal guardians
You may inquire, modify, or delete your Personal Information at any time, and you may request access to your Personal Information.
You may request to suspend the processing of Personal Information at any time, and may refuse to suspend processing in certain cases as stipulated by law.
You may withdraw your consent for the collection and use of Personal Information at any time through ‘membership withdrawal’.
For children, we encourage parents and legal guardians to observe, participate in, and/or monitor and guide your children’s online activity. Parents and legal guardians of such minor may view, modify, or delete the child’s personal information, request to suspend its processing, and withdraw consent for its collection and use. We do not knowingly collect, maintain, disclose, or otherwise process Personal Information from minors below the age of 14 without the permission of such minor’s parents or legal guardians. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Measures to ensure the security of Personal Information
The company is doing its utmost to manage users’ Personal Information securely and is protecting Personal Information beyond the level required by the Personal Information Protection Act.
We have established and implemented an internal management plan for personal information protection.
We have established an internal management plan for personal information, which includes the designation of a personal information protection officer, the composition and operation of a personal information protection organization, etc., and we check whether the internal management plan is being implemented properly every year.
We have taken measures to control access to personal information and limit access rights.
Through the granting, changing, and deletion of access rights to the personal information processing system, we take necessary measures to control access to personal information, and we use an intrusion prevention system to control unauthorized access from the outside.
We have taken measures to keep access records of personal information and prevent forgery and alteration.
We keep and manage the record of access to the personal information processing system for at least 1 year and manage it to prevent the access record from being forged, altered, stolen, or lost.
We have taken encryption measures to securely store and transmit personal information.
Personal information required by law to be encrypted is stored in an encrypted form. Also, we securely send and receive personal information over the network through encrypted communications.
We install and update security software for personal information.
To prevent leakage and damage of personal information by hacking or computer viruses, etc., we install security software and update and check it regularly.
Information regarding the Personal Information Protection Officer and Manager
If you have questions or comments about this Privacy Policy or ahow your Personal Information is processed, please contact the relevant person listed below. We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. We may, after receiving your request, require additional information from you to honor the request and verify your identity. Please be aware that we may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so.
Personal Information Protection Officer
Name: Choi ImJae
Affiliation: Business Support Office
Contact: 02-6078-3488
Email: bs.privacy@cj.net
Personal Information Protection Manager
Name: Yun Byungwook
Affiliation: BIO DP) IT Team
Contact: 02-6078-3488
Email: bs.privacy@cj.net
Duty to Notify Before Revision
We reserve the right to change this Privacy Policy from time to time. We will alert you when changes have been made by indicating the date this Privacy Policy last updated as the date the Privacy Policy became effective or as otherwise may be required by law. It is recommended that you periodically revisit this Privacy Policy to learn of any changes.
Transfer of Personal Information across national borders
Please be aware that Personal Information we collect and process may be transferred and maintained outside your state, province, country, or other jurisdiction where the privacy laws may not be as protective as those in your location, including the United States. We have put in place lawful transfer mechanisms and adequate safeguards, in accordance with applicable legal requirements, to protect your Personal Information.
Last updated
