KKEUT Clinic (Anyang Beomgye) Privacy Policy (Effective: 2025-09-07) We protect your personal data and disclose the following policy. 1) Purposes - Booking and visit management (identity verification, visit history, notifications, payments/refunds) - Customer support and complaints handling - Service improvement, security, fraud prevention, statistics - (Optional) Marketing messages and event information 2) Items & Collection [Required] - Booking/visit: name, mobile number (E.164), booking info (date/time/treatments), device/access logs (IP, user agent) - Verification (per method): · Kakao Login: KakaoTalk nickname, legal name, mobile number, and (if needed) email address · SMS/Email OTP: mobile number or email address [Optional] - Messenger ID (KakaoTalk/LINE/WeChat/WhatsApp/Telegram), branch/interests, marketing opt-in [How] - Website forms (booking/inquiry/verification), Kakao consent screen, SMS/Email verification, phone 3) Retention - Payment/supply records: 5 years; Complaints/disputes: 3 years; Access logs: 6 months - OTP tokens/codes: retained briefly (e.g., 10 minutes–24 hours) then deleted - Information from Kakao: kept for booking/identity purposes and deleted when the purpose ends or legal periods expire 4) Provision to Third Parties No disclosure without consent unless required by law. (Kakao shares data with us only after you consent; we do not send your data to Kakao. You can unlink at any time.) 5) Your Rights Access/correction/deletion/restriction, withdrawal of consent, marketing opt-out, Kakao unlink. Contact: +82-2-6959-6080. We respond without undue delay after identity verification. 6) Cookies We may use cookies to analyze usage and provide tailored services. You can allow, block, or prompt for cookies in your browser; blocking may limit some features. 7) Cross-border Transfers Some infrastructure or verification/messaging systems may be located overseas. Necessary items may be transmitted securely in real time for verification, notifications, storage/backup, and service operation, and retained per Section 3. 8) Security Measures (per Korean PIPA Art.29) - Regular internal audits (at least annually) - Minimization of authorized staff and regular training - Internal management plan in place and enforced - Technical safeguards against hacking/malware; updates and monitoring; network access controls - Encryption: sensitive data encrypted at rest; TLS in transit - Access control: grant/change/revoke permissions, log management, intrusion prevention 9) Data Protection Officer Jang Seunghan, Min Kyunguk / +82-2-6959-6080 10) Refusal of Consent Without essential items, booking and identity verification may be limited. 11) Information received via Kakao Login (for review) With your consent, Kakao shares with us: KakaoTalk nickname, legal name, mobile number, and (optional) email address. Used only for booking identity/notifications/fraud prevention and deleted per this policy. You can unlink anytime.