Confrontier Co., Ltd. (the “Company”) operates the K-Medical Service platform (“www.kmedicalservice.com”, the “Service”) and complies with applicable data protection laws, including the Personal Information Protection Act of Korea. The Company establishes and discloses this Privacy Policy to protect users’ personal information.
1. Purpose of Processing Personal Information
The Company processes personal information for the following purposes only:
- Verification of user identity and intent to register
- Membership management and service provision
- Provision of personal information to partner clinics and affiliated companies for service delivery
- Payment processing, settlement, and delivery of goods or services
- Customer support and complaint handling
2. Personal Information Collected
- Required: Email address (Login ID), Name, Nationality
- Automatically collected: Cookies, access logs, and service usage data
3. Retention and Processing Period
Personal information is retained and used for the period agreed upon by the user or as required by applicable laws. Member information is retained until membership withdrawal and destroyed without delay thereafter. Where required by law, information may be retained for the legally mandated period.
Users may refuse consent; however, refusal may limit service use.
4. Provision of Personal Information to Third Parties
The Company may provide personal information to third parties only with user consent.
- Recipients: Partner clinics and affiliated companies
- Data provided: Minimum information necessary for service provision
- Purpose: Medical and related service delivery
5. Rights of Users
Users may request access to personal information, request correction or deletion, and request suspension of processing at any time. Requests may be submitted via email or written request, and the Company will respond promptly.
6. Destruction of Personal Information
Personal information is destroyed without delay once the retention period expires or the processing purpose is achieved. Electronic files are permanently deleted, and paper documents are shredded or incinerated.
7. Cookies
The Service may use cookies to improve user experience. Users may refuse cookies through browser settings.
8. Data Protection Officer
Name: Younwoo Jung
Title: Manager
Phone: +82-2-561-1077
Email: info@confrontier.com
Address: 3F, 23, Nonhyeon-ro 26-gil, Gangnam-gu, Seoul, 06302, Korea
9. Changes to This Policy
This Privacy Policy is effective as of May 1, 2026. Any changes will be announced at least 7 days prior to implementation.
10. Security Measures
The Company implements administrative, technical, and physical safeguards in accordance with Article 29 of the Personal Information Protection Act.
11. GDPR Additional Notice (For EU Residents)
If you are located in the European Economic Area (EEA), the following provisions apply. The legal basis for processing includes user consent, performance of a contract, and compliance with legal obligations.
User rights under GDPR include the right to access, rectification, erasure (“Right to be forgotten”), restriction of processing, data portability, and objection. Personal data may be transferred outside the EEA, including to South Korea, with appropriate safeguards in place. Users may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
Processing of Sensitive Personal Information
The Company may process sensitive personal information pursuant to Article 23 of the Personal Information Protection Act of Korea for the purpose of providing medical services.
- Items processed: Health information, medical consultation records, treatment and procedure-related information, and other related data
- Purpose of processing: Medical consultation, referral to partner hospitals or clinics, and provision of medical services
- Legal basis: Explicit consent of the data subject
- Retention period: Until the purpose of processing is achieved or for the period required by applicable laws and regulations
The Company applies security measures that meet or exceed the standards required by applicable laws when processing sensitive personal information.
