Privacy Policy

Privacy Policy of Whanin Pharm Co., Ltd.

Whanin Pharm Co., Ltd. (hereinafter, ‘Company’) values personal information of the customers, and establishes and discloses the privacy policy as follows according to Article 30 of the Personal Information Protection Act, in order to protect personal information of the data subjects and to process relevant complaints in a prompt and smooth manner.

Article 1 (Purpose of the Personal Information Process)

The Company shall process personal information for the following purposes. The personal information under process shall not be used for purposes other than those set forth below, and in case of any change in the purpose, measures required according to Article 18 of the Personal Information Act such as obtaining separate consent, shall be carried out.

  • 1. Employment
  • 2. Consultation and advice
  • 3. Examination after clinic/release
  • 4. Product supply
  • 5. Processing of complaints

Article 2 (Period for the Process and Retention of Personal Information)

The Company shall process and retain personal information during the period for retention and use as set forth in the law or within the period for retention and use for which consent was obtained from the data subject upon the collection of personal information.

Article 3 (Provision of Personal Information to a Third Party)

The Company shall process personal information of data subjects within the scope set forth under Article 1 (Purpose of the Personal Information Process), and shall provide personal information to a third party only if consent is obtained from the data subject or based on special provisions in the law as set forth under Article 17 of the Personal Information Protection Act.

Article 4 (Outsourcing of the Personal Information Process)

  • ① In order to facilitate work process related to personal information, the Company has outsourced the processing of personal information as set forth below.
  • 1. Employment
    - Outsourced to (Outsourcee): LG Uplus Corp.
    Details of the outsourced work: Maintenance and management of homepage related to employment, etc.
  • ② According to Article 26 of the Personal Information Protection Act, the Company specifies prevention of personal information processing for purposes other than the purpose of outsourcing, technical and managerial safeguards of personal information, restriction of re-outsourcing, management and supervision of the outsourcee, compensation, etc. in the contract or relevant documents upon outsourcing, and supervises the outsourcee to ensure safe processing of the personal information by the outsourcee.
  • ③ In case of any change in the details of the outsourced work or the outsourcee, the Company shall promptly disclose the changes through this Privacy Policy.

Article 5 (Rights and Obligations of Data Subjects and Methods for Execution)

  • ① The data subject may, at any time, exercise the rights related to protection of personal information as set for the below to the Company.
  • 1. Request access to personal information
  • 2. Request for correction in case of any error
  • 3. Request for deletion
  • 4. Request for suspension of processing
  • ② The rights set forth under paragraph 1 can be exercised to the Company via document, telephone, email or fax, and the Company shall promptly take corresponding measures.

Article 6 (Processed Items of Personal Information)

The Company is processing personal information items as set forth below.

  • 1. Employment
    - name, nationality, address, contact, school, military service, work experience, other qualifications
  • 2. Product supply
    - name, telephone number, email
  • 3. Inquiry related to products, IR, report and employment
    - name, gender, age group, customer classification, email, cellphone number, address
  • 4. Alliance, cooperation, service
    - name, organization, email address, residing country/city, telephone number
  • 5. Consultation, advice
    - name, organization, date of birth, address, account number/copy of bank book, contact, email, fax number
  • 6. Examination after clinic/release (institution entrusted with and performing clinical test / responsible person for the research / information, consultation with respect to the examination subject)
    - name, date of birth, contact, email, company name/clinic category/address, major/position, details of school and work experience, license number, business registration number, account number, health information
  • 7. Personal information items set forth below may be created and collected automatically in the course of using internet service.
    - IP address, MAC address, visit record, bad usage record

Article 7 (Destruction of Personal Information)

  • ① The Company shall promptly destruct personal information in the event the personal information is no longer required due to expiration of the personal information retention period, satisfaction of the purpose for processing, etc.
  • ② In case personal information is required to be preserved according to other laws although the retention period consented by the data subject has expired or the purpose of processing is satisfied, the applicable personal information shall be moved to a separate database or preserved in a different storage location.
  • ③ Personal information shall be destroyed by Low Level Format or shredding, upon approval of the privacy officer of the Company

Article 8 (Measures to Ensure Security of Personal Information)

  • The Company takes following measures to ensure security of personal information.
  • 1. Managerial measures: establishment and performance of internal managing plans, periodic employee trainings, etc.
  • 2. Technical measures: manage access to personal information processing system, establish system to restrict access, encryption of personally identifiable information, installation of security program
  • 3. Physical measures: restrict access to computer room, data storage, etc.

Article 9 (Installation, Operation and Refusal of Devices to Automatically Collect Personal Information)

  • The Company does not use ‘cookies’ to store and reload usage information of the data subjects.

Article 10 (Privacy Officer)

The Company has designated a privacy officer to manage all operations related to processing of personal information.

  • ▶ Privacy officer
    Name: Yeon Chul Lee
    Position: Head of legal team
    Contact :<02-405-3013>, <>, <FAX 02-405-3188>
  • ▶ Department in charge of personal information protection
    Department: Legal
    Name: Min Jung Park
    Contact : <02-405-3014>, <>, <FAX 02-405-3188>

Article 11 (Request for Access to Personal Information)

The data subject may request for access to personal information according to Article 35 of the Personal Information Protection Act to the department set forth below.

  • ▶ Department for submission and processing of request for personal information access
    Department: HR and General Affairs
    Name: Manager Dong Gun Lee
    Contact : <02-405-3032>, <>, <FAX 02-405-3181>

Article 12 (Relief for Infringement of Rights)

The data subject may inquire for relief or consultation with respect to infringement of personal information to the institutions set forth below.

  • ▶ Personal Information Infringement Report Center : 118 (
  • ▶ Personal Information Dispute Mediation Committee: 1833-6972 (
  • ▶ Cyber Crime Investigation Department in the Supreme Prosecutor’s Office: 02-3480-3573 (
  • ▶ Korean National Police Agency Cyber Bureau: 182 (

Article 13 (Installation and Operation of Visual Data Processing Devices)

The Company has installed and is operating visual data processing devices as set forth below.

  • 1. Grounds and purpose for installation of visual data processing device: management of safety of the Company facility, fire prevention and security
  • 2. Record time, retention period and location, processing methods
    - Recording time: 24 hours
    - Retention period: 30 days from recording

Article 14 (Amendment of the Privacy Policy)

  • ① This privacy policy shall be effective as of September 29, 2020.
  • ② Prior versions of the privacy policy are available via the link set forth below.
  • - Applied from October 31, 2007 ~ September 28, 2020