Policy

Privacy Policy

Cube Seventeen Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses the privacy policy as follows to protect the personal information of the data subject in accordance with Article 30 of the Personal Information Protection Act and to promptly and smoothly address related grievances.

1. Personal information refers to information about a living individual that can identify the person through symbols, characters, voice, sound, images, biological characteristics, etc., including but not limited to, names, resident registration numbers, and, in cases where an individual cannot be identified solely by the information in question, information that, when easily combined with other data, enables the identification of a specific individual.

2. This privacy policy is always made readily available on the homepage for customers to easily access.

3. The company informs customers through this policy about the purposes and methods of the utilization of their personal information, as well as the measures taken for personal information protection.

4. The company notifies any revisions to the privacy policy through the website notice (or individual notice).

1. Purpose of Personal Information Processing.

The company processes personal information for the following purposes. The processed personal information will not be used for purposes other than those stated below, and if the purpose of use changes, the company will take necessary measures, including obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1.1 Member registration and management

Personal information is processed for the purpose of confirming the intention of membership registration, verifying and authenticating corporate entities according to the provision of membership services, maintaining and managing member qualifications, preventing misuse of services, providing various notices, handling complaints, and notifications.

1.2 Provision of goods or services

Personal information is processed for the purpose of delivering goods, receiving prosthetic manufacturing orders (hospital), requesting prosthetic manufacturing orders (dental laboratory), sending contracts and invoices, providing customized dashboard services, identity verification, fee payment and settlement, debt collection, and other related purposes.

1.3 AI research and development

Personal information is processed for the purpose of distinguishing differences in oral scan data based on the age and gender of the data subject, developing a diagnostic model for the presence of oral health information using oral scan data, and for the purpose of dental morphology studies.

2. Processing and Retention Period of Personal Information.

  • <The name of the personal information processor >processes and retains personal information within the period allowed by law or within the agreed-upon period when collecting personal information from the data subject.li>
  • The respective processing and retention periods for each type of personal information are as follows:

2.1 Membership registration and management on the website: Until the withdrawal from the business/organization's website. However, in cases that fall under the following reasons, until the termination of the relevant reason.

  1. Legal Basis: Article 21 of the Personal Information Protection Act
  2. Personal information items retained: Gender, year of birth
  3. <Exceptional circumstances> At the time < Retention period > Until

2.2 Provision of goods or services: Until the completion of the supply of goods/services and the completion of fee payment settlement. However, in cases that fall under the following reasons, until the termination of the relevant reason.

  1. Records related to indication, advertising, contract content, and transaction performance, pursuant to the "Act on Consumer Protection in Electronic Commerce, Etc."
    1. - Records related to indication and advertising: 6 months
    2. - Records of contracts or withdrawal of subscription, payment of fees, supply of goods, etc.: 5 years
    3. - Records related to consumer complaints or dispute resolution: 3 years
  2. Retention of telecommunications data confirmation materials in accordance with the "Telecommunications Privacy Protection Act."
    1. - Subscriber's electronic communication date and time, start/end time, counterparty subscriber number, usage frequency, and location tracking data of the originating base station: 1 year
    2. - Computer communication, internet log records, and access location tracking data: 3 months
  3. <Legal basis and articles for the retention period of personal information> : < Retention period>
  4. Retention of dental prosthetic manufacturing request forms in accordance with the "Medical Technicians Act, Etc."
    1. - Record of dental prosthetic manufacturing request forms: 2 years

2.3 Items of personal information being processed:

  1. The company processes personal information items as indicated in the table below:
Processing purposes Mandatory items Optional items
Membership registration and management Corporate name, representative name, address, phone number, email address, medical license number
Provision of goods or services Name (hospital name), date of birth, address, phone number, email address, bank account information, credit card number Name (patient name), oral scan images, SHADE files, dental X-ray/CT images
AI research and development Year of birth, gender, 3D oral scan image data Information on dental conditions, dental X-ray/CT images

3. Processing of personal information and the artificial intelligence development process

  1. When using prosthetic manufacturing services and providing the manufactured prosthetic to the patient, the dental hospital provides the patient information written on the order form at the dental hospital to the dental laboratory for the purpose of verifying the patient's identity.
  2. The patient information entered during the request includes only the name, date of birth, and gender, and does not include sensitive information such as phone numbers or resident registration numbers.
  3. The data provided by the dental clinic (oral scan data, dental disease data, patient data) is processed by removing personal information, excluding gender/age group information necessary for statistical research. The processed and refined data is then used for training artificial intelligence models for tooth shape separation and disease diagnosis.
  4. The trained model can be used to distinguish teeth in oral scan data and build a tooth library. It can also predict diseases for each tooth, providing auxiliary diagnostic information for hospital treatment during clinical diagnosis.

1. The data subject has the right to request access, correction, deletion, or suspension of processing of personal information from the company at any time.

2. The exercise of rights under paragraph 1 can be made in writing, by electronic mail, facsimile transmission (FAX), etc., in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act. The company will take prompt action in response to such requests.

3. The exercise of rights under paragraph 1 can be done through a legal representative of the data subject or a delegate. In this case, a power of attorney according to the format provided in Attachment 11 of the "Guidelines on Personal Information Processing Methods (No. 2020-7)" must be submitted.

4. The right of access to personal information and the request for suspension of processing may be restricted under Article 35, Paragraph 4, and Article 37, Paragraph 2 of the "Personal Information Protection Act."

5. Requests for correction and deletion of personal information cannot be demanded if the collection of such information is specified as a collection target under other laws.

6. The company verifies whether the person making requests for access, correction, deletion, or suspension of processing under the rights of the data subject is the data subject themselves or a legitimate representative.

1. When personal information becomes unnecessary, such as when the personal information retention period has passed or the purpose of processing has been achieved, the company destroys the relevant personal information without delay.

2. In cases where personal information must continue to be preserved pursuant to other laws and regulations despite the expiration of the personal information retention period consented to by the information subject or the purpose of processing has been achieved, Personal information is transferred to a separate database (DB) or stored in a different storage location.

  1. Legal basis: Article 21 of the Personal Information Protection Act
  2. Personal information items to be preserved: gender, year of birth

3. The procedures and methods for destroying personal information are as follows.

    Destruction Procedure

  1. The company selects the personal information that requires destruction and destroys the personal information with the approval of the company's personal information protection manager.

    2. Destruction method

  2. The company shreds or incinerates personal information written in writing, and in the case of personal information stored electronically, uses technical methods to prevent the records from being reproduced. Use to delete.

Article 5 Measures to ensure the safety of personal information

The company is taking the following measures to ensure the safety of personal information.

1. Conducting regular self-audits
To ensure the stability of personal information processing, we conduct self-audits on a regular basis (quarterly).

2. Minimization and training of personal information processing staff
Specify employees who process personal information and minimize personal information processing by limiting it to the person in charge. We are implementing management measures.

3. Establishment and implementation of an internal management plan
We are establishing and implementing an internal management plan for the safe processing of personal information.

4. Technical measures against hacking, etc.
The company takes steps to prevent personal information from being leaked or damaged by hacking, computer viruses, etc. We install security programs, regularly update and inspect them, install systems in areas where access is controlled from the outside, and monitor and block them technically and physically.

5. Encryption of personal information
Your personal information is stored and managed in an encrypted manner, so only you can know it and it is important. For data, separate security functions are used, such as encrypting files and transmission data or using the file lock function.

6. Use of locking device for document security
Keep documents and auxiliary storage media containing personal information in a safe place with a locking device. there is.

7. Access control for unauthorized persons
Separate physical storage location where personal information is kept and access control procedures in place for it. Established and operated.

  1. The company is responsible for the overall processing of personal information, and for the handling of complaints and damage relief of the data subject related to the processing of personal information, the person in charge of personal information protection as follows It is specified.

    2. ▶ Personal Information Protection Officer

    1. Department Name: DDC Team
    2. Person in charge: Director Youngbin Choi
    3. Contact number: +82 70-8633-1165

    ※ You will be connected to the personal information protection department.

    ▶ Personal information protection department

    1. Department Name: DDC Team
    2. Person in charge: Senior Researcher Myeong-rok Lee
    3. Contact number: +82 70-8633-1165
  2. The information subject must contact the personal information protection manager for all personal information protection-related inquiries, complaint handling, damage relief, etc. that arise while using the company's services (or business). You can contact the responsible department. The company will respond and process inquiries from the information subject without delay.
Person who is entrusted (trustee) Consignment work Retention and use period
Mate Dental Laboratory Prosthetic design, dental prosthetic production using shaded images Until you leave the website
"Serek" Milling Center Prosthetic design, dental prosthetic production using shaded images Until you leave the website
  1. In order to smoothly process personal information, the company entrusts personal information processing as follows.
  2. When concluding a consignment contract, in accordance with Article 26 of the Personal Information Protection Act, the company prohibits the processing of personal information for purposes other than the purpose of performing the consignment, takes technical and managerial protection measures, limits re-entrustment, and imposes restrictions on the consignee. Matters related to responsibility, such as management, supervision, and compensation for damages, are specified in documents such as contracts, and we supervise whether the trustee handles personal information safely.
  3. If the details of the entrusted work or the trustee changes, we will disclose it through this personal information processing policy without delay.
  1. The information subject may request access to personal information pursuant to Article 35 of the Personal Information Protection Act to the department below.
  2. The company will strive to promptly process the information subject's request to view personal information.

▶ Personal information access request reception and processing department

  1. Department Name: Sales Team
  2. Contact person: Joo Kyung-don
  3. Contact: +82 70-8633-1140, kdjoo90@quve.kr

In order to receive relief from personal information infringement, the information subject may resolve disputes or consult with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency Personal Information Infringement Reporting Center, etc. You can apply for etc. For other personal information infringement reports and consultations, please contact the organizations below.

  1. Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
  2. Personal Information Infringement Reporting Center: (without area code) 118 (privacy.kisa.or.kr)
  3. Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr)
  4. National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)

In response to requests pursuant to the provisions of Article 35 (view of personal information), Article 36 (correction/deletion of personal information), and Article 37 (suspension of processing of personal information, etc.) of the Personal Information Protection Act A person whose rights or interests have been infringed upon by a disposition or omission by the head of a public institution may request an administrative trial in accordance with the Administrative Appeals Act.

※ For more information about administrative trials, please refer to the website of the Central Administrative Appeals Commission (www.simpan.go.kr).

The company's personal information processing policy is subject to additions, deletions and modifications of content in accordance with changes in government policy or security technology. We will notify you through “Notices”.

[Supplementary provisions]

This privacy policy is effective from January 1, 2021.