Privacy Policy

Purpose of Personal Information Processing and Collection Items

Our company (Carewokx Inc. {hereinafter 'the Company'}) collects and processes only the minimum personal information necessary for the smooth operation of our service (the CareWokx calendar application {hereinafter 'the Service'}).

Collection Items and Purpose

• Information related to social login: The Service uses social login and does not request any personal information that can identify a specific individual from the social login providers. However, if the provided information can be used alone or combined with other information to identify a specific individual, it may be considered personal information.

The following is the information that the Service requests from social login providers:

• Apple: Identifier value, email, nickname (In the case of Apple, a virtual email may also be provided.)
• Google: Identifier value, email, nickname, profile image
• Meta: Identifier value, email, nickname, profile image
• Email provided by social login: We use the email to send emails to the data subject only in the minimum cases deemed necessary for service operation.

Example: Regular updates on the status of personal information operations that must be notified.

• 'My name for the workplace': If a real name or a name equivalent to a real name is used as 'My name for the workplace,' it may be considered personal information if it can be combined with other information to identify a specific individual.

Processing and Retention Period of Personal Information

Social login information:

It is deleted immediately upon membership withdrawal or de-linking the social login.

Email provided by social login:

Processed in the same way as the social login information.

'My name for the workplace':

It is deleted immediately upon leaving a 'Workplace', deleting a 'Past Workplace', or withdrawing from membership.

Personal Information File Registration Status

The information corresponding to 1. Purpose of personal information processing and collection items, and 2. Processing and retention period of personal information (hereinafter '1., 2.') is stored on Google Cloud**(See Reference).

(For information on Google Cloud's security solutions, please refer to the reference on the last page.)

Provision of Personal Information to Third Parties

The Company provides personal information to third parties in the following cases, but does not provide the data subject's personal information to a third party beyond its original purpose, except in the applicable cases.

In cases where the data subject's consent has been obtained

(The data subject has the right to refuse consent, and there is no disadvantage for refusing consent.)

If consent is obtained, the following items must be included. If these items change, the change will be notified, and consent will be re-obtained.

• The party receiving the personal information
• The purpose of the party receiving the personal information
• The items of personal information being provided
• The retention and use period of the personal information by the party receiving it

In cases where there is a special provision in the law that the data subject must follow, or it is unavoidable to comply with a legal obligation

In cases where it is clearly and urgently necessary for the life, body, or property interests of the data subject or a third party

Consignment of Personal Information Processing

For the smooth processing of personal information, the Company consigns the following information processing tasks:

• Consignment scope: Information corresponding to '1., 2.'
• Consignee company name: Tayco Co. **(See Reference)
• Consigned task: Integrated maintenance and management
• Locus of responsibility: In the relationship between the data subject, the consignor, and the consignee, the consignor bears the substantive responsibility for the data subject, and the consignee is also responsible to the extent of their liability for legal violations.

When concluding a consignment agreement, the Company specifies matters concerning the prohibition of information processing for purposes other than the consigned task, security measures, supervision of the consignee, and liability for damages in a contract or other document. In the case of re-consignment, the Company participates in all contract processes of the re-consignment (2nd-level) and supervises whether the consignee handles personal information securely.

The Company does not permit 3rd-level consignment (re-re-consignment) in relation to personal information processing.

Procedure and Method of Personal Information Destruction

If the information corresponding to '1., 2.' becomes unnecessary due to the expiration of the retention period or the achievement of the purpose of processing, the information is destroyed without delay.

Destruction procedure and method: In cases corresponding to 2. or when a reason for destruction arises due to a destruction plan, the information is permanently deleted from the cloud server.

Measures for Ensuring Personal Information Security

The Company takes the following measures to ensure the security of personal information:

• We designate a Chief Privacy Officer internally and establish and implement an internal management plan.
• We designate and manage a limited number of employees who handle internal personal information and provide training to these individuals.
• We conduct regular inspections of the internal management status.
• We regularly check the privacy policy of the consignee.
• We conduct the same level of training and inspections for the consignee as we do internally.
• We verify the training, inspections, and measures implemented by the consignee for the re-consignee.

Installation, Operation, and Refusal of Automatic Personal Information Collection Devices

The Service does not have any automatic personal information collection devices. If we use such devices, we will post the relevant details in the privacy policy, etc.

The Company's website**(See Reference) does not have any automatic personal information collection devices. If we use such devices, we will post the relevant details in the privacy policy, etc.

Processing of Pseudonymized Information

The Company may process pseudonymized information without the consent of the data subject for purposes such as statistics, scientific research, and public interest record keeping.

The Company does not provide pseudonymized information for the purpose of a. to any third party. If we provide pseudonymized information, we will post the relevant details in the privacy policy, etc.

Even in this case, we will not include any information that could be used to identify a specific individual.

Chief Privacy Officer

For any matters related to personal information, including requests for viewing, correcting, deleting, or suspending processing, please contact us at the details below:

Category: Chief Privacy Officer
Name: Ki-ban Yoo
Email: calendar@carewokx.com
(If for any reason you believe the email has not been delivered, please send an email to eckc055@gmail.com {personal email}. In this case, the data subject's personal information may be exposed to the Chief Privacy Officer, but the officer will delete the information immediately upon problem resolution.)

Methods for Remedy of Rights Infringement

The Company guarantees the data subject's right to self-determination of personal information and strives to provide consultation and remedy for damages caused by personal information infringement. However, if you are not satisfied with the result or need more detailed assistance, please contact the national or administrative agency to which you belong.

Example: Republic of Korea**(See Reference)

Changes to the Privacy Policy

You can check the previous privacy policy on the Company's website.