Privacy Policy
InBody Privacy Policy
InBody (hereinafter, “the Company”) complies with personal information protection regulations; and does its best to protect the rights of users by establishing privacy policies for its body composition analysis system, InBody, and its websites LookinBody Web, inbodyvietnam.com and InBody Mobile Application (collectively, “Web Services”).
It is not mandatory for users to provide their personal information and the user has the right to withhold their consent to the collection of their personal information. However, by opting not to provide personal information, certain features may not be available to users, the user’s experience may be negatively affected, and users may not be able to receive support services from the Company.
For the purpose of the this Privacy Policy, the terms “personal data”, “sensitive personal data”, and “process” shall have the meaning ascribed to it in the Personal Data Protection Act 2010 of Malaysia.
InBody’s Privacy Policy covers the following matters:
- 1.Types of Personal Information Collected and Methods of Collection
- 2.Collection of Personal Information and Purpose of Use
- 3.Sharing and Provision of Personal Information
- 4.Consigned Handling of Personal Information
- 5.Retention and Usage Periods of Personal Information
- 6.Procedure and Methods of Destruction of Personal Information
- 7.Rights of Users and Legal Attorneys and Methods of Exercising the Rights
- 8.Matters Concerning Installation/Operation of Automatic Personal Information Collecting Mechanism and Refusal Thereof
- 9.Technical/Administrative Measures for Protection of Personal Information
- 10.Personal Information Manager and Officers
- 11.Duty of Notification
1. Types of Personal Information Collected and Methods of Collection
A. Types of Personal Information Collected
With regards to LookinBody Web, the Company processes the following personal information of users:
Personal Information- • Name;
- • Email address;
- • Address and zip code;
- • Mobile number;
- • Company name;
- • Height;
- • Weight;
- • Age;
- • Gender;
- • Date of birth; and
- • Other forms of personal data while rendering additional or customized services to users, which users have consented to providing to the Company.
• Body composition analysis results
• Medical history
Users provide their explicit consent to the processing of their sensitive personal data, with the understanding that the provision of the above sensitive personal data is necessary
for the Company to provide the body composition analysis service.(II) inbodyvietnam.com
With regards to inbodyvietnam.com, the Company processes the following personal information of users:
Personal Information- • Name;
- • Email address;
- • Phone number; and
- • Mobile number;
- • Any other personal information disclosed by users in the “Contact Us” page of inbodyvietnam.com.
With regards to the InBody Mobile Application, the Company processes the following personal information of users:
Personal Information- • Name;
- • Email address;
- • Mobile number;
- • Height;
- • Weight;
- • Age;
- • Gender; and
- • Weight;Other forms of personal data while rendering additional or customized services to users, which users have consented to providing to the Company.]
The Company processes the non-personally identifiable data through the Web Services below:
- • IP address;
- • Cookie;
- • Date visited;
- • Service usage log; and
- • Error log.
- • Age;
B. Methods of Collecting Personal Information
The Company collects personal information in the following ways:
- • When users are asked to input their personal data in the course of using the body composition analysis system;
- • When users sign up for the Web Services;
- • When users contact the Company, send feedback to the Company, post material on the Web Services, complete customer surveys or participate in competitions.
C. Location of Storage
All collected personal information from European Economic Area (EEA), UK, Switzerland, Ukraine only will be stored on a server located in The Netherlands and will not be transported outside of the EEA. All personal information collected from Malaysia will be stored on servers located in Malaysia and Singapore.
2. Collection of Personal Information and Purpose of Use
The Company collects personal information from users for the following purposes:
A. Provision of Service
Provision of content, provision of specific customized services, delivery of goods or sending of bills, etc., identity authentication, purchasing and payment processing, collection of fees
B. Member Management
Identity authentication for use of membership-based services or limited identity authentication programs, personal identification, prevention of unauthorized use or abuse by members, confirmation of sign-up intent, restriction of sign-up or sign-up attempts, recordkeeping for dispute resolution, handling of complaints and delivery of notices
C. Use for Development of New Services and Marketing/Advertisements
Development of new services and provision of customized services, to communicate with users about the Company and/or products which may be of interest to users, provision of services based on user behaviours, preferences, or statistical characteristics, validation of services, provision of information on promotional events and provision of opportunity to participate, assessing access frequency, statistics on service usage by members, improvement of the Company’s services, and other marketing or advertising related purposes.
D. General Purposes
Monitoring and recording communications (such as telephone conversations and e-mail) for the purpose of improving the quality of the Company’s services, to send users newsletters when users have subscribed for the Company’s newsletter, to comply with the Company’s regulatory and corporate governance obligations, gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests, operational reasons such as recording transactions, training and quality control, ensuring the confidentiality of commercially sensitive information, investigating complaints and allegations of criminal offenses, providing customer service, and to give effect to the commercial transactions between the Company and the users.
3. Sharing and Provision of Personal Information
The Company uses personal information of users within the scope notified in “2. Collection of Personal Information and Purpose of Use” does not use any personal information beyond the above-mentioned scope, or disclose any personal information of users to third parties without prior consent of the user. However, the exceptions apply under the following circumstances:
- • – the user has given prior consent to such disclosure;
- • – there is a request from an investigational agency pursuant to provisions of laws or through procedures and methods stipulated in laws for investigational purposes;
- • – there is a request for personal information from a government; or
- • – there is a need to disclose personal information of users to the Company’s contracted third-party service providers and vendors. The Company may also disclose personal information of users to:
- • – other Companies within the InBody group;
- • – service providers, institutions, or commercial organizations that are collaborating with the Company;
- • – a third party who acquires the Company or substantially all of the Company’s assets, in which case the personal data shall be one of the acquired assets; and
- • – other software providers users may request to give users access to users’ InBody device data.
4. Consigned Handling of Personal Information
The Company may consign entry of personal information to personal information processing officers at sites where the program is used. Such officers shall receive adequate training to ensure that the personal information stored is not lost, stolen, leaked, altered, or damaged.
5. Retention and Usage Periods of Personal Information
As a general rule, personal information of users is destroyed once its purpose of collection and usage is achieved. However, the following information may be retained for the periods stated for given reasons.
A. Reasons for Retention of Information Based on Company’s Internal Policy
– Recordkeeping of information about abuse
- * Reason for retention: Prevention of abuse
- * Period of retention: 1 year
B. Reasons for Retention of Information Pursuant to Relevant Laws
When retention is required by provisions of relevant laws, the Company retains personal data of users for a specific period stipulated under such laws. In such a case, the Company uses the information retained only for the purpose of such retention for the following retention periods.
- • – Compliance with legal and regulatory obligations
- * Reasons for retention: To comply with the obligations under law imposed on the Company
- * Period of retention: 6 years
6. Procedure and Methods of Destruction of Personal Information
By general rule, personal information of users is destroyed once its purpose of collection and usage is achieved. Procedures and methods used by the Company to destroy personal information are as follows.
A. Procedure of Destruction
* Once the purpose of the information is achieved, information entered or inputted by the user for member sign-up, etc. is moved to a separate database (separate cabinet in case of information on paper), stored for a specific period in accordance with internal policy and reasons for information protection pursuant to other relevant laws, and destroyed. * Such personal information is not used for purposes, other than as stipulated in purpose of retention, unless required by law.
B. Method of Destruction
- * Personal information printed on paper is destroyed by using a shredder or by incineration.
- * Personal information stored in electronic file formats is erased beyond recovery using technical means.
7. Rights of Users and Legal Attorneys and Methods of Exercising the Rights
The user or their legal attorney may, at any time, view, correct and edit registered personal information of the user or the a child concerned under the age of 18* and may request for cancellation of membership.
The user may click ‘Edit Personal Information’ (or ‘Edit User Information’, etc.) to view and edit personal information of the user or the child concerned under the age of 18; and may click ‘Cancel Membership’ to cancel membership (withdraw consent). Once the user completes the identity authentication process, they will be able to view and edit the information or cancel membership on their own.
Alternatively, the user may contact the Personal Information Manager in writing, by phone, or email for immediate action. Once the user has made a request for correction of errors in personal information, such information shall not be used or provided until the corrections are made. Also, if incorrect personal information is already provided to a third party, the Company shall immediately notify the third party of the correction processing results so that the necessary corrections are made.
The Company processes personal information of users which has been canceled, deleted by request of the user, or legal attorney in accordance with provisions of “5. Retention and Usage Periods of Personal Information” ensures that the personal information is not viewed or used for other purposes.
Users have the option of unsubscribing from the Company’s newsletter and from receiving marketing and advertising-related emails from the Company.
8. Matters Concerning Installation/Operation of Automatic Personal Information Collection
The Company uses ‘cookies’ to save and frequently load the user’s information. A cookie is a very small text file sent from the server, which is used to run the website, to the user’s web browser. The cookie is stored on the hard disk of the user’s computer.
A. Purpose of Using Cookies
* Cookies are used for analyzing the user’s visit and usage patterns, etc. of various services offered on lookinbody.com and other websites, to facilitate the provision of information, optimized for each user.
B. Declination to Installation/Operation of Cookies
- * The user has the right over the installation of cookies. Therefore, the user can accept all cookies, require prompt each time a cookie is saved, or reject all cookies by setting options on their web browser.* Note, however, that if cookies are not accepted, the user may experience difficulty in using some of the services on lbwebind2020.azurewebsites.net/ which require signing in.
- * Configuring cookie installation settings (on Internet Explorer)
- ① On the [Tools] menu, select [Internet options].
- ② Click the [Privacy] tab.
- ③ Adjust the [Settings].
9. Technical/Administrative Measures for Protection of Personal Information
In handling personal information of users, the Company employs the following technical/administrative measures to secure safety of personal information against displacement, theft, leaks, unwanted alterations or damage.
A. Encryption of Personal Information
B. Measures against Hacking, etc.
C. Persons Handling Personal Information
D. Operation of Dedicated Organization for Personal Information Protection
However, the Company shall not be liable for any issues caused by personal information leaks such as mobile numbers and passwords due to the user’s negligence or other Internet-related problems.
10. Data Protection Manager and Officers
If users have any requests, inquiries, or complaints regarding the processing of the user’s personal information, users may report all privacy complaints that arise while using the Company’s services to the Data Protection Manager or Data Protection Officer of the Company.The Company shall respond to the user’s reports promptly and adequately.
* InBody Headquarters [South Korea]
Address: 06106
625, Eonju-ro, Gangnam-gu, Seoul, Republic of Korea
Website : www.inbody.com
E-mail : inbody@inbody.com, privacy2@inbody.com
TEL : +82-2-501-3939 / FAX : +82-2-501-3978
Personal Information Officer: Woo-sung Bang
* InBody EUROPE[NETHERLANDS]
Address: Gyroscoopweg 122, 1042 AZ Amsterdam
Website : https://nl.inbody.com/
E-mail : info.eu@inbody.com, privacy.eu@inbody.com
TEL : +31-20-238-6080
Personal Information Manager: Billy Nam
Personal Information Officer: Michiel Manshande
* InBody USA
Address: 13850 Cerritos Corporate Dr., Unit C, Cerritos, CA 90703, USA
Website : https://inbodyusa.com
E-mail : info.us@inbody.com
TEL : +1-323-932-6503 / FAX : +1-323-952-5009
* InBody JAPAN
Address: Tani Bldg., 1-28-6, Kameido, Koto-ku, Tokyo 136-0071 JAPAN
Website : https://www.inbody.com/jp
E-mail : inbody@inbody.co.jp
TEL : +81-3-5875-5780 / FAX: +81-3-5875-5781
Personal Information Officer: 柴田 泰生
* InBody CHINA
Address: 904, Xing Di Plaza, No. 1698 Yishan Road, Shanghai, 201103, CHINA
Website : https://www.inbody.com/cn
E-mail : info@inbodychina.com, inbody_privacy@inbodychina.com
TEL : +86-21-6443-9738, 9739, 9705 / FAX : +86-21-64439706
Personal Information Officer: 宣宝榄
* InBody INDIA
Address: Unit No. G-B 10, Ground Floor, Art Guild House, Phoenix Market City, L.B.S. Marg, Kurla (West), Mumbai 400070, India.
Website : https://www.inbody.in
E-mail : inbodyindia@inbody.com
Personal Information Officer: Kenneth Cha
* InBody ASIA[MALAYSIA & SINGAPORE]
Address: Unit 3A-11, Oval Damansara, No.685 Jalan Damansara, 60000 Kuala Lumpur, Malaysia
Website : https://inbodyasia.com
E-mail : info@inbodyasia.com
TEL : +60-3-7732-0790
Personal Information Officer: Kim Sungeun
11. Duty of notification
If ever a legal attorney requests insight into, alteration or removal of the personal information of the subject as mentioned under “7. Rights of Users and Legal Attorneys and Methods of Exercising the Rights”, the Company shall notify the users in writing before complying to this request.
The Company shall report to the supervisory authority within 72 hours from the time it becomes aware of the infringement of personal information in the event of an infringement that may pose a risk to the rights and freedoms of individuals. The data subject must be notified of the infringement without under delay.
However, if there is a low possibility that the infringement of personal information poses a risk to the individual’s freedom and rights, the notification may not be made.
If the report to the supervisory body is not made within 72 hours, the reason for the delay shall be reported.
We reserve the right to update and make amendments to this Privacy Policy from time to time. In the event we update or amend this Privacy Policy, we will inform users by posting the updated Privacy Policy on the Web Services. In the event we update or amend this Privacy Policy, the updated or amended terms will only apply to personal data that is collected from the date of this Privacy Policy is updated or amended.
To comply with Section 7(3) of the Personal Data Protection Act 2010 of Malaysia, a simplified Personal Data Notice based on this Privacy Policy is made available to users in Bahasa Malaysia. In the event of any inconsistencies between the Personal Data Notice and this Privacy Policy, the terms of this Privacy Policy shall prevail.
This Privacy Policy was last updated 29, January 2021.
* InBody Vietnam
Address : 11th Floor, COBI TOWER II, 2-4 Street 8, Tan Phu Ward, District 7, HCMC, 70000 Vietnam
Website : https://www.inbodyvietnam.com
E-mail : info.vn@inbody.com
Personal Information Officer : Shon Kim
Last update : 28 October 2024