Notifications
Back
mobile background
CONTACT&INFO

AI-powered, tailored digital therapeutics for the management of neuro-psychological disorders.

Working Hours

Monday - Friday (excluding holidays)

9:00 AM - 6:00 PM


Email neurotx@neurotx.org

Phone +82-2-3290-3947

Fax +82-2-3290-3970

Address 132B, Korea University R&D Center, 145 Anam-ro, Seongbuk-gu, Seoul

Working Hours

Monday - Friday (excluding holidays)

9:00 AM - 6:00 PM


Email  neurotx@neurotx.org

Phone  +82-2-3290-3947

Fax +82-2-3290-3970

Address  145 Anam-ro, Seongbuk-gu, Seoul,

                  Korea University R&D Center 132B

CONTACT US

If you have any inquiries regarding AI, please select ‘AI’ under ‘Interest’ when writing.

--
Article 1 Consent to Collection of Personal Information and Collection Method
< The name of a company or website > (“URL” hereinafter “Website”) shall establish a procedure for allowing customers to click the button “Agree” to the terms of use, collection of personal information, and details of personal information used. Customers shall be deemed to have agreed to the collection and use of their personal information by clicking the “Agree” button.

Article 2 Personal Information Items Collected and Purpose of Using Personal Information
“Personal Information” means information on living persons and refers to their names, resident registration numbers, or any other information that identifies such persons. (Even if such information alone cannot identify a certain person, such information that can be easily combined with other information and be used to identify such a person.)

The Website has the following purposes for collecting and using customers’ personal information:

Personal information of general members
- Time of collection: Signing up for membership
- Mandatory collection items: ID, password, e-mails, names *required to be revised*
- Optional collection items: Profile images, date of birth, telephone number, address *required to be revised*
- Purpose of using personal information: Signing up for membership, customer consulting for the use of services, and delivery of notices
- Retention period: Immediately deleted upon withdrawal of membership or retained for five (5) years for purchasing members

Order information (including members and non-members)
- Time of collection: Upon placing orders
- Mandatory collection items: Information of customers placing orders (name, address, telephone, and e-mail), information on recipient (name, address, telephone), payment approval information
- Optional collection items: Delivery of messages
- Purpose of using personal information: Payment and delivery of ordered products
- Retention period: Retained for five (5) years

Article 3 Collection of Personal Information via Cookies
The Website may install and operate cookies that store and frequently retrieve customers’ information. A cookie means a small amount of text files that a website sends to users’ computer browsers (Internet Explorer, and others)
1) Purposes of using cookies
- Providing differentiated information, depending on individuals’ interests
- Analyzing the access frequency or staying time of users, identifying users’ tastes and interests, and using them for target marketing and as a measure for service improvement
- Tracing the information on items purchased and items to which users pay attention, and providing tailor-made services
2) Operation of cookies and rejection of cookiesCookies are stored at the hard disk of users’ computers. Cookies identify users’ computers but do not personally identify users.
In addition, customers may accept or reject all cookies, or go through checks whenever cookies are stored by changing settings on their web browser.
However, if customers refuse to store cookies, they may not use some services that require them.
3) Method for changing settings to reject cookies
A. Internet Explorer
Directly change settings by clicking Tools > Internet Options > Personal Information tab on the upper menu of a web browser
B. Chrome
Directly change settings by clicking Menu icon on the upper right bar of a web browser >Settings > Advanced Settings on the bottom of the screen > Contents Setting button on Personal Information section > Cookies section

Article 4 Periods of Retaining and Using Personal Information and Destruction of Personal Information
1) Customers’ personal information shall be destroyed without any delay after the purposes of collection and use of their personal information have been fulfilled. However, if customers’ personal information needs to be retained for a certain period of time for the following purpose of verifying transaction parties’ rights and obligations in accordance with provisions of relevant statutes, such as the Protection of Consumers in e-commerce and Other Transactions Act, such information shall be retained for the specified period:
A Article 6 of the Protection of Consumers in e-commerce and Other Transactions Act
- Records on contracts or withdrawal of offers: Retained for five (5) years
- Records on payments and the supply of goods: Retained for five (5) years
- Records on the resolution of customers’ complaints or disputes: Retained for three (3) years
B Article 15.2 of the Protection of Communication Secrets Act
- Log-in records: Retained for three (3) months
C Other related statutes
2) The Website shall destroy personal information in the following manner.
A. Destruction procedure-The information entered for membership sign-up shall be transferred to a separate database (in case of information on paper, a separate filing cabinet), stored for a certain period of time in accordance with internal guidelines and other relevant statutes, and then destroyed.
- The above personal information shall not be used for any purposes other than for the purposes stipulated by law.
B. Destruction methods-Personal information printed out on paper shall be destroyed by shredding or burning. - Personal information in electronic file format shall be entirely destroyed by technological methods so that they may not be restored or regenerated.
3) The Website shall give dormant members (who have not used services for the last twelve (12) months) a notice on the forfeiture of membership in accordance with Article 29.2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection. If such members fail to reply to such a notice, they may be considered to have forfeited their membership at the Website’s discretion. In such a case, dormant members’ personal information may be stored and managed separately from other members’ personal information. Such personal information that is separated and stored shall be destroyed after the lapse of the statutory retention period. In case a customer makes a request, then such a customer’s personal information that is not destroyed shall be made available again at the time of resuming the use of services.

Article 5 Provision of Personal Information for Third Parties
1) The Website shall neither use customers’ personal information nor provide such information for other persons, companies, and institutions beyond the scope of Article 1 above (Personal Information Items Collected and Purpose of Using Personal Information).
2) The following cases are exceptions.
A. When customers’ personal information is required by relevant institutions for investigative purposes in accordance with relevant statutes
B. When customers’ personal information is provided in a form that cannot identify certain individuals for advertisers, suppliers, or research organizations to compile statistics or conduct academic or market research
C. When customers’ personal information is requested in accordance with pre-determined procedures under other relevant statutesEven if personal information is provided in accordance with the foregoing, we do our best to ensure that such information is not indiscriminately provided against the original purpose of collection and use of such information.

Article 6 Outsourcing of Personal Information Processing
The Website outsources the processing of users’ personal information to outside professional organizations as follows for the smooth conduct of businesses, such as provision of better services and customers’ convenience.
- Delivery of ordered products: OO Delivery Service *required to be revised*
- Establishing and maintaining computer systems: Hosting companies *required to be revised*
- Delivery tracking system service: Goodsflow Inc.
- Payment and escrow service: PG *required to be revised*
- Self-authentication, i-PIN service: Dream Security Inc.
※ The information shared with outsourcing companies shall be limited to the minimum information required to fulfill the original purpose of outsourcing. In addition, optional personal information is provided for outsourcing companies at the request of customers for services.
※ The list of outsourcing companies may be subject to change, depending on changed services and contractual periods. Any change in this list shall be announced in advance via notices. Customers participating in short-term events shall be individually notified of such events.

Article 7 Access and Modification of Personal Information

1) Customers may access or modify their personal information registered at the Website at any time. Customers may click the Change Members’ Information menu and directly access or modify their personal information. They may also request for such access or modification by sending e-mails or written requests to a chief privacy officer or a personal information handling employee at the Website. Then, the Website shall take relevant measures without any delay.
2) If customers demand the correction of any errors in their personal information, such personal information shall be neither used nor provided by the Website until such errors have been corrected.
3) If incorrect personal information has been already provided for any third party, then the Website shall immediately notify such third party of the result of correction of this information and have this third party also modify the information.

Article 8 Withdrawal of Consent to Collection, Use, and Provision of Personal Information
1) Customers may withdraw their consent to the collection, use, and provision of their personal information that is made available when signing up for membership at any time. They may do so by clicking Withdrawal of Consent (Membership) in the Personal Information Management Menu on the initial landing page of the Website. They may also do so by contacting the chief privacy officer of the Website in writing, by telephone, or through e-mail. Then, the Website shall immediately take necessary measures, such as deletion of personal information. The Website shall immediately notify customers of such measures, including withdrawal of consent and destruction of personal information.
2) The Website shall take necessary measures to ensure that customers withdraw their consent (membership) to the collection of their information through an easier method than what they used to give their consent to the method of collecting personal information.

Article 9 Measures for Ensuring the Security of Personal Information
The Website shall take technological/administrative/physical measures required for ensuring the security of personal information in accordance with Article 29 of the Personal Information Protection Act.
1. Encryption of personal information
Users’ personal information, including passwords, is stored and managed and is only known to the users who own that information. Important data is secured with separate features, such as the encryption and locking of files and transmitted data.
2. Technological measures against hacking
The Website shall install, regularly update, and check security porgrams to ensure that personal information is not leaked and damaged due to hacking or computer viruses. It shall also install systems in areas to which access from the outside is controlled, as well as technologically/physically inspect and block such areas.

Article 10 Protection of Personal Information of Children under Fourteen Years of Age
The Website deems the protection of children’s personal information in online environments to be also important. It does not allow children under fourteen years of age who require the consent of their legal counsel to apply for membership. If such childern sign up for the Website or provide their personal information due to the theft of their names and information or abuse of systems, then their legal counsels may exercise all rights.

Article 11 Chief Privacy Officer
The Website appoints the following chief privacy officer who is responsible for the handling of personal information and the handling of customers’ complaints regarding personal information and damage reliefs.

▶ Chief Privacy Officer
- Name: *required to be revised”
- Title: *required to be revised”
- Job grade: *required to be revised”
- Contact point: *required to be revised”

Article 12 Modification of the Guideline on Personal Information Processing
This guideline on personal information processing shall take effect on its effective date. Any addition of change under statutes and this guideline, and deletion and correction of anything in this guideline shall be announced via notices seven (7) days prior to the effectuation of such addition, deletion, or correction.
POST

NeuroTx (hereinafter referred to as the “Company”) legally processes and safely manages personal information in compliance with the Personal Information Protection Act and related laws to protect the freedom and rights of the information subject. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, the Company establishes and discloses the following personal information processing policy in order to inform the information subject of the procedures and standards for processing and protecting personal information and to promptly and smoothly handle complaints related thereto.


Article 1 (Purpose of processing personal information)


The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act will be taken.


1. Website membership registration and management


Personal information is processed for the following purposes: confirmation of intent to register as a member, self-identification and authentication in accordance with the provision of membership services, maintenance and management of membership qualifications, prevention of unauthorized use of services, confirmation of consent of legal representatives when processing personal information of children under the age of 14, various notifications and notices, and complaint handling.


2. Provision of goods or services

Personal information is processed for the purposes of delivering goods, providing services, sending contracts and bills, providing content, providing customized services, verifying identity, verifying age, paying fees, and settling accounts.


3. Handling complaints

Personal information is processed for the purposes of verifying the identity of the complainant, confirming complaints, contacting and notifying for fact-finding, and notifying the results of processing.


Article 2 (Items of personal information processed)

The company collects and uses personal information to the minimum extent necessary to provide services.


1. Provision of goods or services

Required items: <Name, phone number, email address>

Optional items: <Area of interest>


2. The following personal information items may be automatically generated and collected during the use of Internet services.

IP address, cookies, MAC address, service usage history, visit history, bad usage history, etc.


Article 3 (Processing and retention period of personal information)

① The company processes and retains personal information within the retention and use period of personal information stipulated by law or within the retention and use period of personal information agreed upon by the information subject when collecting personal information. ② The processing and retention periods for each personal information are as follows.

Website membership registration and management: Until withdrawal from the business/organization website

However, in the following cases, until the end of the reason

1) In the case of an investigation or inquiry due to a violation of relevant laws and regulations, until the end of the investigation or inquiry

2) In the case of remaining creditor-debtor relationships due to the use of the website, until the settlement of the creditor-debtor relationship


Article 4 (Matters regarding procedures and methods for destroying personal information)

① When personal information becomes unnecessary due to the expiration of the personal information retention period, achievement of the processing purpose, etc., the company destroys the personal information without delay.

② In the case where the personal information retention period agreed upon by the information subject has expired or the processing purpose has been achieved, but personal information must be retained in accordance with other laws and regulations, the personal information will be transferred to a separate database (DB) or stored in a different location. ※ The items of personal information preserved according to other laws and the basis for preservation can be found in “Article 3, Processing and Retention Period of Personal Information”

③ The procedures and methods for destroying personal information are as follows.

Destruction Procedure

The company selects personal information for which a reason for destruction has occurred and destroys the personal information with the approval of the company’s personal information protection officer.

Destruction Method

The company destroys personal information recorded and stored in electronic files so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents by shredding or incineration.


Article 5 (Matters regarding measures to ensure the safety of personal information)

① The company is taking the following measures to ensure the safety of personal information.

Administrative measures: Establishment and implementation of an internal management plan, operation of a dedicated organization, and regular employee training


Technical measures: Management of access rights to personal information processing systems, installation of an access control system, encryption of personal information, installation and update of security programs


Physical measures: Access control to computer rooms, data storage rooms, etc.


Article 6 (Rights, obligations, and exercise methods of information subjects and legal representatives) )

① The information subject may exercise the following personal information protection rights against the company at any time.


Request to view personal information

Request for correction in case of errors, etc.

Request for deletion

Request for suspension or withdrawal of processing

Request for refusal or explanation of automated decisions, etc.

※ Requests to view personal information of children under the age of 14 must be made directly by the legal representative, and information subjects who are minors over the age of 14 may exercise their rights regarding their personal information as minors or through their legal representative.


② The exercise of rights under Paragraph 1 may be made against the company in writing, by phone, e-mail, facsimile (FAX), etc. in accordance with Article 41 Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the company will take action without delay.


③ The exercise of rights may also be made through an agent such as the information subject's legal representative or a proxy. In this case, a power of attorney in the format of Appendix 11 of the "Personal Information Processing Method Notice" must be submitted.


④ If the information subject requests to view or suspend processing of personal information, The right to request may be limited by Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.


⑤ If the personal information is explicitly stated as a collection target in other laws, the deletion of the personal information cannot be requested.


⑥ If the information subject has consented to the fact that an automated decision will be made, or has been notified in advance through a contract, etc., or if there is a clear provision in the law, the refusal of the automated decision is not recognized and only an explanation and review request is possible.


- In addition, a request for refusal or explanation of an automated decision may be rejected if there is a legitimate reason such as a concern that it may unfairly infringe upon the life, body, property, or other interests of another person.


⑦ The company verifies whether the person exercising the right is the person himself or a legitimate agent.

⑧ The company may exercise the right to the department below. The company will endeavor to ensure that the exercise of the right by the information subject is processed promptly.


Article 7 (Measures to Ensure the Security of Personal Information)

The company is taking the following measures to ensure the security of personal information. 1. Administrative measures: Establishment and implementation of internal management plan, regular employee training, etc.

2. Technical measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, etc., installation of security programs

3. Physical measures: Access control to computer rooms, data storage rooms, etc.


Article 8 (Matters related to installation/operation and refusal of automatic personal information collection devices)

① The company uses ‘cookies’ to store and periodically retrieve usage information in order to provide customized services to users.

② Cookies are small amounts of information that the server (http) used to operate the website sends to the user’s computer browser and are also stored on the hard disk of the user’s computer.

A. Purpose of cookie use: Used to provide optimized information to users by identifying the visit and usage patterns, popular search terms, and whether or not the user has accessed each service and website visited.

B. Installation/operation and refusal of cookies: You can refuse cookie storage by setting options in the Tools>Internet Options>Privacy menu at the top of the web browser.

D. If you refuse to save cookies, you may experience difficulties in using customized services.


Article 9 (Personal Information Protection Officer)

① The company is responsible for the overall management of personal information processing, and has designated a personal information protection officer as follows to handle complaints and provide remedies for damages from information subjects related to personal information processing.


▶ Personal Information Protection Department

Department Name: Management Support Team

Person in Charge: Kim Go-eun

Contact: <02-3290-3947>, <goeunkim17@neurotx.org>


② The information subject may inquire about all personal information protection-related inquiries, complaint handling, and remedies that arise while using the company's services (or business) to the personal information protection officer and the department in charge. The company will promptly respond to and process the information subject's inquiries.


Article 10 (Request to View Personal Information)

The information subject may request to view personal information pursuant to Article 35 of the Personal Information Protection Act to the department below. The company will endeavor to promptly process the information subject's request to view personal information.


▶ Personal Information Access Request Reception and Processing Department

Department Name: Management Support Team

Person in Charge: Kim Go-eun

Contact: <02-3290-3947>, <goeunkim17@neurotx.org>


Article 11 (Methods of Redressing Rights Infringement)

Data subjects may inquire about redress for damages and consultations regarding personal information infringement to the following institutions.


▶ Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)

- Responsibilities: Reporting personal information infringement, requesting consultation

- Website: privacy.kisa.or.kr

- Phone: (without area code) 118

- Address: (58324) 3rd floor, Personal Information Infringement Report Center, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)


▶ Personal Information Dispute Mediation Committee

- Responsibilities: Application for personal information dispute mediation, collective dispute mediation (civil resolution)

- Website: www.kopico.go.kr

- Phone: (without area code) 1833-6972

- Address: (03171) 4th floor, Government Seoul Building, 209 Sejong-daero, Jongno-gu, Seoul


▶ Supreme Prosecutors' Office Cyber Crime Investigation Division: (without area code) 1301 (www.spo.go.kr)

▶ National Police Agency Cyber Safety Bureau: (without area code) 182 (ecrm.cyber.go.kr)


Article 12 (Enforcement and Change of Personal Information Processing Policy)

This personal information processing policy is effective from January 1, 2021.



* Appendix: WillSleep Account Deletion Request

If you would like to delete your WillSleep user account and associated data, please follow the steps below:

How to request account deletion:

Send an email to neurotx@neurotx.org.

Please include “Account Deletion Request” in the subject line of your email.

Include the email address of the account you wish to delete in the body of your email.

Types of data to be deleted:

Personally identifiable information (name, email, etc.)

Health data and user activity history

User settings and in-app activity

Data retention period:

After requesting account deletion, your data will be retained for an additional 30 days and may be recovered during this period. After 30 days, all data will be permanently deleted.

If you have any further questions after requesting deletion, please feel free to contact us. Thank you.


NeuroTx (hereinafter referred to as the “Company”) legally processes and safely manages personal information in compliance with the Personal Information Protection Act and related laws to protect the freedom and rights of the information subject. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, the Company establishes and discloses the following personal information processing policy in order to inform the information subject of the procedures and standards for processing and protecting personal information and to promptly and smoothly handle complaints related thereto.


Article 1 (Purpose of processing personal information)


The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act will be taken.


1. Website membership registration and management


Personal information is processed for the following purposes: confirmation of intent to register as a member, self-identification and authentication in accordance with the provision of membership services, maintenance and management of membership qualifications, prevention of unauthorized use of services, confirmation of consent of legal representatives when processing personal information of children under the age of 14, various notifications and notices, and complaint handling.


2. Provision of goods or services

Personal information is processed for the purposes of delivering goods, providing services, sending contracts and bills, providing content, providing customized services, verifying identity, verifying age, paying fees, and settling accounts.


3. Handling complaints

Personal information is processed for the purposes of verifying the identity of the complainant, confirming complaints, contacting and notifying for fact-finding, and notifying the results of processing.


Article 2 (Items of personal information processed)

The company collects and uses personal information to the minimum extent necessary to provide services.


1. Provision of goods or services

Required items: <Name, phone number, email address>

Optional items: <Area of interest>


2. The following personal information items may be automatically generated and collected during the use of Internet services.

IP address, cookies, MAC address, service usage history, visit history, bad usage history, etc.


Article 3 (Processing and retention period of personal information)

① The company processes and retains personal information within the retention and use period of personal information stipulated by law or within the retention and use period of personal information agreed upon by the information subject when collecting personal information. ② The processing and retention periods for each personal information are as follows.

Website membership registration and management: Until withdrawal from the business/organization website

However, in the following cases, until the end of the reason

1) In the case of an investigation or inquiry due to a violation of relevant laws and regulations, until the end of the investigation or inquiry

2) In the case of remaining creditor-debtor relationships due to the use of the website, until the settlement of the creditor-debtor relationship


Article 4 (Matters regarding procedures and methods for destroying personal information)

① When personal information becomes unnecessary due to the expiration of the personal information retention period, achievement of the processing purpose, etc., the company destroys the personal information without delay.

② In the case where the personal information retention period agreed upon by the information subject has expired or the processing purpose has been achieved, but personal information must be retained in accordance with other laws and regulations, the personal information will be transferred to a separate database (DB) or stored in a different location. ※ The items of personal information preserved according to other laws and the basis for preservation can be found in “Article 3, Processing and Retention Period of Personal Information”

③ The procedures and methods for destroying personal information are as follows.

Destruction Procedure

The company selects personal information for which a reason for destruction has occurred and destroys the personal information with the approval of the company’s personal information protection officer.

Destruction Method

The company destroys personal information recorded and stored in electronic files so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents by shredding or incineration.


Article 5 (Matters regarding measures to ensure the safety of personal information)

① The company is taking the following measures to ensure the safety of personal information.

Administrative measures: Establishment and implementation of an internal management plan, operation of a dedicated organization, and regular employee training


Technical measures: Management of access rights to personal information processing systems, installation of an access control system, encryption of personal information, installation and update of security programs


Physical measures: Access control to computer rooms, data storage rooms, etc.


Article 6 (Rights, obligations, and exercise methods of information subjects and legal representatives) )

① The information subject may exercise the following personal information protection rights against the company at any time.


Request to view personal information

Request for correction in case of errors, etc.

Request for deletion

Request for suspension or withdrawal of processing

Request for refusal or explanation of automated decisions, etc.

※ Requests to view personal information of children under the age of 14 must be made directly by the legal representative, and information subjects who are minors over the age of 14 may exercise their rights regarding their personal information as minors or through their legal representative.


② The exercise of rights under Paragraph 1 may be made against the company in writing, by phone, e-mail, facsimile (FAX), etc. in accordance with Article 41 Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the company will take action without delay.


③ The exercise of rights may also be made through an agent such as the information subject's legal representative or a proxy. In this case, a power of attorney in the format of Appendix 11 of the "Personal Information Processing Method Notice" must be submitted.


④ If the information subject requests to view or suspend processing of personal information, The right to request may be limited by Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.


⑤ If the personal information is explicitly stated as a collection target in other laws, the deletion of the personal information cannot be requested.


⑥ If the information subject has consented to the fact that an automated decision will be made, or has been notified in advance through a contract, etc., or if there is a clear provision in the law, the refusal of the automated decision is not recognized and only an explanation and review request is possible.


- In addition, a request for refusal or explanation of an automated decision may be rejected if there is a legitimate reason such as a concern that it may unfairly infringe upon the life, body, property, or other interests of another person.


⑦ The company verifies whether the person exercising the right is the person himself or a legitimate agent.

⑧ The company may exercise the right to the department below. The company will endeavor to ensure that the exercise of the right by the information subject is processed promptly.


Article 7 (Measures to Ensure the Security of Personal Information)

The company is taking the following measures to ensure the security of personal information. 1. Administrative measures: Establishment and implementation of internal management plan, regular employee training, etc.

2. Technical measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, etc., installation of security programs

3. Physical measures: Access control to computer rooms, data storage rooms, etc.


Article 8 (Matters related to installation/operation and refusal of automatic personal information collection devices)

① The company uses ‘cookies’ to store and periodically retrieve usage information in order to provide customized services to users.

② Cookies are small amounts of information that the server (http) used to operate the website sends to the user’s computer browser and are also stored on the hard disk of the user’s computer.

A. Purpose of cookie use: Used to provide optimized information to users by identifying the visit and usage patterns, popular search terms, and whether or not the user has accessed each service and website visited.

B. Installation/operation and refusal of cookies: You can refuse cookie storage by setting options in the Tools>Internet Options>Privacy menu at the top of the web browser.

D. If you refuse to save cookies, you may experience difficulties in using customized services.


Article 9 (Personal Information Protection Officer)

① The company is responsible for the overall management of personal information processing, and has designated a personal information protection officer as follows to handle complaints and provide remedies for damages from information subjects related to personal information processing.


▶ Personal Information Protection Department

Department Name: Management Support Team

Person in Charge: Kim Go-eun

Contact: <02-3290-3947>, <goeunkim17@neurotx.org>


② The information subject may inquire about all personal information protection-related inquiries, complaint handling, and remedies that arise while using the company's services (or business) to the personal information protection officer and the department in charge. The company will promptly respond to and process the information subject's inquiries.


Article 10 (Request to View Personal Information)

The information subject may request to view personal information pursuant to Article 35 of the Personal Information Protection Act to the department below. The company will endeavor to promptly process the information subject's request to view personal information.


▶ Personal Information Access Request Reception and Processing Department

Department Name: Management Support Team

Person in Charge: Kim Go-eun

Contact: <02-3290-3947>, <goeunkim17@neurotx.org>


Article 11 (Methods of Redressing Rights Infringement)

Data subjects may inquire about redress for damages and consultations regarding personal information infringement to the following institutions.


▶ Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)

- Responsibilities: Reporting personal information infringement, requesting consultation

- Website: privacy.kisa.or.kr

- Phone: (without area code) 118

- Address: (58324) 3rd floor, Personal Information Infringement Report Center, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)


▶ Personal Information Dispute Mediation Committee

- Responsibilities: Application for personal information dispute mediation, collective dispute mediation (civil resolution)

- Website: www.kopico.go.kr

- Phone: (without area code) 1833-6972

- Address: (03171) 4th floor, Government Seoul Building, 209 Sejong-daero, Jongno-gu, Seoul


▶ Supreme Prosecutors' Office Cyber Crime Investigation Division: (without area code) 1301 (www.spo.go.kr)

▶ National Police Agency Cyber Safety Bureau: (without area code) 182 (ecrm.cyber.go.kr)


Article 12 (Enforcement and Change of Personal Information Processing Policy)

This personal information processing policy is effective from January 1, 2021.



* Appendix: WillSleep Account Deletion Request

If you would like to delete your WillSleep user account and associated data, please follow the steps below:

How to request account deletion:

Send an email to neurotx@neurotx.org.

Please include “Account Deletion Request” in the subject line of your email.

Include the email address of the account you wish to delete in the body of your email.

Types of data to be deleted:

Personally identifiable information (name, email, etc.)

Health data and user activity history

User settings and in-app activity

Data retention period:

After requesting account deletion, your data will be retained for an additional 30 days and may be recovered during this period. After 30 days, all data will be permanently deleted.

If you have any further questions after requesting deletion, please feel free to contact us. Thank you.