The medical care iron man attaches great importance to the privacy of members and follows the provisions of the "Personal Data Protection Law". Therefore, a privacy protection policy has been formulated. You can refer to the following privacy protection policy.
Security of personal data
Protecting the personal privacy of members is an important business philosophy of the medical iron man. Without the consent of the members, we will never provide the personal information of the members to any third party who has nothing to do with the services of this shopping website. Members should keep their network passwords and personal information properly confidential, and do not provide any personal information, especially network passwords, to anyone. After using the various service functions provided by the Medical Iron Man website, be sure to log out of your account. If you are sharing a computer with others or using a public computer, remember to close the browser window.
Collection, processing and use of personal data
The personal information obtained by the medical iron man related website is only for the medical iron man in accordance with the originally stated purpose and scope of use. The medical iron man will not provide the information to the third party unless specified in advance or in accordance with relevant laws and regulations. People, or transferred to other purposes.
Purpose of collection:
The purpose of the collection is to conduct marketing business, consumers, customer management and services, online shopping and other e-commerce services and surveys, statistics and research analysis (the statutory specific purpose item numbers are O40, O90, 148 , One Five Seven). The medical iron man will collect personal information through the process of joining a member or conducting a transaction.
Types of personal data collected:
The personal information collected by the medical iron man on the website includes:
(1) C001 identifies individuals: such as member’s name, address, telephone number, email and other information.
(2) C002 identifies the financial person: such as credit card or financial institution account information.
(3) C011 personal description: for example: gender, date of birth, etc.
Use period, area, object and method:
(1) Period: Until the day when the member concerned requests to stop using or the medical iron man stops providing services.
(2) Region: The personal data of members will be used in Taiwan.
(3) Objects and methods of use: In addition to members' personal data collection for medical care ironman membership management, customer management search and query functions, it will also be used for identity identification, cash flow services, logistics services, marketing and publicity, etc. Examples are as follows:
a. When using the services provided by the medical iron man as a member, the member information will be automatically displayed on the page.
b. To facilitate transactions: When members make reservations, subscribe, purchase, participate in rewards, etc. for goods or services, or engage in other transactions, regarding product delivery, labor service provision, price payment, response to customer inquiries, medical iron man Inquiries to members, related after-sales services, and other necessary services for the exchange.
c. Advertising or marketing, etc.: Provide members with various e-magazines and other information, and provide service-related information through e-mail, mail, telephone, etc. Personalize the content or advertisements viewed by members, based on the customer's personal attributes or purchase records, and the browsing records of the medical iron man website, for personalization, analysis of members' use of services, development of new services, or improvement of existing services. Contact members for opinions on polls, events, message boards, etc., or other service-related matters.
d. Respond to customer inquiries: Respond to the inquiries raised by members to the medical iron man through email, mail, fax, telephone or any other direct and indirect contact.
e. Other business incidental matters: use necessary to provide services for the medical iron man with the purpose of use a to d. above.
f. For the provision of information for individual service providers: When a member makes an appointment, subscribes, purchases, participates in reward activities or applies for other transactions for the goods or services of the service provider, the medical iron man is within the necessary scope of the exchange, The member’s personal data file may be provided to the service provider, and the service provider is responsible for managing the personal data file. The medical care iron man will give the service provider the obligation to process personal data in accordance with the principle of protecting the privacy of members in accordance with the regulations, but there is no guarantee that the service provider will inevitably comply. For details, please contact the respective service provider.
g. Others: When providing individual services, personal data may also be used for purposes other than those specified above. At this time, the main points will be stated on the webpage of the individual service.
Members' rights regarding personal data:
The parties to the personal data collected by the medical iron man may exercise the following rights against the medical iron man in accordance with the Personal Data Protection Law:
(1) Inquiry or request to read.
(2) Request to make copies.
(3) Request for supplement or correction.
(4) Request to stop collection, processing or utilization.
(5) Request deletion.
If members want to exercise the above rights, they can contact the medical iron man customer service to apply.
caution! If you refuse to provide the necessary information for membership, you may not be able to enjoy the full service or completely unable to use the service.
In order to protect the privacy and safety of members, the medical care ironman member account information will be password protected. Medical care iron man and try their best to use reasonable techniques and procedures to protect the security of all personal data.
Ways to check or correct personal data
Members can contact the customer service center when they need to inquire and read, make copies, supplement or correct their personal data, stop computer processing, use, or delete, and the medical iron man will process it quickly.
In order to facilitate the use of members, the medical iron man website will use cookie technology to provide the services required by the members; cookie is a technology used by the website server to communicate with the member's browser, and it may randomly store strings in the member's computer , Is used to identify different users. If the member turns off the cookie, it may cause problems such as failure to log in to the website or use the shopping cart.
Privacy protection policy revision
As the market environment changes, the company will revise the website policy from time to time. If members have any questions about the privacy statement of the medical iron man website or related matters related to personal data, they can contact the medical iron man customer service center by email.
The security maintenance plan of the computer processing personal data files of the Medical Care Iron and Technology Co., Ltd.
1. In order to ensure the safety of the personal data files maintained by this business, a designated person shall be designated in accordance with the law to handle maintenance matters in accordance with the following personal data file security maintenance plan.
2. Security maintenance plan for personal data files:
1. Data security
(1) Where personal data files are built on the database, the scope of use and usage rights should be determined "User Code" and "Identification Password". The identification password should be kept confidential and not shared with others.
(2) Where personal data files are stored on the hard disk drive of a personal computer, the data holder shall set a power-on password, a screen saver password and related security measures on the personal computer.
(3) Personal data files are not allowed to be used without permission.
(4) The personal data file should be exited as soon as it is used, and must not be left on the computer display screen.
(5) The identification password used by an individual should be kept confidential, and the password must be changed after a fixed period of time to prevent others from stealing it and using it for a long time.
(6) If a customer inquires about his or her personal information by phone, he must be authenticated before replying to the relevant information to protect the rights of the customer.
(7) When collecting, processing, internationally transmitting and using personal data on the Internet, necessary precautionary and protective measures shall be taken to detect and prevent computer viruses and other malicious software to ensure the normal operation of the system.
(8) When dealing with transactions on the Internet, possible security risks should be assessed and appropriate security control measures should be developed.
2. Data audit
(1) When processing personal data by computer, check whether the input, output, editing or correction of personal data is consistent with the original file.
(2) When personal data is provided for use, it should be checked whether it is consistent with the file data. If there is any doubt, the original file should be checked for verification.
(3) A regular audit system should be established and audit data should be kept.
3. Equipment management
(1) For computer equipment related to the establishment of personal data, the data holder shall maintain it regularly.
(2) Computer equipment is not allowed to be moved unless necessary.
(3) The personal computer used to build personal data shall not be directly used as a front-end tool for public inquiry.
(4) Establish a remote backup system.
(5) The personal data stored in related computer hardware that is discarded or resold is indeed deleted.
4. Other safety maintenance items
(1) Persons who use computers to process personal data files should hand over the stored storage media and related data lists when their duties are changed. The person who takes over should set up a separate password to facilitate management.
(2) After an employee resigns, all passwords that the resigned employee had contacted shall be cancelled and adjusted appropriately.
(3) Comply with the relevant regulations of general computer security maintenance.