MEDICALIP LOGO
logo

MEDIP Box Anatomy Term of Use

Term of Use

Thank you for choosing MEDIP Box Anatomy. Before using this mobile application, please read the following End User License Agreement (“Terms”). These Terms contain important information regarding the use of all services (hereinafter “Services”) provided through MEDICAL IP’s (hereinafter “Company”) website (www.medicalip.com) and the MEDIP Box Anatomy application and set forth the obligations of the user.

Provision of Services

Subject to compliance with the terms of this Agreement, the Company may grant the user the right to use the Services solely for personal purposes. Such Services include all services provided by the Company, which encompass all materials displayed or performed through the Services—such as text, graphics, photographs, images, illustrations, audio, video, and works—as well as any information and other materials posted or generated and provided in connection with the Services (hereinafter “Content”).
All Content and materials included in the Services are the intellectual property of MEDICAL IP. MEDICAL IP retains the copyright, trademark, and other intellectual property rights for the Content. The Content provided to the user may be used only for personal purposes, and any act of reproducing, distributing, transmitting, displaying, modifying, or altering the Content for commercial purposes or for the benefit of any third party is strictly prohibited. Additionally, the user must not download, store, redistribute, or otherwise infringe on the copyrights of the Content without authorization.
The user is granted only a license to use the Content provided by MEDICAL IP and does not acquire any ownership or transfer of intellectual property rights. The usage rights granted under these Terms are limited to the user’s personal educational and learning purposes, and any use for commercial purposes or for the benefit of a third party is not permitted without the prior written consent of MEDICAL IP.

User Responsibilities

Users shall be solely responsible for all activities that occur under their account, regardless of whether such activities were authorized or known by them. Users shall not post, transmit, or solicit communications or requests aimed at obtaining passwords, account information, or personal data from others. Moreover, users shall refrain from using the Service to jeopardize computer network security, hack passwords or security codes, or to transmit or store any threatening or obscene materials, as well as engaging in any unlawful activities.

1. Account Protection and Management

Users are responsible for managing and safeguarding their account credentials, including passwords. In the event of any disclosure, theft, hacking, or compromise of account information, users must immediately notify the Company and implement any necessary security measures. Users are required to store their passwords securely and must not share them with any third party. Should any abnormal activity be detected on an account, the user is obligated to promptly notify the Company, adhere to the account protection procedures, and change their password.

2. Prevention of Infringement of Third-Party Rights

Users shall not infringe upon the rights of other users or third parties, including but not limited to copyright and privacy rights, and shall bear full legal responsibility for any such infringement. Users are expressly prohibited from compromising another user’s account or unlawfully acquiring, using, or disclosing another individual’s personal information.

3. Prohibition of Illegal and Hacking Activities

Users must not engage in activities that cause harm to other users or systems, including but not limited to hacking, distributing malicious code, or conducting denial-of-service (DDoS) attacks. Furthermore, any actions aimed at compromising computer network security or hacking passwords or security codes are strictly forbidden. If such activities are detected, the offending user may be subject to legal action.

4. Prohibition of Unlawful Activities and Malicious Content

Users shall not engage in any unlawful activities within the Service, nor shall they post or disseminate any malicious or obscene content. Prohibited activities include, but are not limited to, illegal copying, fraud, impersonation, and the dissemination of false information.

5. Obligation to Report Immediately

Users are required to promptly report any abnormal activity occurring in their account or any breach of personal data to the Company. Upon such notification, the Company shall verify the issue and take appropriate security measures. Furthermore, users must cooperate with the Company by following the prescribed security procedures to protect their account.

User Age

1. Service Age Restriction

The Company does not intentionally collect information from children under the age of 15, nor does it provide the Service to such individuals. Users may access the Service only if they have reached the age of majority or the legal age (generally 18 years or older) in their respective jurisdiction and are thereby capable of entering into legally binding contracts.

2. Users Aged 15 to Under 18

Users who are 15 years of age or older but under 18 must obtain consent from a parent, legal guardian, or educational institution prior to agreeing to these Terms. In such cases, acceptance of these Terms may be executed on behalf of the minor by the appropriate guardian. Users must verify that proper guardian consent has been obtained before accessing the Service and adhere to the relevant procedures to secure such consent.

3. Age Standards by Country

Since the standards for online privacy protection and age restrictions for children may vary by country, users are required to comply with the relevant laws of their country of residence. The Company sets age standards in accordance with the legal requirements of each country, and such age restrictions may differ based on jurisdiction.

  • United States: In accordance with the Children’s Online Privacy Protection Act (COPPA), parental consent is required for children aged 13 or younger. Additionally, users between the ages of 15 and 18 must obtain parental consent.
  • European Union: Pursuant to GDPR-K (General Data Protection Regulation for Kids) standards, children under the age of 16 require the consent of a parent or legal guardian.
  • Korea: Under the Personal Information Protection Act, children aged 14 or younger must obtain separate consent from a parent or legal guardian.
  • China: According to China’s Children’s Online Privacy Protection Law, children aged 14 or younger require the consent of a parent or legal guardian. Moreover, for users aged 16 to 18, parental consent procedures may be mandated.
  • Japan: Under Japan’s Personal Information Protection Law, children aged 15 or younger must secure the consent of a parent or legal guardian. While users aged 16 to 18 may be accorded a degree of autonomy, parental consent remains requisite for processing personal data.
  • Australia: In accordance with Australia’s Children’s Privacy Protection Law, children aged 16 or younger require the consent of a parent or legal guardian. Users aged 16 to 18 must also obtain parental consent, and online service providers are obligated to secure guardian consent when processing a child’s personal data under Australian law.
  • Canada: Under Canada’s Children’s Online Privacy Protection Act, children aged 13 or younger require the consent of a parent or legal guardian. For users aged 14 to 18, parental consent is required, and all procedures related to the protection of personal information must be strictly complied with under Canadian law.
  • India, the Middle East, Africa, and Other Regions: As age requirements may vary in accordance with the applicable personal data protection laws of each country, appropriate consent procedures based on those laws must be followed.

4. Protection of Minors and Consent Procedures

Since the Company provides its services globally, it shall implement systems to secure guardian consent in compliance with the legal standards of each jurisdiction. If a user is under the age of 18, the applicable legal consent procedures required in that country must be followed, and such procedures will be conducted in accordance with the processes provided by the Company. This ensures the protection of minors’ personal information and the proper use of the Service.

Availability of the Service

The Company shall use commercially reasonable efforts to provide the Service on a continuous basis, except for periods of downtime resulting from system maintenance, upgrades, or unforeseen emergencies. The Company shall take all reasonable measures, within its means, to minimize such interruptions.

The Company reserves the right to temporarily suspend or restrict the provision of the Service in the following circumstances:

  •   System Maintenance and Upgrades: When periodic or non-periodic system inspections and improvements are required.
  •   Security Reasons: To maintain the security of the application and to prevent risks such as hacking or the transmission of malicious software.
  •   Unforeseen Technical Issues: In the event of service disruptions caused by server failures, network issues, database errors, or similar technical problems.
  •   Legal/Regulatory Requirements: When service provision is rendered impossible by applicable laws, regulations, or government directives.
  •   External Service Provider Issues: In cases where third-party providers, such as external APIs or affiliated services, suspend or terminate their services.

Users acknowledge and agree that the Company shall not be held liable for any temporary suspension, modification, discontinuation, or unavailability of the Service, user content, or any other content.

Service Modifications

If MEDICAL IP makes any material changes to the Service, such modifications shall be communicated to users either within the Service or via email. Notwithstanding the foregoing, MEDICAL IP shall have no obligation to update, improve, or release a new version of the Service. As the Service evolves over time, MEDICAL IP reserves the right to modify or discontinue, in whole or in part, any features, components, or functionalities of the Service. Additionally, a free service may, after a 24-hour advance notice provided to the user post-installation, be converted into a paid service after the initial 24-hour period.

Service Interruption

Notwithstanding this Agreement, MEDICAL IP may modify, suspend, or terminate any or all of the Service, including its content, features, or components. In such cases, MEDICAL IP shall, whenever reasonably practicable, provide prior notice; however, in unavoidable circumstances, immediate notification of such changes may be provided. Any changes or termination of the Service shall be made only when required by legal obligations, security considerations, or for reasons pertaining to the operational needs of MEDICAL IP. MEDICAL IP reserves the right to restrict or limit access to specific features or services, or to the Service in whole or in part, without incurring any liability for notification or consequences thereof. MEDICAL IP may also suspend the Service under the following circumstances: (a) if a user breaches this Agreement, violates any third party’s intellectual property rights, or contravenes applicable laws, or if the user’s account activity interferes with or harms MEDICAL IP or any third party; or (b) if compelled by law. Should MEDICAL IP decide to suspend the Service or discontinue any functionality, it shall notify users; accordingly, however, the Company shall have no obligation to maintain such Service thereafter. Notwithstanding, MEDICAL IP will provide a reasonable explanation for any discontinuation, outlining the reasons and potential impacts, and shall take measures to minimize user inconvenience.

Communications and Internet Services

Users acknowledge and agree that access to and use of the Service depends on the availability of communication and Internet services, as well as appropriate hardware, software, and applications. Users are solely responsible for acquiring and maintaining all necessary communication and Internet services, hardware, software, and applications required to access and use the Service, and shall bear all associated costs, fees, expenses, and taxes. MEDICAL IP shall not be liable for any data loss, communication failures, or other damages arising from the use or inability to use such communication and Internet services, hardware, software, or applications.

Medical Information Disclaimer

MEDICAL IP provides information and materials solely for the purpose of anatomical education. All anatomical information provided is intended for educational reference only and does not substitute for professional medical diagnosis, treatment, prescription, or advice. Accordingly, MEDICAL IP shall be held harmless with respect to the following.

1. Not a Substitute for Medical Advice:

  • All anatomical information provided by the Company is for educational purposes only, and the Company shall not be liable for any medical decisions or diagnoses made based on such information.
  • This information is intended merely to enhance the understanding of anatomical structures and functions and cannot replace the direct diagnosis and counsel provided by a qualified medical professional.

2. Not a Provider of Medical Services:

  • The Company is not a provider of medical services, and the materials provided cannot be used as a basis for medical prescriptions, treatments, diagnoses, or any other medical decisions.
  • Users must consult with appropriate medical institutions or professionals for any medical concerns, and the Company shall bear no responsibility for any consequences arising therefrom.

3. Accuracy of Information and User Responsibility:

  • While the Company endeavors to ensure the accuracy and reliability of the educational anatomical materials provided, it does not assume responsibility for any issues arising from the use of such information.
  • Users are solely responsible for determining whether the provided information is appropriate for their circumstances, and any actions taken based on this information shall be at the user’s own risk.

4. Distinction from Third-Party Medical Information:

  • The information provided by the Company is solely for educational purposes and may differ from medical information applied in actual clinical situations.
  • Users are advised to seek professional consultation for any medical issues or symptoms, as the Company’s materials are not intended to replace professional advice.

5. Limitation of Legal Liability:

  • The Company disclaims any liability for legal disputes or damages arising from the use of the educational anatomical materials provided.

Restrictions on Use and Termination of Service

Users may delete their account at any time, and upon deletion, all associated personal data will be removed except as required by law. Following account deletion, users will no longer have access to certain Services or Content.

Indemnification and Disclaimer

Users shall indemnify and hold MEDICAL IP harmless from and against all losses, damages, or liabilities arising out of any breach of these Terms or related to the use of the Service. However, the Company shall not be liable for damages resulting from the user’s actions if such damages are caused by MEDICAL IP’s willful misconduct or gross negligence.

MEDICAL IP shall be held harmless for the following circumstances:

  • Damages resulting from the user’s negligence or illegal activities
  • Losses arising from external factors, including but not limited to acts of God, hacking, network outages, or other unforeseen disruptions
  • Damages caused by temporary interruptions or errors in the provision of the Service

In the event of any dissatisfaction with the Service, users must first seek resolution through the designated customer support channels. Additionally, users retain the right to seek remedy through arbitration or litigation as provided under applicable consumer protection laws.

Notice of Policy Changes

These Terms may be amended from time to time, and any changes will be communicated via notices within the Service. The amended Terms shall become effective within 7 days of such notice. Users who do not agree with the amended Terms may cease using the Service.

Service Reliability and Warranty Disclaimer

While the Company endeavors to provide the Service in a reliable and stable manner, MEDICAL IP does not warrant the complete stability or error-free operation of the Service. The Company shall not be liable for any issues arising from unforeseen service interruptions or malfunctions.

In-App Purchases and Personal Data Handling

1. Personal Data Collected

The Company may collect the following personal data when a user utilizes the in-app purchase service.

  • Payment Information: Information related to payment cards and other payment methods.
  • Contact Information: The user’s email address, telephone number, and related contact details.
  • Device Information: Data regarding the user’s device model, operating system version, IP address, and similar details.

2. Purpose of Personal Data Collection

The collected personal data shall be used for the following purposes:

  • Processing in-app purchases and completing transactions
  • Verifying payments and providing customer support
  • Delivering personalized content to the user.
  • Enhancing security measures and preventing fraud, thereby strengthening the overall security of the Service.

3. Retention and Use Period of Personal Data

The Company shall retain the collected personal data for as long as is necessary to provide the Service. Following the expiration of this period, such data will be securely deleted or anonymized. However, in cases where applicable laws (e.g., the Electronic Commerce Act) require the retention of transaction records or related data for a specified duration, the Company shall retain such information for the legally mandated period.

4. Provision of Personal Data to Third Parties

The Company shall not provide personal data to any third party without the user’s consent, except where necessary to share information with payment service providers. Notwithstanding the foregoing, personal data may be disclosed in compliance with applicable legal obligations.

5. Protection of Personal Data

The Company employs state-of-the-art security technologies to safeguard user personal data. Collected personal data is encrypted in storage. In circumstances where international data transfer is necessary, the user’s personal data may be transferred to servers or partner organizations located overseas. Such transfers will be conducted in accordance with applicable legal frameworks, such as the GDPR, and any other relevant legislation.

Google/Apple Account Login and Personal Data Handling

1. Personal Data Collected

When a user logs in using a Google or Apple account, the Company may collect the following personal data:

  • Google/Apple Account Information: Email address, username, profile picture, and similar details.

2. Purpose of Personal Data Collection

The collected personal data shall be used for the following purposes:

  • Delivering personalized content to the user
  • Enabling and enhancing Service functionalities
  • Facilitating payment processing and login integration services

3. Retention and Use Period of Personal Data

The Company shall retain the personal data collected via Google or Apple account login for as long as necessary to provide the Service. Upon expiration of the required period, the data will be securely deleted.

4. Provision of Personal Data to Third Parties

In cases where Google or Apple account information is provided, some information may be shared in accordance with the respective platform policies. Additionally, personal data may be disclosed to third parties when required by applicable legal obligations.

5. Protection of Personal Data

The Company adheres to the security policies related to login via Google or Apple accounts and employs state-of-the-art security measures to protect user personal data.

General Login and Personal Data Handling

1. Personal Data Collected

When a user utilizes the standard login method, the Company may collect the following personal data:

  • Login Information: User ID, email address, password, etc.
  • Additional User Information: Contact details (such as telephone number) and device information (including device model, operating system version, etc.)

2. Purpose of Personal Data Collection

The collected personal data shall be used for the following purposes:

  • User Authentication: To process login and authentication procedures for the user’s account.
  • Service Provision and Personalized Content: To address user inquiries and provide customer support.
  • User Support and Customer Service: To respond to user inquiries and deliver appropriate customer assistance.
  • Security Enhancement and Service Improvement: To utilize personal data in reinforcing Service security and for the continual improvement of the Service.

3. Retention and Use Period of Personal Data

The Company will retain user account information and related personal data for the duration of the provision of the login service. Upon account deletion by the user, the relevant personal data will be securely deleted or anonymized. Notwithstanding, if legal obligations require retention for a specified period, the Company may retain such data to comply with those obligations.

4. Provision of Personal Data to Third Parties

The Company shall not provide personal data to any third party without the user’s consent, except in cases where legal requirements (e.g., court orders, requests from governmental agencies) mandate disclosure. In such instances, the Company shall comply with all applicable laws and minimize the scope of personal data disclosed. Moreover, user personal data may be transferred abroad, in which case the data will be subject to the relevant foreign data protection laws. Such transfer shall be deemed to constitute the user’s consent.

5. Protection of Personal Data

The Company employs state-of-the-art security technologies to safeguard user personal data. All personal data is encrypted and securely stored. Additionally, appropriate technical and administrative safeguards are in place to prevent unauthorized access to such data.

Procedures and Methods for Destruction of Personal Data

The Company, in principle, shall promptly destroy personal data once the retention period has expired or the purposes for which such personal data was collected have been fulfilled. Notwithstanding, if personal data must be retained in accordance with other applicable laws even after the expiration of the consented retention period or the fulfillment of the processing purposes, such data (or, in the case of paper documents, converted into an electronic file) shall be transferred to a separate database (DB) or stored in a different location. Data transferred to such a separate DB shall not be used for any purposes other than those required by law. The procedures and methods for destruction are as follows:

1. In-App Purchase Personal Data Destruction Procedures

  • Personal Data Subject to Destruction: Payment card information, contact information, device information, etc.
  • Timing of Destruction: After the period necessary for providing the Service following the completion of the transaction has elapsed, or upon the expiry of the legally mandated retention period.
  • Destruction Procedures:

    - Upon expiration of the retention period following payment processing and completion of the transaction, the relevant information is added to the list of data to be destroyed.

    - After the legally required retention period has elapsed, and with the approval of the designated Data Protection Officer, the destruction procedures are executed.

  • Destruction Methods:

    - Electronic Files: Payment information, stored in an encrypted format, shall be rendered irrecoverable through technical measures that make decryption impossible.

    - paper Documents: Any payment records in paper form shall be shredded or incinerated.

2. Google/Apple Account Personal Data Destruction Procedures

  • Personal Data Subject to Destruction: Google/Apple account information (such as email address, username, profile picture, etc.).
  • Timing of Destruction: Upon a user’s request for account deletion or upon termination of Service provision via the Google/Apple account.
  • Destruction Procedures:

    - When a user requests account deletion, the processing of the corresponding account information shall be carried out in accordance with the policies of Google or Apple.

    - Personal data stored for the purpose of Service provision shall be handled in accordance with the respective policies of Google or Apple, and such information shall be destroyed upon termination of the Service.

  • Destruction Methods:

    - Google/Apple Account Information Deletion: The relevant personal data shall be deleted through the account deletion procedures provided by each platform.

    - Integrated Service Data: Google or Apple account information used within the Service shall be encrypted and securely destroyed.

3. General Login Personal Data Destruction Procedures

  • Personal Data Subject to Destruction: Login information (user ID, email address, password, etc.) and other user information (contact details, device information, etc.).
  • Timing of Destruction: Upon a user’s request for account deletion or after the expiration of the period necessary for the provision of the Service.
  • Destruction Procedures:

    - When a user requests account deletion, the corresponding account information shall be added to the list of data to be destroyed.

    - In cases where legal obligations require retention, personal data shall be held for the required period and thereafter securely deleted or anonymized.

    - Periodic audits shall be conducted to ensure that internal destruction procedures are effectively implemented.

  • Destruction Methods:

    - Electronic Files: Personal data shall be technically deleted in a manner that renders encrypted data irrecoverable.

    - Paper Documents: Any personal data maintained in paper form shall be shredded or incinerated.

Rights, Duties, and Procedures for Exercising Rights of Data Subjects

1. Both “Administrators” and “Users” may exercise their rights to access, correct, delete, or request the suspension of the processing of their personal data at any time.

2. To access or modify their personal data (via “Personal Data Change,” “Member Information Modification,” etc.) or to withdraw consent (via the “Membership Termination” procedure), Administrators and Users must complete the required identity verification procedures. Alternatively, they may contact the Data Protection Officer in writing or via email, and the Company will promptly address their request.

3. If Administrators or Users request correction of inaccurate personal data, such data will not be used or disclosed until the correction is completed. If incorrect personal data has already been provided to a third party, the Company shall promptly notify such third parties of the correction to ensure that the necessary amendments are made.

4. The Company will process personal data that has been terminated or deleted upon request by Administrators or Users in accordance with the applicable retention and use periods. Such data will not be accessed or used for any purposes beyond those stipulated.

5.  Rights may be exercised through a legal representative or an authorized agent. In such cases, the individual must submit any documentation required by the applicable laws of their jurisdiction (e.g., a power of attorney or equivalent authorization).

6.  Requests for access to personal data or for suspension of its processing may be subject to limitations or may be denied in accordance with the applicable laws of certain countries or regions..

7. Requests for correction or deletion of personal data cannot be made if such data is expressly required to be collected under any other applicable laws

Measures to Ensure the Security of Personal Data

The Company implements the following technical and administrative measures, as required or recommended by applicable data protection laws, to safeguard users’ personal data.

1. Encryption of Personal Data

Critical information, including passwords belonging to “Administrators” and “Users,” is stored and managed in an encrypted format. Access to, and modification of, such personal data is restricted solely to the data subject.

2. Measures Against Hacking and Other Threats

The Company employs all commercially reasonable efforts to prevent the unauthorized disclosure or damage of personal data due to hacking, computer viruses, or other malicious activities. To mitigate potential data corruption, regular backups are conducted, and the most current antivirus software is utilized. The Company further ensures the secure transmission of personal data over networks via encrypted communications, implements intrusion prevention systems to control unauthorized external access, and adopts all feasible technical security measures to maintain system integrity.

3. Minimization and Training of Personnel Handling Personal Data

Access to personal data is strictly limited to designated personnel, each of whom is assigned a unique, periodically updated password. Regular training is provided to these personnel to reinforce adherence to the Company’s data protection policies.

4. Operation of a Dedicated Data Protection Department

The Company maintains a specialized data protection department tasked with overseeing the implementation of its data protection policies and ensuring that personnel handling personal data comply with these policies. Should any deficiencies be identified, prompt corrective action will be taken.

Data Protection Officer and Responsible Department

The Company has designated a Data Protection Officer to handle feedback and complaints regarding personal data. The contact information is provided below. Users may direct any inquiries, complaints, or requests for redress related to the protection of personal data arising from the use of the Company’s services to the Data Protection Officer or the relevant department. The Company shall provide prompt and adequate responses to such inquiries.

1. Data protection Officer

  • Name: Youngdeok Kim
  • Affiliation/Position: MEDICAL IP ITC/ Leader
  • Contact Information: 02-2135-9148 / tech@medicalip.com
  • Inquiry Hours: weekdays 9:00 AM – 6:00 PM (KST)