THE DOOR
Back to Home

Privacy Policy

Last updated: March 2026

1. Introduction

The Door ("we," "our," or "us") operates the website thedoorkr.com and provides medical tourism concierge services connecting international patients with partner clinics in South Korea. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services.

We take your privacy seriously. By using our services, you agree to the collection and use of information as described in this policy.

2. Information We Collect

We collect the following types of information:

Personal Information: Your name, email address, phone number, nationality, and preferred language, provided when you create an account or submit a consultation request.

Medical Information: Photos of areas you wish to have treated, descriptions of desired procedures, medical history relevant to your consultation, and your treatment preferences. This information is collected solely to facilitate consultations with our partner clinics.

Financial Information: Your approximate treatment budget range. We do not collect or store credit card numbers, bank account details, or other payment instrument information directly. Payment processing, when applicable, is handled by third-party payment processors.

Usage Information: Information about how you interact with our website, including pages visited, time spent, and device information. This is collected through standard web analytics.

3. How We Use Your Information

We use your information for the following purposes:

  • To facilitate consultations between you and our partner clinic doctors. Your photos and treatment descriptions are shared with the consulting doctor to provide an accurate assessment.
  • To communicate with you about your consultation status, assessment results, and treatment coordination.
  • To improve our services and website experience.
  • To send you relevant updates about our services, which you may opt out of at any time.

4. Who Has Access to Your Information

Your personal and medical information is accessible only to:

The Door's core team members who manage your consultation (limited to those directly involved in your case).

The specific doctor at our partner clinic who reviews your consultation and provides your assessment. Photos and medical information are shared only with the doctor assigned to your case.

We do not sell, rent, or trade your personal information to third parties. We do not share your information with any parties other than those listed above, except as required by law.

5. Data Security

We implement the following security measures to protect your information:

  • All data stored in our systems is encrypted at rest using AES-256 encryption.
  • All data transmitted between your device and our servers is protected by TLS (Transport Layer Security) encryption.
  • Patient photos are stored in private, encrypted storage buckets. Photos are not publicly accessible and can only be retrieved through authenticated requests.
  • Database access is controlled through row-level security policies, ensuring that each user can only access their own data.

While we take extensive measures to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but are committed to protecting your data to the best of our ability using industry-standard practices.

6. Photo Handling

We understand that sharing personal photos, particularly of your face or body, requires a high level of trust. Here is how we handle your photos:

  • Photos are uploaded through an encrypted connection and stored in private, encrypted storage.
  • Photos are shared only with the consulting doctor assigned to your case.
  • Photos are never displayed publicly on our website or used for marketing purposes without your explicit written consent.
  • You may request deletion of your photos at any time by contacting us, and we will remove them from our systems within 30 days of your request.
  • If you choose not to submit photos with your consultation, you may still receive a general assessment, though it may be less precise than one based on visual evaluation.

7. Third-Party Services

We use the following third-party services to operate our platform:

  • Supabase: Database and file storage hosting. All data is encrypted at rest and in transit. Data is hosted in secure cloud infrastructure.
  • Vercel: Website hosting. Serves our website securely via HTTPS.
  • Resend: Email delivery for consultation notifications and updates.
  • LINE: Messaging platform for customer communication (optional, initiated by you).

These providers have their own privacy policies and security measures. We select providers that maintain high standards of data protection.

8. International Data Transfers

As a service connecting international patients with Korean clinics, your data may be processed in multiple jurisdictions. By using our services, you consent to the transfer of your information to South Korea (where our partner clinics operate) and the United States (where our platform infrastructure is hosted). All transfers are protected by encryption in transit.

As a service connecting international patients with Korean clinics, your data may be processed in multiple jurisdictions. By using our services, you consent to the transfer of your information to South Korea (where our partner clinics operate) and the United States (where our platform infrastructure is hosted). All transfers are protected by encryption in transit.

9. Data Retention

We retain your consultation data, including photos and assessment results, for up to 24 months after your last interaction with our service. This allows you to reference past consultations and assessments.

You may request deletion of your data at any time. Upon receiving a deletion request, we will remove your personal data and photos from our active systems within 30 days. Some data may persist in encrypted backups for up to 90 days before being automatically purged.

10. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of any inaccurate information.
  • Request deletion of your data, including all photos and consultation records.
  • Opt out of non-essential communications.
  • Withdraw your consent to data processing at any time, which may limit our ability to provide services.

To exercise any of these rights, contact us at concierge@thedoorkr.com.

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a minor, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

Contact information:

The Door

Email: concierge@thedoorkr.com

Website: https://www.thedoorkr.com