LINE

ENGLISH
LINE NEXT Inc. DOSI Services Privacy Policy

The purpose of this document (“Privacy Policy”) is to inform you (“you” or “User”) of how LINE NEXT Inc. manages Personal Data (as hereinafter defined) in connection with DOSI Services (DOSI Wallet, DOSI Citizen, DOSI Store or GAME DOSI) (referred to collectively as the “ DOSI Services”).

Please take a moment to read this Privacy Policy carefully so that you know and understand the purposes for which we collect, use and disclose your Personal Data. If you have any questions about this Privacy Policy, please submit your request using our online Support portal or by email.

DOSI Wallet DOSI Citizen DOSI Store GAME DOSI
Support Portal https://contact.dosi.world
 https://contact-game.dosi.world/
Email dl_dosi_privacy@linecorp.com


By interacting with us, submitting information to us, or signing up for or accessing DOSI Services offered by us, you indicate your acceptance of the terms of this Privacy Policy and consent to LINE NEXT Inc. (LINE NEXT Affiliates), as well as our respective representatives and/or agents (collectively referred to herein as "the Company", "us", "we" or "our") collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Company's authorized service providers and relevant third parties in the manner set forth in this Privacy Policy.  If you do not agree with or are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access to or use of the DOSI Services.

For Users in the European Union (“EU”), the European Economic Area (“EEA”) and other locations subject to EU data protection law (collectively, “Europe”), you acknowledge that we will process your Personal Data as set out in this Privacy Policy. Please also read the "Privacy Policy Addendum for EU/UK GDPR" available in Section 18.
1. Personal Data Collected by the Company (hereinafter the “Personal Data”)

“Personal Data” is information that we collect from you or about you that is capable of identifying you alone or in combination with other pieces of information that we collect.
When you access any of our Services, we may collect the following categories of Personal Data:

If a specific DOSI service is not used, the Company will not collect the personal data that is related to the DOSI Service that is not used. 

Category DOSI Wallet
https://wallet.dosi.world/
 DOSI Citizen
https://citizen.dosi.world/
 DOSI Store
https://xxxx.store.dosi.world/
 GAME DOSI
https://game.dosi.world/
Information collected third party services • (To sign up for DOSI Services via Social Networking Services(SNS)) SNS ID, SNS type, SNS Email
• (To connect DOSI Wallet to third party services) Service identifier
(To manage Community) Discord ID
 NA • (To connect third-party wallet products) 
Email, Digital wallet address, ID, type, User Profile image, User Profile nick name, Region data, SNS ID, Phone Number		 NA
Information you provide us when signing up for the DOSI Services • Email, Region data, Passcode, User Profile image, User Profile nick name NA NA NA
Information automatically created when using the DOSI Services • DOSI Pltform ID
• DOSI Wallet Address, DOSI Wallet ID, DOSI Wallet account status, DOSI Wallet account level		 • DOSI Citizen UID • DOSI Store UID • GAME DOSI UID
Information you provide us while using the DOSI Services • Phone Number, Country Code
• (To register as a C2C seller) Name, Date of birth, Address, Phone Number, Email, Metamask Wallet Address, Vault Wallet Address
• (To fill out tax reporting form)
All the information regarding W9(US person), W8(Non US person) form
 • (DOSI Wallet Related Information)
DOSI Platform ID, Region data, Email, DOSI Wallet Address, Phone Number, User Profile image, User Profile nick name
• (To reward a NFT prize to DOSI Citizen event winner)
ERC Wallet Address, Kaikas Wallet Address, Phone Number, Discord User Name
• (To designate and reward to DOSI Ambassador)
Name, Date of Birth, Address		 • (DOSI Wallet Related Information)
DOSI Platform ID, Region data, Email, DOSI Wallet Address, Phone Number, User Profile image, User Profile nick name		 • (DOSI Wallet Related Information)
DOSI Platform ID, Region data, Email, DOSI Wallet Address, User Profile image, User Profile nick name
Information collected via technology when using the DOSI Services • Service usage data such as system activity, Access history, Online identifiers such as IP address and domain name, clickstream information, Cookies, Device information(OS type and version)
• Transaction information relating to your use of the DOSI Services such as purchase and sales history
Information collected when submitting request via the support portal • Email , Phone number(last 4 digits), Information on the inquiry form, Information generated during complaint handling, Correspondence, being information that you provide to us in correspondence, including ongoing customer support
Information collected for advertising and marketing • Email , Service usage data such as system activity, Access history, Online identifiers such as IP address and domain name,  clickstream information, Payment history, Cookies, Device information (OS type and version)

• We do not store any credit card or debit card information online. Payment transactions are processed via third-party payment services such as "LINE Pay” and "NAVER Pay" and "Stripe".

In addition to the foregoing, the Company may require you to provide additional Personal Data when you require support, send us information for troubleshooting or other analysis, participate in a survey or our other promotional activities or solicit any other communication from us, among other activities.
2. Cookies and Similar Technology

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Cookies are typically stored on your computer's hard drive. We use information collected from cookies is used by us to analyze trends, to administer the DOSI Services and to evaluate their effectiveness. With this knowledge, we can provide you with a more personalized experience when using the DOSI Services and we can improve the quality of such experience by recognizing and delivering more of the most desired features and information and by resolving access difficulties. We may also use cookies, “web bugs” or “clear gifs,” which are typically stored in emails to help us confirm your receipt of, and response to, our emails.

Our service providers may also place cookies on the hard drive of your device with a view to receiving information that will educate us and our service providers on different aspects, such as how you navigate on the DOSI Services. Our service providers may analyze these data with a view to allow us to better understand your interests in the DOSI Services and to better serve those interests.

Please note that data collected by use of cookies or similar technologies may be linked to and combined with any other data, including Personal Data, relating to you that we process.  Data collected by the use of cookies or similar technologies may also be used to assist us in (i) meeting our compliance obligations (including under applicable anti-money laundering and terrorism prevention laws), (ii) detecting irregular, suspicious or potentially fraudulent account activities, and (iii) assessing and improving the DOSI Services and advertising campaigns.

We and our service providers also use Pixel, a weblog collection tool provided by Meta, to provide information. Pixels collect information through cookies, which collect information in an unidentifiable form.

You can choose to deactivate cookies; however, in such circumstances, you will not be able to use parts of the DOSI Services which require cookies to be operate.

See below for the types of cookies we use and the functionality they support. If a specific DOSI service is not used, the information related to the service does not apply.

• Necessary Cookies—these cookies enable core functionality of the website. They help to make a website useable by enabling basic functionality.
DOSI Wallet, Home
 DOSI Citizen, DOSI Store
 GAME DOSI
Cookie name Duration Description Cookie name Duration Description Cookie name Duration Description
DOSI_SES 1 year This cookie is used in authentication to allow access to the service. DOSI_SES 1 year This cookie is used in authentication to allow access to the service. DOSI_SES 1 year This cookie is used in authentication to allow access to the service.
DOSI_CHK 1 year This cookie is used to verify expiration time of the access token. DOSI_CHK 1 year This cookie is used to verify expiration time of the access token. DOSI_CHK 1 year This cookie is used to verify expiration time of the access token.
CC 1 year This cookie is used to store the user's choice of cookie options CC 1 year This cookie is used to store the user's choice of cookie options CC 1 year This cookie is used to store the user's choice of cookie options

• Analytic Cookies—these cookies are used to collect information and report about website usage statistics without personally identifying individual visitors.
We use a tool “Google Analytics” to study how often Users visit the DOSI Services, what pages they visit when they do so, and what other sites they used prior to coming to the DOSI Services. We use the information we get from Google Analytics only to improve the DOSI Services. Google Analytics collects only the IP address assigned to you on the date you visit the DOSI Services. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit the DOSI Services, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the DOSI Services is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser by clicking here.
Cookie Name Duration Description
_ga, _ga_XXXX 2 years This cookie is used to distinguish a user on the website. It calculates visitor, session, campaign data and keeps track of site usage for the site’s analytics report.
_gat 1 minutes This cookie limits the user requests.
_gid 1 day This cookie is used to distinguish a user on the website. It is used to store information on how visitors use the website and helps in creating an analytics report of how the website is doing. The data collected includes the number of visitors, their source, and the pages


3. Browser Adjustment

Necessary cookies cannot be switched off, however you can withdraw consent for analytic cookies at any time by changing your browser settings. If you choose to switch off all cookies (excluding necessary cookies), please be aware that DOSI Services may no longer function as intended.

Find out how to manage cookies on popular browsers:

Opera

To find information relating to other browsers, visit the browser developer's website.
4. Purpose for Collection, Use and Disclosure of User Personal Data

Except in limited instances where your consent is required, we collect, use, and/or disclose your Personal Data on the legal basis of (1) contractual basis, for performance of a contract and provision of Services or taking steps prior to entering into a contract; (2) legal obligation, for fulfilment of our legal obligations; (3) legitimate interests, for the purpose of our legitimate interests and the legitimate interests of third parties, proportionate to your interest and fundamental rights and freedoms to the protection of your Personal Data; (4) vital interest, for the prevention or suppression of danger to a person's life, body, or health; (5) public interest, for the performance of task carried out in the public interest or for exercising of official authorities or duties; and/or (6) the reason for an establishment and defenses of legal claims.

The Company may collect, use and disclose a User’s Personal Data for the following purposes: 

    A. To provide the DOSI Services: We use Personal Data to provide you with DOSI Services pursuant to the specific Terms of Service for each of the DOSI Service. For example, we may use Personal Data for the following purposes:

• to enable you to access the DOSI Services
• to offer undisturbed, smooth Services to you (including, but not limited to, software upgrades and improvements of the Services);
• to ensure that the DOSI Services are functioning properly;
• to administer our website and to track user movement;
• for troubleshooting purposes;
• to allow you to manage your account; and/or
• to conduct any other activities that are required to provide the DOSI Services.

 B. To enforce the terms of the  Terms of Service of DOSI Services and other agreements: We use Personal Data to enforce the Terms of Service of DOSI Services, this Privacy Policy and other agreements with Users (collectively, the “Policies”), as well as agreements with third parties.  For example, we may use Personal Data for the following purposes:

• to detect, prevent, investigate or report actual or potential violations of the Policies or any suspected illegal activities;
• in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
• to protect us and our operations or those of our service providers;
• to protect the rights, privacy, safety and property of us and our service providers;
• to prevent physical harm or financial loss or any other risk for us, any of our service providers or any other individual involved in the provision of the DOSI Services;
• to allow us to pursue available remedies or limit the damages that we or our service providers may sustain; and/or
• to otherwise enforce the Policies.

C. To detect and prevent fraud: We process your Personal Data to detect and prevent fraud on your account.  For example, we may use Personal Data for the following purposes:

• to prevent any unauthorized/fraudulent use of the DOSI Services;
• to prevent, detect and investigate crime and analyze and manage commercial risks and conduct investigations relating to disputes, billing or fraud; and/or
• to perform identity verification when you make an inquiry or give us instructions.

D. To protect your rights and data and seek to ensure the integrity of the DOSI Services: Maintaining the security of your account and the DOSI Services requires us to process Personal Data, including information about your device, your account activity and other relevant information.  For example, we may use Personal Data for the following purposes:

• to prevent any data breach or circumvention of our security measures or to mitigate any possible adverse effects from such activities;
• to test, assess, or otherwise evaluate the effectiveness of the technical and organizational measures (which ensure the security of the processing of your Personal Data) put into place by us or by our service providers (including our Outsourced Contractors, as defined below); and/or
• to protect your rights, privacy, safety and property.

 E. To comply with legal and regulatory requirements: We process your Personal Data as required by applicable laws and regulations.  For example, we may use Personal Data for the following purposes:

• to respond to a verified request relating to a criminal investigation (e.g. subpoena, court order or substantially similar legal procedure) or alleged illegal activity or any other activity that may expose us or any of our service providers, or you, to any legal proceeding or legal liability;
• to meet or comply with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on us (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and/or
• to respond to requests from public and government authorities, including public and government authorities outside your country of residence.

 F. To provide you with customer support services: We process your Personal Data any time that you reach out to our Customer Support team with issues arising from your account or your use of the DOSI Services.  For example, we may use Personal Data for the following purposes:

• to respond to your inquiries and support needs and to fulfill any other request you may have made to us;
• to notify you of any other important information regarding the DOSI Services and to contact you when necessary;
• to send you administrative information, such as information concerning changes to the Policies or other announcements regarding the DOSI Services; and/or
• to otherwise provide customer support services to you.
 G. To optimize and enhance the DOSI Services: We use your Personal Data to understand how our products and DOSI Services are being used and to help us improve the DOSI Services and develop new products.  For example, we may use Personal Data for the following purposes:

• to personalize your experience by presenting content tailored to your interests;
• to develop new features of the DOSI Services or other products offered by us;
• to allow you to participate in usability studies, surveys and product tests;
• to aggregate statistical data regarding the DOSI Services;
• to conduct research and analysis aimed at reviewing and improving the DOSI Services; and/or
• to perform data analysis and audits for the purpose of improving or developing new features or services relating to the DOSI Services.
 H. To market our products to you: Based on your communication preferences, we may send you marketing communications (e.g., emails or mobile notifications) to inform you about our events; to deliver personalized marketing; and to provide you with promotional offers.  Our marketing will be conducted in accordance with your advertising/marketing preferences and as permitted by applicable law.  (See our Marketing Policy here for additional information.)

 I. For other business purposes: We may use your Personal Data for additional purposes as set out in the Addendum for GDPR in Section 18 or if (i) that purpose is disclosed to you before the Personal Data is collected or (ii) you consent to such use.  From time to time, and as required under applicable law, we may request your permission to allow us to share your Personal Data with third parties not presently covered by this Privacy Policy, or to use your Personal Data for a purpose that is incompatible with the purposes for which it was originally collected or for which your consent was subsequently obtained.  If you choose to limit the use of your Personal Data, certain features of the DOSI Services may not be available to you.
5. Sale or Other Disclosure of Personal Data

We do not sell, rent, release, disseminate, make available, transfer, exchange, share, communicate or otherwise disclose (hereinafter “disclose”) your Personal Data to third parties for their marketing purposes, or for other purposes not contemplated by this Privacy Policy or permitted under applicable law. Subject to restrictions imposed under applicable law, this shall not prejudice our right to disclose your Personal Data to others (including public authorities, law enforcement agencies, data protection authorities or regulatory agencies, government officials or any other authorized third party) for the purposes listed in this Privacy Policy, if:

• it is necessary for the conclusion or the performance of a contract or for the provision of the DOSI Services;
• it is required by law or by virtue of public interest;
• it is required pursuant to a civil, criminal or regulatory inquiry, investigation, subpoena or summons;
• it is required by virtue of your vital interest;
• it is necessary to pursue the Company’s legitimate business purposes, including the exercise or defense of legal claims;
• you have given your consent; or
• it is so allowed on another legal basis.
We may provide the Personal Data to any of the LINE NEXT Affiliates if the LINE NEXT Affiliate is appointed or engaged by us to provide any part of the DOSI Services. We shall take steps to ensure that the LINE NEXT Affiliates abide by this Privacy Policy so as to protect your Personal Data.

In addition, we may disclose your Personal Data to third parties in the following circumstances:

• To financial institutions with which we partner to process payments you have authorized.
• To service providers under contract who assist in the provision of DOSI Services or help with parts of our business operations (“Outsourced Contractors”).
Examples of the types of Outsourced Contractors we may share Personal Data with from time to time (other than those mentioned above) include those providing the following types of services:

  ◦ Security threat detection
  ◦ Payment processing
  ◦ Transaction monitoring
  ◦ Custody
  ◦ Customer support
  ◦ Internet (e.g., ISPs)
  ◦ Data analytics
  ◦ Information technology
  ◦ Advertising and marketing
  ◦ Data processing
  ◦ Network infrastructure
  ◦ Data storage and document repository services
  ◦ Tax reporting

• To companies or other entities that we plan to merge with or be acquired by, to the extent permitted under applicable law. You will receive prior notice of any change in applicable policies.
• To companies or other entities that purchase our assets pursuant to a court-approved sale or where we are required to share your information pursuant to insolvency laws in any applicable jurisdiction.
• To our professional advisors who provide banking, legal, compliance, insurance, accounting or other consulting services, including to complete third-party financial, technical, compliance and legal audits of our operations or to otherwise comply with our legal obligations.
• To law enforcement officials, or other third parties when we are compelled to do so by a subpoena, court order or similar legal procedure, or when we believe in good faith that the disclosure of such Personal Data is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of the Terms of Service of any DOSI Services or any other applicable Policies.

Specific Outsourced Contractors and other third parties with which we (or our affiliates) have entered into service contracts for identity verification and other services, and with which your Personal Data may be shared in accordance with this Privacy Policy, include (but are not necessarily limited to) the following:

a. Disclosure
DOSI Services (DOSI Wallet, DOSI Citizen, DOSI Store, GAME DOSI)
Company name Country Details
LINE NEXT Corp. Republic of Korea
 System development and operation
LINE PLUS Republic of Korea
 Customer Inquiry Support
LY Corporation
 Japan Infra operation and Data storage
GLN International Inc.
 Republic of Korea
 Cost handling and settlement
INFOBIP LTD
 The United Kingdom
 Sending service and Marketing information
Concentrix Philippines Customer service in English
Incomms Republic of Korea
 Customer service in Korean
0x&
Singapore
 GAME DOSI Community Management
Trade-Van Information Services Co.
 Taiwan eGUI issued notification in Taiwan
Homescorporation Corp.
 Republic of Korea Logistics, delivery of service goods and event prizes


b. Provision

We may provide your personal data to third parties only in circumstance where a prior consent is given by you.

DOSI Wallet
 DOSI Citizen, DOSI Store GAME DOSI
Company name (Country) Details Store IP or Affiliates
 Game Providers
LINE Pay (Japan) Fiat Payment service
DOSI Affiliates affiliates member management



6. Shared Use of Information

During the period when you use the DOSI Services, your Personal Data may be processed and used in the form(s) of printed documents and/or electronic files or otherwise by us, the LINE NEXT Affiliates, and/or the Outsourced Contractors within and/or outside the United States.

To facilitate our global operations, we may transfer, store, and process your Personal Data within our family of companies, partners, and service providers based throughout the world, including Japan, Singapore, South Korea, the United Kingdom, the United States, and possibly other countries. We will only transfer your Personal Data internationally where it is compliant with applicable data protection laws and, where relevant, the means of transfer provides adequate safeguards in relation to your Personal Data.
7. Users' Rights

Please be aware that your data protection rights set out below are not absolute and it remains the case that, in accordance with applicable data protection laws, your rights may be subject to some exceptions by law.

You may, at any time, confirm, supplement or correct your registered Personal Data on the DOSI Services. You can also deactivate your account according to the Terms of Service of the applicable DOSI Service.
You may view or request a copy of your Personal Data that we have collected from your use of the DOSI Services by contacting us via the methods described at the end of this Privacy Policy.
You may also use these contact methods to send us a request to correct or add to your Personal Data, if you find that your Personal Data registered with us has changed or is incorrect.   
You may request us to delete, or discontinue collecting, processing or using your Personal Data unless we are allowed to continue to keep, process or use your Personal Data as permitted by applicable laws and regulations.
When you request access to your Personal Data (including copies of your Personal Data) that you are unable to confirm/access through the DOSI Services, we may (subject to limitations imposed under applicable law) charge you a fee for the disclosure procedures.
You may also have the right to port your Personal Data, object to the processing, and/or request that we restrict the processing of your Personal Data, subject to the conditions under applicable data protection laws.
To the extent that we process your Personal Data based upon your consent, you may withdraw your consent at any time (subject to certain exceptions). However, your withdrawal of consent will not affect the lawfulness of our processing based on your consent before its withdrawal.
You may also lodge a complaint to the data protection authority where you believe our processing of your Personal Data is unlawful or noncompliant with applicable data protection laws

You can choose freely whether or not you will provide us with your Personal Data; however, you may be unable to use all or part of the DOSI Services until you have provided us with the necessary information.


8. Information for California Residents

If you are a resident of California, you have certain rights pursuant to the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”), and the Shine the Light law. Except where specifically noted below, both the CCPA and the CPRA are collectively referred to as the “CCPA” in this Privacy Policy. Those rights are detailed in this Section 8. To exercise the rights detailed in this Section 8, email us at dl_dosi_privacy@linecorp.com.

Your privacy rights include (i) the right to know about your personal information that we collect, disclose, sell or share, if any; (ii) the right to delete your personal information; (iii) the right to opt-out of sale or sharing of your personal information; (iv) the right to correct inaccuracies in your personal information; (v) the right to limit the use and disclosure of sensitive personal information; and(vi) the right to data portability; and (vii) the right to non-discrimination.

A. Personal information that we collect, use, and share

We do not “sell” any personal information, as “selling” is defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”).
Personal Information Category Sources of Personal Information Purpose of Collecting Personal Information Disclosure of Personal Information
(A) Identifiers such as real name, alias, postal address, phone number, unique personal identifier, online identifier, IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers Information you provide us; Information collected from you automatically; Information collected from third parties
 Sections 4A, 4B, 4C, 4D, 4E, 4F, 4G and 4H
- Financial institutions

- Service providers
- Professional advisors
- Our Affiliates
(B) Customer records such as signature
 Information you provide us; Information collected from third parties
 Sections 4B, 4E and 4F
- Third party identity verification services

- Financial institutions

- Service providers
(C) Protected classifications under California and federal law, including gender, age and citizenship Information you provide us; Information collected from third parties
 Section 4E
 - Third party identity verification services
- Professional advisors
(D) Commercial information such as records of services purchased, obtained, or considered Information you provide us; Information we collect from you automatically; Information collected from third parties
 Sections 4A, 4C, 4D, 4E, 4F, 4G and 4H
- Third party identity verification services

- Financial institutions

- Service providers
- Professional advisors
- Our Affiliates
(E) Biometric information
 Not collected
 Not applicable
 Not applicable
(F) Usage Data, including Internet or other electronic network activity information (such as browsing history and search history), and other online identifiers Information we collect from you automatically Sections 4A, 4B, 4C, 4D, 4F, 4G and 4H
- Third party identity verification services

- Service providers
- Professional advisors
- Our Affiliates
(G) Geolocation data
 Information we collect from you automatically
 Sections 4A, 4C and 4E
- Third party identity verification services

- Service providers
- Our Affiliates
(H) Sensory data, such as audio, electronic, visual information Not collected
 Not applicable Not applicable
(I) Professional or employment-related information Information you provide us; Information collected from third parties
 Sections 4C, 4E and 4H
- Third party identity verification services

- Service providers
- Our Affiliates
(J) Education information (not publicly available)
 Not collected
 Not applicable Not applicable
(K) Inferences about preferences, characteristics, predispositions, etc.
 Information you provide us; Information we collect from you automatically
 Sections 4G and 4H
 - Service providers
- Professional advisors
- Our Affiliates

B. California privacy rights

California consumers have the following rights under the CCPA with respect to their personal information.  Please understand, however, that these rights are not absolute and in certain cases are subject to conditions or limitations as specified in the CCPA.  Accordingly, we may decline requests as permitted under applicable law.

Right to Know. You may submit a request that we disclose the categories and specific pieces of personal information that we have collected, used or disclosed about you in the past 12 months. For California residents, our responses to right to know requests will cover the personal information we have collected and maintain about the consumer during the past 12 months beginning on or after January 1, 2022, or for a shorter period if an exemption applies or if requested by the consumer. Please note that we are not obligated to provide you with a copy of your personal information more than twice in a 12-month period.

The Right to Know allows you to request that we disclose the following information to you about our collection and use of your personal information in connection with our Services over the last 12 months:

• The categories of personal information we collect about you.
• The categories of sources for the personal information we collect about you.
• Our business or commercial purpose for collecting or selling that personal information.
• The categories of third parties with whom we share that personal information for cross-context behavioral advertising, if any.
• The specific pieces of personal information collected about you.
• If we sold or disclosed your personal information for a business purpose, (i) a list of the categories of personal information we have sold in the prior 12 months and (ii) a list of the categories of personal information we have disclosed in the prior 12 months.
• If we have not sold or disclosed your personal information in the preceding 12 months, we will disclose that upon request.

You also have the right to request that we disclose the following information to you about our collection and use of your sensitive personal information in connection with our Services over the last 12 months:

• The categories of sensitive personal information we collect about you.
• The categories of sources for the sensitive personal information we collect about you.
Right to Deletion. You also have the right to request that we delete any of your personal information that we collected via our Services and retained. We will not delete your information if we need it to protect the security, integrity or functionality of our operations and systems, to comply with legal obligations, to provide you with a good or service you requested, or for certain other reasons provided by the CCPA.

Right to Opt-Out of Sale or Sharing of Personal Information. You have the right to opt out of the sale or sharing of your personal information.  We do not sell or share personal information of Users within the meaning of the CCPA.

Right to Correct. You have the right to request that we correct inaccuracies in your personal information that we collect and maintain about you. If we receive a verifiable consumer request to correct inaccurate personal information, we will use commercially reasonable efforts to correct the inaccurate personal information as directed by you. We will not be able to update your information if we need it to protect the security or functionality of our operations, to comply with legal obligations, or for certain other reasons provided by the CCPA.

Right to Limit Processing Sensitive Information. We typically limit our use and disclosure of sensitive personal information to the following purposes that are exempt from the Right to Limit: (1) to perform services, such as to provide benefits to consumers; (2) to resist deceptive, fraudulent, or illegal actions; (3) to ensure the physical safety of our personnel, customers, visitors, and others; and (4) to provide short-term, transient and non-personalized advertising. We do not use sensitive personal information to infer characteristics about you for purposes other than those permitted by applicable law, including the CCPA. We will restrict the processing of sensitive information to these and other purposes authorized by the CCPA if you submit a request to limit use and disclosure of your sensitive personal information. 

Right to Data Portability. You have the right to have a copy of personal information that we collected an maintain about you transferred to you or another party.

Right to Non-Discrimination. You have the right to exercise the privacy rights conferred by the CCPA without discriminatory treatment. We will not deny services, charge different prices, offer a different quality of service or otherwise discriminate against you for exercising your California privacy rights. Nothing in this section prohibits us from charging you a different price or rate, or from providing a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to you by the use of your data. With your consent, we may choose to offer you financial incentives directly related to the value of your personal information for the collection, sale, or deletion of your personal information.

Contact Methods
You may submit a request to exercise your rights under the CCPA by emailing us at dl_dosi_privacy@linecorp.com. We are legally obligated to verify your identity when you submit a request to know, delete or correct your Personal Data.  We may request additional information from you to verify your identity.  If you submit a request to delete your personal information, you will also be required to confirm the deletion request by email.

Process to Verify Requests to Know, Correct or Delete Personal Data About a California Resident
A request to know, correct or delete your personal information must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information and that you are a resident of California. Your request must describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We ordinarily process requests within 45 days of its receipt. In some cases, we may extend this period to 90 calendar days. If we require more than 45 days, we will inform you or your authorized agent in writing of the reason we did so and the extension period.

Authorized Agent
You may designate an agent to make a request under the CCPA on your behalf.  If you choose to do so, we may require you to (1) provide the authorized agent written permission to do so or demonstrate that you have given the agent legal power of attorney, and (2) verify your own identity and residency directly. We may deny a request from an agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

Online Erasure
You may submit a request to remove information that you have posted on our mobile application by emailing us at dl_dosi_privacy@linecorp.com. Note that this does not guarantee a complete or comprehensive removal of such content. For example, content may remain on our servers even if no long visible to other users, and third-party reposted copies of the content that you posted may remain after we remove the original content that you posted. Content may also remain posted for other reasons exempted by law.

Shine the Light Law
If you are a resident of California, pursuant to California Civil Code Section 1798.83, you may request information regarding our disclosure of your personal information (if any) to a third party for that party's direct marketing purposes. Any such disclosure made to a third party by us would be otherwise in accordance with the terms of this Privacy Policy. To make such a request please email us at dl_dosi_privacy@linecorp.com.

Do Not Track Requests
“Do Not Track” signals are options on your browser that inform website operators that you would not like to have your online activity tracked. Currently, there is no industry standard regarding any appropriate action that websites should take when they receive “Do Not Track” signals. As there is no industry standard, please note that we do not alter our Website’s data and information collection and use practices when we receive a “Do Not Track” signal from your browser.
9. Anonymized and Aggregated Data

Anonymization is a data processing technique that removes or modifies personal information so that it cannot be associated with a specific individual. Aggregated data is information about our customers that we combine together so that it can no longer identify any individual customer. Except for this section, none of the other provisions of this Privacy Policy applies to anonymized or aggregated customer data

We may use anonymized or aggregated customer data for any business purpose, including to better understand customer needs and behaviors, improve our products and services, conduct business intelligence and marketing, and detect security threats.  We may perform our own analytics on anonymized data or enable analytics provided by third parties.  Types of data we may anonymize include transaction data, clickstream data, performance metrics, and fraud indicators.
10. Third-Party Sites and Services

If you authorize one or more third-party applications to access the DOSI Services, then information you have provided to us may be shared with those third parties. A connection you authorize or enable between your DOSI Services account and a non DOSI Services  account, payment instrument, or platform is considered an “account connection.” Unless you provide further permissions, we will not authorize these third parties to use this information for any purpose other than to facilitate your transactions using the Services.  Please note that third parties you interact with may have their own privacy policies, and we are not responsible for their operations or their use of data they collect.  Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices and we are not responsible for unauthorized third-party conduct.  In addition, information that we share with a third party based on an account connection will be used and disclosed in accordance with the third party’s privacy practices.  We encourage you to learn about the privacy practices of those third parties.


11. Information Security

We maintain appropriate physical, technical, organizational and administrative safeguards to prevent unauthorized or unlawful loss, access to use, alteration, correction, or disclosure of your personal data. We have implemented a system to process personal data, whether in hard copy, electronic files and / or any other form.  Our safeguard will cover the components of the relevant information system, taking into account the security implementation specified by the applicable data protection laws in order to protect the security, integrity, availability and confidentiality of the Personal Data you entrust to us according to the level of risk. This includes controlling access to personal data and critical information system components, appropriate handling of user access, determining user's responsibilities, putting in place appropriate measures for audit logging to detect access, alteration, correction or deletion of personal data. We also arrange the enhancement of knowledge and understanding related to personal data protection and security for the personnel concerned.

We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the United States and elsewhere in the world where our facilities or our service providers are located.  We protect your Personal Data by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.  For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to Personal Data only for those employees who require it to fulfill their job responsibilities.

However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur.  Please recognize that you play a vital role in protecting your own Personal Data.  When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us.  If you have reason to believe that your data is no longer secure, please contact us using the contact information provided in this Privacy Policy.


12. Retention of Personal Data

We store your Personal Data securely throughout the life of your account.  We will only retain your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting obligations or to resolve disputes.  While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your Personal Data are described below. 

• Personal Data collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as required under such laws.
• Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our suppression list to ensure we do not inadvertently market to you.
• Content that you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
• Recording of our telephone calls with you including transaction records may be kept for a period of at least five years.
• Information collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.


13. Withdrawal from the DOSI Services

If you decide to deactivate your account for the DOSI Services and not to keep using the DOSI Services, all information (including, without limitation, Personal Data) relating to you will be handled in accordance with applicable law, this Privacy Policy, and our other applicable policies. We shall not consider such deactivation as a withdrawal of consent to our use and disclosure of such information unless we are informed so in writing.

If you withdraw your consent to any or all use of your Personal Data, depending on the nature of the request, we may not be in a position to continue to provide the DOSI Services to you.


14. A Special Note about Personal Data of Minors

Minors who lack the legal capacity to contract under any applicable laws shall not set up a personal account on the Site to use the DOSI Services.  We do not knowingly request to collect personal information from any person under the age of 19. If a User submitting personal information is suspected of being under the age of 19, we will require that User to close his or her account and will not allow that User to continue using the DOSI Services.  We will also take steps to delete such User’s Personal Data as soon as possible.  Please notify us if you know of any individuals under the age of 19 using our DOSI Services to we can take action to prevent access to our DOSI Services.


15. Modifications to this Privacy Policy

This Privacy Policy may be revised from time to time.  If we make any material change, we will notify you by email (sent to the email address specified in your account), by means of a notice on our site prior to the change becoming effective, or as otherwise required by applicable law.

You can access the latest version of this Privacy Policy By visiting, accessing, or using the Services following any change to this Privacy Policy, you are consenting to the new Privacy Policy.


16. Inquiries and Complaints

If you have any uncertainty about this Privacy Policy or questions, complaints, access and/or correction requests or comments on the handling of Personal Data related to the Services, you should contact us via dl_dosi_privacy@linecorp.com.

If you believe that we have infringed your rights, you may contact the LINE NEXT Data Protection Officer at c/o dl_dosi_privacy@linecorp.com
17. Version

This Privacy Policy was updated on October 4, 2023.


18. Privacy Policy Addendum for EU/UK GDPR

General

For LINE NEXT INC., which operates a NFT Wallet Service under the name as “DOSI Services” (hereinafter the “Company”), the protection of your privacy is a primary concern.

Please note that this Addendum for GDPR is prepared for persons in the European Union (“EU”), the European Economic Area (“EEA”) and other locations subject to EU data protection law (collectively, “Europe”), in each case who may want to use the services offered and made available by the Company (including the NFT Service and associated website and web applications) (hereinafter the “Company Services”).  The Company recognizes, and to the extent applicable to it, adheres to the relevant EU data protection laws.  For purposes of this Addendum for GDPR, “Personal Data” has the meaning provided in the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

This Addendum for GDPR is fully incorporated and made part of LINE NEXT INC. DOSI Services Privacy Policy (hereinafter the “Privacy Policy”).  In the case of any conflict between a provision of this Addendum for GDPR and the main Privacy Policy, however, this Addendum for GDPR shall control.

If you are dissatisfied with any aspect of our Addendum for GDPR, you may have legal rights which we have described below where relevant.


Scope

This Addendum for GDPR shall apply to the processing, including the collection, use, retention and disclosure, by the Company of Personal Data (i.e. information relating to an identified or identifiable natural person) concerning individuals who are located in Europe at the time their Personal Data is collected (“you”).


Description of the Company’s activities

The Company’s commercial activity consists in providing you with the DOSI Services and associated website and web applications, including access to the Services, the ability to purchase and hold NFTs listed for sale at the Services.


Definitions & interpretation

In this Addendum for GDPR, unless the context otherwise requires:
• a reference to a document is a reference to that document as modified or replaced from time to time.
• a reference to a person shall include any company, corporation or any corporate body wherever incorporated.
• words importing the singular shall be treated as importing the plural and vice-versa.
• unless expressly stated otherwise, any heading, caption or section title contained in this Addendum for GDPR is inserted only as a matter of convenience and in no way defines or explains any section or provision hereof.
Data controller & data protection officer

The Company, which is incorporated under the laws of the State of Delaware in the United States and whose principal office is located in the State of California in the United States, is the legal entity responsible for the collection and processing of your Personal Data.

As regards the processing of Personal Data concerning persons within the European Union, the Company has designated the following representative in the European Union and UK:  

Representative: PLANIT // LEGAL

Attn: LINE NEXT Inc. EU/UK Representative

Jungfernstieg 1, 20095 Hamburg, Germany

The representative is mandated by the Company to be the recipient on behalf of the Company of all issues related to processing of Personal Data concerning persons within the European Union.


Categories of Personal Data collected and processed

A. Categories of Personal Data collected directly from you

Categories of Personal Data collected directly from you are set forth in the Privacy Policy, as set forth in Section 1.



B. Categories of Personal Data collected from other sources

In addition to Personal Data collected directly from you, the Company collects Personal Data relating to you from other sources, which may include information collected from third parties and information collected from you automatically.  Categories of Personal Data collected in each of these manners are set forth in the Privacy Policy, as set forth in Section 1.



C. Possible consequences of a refusal to provide your Personal Data or to consent to the transfer of your Personal Data

Certain of the Personal Data we collect from you are required to enable us to fulfill our contractual duties to you or to others. Other items may simply be needed to ensure that our relationship can run smoothly.

Depending on the type of Personal Data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfill our contractual requirements or, in extreme cases, may not be able to continue providing the Services to you.


The purposes of the processing

The Company processes your Personal Data in accordance with the Privacy Policy.


Legal bases allowing to collect and process your Personal Data

The collection and processing of your Personal Data by the Company in relation to the Company Services is lawful under Article 6 of the GDPR as it complies with one or more of the legal bases for processing Personal Data as follows:

• it is necessary for the performance of a contract to which you are party or in order to take steps, at your request, prior to entering into such contract.
• it is necessary to conduct anti-fraud and identification verification and authentication checks and to fulfil the Company’s retention obligations and otherwise comply with laws and regulations applicable to the Company’s business and operations.
• you have, if expressly set forth, given your consent to the processing of your Personal Data for certain purposes outlined in the consent request.
• it is necessary for the purposes of the Company’s legitimate interests which are not overridden by your interests or fundamental rights and freedoms. The Company’s legitimate purposes consist in particular in the promotion of its economic activities and in the effective provision of the Company Services, as those will allow the Company to generate profits and to attract new customers, as well as (to the extent not addressed above) compliance with applicable laws and regulations (whether inside or outside Europe).


Conditions applicable to your consent

Please note that where we rely on consent to process your Personal Data, you have the right to withdraw your consent at any time and we will cease to carry out that particular activity unless we consider that there is an alternative legal basis to justify our continued processing of your data for this purpose, in which case we will inform you of this condition. The withdrawal of your consent shall however not affect the lawfulness of processing based on your consent before its withdrawal.


Age limit

The Services shall only be used by persons who are at least fully 19 years of age.


Keeping your Personal Data up-to-date

You shall ensure that all your Personal Data processed by the Company are accurate, complete, true, correct and up to date. Your failure to do so may result in you being unable to use the Services. The Company shall not be liable for keeping and processing inaccurate information in a case where you did not meet your obligation to keep your Personal Data up-to-date.


Your data protection rights

A. General

To exercise your data protection rights outlined in this section, you can contact the Company by sending an email to dl_dosi_privacy@linecorp.com

Please make clear in your request which Personal Data you would like to:

• access
• rectify
• port
• object to our processing
• request the restriction of processing; or
• request erasure.
Please note that we may keep a record of your communications to help us resolve any issues which you raise.

Please be aware that your data protection rights are not absolute and it remains the case that, in accordance with applicable data protection laws, your rights may be withheld. In such event, the Company will provide you with the reasons for not complying with your request.

The Company shall process your request as soon as reasonably practicable and the Company will provide you with information on actions taken without undue delay and in any event within one month of receipt of your request. This period may be extended by a further two months where necessary, taking into account the complexity and number of your request. In this event the Company will inform you of any such extension within one month of the receipt of your request, together with the reasons for the delay.

In the event that the Company decides to not comply with your request or has not processed your request within the aforesaid timeframe, you can lodge a complaint with the national supervisory authority (see below) and you can seek a judicial remedy against the Company’s decision.

B. Your right to access, rectification, restriction of processing and erasure of your Personal Data & your right to data portability

You have, if applicable and within the limits of applicable data protection laws, the ability to request access to your Personal Data as processed by the Company and to seek the rectification of incomplete or inaccurate Personal Data or erasure of your Personal Data or to request the restriction of its processing. 

You have, within the limits of applicable data protection laws, the right to receive the Personal Data you have submitted to the Company in a structured, commonly used and machine-readable format and to transmit such Personal Data to another controller without hindrance. The Company will, where applicable and technically feasible, transmit your Personal Data directly to the data controller of your choice.

When handling requests to exercise European data privacy rights, the Company checks the identity of the requesting party to ensure that such person is the person legally entitled to make such request. While the Company maintains a policy to respond to such requests free of charge, should your request be repetitive or unduly onerous, the Company reserves the right to charge you a reasonable fee for complying with your request.

C. Your right to object

If applicable in accordance with applicable data protection legislation, you have the right to object, on grounds relating to your particular situation, at any time, to the processing of your Personal Data by the Company (including profiling based on your Personal Data) , unless:

(a)   there exist compelling legitimate grounds for such processing which override your interests, rights and freedoms; or

(b)  the processing is necessary for the establishment, exercise or defence of legal claims.

Notwithstanding the foregoing, please be aware that you have the right to object at any time to processing of your Personal Data for direct marketing purposes (including profiling to the extent that it is related to such direct marketing). In this event, you may opt-out of such processing by sending an email to dl_dosi_privacy@linecorp.com

International transfers of Personal Data

The Company will transfer your Personal Data to third countries of its choice, in particular the United States, South Korea and Japan.  Such transfers to third countries may be based on:

• Contractual Obligations: Where transfers are necessary to satisfy the Company’s obligations to you under its Terms of Service, including the provision of the Company Services and customer support services, and to optimize and enhance the Company Services.
• Consent: Where you have consented to the transfer of your Personal Data to a third country.

The Company expects that the primary data storage location for Personal Data will be in Japan.

Japan and South Korea have been considered by the European Commission to provide an adequate level of protection for personal data.

Where the Company transfers your Personal Data to jurisdictions which have not been designated as having an adequate level of protection for your Personal Data (a "third country") such as the United States), the Company will only make such transfers where it is compliant with applicable data protection laws and, where relevant, the means of transfer provides adequate safeguards in relation to your Personal Data, for example, the Company may deploy the following safeguards:

• Standard Contractual Clauses: the Company provides Standard Contractual Clauses approved by the European Union to meet GDPR requirements for your Personal Data.

Where transfers to a third country are based on your consent, you may withdraw your consent at any time.  However, the Services may not be available to you if the Company is unable to transfer your Personal Data to third countries.
Disclosure and Sharing of Personal Data

The Company may disclose to and/or share your Personal Data with others in accordance with applicable laws and regulations, in particular with a view to accomplish the purposes set forth in the Privacy Policy.  The Company will not sell your Personal Data.

A. Recourse to service providers

The Company may disclose to and/or share your Personal Data with its service providers (including its processors), in particular to fulfil the purposes set forth in the Privacy Policy.

B. Categories of recipients of your Personal Data

Categories of recipients with which the Company may disclose and/or share your Personal Data, as well as information regarding certain specified service providers and other third parties with which your Personal Data may be shared, are set forth in Section 5 of the Privacy Policy.


Security of Personal Data

The Company protects your Personal Data by using appropriate administrative, technical and organisational security measures to reduce the risks of loss, theft, misuse, unauthorised access, disclosure, destruction and alteration of your Personal Data. These security measures include:

• The Company stores critical Personal Data with encryption;
• The Company encrypts with SSL, HTTPS, and TLS;
• The Company regularly scans the Company’s Website to detect vulnerabilities and security issues and implements additional security measures to identified security issues immediately;
• The Company regularly perform internal and external penetration testing to validate security level;
• The Company operates a 24x7 CSIRT (Computer Security Incident Response Team) to monitor security events;
• The Company operates a Risk Management team, monitoring any suspicious or fraudulent activities involving the Company Services;
• The Company conducts security awareness training for employees on a yearly basis;
• The Company has a cybersecurity policy for securing the confidentiality, integrity, and availability of Personal Data;
• Access to Personal Data is granted with approval and based on “need-to-know” policy.

The Company security measures will be reviewed regularly in light of relevant legal and technical developments. Please be aware, however, that today no processing, transmission or storage of data, including Personal Data – even in high security environments and notwithstanding any appropriate security measures – ensures absolute protection.

If you have reason to believe that your Personal Data is no longer secure, you shall immediately notify such information to the Company by contacting us at dl_dosi_privacy@linecorp.com


Automated Decision Making

The Company may engage in automated decision making for certain purposes, including making improvements to the Services.