DOSI_PRIVACY_POLICY

LINE NEXT Inc. DOSI Services Privacy Policy

The purpose of this document (“Privacy Policy”) is to inform you (“you” or “User”) of how LINE NEXT Inc. manages Personal Data (as hereinafter defined) in connection with DOSI Services (DOSI, Store and Market) (referred to collectively as the “ DOSI Services”).

Please take a moment to read this Privacy Policy carefully so that you know and understand the purposes for which we collect, use and disclose your Personal Data. If you have any questions about this Privacy Policy, please submit your request using our online Support portal or by email.

	DOSI
Support Portal	https://contact.dosi.world
Email	dl_dosi_privacy@linecorp.com

By interacting with us, submitting information to us, or signing up for or accessing DOSI Services offered by us, you indicate your acceptance of the terms of this Privacy Policy and consent to LINE NEXT Inc. (LINE NEXT Affiliates), as well as our respective representatives and/or agents (collectively referred to herein as "the Company", "us", "we" or "our") collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Company's authorized service providers and relevant third parties in the manner set forth in this Privacy Policy. If you do not agree with or are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access to or use of the DOSI Services.

*LINE NEXT Inc. does not collect any data from individuals located in the European Union and/or United Kingdom. Our website and services are not intended for EU/UK residents, and we do not knowingly collect personal information from them. If you are an EU/UK resident, please refrain from using our website or providing any personal data.

Personal Data Collected by the Company (hereinafter the “Personal Data”)

“Personal Data” is information that we collect from you or about you that is capable of identifying you alone or in combination with other pieces of information that we collect.
When you access any of our Services, we may collect the following categories of Personal Data:

If a specific DOSI service is not used, the Company will not collect the personal data that is related to the DOSI Service that is not used.

Category	DOSI	DOSI Store/Market(List)
Information collected third party services	(To sign up for DOSI Services via Social Networking Services(SNS)) SNS ID, SNS type, SNS Email (To sign up for DOSI Services via LINE) LINE identifier, Email, Regioncode (To connect DOSI to third party services) Service identifier (To manage Community) Discord ID	NA
Information you provide us when signing up for the DOSI Services	Email, Region data, Passcode	NA
Information automatically created when using the DOSI Services	DOSI identifier Semi Hosted Wallet Address, Wallet ID, Wallet account status, Wallet account level	Store/Maeket identifier
Information you provide us while using the DOSI Services	(User Profile) Image, Nick name (User certification) Phone Number, Country Code (FNSA register) Non Hosted wallet address, email (To register as a C2C seller) Name, Date of birth, Address, Phone Number, Email, Metamask Wallet Address, Non Hosted Wallet Address (To fill out tax reporting form) All the information regarding W9(US person), W8(Non US person) form	(To reward a Digital item prize to DOSI Citizen event winner) ERC Wallet Address, Kaikas Wallet Address, Phone Number, Discord User Name (To designate and reward to DOSI Ambassador) Name, Date of Birth, Address (Stamp service) LINE identifier
Information collected via technology when using the DOSI Services	Service usage data such as system activity, Access history, Online identifiers such as IP address and domain name, clickstream information, Cookies, Device information(OS type and version) Transaction information relating to your use of the DOSI Services such as purchase and sales history
Information collected when submitting request via the support portal	Email , Phone number(last 4 digits), Information on the inquiry form, Information generated during complaint handling, Correspondence, being information that you provide to us in correspondence, including ongoing customer support
Information collected for advertising and marketing	Email , Service usage data such as system activity, Access history, Online identifiers such as IP address and domain name, clickstream information, Payment history, Cookies, Device information (OS type and version)

We do not store any credit card or debit card information online. Payment transactions are processed via third-party payment services such as "LINE Pay”, "NAVER Pay" and "Stripe".

In addition to the foregoing, the Company may require you to provide additional Personal Data when you require support, send us information for troubleshooting or other analysis, participate in a survey or our other promotional activities or solicit any other communication from us, among other activities.

Cookies and Similar Technology

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Cookies are typically stored on your computer's hard drive. We use information collected from cookies is used by us to analyze trends, to administer the DOSI Services and to evaluate their effectiveness. With this knowledge, we can provide you with a more personalized experience when using the DOSI Services and we can improve the quality of such experience by recognizing and delivering more of the most desired features and information and by resolving access difficulties. We may also use cookies, “web bugs” or “clear gifs,” which are typically stored in emails to help us confirm your receipt of, and response to, our emails.

Our service providers may also place cookies on the hard drive of your device with a view to receiving information that will educate us and our service providers on different aspects, such as how you navigate on the DOSI Services. Our service providers may analyze these data with a view to allow us to better understand your interests in the DOSI Services and to better serve those interests.

Please note that data collected by use of cookies or similar technologies may be linked to and combined with any other data, including Personal Data, relating to you that we process. Data collected by the use of cookies or similar technologies may also be used to assist us in (i) meeting our compliance obligations (including under applicable anti-money laundering and terrorism prevention laws), (ii) detecting irregular, suspicious or potentially fraudulent account activities, and (iii) assessing and improving the DOSI Services and advertising campaigns.

We and our service providers also use Pixel, a weblog collection tool provided by Meta, to provide information. Pixels collect information through cookies, which collect information in an unidentifiable form.

You can choose to deactivate cookies; however, in such circumstances, you will not be able to use parts of the DOSI Services which require cookies to be operate.

See below for the types of cookies we use and the functionality they support. If a specific DOSI service is not used, the information related to the service does not apply.

Necessary Cookies—these cookies enable core functionality of the website. They help to make a website useable by enabling basic functionality.

DOSI			AVA
Cookie Name	Duration	Description	Cookie Name	Duration	Description
DOSI_SES	1 year	This cookie is used in authentication to allow access to the service.	AVACC	1 year	This cookie is collected to determine whether a user has a history of accepting cookies.
DOSI_CHK	1 year	This cookie is used to verify expiration time of the access token.	AVA_RF	7 days	This cookie is used to refresh in terms of auth.
CC	1 year	This cookie is used to store the user's choice of cookie options	AVA_TOKEN	6 hours	This cookie is used in authentication to allow access to the Services.
DOSI_SVC	1 year	This cookie is used to store the user's service usage history.	NEXT_LOCALE	session	This cookie is collected to save the language setting selected by the user.
lng	1 year	This cookie is used to store what language the non-login user uses.	idsrv	5 minutes	The cookies is used in authentication to allow access access to the Services.

Analytic Cookies—these cookies are used to collect information and report about website usage statistics without personally identifying individual visitors.
We use a tool “Google Analytics” to study how often Users visit the DOSI Services, what pages they visit when they do so, and what other sites they used prior to coming to the DOSI Services. We use the information we get from Google Analytics only to improve the DOSI Services. Google Analytics collects only the IP address assigned to you on the date you visit the DOSI Services. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit the DOSI Services, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the DOSI Services is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser by clicking here.

Cookie Name	Duration	Description
_ga, _ga_XXXX	2 years	This cookie is used to distinguish a user on the website. It calculates visitor, session, campaign data and keeps track of site usage for the site’s analytics report.
_gat	1 Minute	This cookie limits the user requests.
_gid	1 day	This cookie is used to distinguish a user on the website. It is used to store information on how visitors use the website and helps in creating an analytics report of how the website is doing. The data collected includes the number of visitors, their source, and the pages

Browser Adjustment

Necessary cookies cannot be switched off, however you can withdraw consent for analytic cookies at any time by changing your browser settings. If you choose to switch off all cookies (excluding necessary cookies), please be aware that DOSI Services may no longer function as intended.

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer's website.

Purpose for Collection, Use and Disclosure of User Personal Data

Except in limited instances where your consent is required, we collect, use, and/or disclose your Personal Data on the legal basis of (1) contractual basis, for performance of a contract and provision of Services or taking steps prior to entering into a contract; (2) legal obligation, for fulfilment of our legal obligations; (3) legitimate interests, for the purpose of our legitimate interests and the legitimate interests of third parties, proportionate to your interest and fundamental rights and freedoms to the protection of your Personal Data; (4) vital interest, for the prevention or suppression of danger to a person's life, body, or health; (5) public interest, for the performance of task carried out in the public interest or for exercising of official authorities or duties; and/or (6) the reason for an establishment and defenses of legal claims.

The Company may collect, use and disclose a User’s Personal Data for the following purposes:

To provide the DOSI Services: We use Personal Data to provide you with DOSI Services pursuant to the specific Terms of Service for each of the DOSI Service. For example, we may use Personal Data for the following purposes:

to enable you to access the DOSI Services
to offer undisturbed, smooth Services to you (including, but not limited to, software upgrades and improvements of the Services);
to ensure that the DOSI Services are functioning properly;
to administer our website and to track user movement;
for troubleshooting purposes;
to allow you to manage your account; and/or
to conduct any other activities that are required to provide the DOSI Services.

To enforce the terms of the Terms of Service of DOSI Services and other agreements: We use Personal Data to enforce the Terms of Service of DOSI Services, this Privacy Policy and other agreements with Users (collectively, the “Policies”), as well as agreements with third parties. For example, we may use Personal Data for the following purposes:

to detect, prevent, investigate or report actual or potential violations of the Policies or any suspected illegal activities;
in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
to protect us and our operations or those of our service providers;
to protect the rights, privacy, safety and property of us and our service providers;
to prevent physical harm or financial loss or any other risk for us, any of our service providers or any other individual involved in the provision of the DOSI Services;
to allow us to pursue available remedies or limit the damages that we or our service providers may sustain; and/or
to otherwise enforce the Policies.

To detect and prevent fraud: We process your Personal Data to detect and prevent fraud on your account. For example, we may use Personal Data for the following purposes:

to prevent any unauthorized/fraudulent use of the DOSI Services;
to prevent, detect and investigate crime and analyze and manage commercial risks and conduct investigations relating to disputes, billing or fraud; and/or
to perform identity verification when you make an inquiry or give us instructions.

To protect your rights and data and seek to ensure the integrity of the DOSI Services: Maintaining the security of your account and the DOSI Services requires us to process Personal Data, including information about your device, your account activity and other relevant information. For example, we may use Personal Data for the following purposes:

to prevent any data breach or circumvention of our security measures or to mitigate any possible adverse effects from such activities;
to test, assess, or otherwise evaluate the effectiveness of the technical and organizational measures (which ensure the security of the processing of your Personal Data) put into place by us or by our service providers (including our Outsourced Contractors, as defined below); and/or
to protect your rights, privacy, safety and property.

To comply with legal and regulatory requirements:We process your Personal Data as required by applicable laws and regulations. For example, we may use Personal Data for the following purposes:

to respond to a verified request relating to a criminal investigation (e.g. subpoena, court order or substantially similar legal procedure) or alleged illegal activity or any other activity that may expose us or any of our service providers, or you, to any legal proceeding or legal liability;
to meet or comply with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on us (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and/or
to respond to requests from public and government authorities, including public and government authorities outside your country of residence.

To provide you with customer support services: We process your Personal Data any time that you reach out to our Customer Support team with issues arising from your account or your use of the DOSI Services. For example, we may use Personal Data for the following purposes:

to respond to your inquiries and support needs and to fulfill any other request you may have made to us;
to notify you of any other important information regarding the DOSI Services and to contact you when necessary;
to send you administrative information, such as information concerning changes to the Policies or other announcements regarding the DOSI Services; and/or
to otherwise provide customer support services to you.

To optimize and enhance the DOSI Services: We use your Personal Data to understand how our products and DOSI Services are being used and to help us improve the DOSI Services and develop new products. For example, we may use Personal Data for the following purposes:

to personalize your experience by presenting content tailored to your interests;
to develop new features of the DOSI Services or other products offered by us;
to allow you to participate in usability studies, surveys and product tests;
to aggregate statistical data regarding the DOSI Services;
to conduct research and analysis aimed at reviewing and improving the DOSI Services; and/or
to perform data analysis and audits for the purpose of improving or developing new features or services relating to the DOSI Services.

To market our products to you: Based on your communication preferences, we may send you marketing communications (e.g., emails or mobile notifications) to inform you about our events; to deliver personalized marketing; and to provide you with promotional offers. Our marketing will be conducted in accordance with your advertising/marketing preferences and as permitted by applicable law. (See our Marketing Policy herefor additional information.)
For other business purposes: We may use your Personal Data for additional purposes as set out in the Addendum for GDPR in Section 18 or if (i) that purpose is disclosed to you before the Personal Data is collected or (ii) you consent to such use. From time to time, and as required under applicable law, we may request your permission to allow us to share your Personal Data with third parties not presently covered by this Privacy Policy, or to use your Personal Data for a purpose that is incompatible with the purposes for which it was originally collected or for which your consent was subsequently obtained. If you choose to limit the use of your Personal Data, certain features of the DOSI Services may not be available to you.
Sale or Other Disclosure of Personal Data

We do not sell, rent, release, disseminate, make available, transfer, exchange, share, communicate or otherwise disclose (hereinafter “disclose”) your Personal Data to third parties for their marketing purposes, or for other purposes not contemplated by this Privacy Policy or permitted under applicable law. Subject to restrictions imposed under applicable law, this shall not prejudice our right to disclose your Personal Data to others (including public authorities, law enforcement agencies, data protection authorities or regulatory agencies, government officials or any other authorized third party) for the purposes listed in this Privacy Policy, if:

it is necessary for the conclusion or the performance of a contract or for the provision of the DOSI Services;
it is required by law or by virtue of public interest;
it is required pursuant to a civil, criminal or regulatory inquiry, investigation, subpoena or summons;
it is required by virtue of your vital interest;
it is necessary to pursue the Company’s legitimate business purposes, including the exercise or defense of legal claims;
you have given your consent; or
it is so allowed on another legal basis.

We may provide the Personal Data to any of the LINE NEXT Affiliates if the LINE NEXT Affiliate is appointed or engaged by us to provide any part of the DOSI Services. We shall take steps to ensure that the LINE NEXT Affiliates abide by this Privacy Policy so as to protect your Personal Data.

In addition, we may disclose your Personal Data to third parties in the following circumstances:

To financial institutions with which we partner to process payments you have authorized.
To service providers under contract who assist in the provision of DOSI Services or help with parts of our business operations (“Outsourced Contractors”).

Examples of the types of Outsourced Contractors we may share Personal Data with from time to time (other than those mentioned above) include those providing the following types of services:

Security threat detection
Payment processing
Transaction monitoring
Custody
Customer support
Internet (e.g., ISPs)
Data analytics
Information technology
Advertising and marketing
Data processing
Network infrastructure
Data storage and document repository services
Tax reporting

To companies or other entities that we plan to merge with or be acquired by, to the extent permitted under applicable law. You will receive prior notice of any change in applicable policies.
To companies or other entities that purchase our assets pursuant to a court-approved sale or where we are required to share your information pursuant to insolvency laws in any applicable jurisdiction.
To our professional advisors who provide banking, legal, compliance, insurance, accounting or other consulting services, including to complete third-party financial, technical, compliance and legal audits of our operations or to otherwise comply with our legal obligations.
To law enforcement officials, or other third parties when we are compelled to do so by a subpoena, court order or similar legal procedure, or when we believe in good faith that the disclosure of such Personal Data is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of the Terms of Service of any DOSI Services or any other applicable Policies.

Specific Outsourced Contractors and other third parties with which we (or our affiliates) have entered into service contracts for identity verification and other services, and with which your Personal Data may be shared in accordance with this Privacy Policy, include (but are not necessarily limited to) the following:

Disclosure

Company name	Country	Details
LINE NEXT Corp.	Republic of Korea	System development and operation
LINE PLUS	Republic of Korea	Customer Inquiry Support
LY Corporation	Japan	Infra operation and Data storage
GLN International Inc.	Republic of Korea	Cost handling and settlement
INFOBIP LTD	The United Kingdom	Sending service and Marketing information
Concentrix	Philippines	Customer service in English
Incomms	Republic of Korea	Customer service in Korean
0x&	Singapore	GAME DOSI Community Management
Trade-Van Information Services Co.	Taiwan	eGUI issued notification in Taiwan
Homescorporation Corp.	Republic of Korea	Logistics, delivery of service goods and event prizes

Provision

We may provide your personal data to third parties only in circumstance where a prior consent is given by you. (Details)

Shared Use of Information

During the period when you use the DOSI Services, your Personal Data may be processed and used in the form(s) of printed documents and/or electronic files or otherwise by us, the LINE NEXT Affiliates, and/or the Outsourced Contractors within and/or outside the United States.

To facilitate our global operations, we may transfer, store, and process your Personal Data within our family of companies, partners, and service providers based throughout the world, including Japan, Singapore, South Korea, the United Kingdom, the United States, and possibly other countries. We will only transfer your Personal Data internationally where it is compliant with applicable data protection laws and, where relevant, the means of transfer provides adequate safeguards in relation to your Personal Data.

Users' Rights

Please be aware that your data protection rights set out below are not absolute and it remains the case that, in accordance with applicable data protection laws, your rights may be subject to some exceptions by law.

You may, at any time, confirm, supplement or correct your registered Personal Data on the DOSI Services. You can also deactivate your account according to the Terms of Service of the applicable DOSI Service.
You may view or request a copy of your Personal Data that we have collected from your use of the DOSI Services by contacting us via the methods described at the end of this Privacy Policy.
You may also use these contact methods to send us a request to correct or add to your Personal Data, if you find that your Personal Data registered with us has changed or is incorrect.
You may request us to delete, or discontinue collecting, processing or using your Personal Data unless we are allowed to continue to keep, process or use your Personal Data as permitted by applicable laws and regulations.
When you request access to your Personal Data (including copies of your Personal Data) that you are unable to confirm/access through the DOSI Services, we may (subject to limitations imposed under applicable law) charge you a fee for the disclosure procedures.
You may also have the right to port your Personal Data, object to the processing, and/or request that we restrict the processing of your Personal Data, subject to the conditions under applicable data protection laws.
To the extent that we process your Personal Data based upon your consent, you may withdraw your consent at any time (subject to certain exceptions). However, your withdrawal of consent will not affect the lawfulness of our processing based on your consent before its withdrawal.
You may also lodge a complaint to the data protection authority where you believe our processing of your Personal Data is unlawful or noncompliant with applicable data protection laws

You can choose freely whether or not you will provide us with your Personal Data; however, you may be unable to use all or part of the DOSI Services until you have provided us with the necessary information.

Information for California Residents

If you are a resident of California, you have certain rights pursuant to the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”), and the Shine the Light law. Except where specifically noted below, both the CCPA and the CPRA are collectively referred to as the “CCPA” in this Privacy Policy. Those rights are detailed in this Section 8. To exercise the rights detailed in this Section 8, email us at dl_dosi_privacy@linecorp.com.

Your privacy rights include (i) the right to know about your personal information that we collect, disclose, sell or share, if any; (ii) the right to delete your personal information; (iii) the right to opt-out of sale or sharing of your personal information; (iv) the right to correct inaccuracies in your personal information; (v) the right to limit the use and disclosure of sensitive personal information; and(vi) the right to data portability; and (vii) the right to non-discrimination.

Personal information that we collect, use, and share

We do not “sell” any personal information, as “selling” is defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”).

Personal Information Category	Sources of Personal Information	Purpose of Collecting Personal Information	Disclosure of Personal Information
(A) Identifiers such as real name, alias, postal address, phone number, unique personal identifier, online identifier, IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers	Information you provide us; Information collected from you automatically; Information collected from third parties	Sections 4A, 4B, 4C, 4D, 4E, 4F, 4G and 4H	- Financial institutions - Service providers - Professional advisors - Our Affiliates
(B) Customer records such as signature	Information you provide us; Information collected from third parties	Sections 4B, 4E and 4F	- Third party identity verification services - Financial institutions - Service providers
(C) Protected classifications under California and federal law, including gender, age and citizenship	Information you provide us; Information collected from third parties	Section 4E	- Third party identity verification services - Professional advisors
(D) Commercial information such as records of services purchased, obtained, or considered	Information you provide us; Information we collect from you automatically; Information collected from third parties	Sections 4A, 4C, 4D, 4E, 4F, 4G and 4H	- Third party identity verification services - Financial institutions - Service providers - Professional advisors - Our Affiliates
(E) Biometric information	Not collected	Not applicable	Not applicable
(F) Usage Data, including Internet or other electronic network activity information (such as browsing history and search history), and other online identifiers	Information we collect from you automatically	Sections 4A, 4B, 4C, 4D, 4F, 4G and 4H	- Third party identity verification services - Service providers - Professional advisors - Our Affiliates
(G) Geolocation data	Information we collect from you automatically	Sections 4A, 4C and 4E	- Third party identity verification services - Service providers - Our Affiliates
(H) Sensory data, such as audio, electronic, visual information	Not collected	Not applicable	Not applicable
(I) Professional or employment-related information	Information you provide us; Information collected from third parties	Sections 4C, 4E and 4H	- Third party identity verification services - Service providers - Our Affiliates
(J) Education information (not publicly available)	Not collected	Not applicable	Not applicable
(K) Inferences about preferences, characteristics, predispositions, etc.	Information you provide us; Information we collect from you automatically	Sections 4G and 4H	- Service providers - Professional advisors - Our Affiliates

California privacy rights

California consumers have the following rights under the CCPA with respect to their personal information. Please understand, however, that these rights are not absolute and in certain cases are subject to conditions or limitations as specified in the CCPA. Accordingly, we may decline requests as permitted under applicable law.

Right to Know. You may submit a request that we disclose the categories and specific pieces of personal information that we have collected, used or disclosed about you in the past 12 months. For California residents, our responses to right to know requests will cover the personal information we have collected and maintain about the consumer during the past 12 months beginning on or after January 1, 2022, or for a shorter period if an exemption applies or if requested by the consumer. Please note that we are not obligated to provide you with a copy of your personal information more than twice in a 12-month period.

The Right to Know allows you to request that we disclose the following information to you about our collection and use of your personal information in connection with our Services over the last 12 months:

The categories of personal information we collect about you.
The categories of sources for the personal information we collect about you.
Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information for cross-context behavioral advertising, if any.
The specific pieces of personal information collected about you.
If we sold or disclosed your personal information for a business purpose, (i) a list of the categories of personal information we have sold in the prior 12 months and (ii) a list of the categories of personal information we have disclosed in the prior 12 months.
If we have not sold or disclosed your personal information in the preceding 12 months, we will disclose that upon request.

You also have the right to request that we disclose the following information to you about our collection and use of your sensitive personal information in connection with our Services over the last 12 months:

The categories of sensitive personal information we collect about you.
The categories of sources for the sensitive personal information we collect about you.

Right to Deletion. You also have the right to request that we delete any of your personal information that we collected via our Services and retained. We will not delete your information if we need it to protect the security, integrity or functionality of our operations and systems, to comply with legal obligations, to provide you with a good or service you requested, or for certain other reasons provided by the CCPA.

Right to Opt-Out of Sale or Sharing of Personal Information. You have the right to opt out of the sale or sharing of your personal information. We do not sell or share personal information of Users within the meaning of the CCPA.

Right to Correct. You have the right to request that we correct inaccuracies in your personal information that we collect and maintain about you. If we receive a verifiable consumer request to correct inaccurate personal information, we will use commercially reasonable efforts to correct the inaccurate personal information as directed by you. We will not be able to update your information if we need it to protect the security or functionality of our operations, to comply with legal obligations, or for certain other reasons provided by the CCPA.

Right to Limit Processing Sensitive Information. We typically limit our use and disclosure of sensitive personal information to the following purposes that are exempt from the Right to Limit: (1) to perform services, such as to provide benefits to consumers; (2) to resist deceptive, fraudulent, or illegal actions; (3) to ensure the physical safety of our personnel, customers, visitors, and others; and (4) to provide short-term, transient and non-personalized advertising. We do not use sensitive personal information to infer characteristics about you for purposes other than those permitted by applicable law, including the CCPA. We will restrict the processing of sensitive information to these and other purposes authorized by the CCPA if you submit a request to limit use and disclosure of your sensitive personal information.

Right to Data Portability. You have the right to have a copy of personal information that we collected an maintain about you transferred to you or another party.

Right to Non-Discrimination. You have the right to exercise the privacy rights conferred by the CCPA without discriminatory treatment. We will not deny services, charge different prices, offer a different quality of service or otherwise discriminate against you for exercising your California privacy rights. Nothing in this section prohibits us from charging you a different price or rate, or from providing a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to you by the use of your data. With your consent, we may choose to offer you financial incentives directly related to the value of your personal information for the collection, sale, or deletion of your personal information.

Contact Methods
You may submit a request to exercise your rights under the CCPA by emailing us at dl_dosi_privacy@linecorp.com. We are legally obligated to verify your identity when you submit a request to know, delete or correct your Personal Data. We may request additional information from you to verify your identity. If you submit a request to delete your personal information, you will also be required to confirm the deletion request by email.

Process to Verify Requests to Know, Correct or Delete Personal Data About a California Resident
A request to know, correct or delete your personal information must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information and that you are a resident of California. Your request must describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We ordinarily process requests within 45 days of its receipt. In some cases, we may extend this period to 90 calendar days. If we require more than 45 days, we will inform you or your authorized agent in writing of the reason we did so and the extension period.

Authorized Agent
You may designate an agent to make a request under the CCPA on your behalf. If you choose to do so, we may require you to (1) provide the authorized agent written permission to do so or demonstrate that you have given the agent legal power of attorney, and (2) verify your own identity and residency directly. We may deny a request from an agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

Online Erasure
You may submit a request to remove information that you have posted on our mobile application by emailing us at dl_dosi_privacy@linecorp.com. Note that this does not guarantee a complete or comprehensive removal of such content. For example, content may remain on our servers even if no long visible to other users, and third-party reposted copies of the content that you posted may remain after we remove the original content that you posted. Content may also remain posted for other reasons exempted by law.

Shine the Light Law
If you are a resident of California, pursuant to California Civil Code Section 1798.83, you may request information regarding our disclosure of your personal information (if any) to a third party for that party's direct marketing purposes. Any such disclosure made to a third party by us would be otherwise in accordance with the terms of this Privacy Policy. To make such a request please email us at dl_dosi_privacy@linecorp.com.

Do Not Track Requests
“Do Not Track” signals are options on your browser that inform website operators that you would not like to have your online activity tracked. Currently, there is no industry standard regarding any appropriate action that websites should take when they receive “Do Not Track” signals. As there is no industry standard, please note that we do not alter our Website’s data and information collection and use practices when we receive a “Do Not Track” signal from your browser.

Anonymized and Aggregated Data

Anonymization is a data processing technique that removes or modifies personal information so that it cannot be associated with a specific individual. Aggregated data is information about our customers that we combine together so that it can no longer identify any individual customer. Except for this section, none of the other provisions of this Privacy Policy applies to anonymized or aggregated customer data

We may use anonymized or aggregated customer data for any business purpose, including to better understand customer needs and behaviors, improve our products and services, conduct business intelligence and marketing, and detect security threats. We may perform our own analytics on anonymized data or enable analytics provided by third parties. Types of data we may anonymize include transaction data, clickstream data, performance metrics, and fraud indicators.

Third-Party Sites and Services

If you authorize one or more third-party applications to access the DOSI Services, then information you have provided to us may be shared with those third parties. A connection you authorize or enable between your DOSI Services account and a non DOSI Services account, payment instrument, or platform is considered an “account connection.” Unless you provide further permissions, we will not authorize these third parties to use this information for any purpose other than to facilitate your transactions using the Services. Please note that third parties you interact with may have their own privacy policies, and we are not responsible for their operations or their use of data they collect. Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices and we are not responsible for unauthorized third-party conduct. In addition, information that we share with a third party based on an account connection will be used and disclosed in accordance with the third party’s privacy practices. We encourage you to learn about the privacy practices of those third parties.

Information Security

We maintain appropriate physical, technical, organizational and administrative safeguards to prevent unauthorized or unlawful loss, access to use, alteration, correction, or disclosure of your personal data. We have implemented a system to process personal data, whether in hard copy, electronic files and / or any other form. Our safeguard will cover the components of the relevant information system, taking into account the security implementation specified by the applicable data protection laws in order to protect the security, integrity, availability and confidentiality of the Personal Data you entrust to us according to the level of risk. This includes controlling access to personal data and critical information system components, appropriate handling of user access, determining user's responsibilities, putting in place appropriate measures for audit logging to detect access, alteration, correction or deletion of personal data. We also arrange the enhancement of knowledge and understanding related to personal data protection and security for the personnel concerned.

We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the United States and elsewhere in the world where our facilities or our service providers are located. We protect your Personal Data by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations. For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to Personal Data only for those employees who require it to fulfill their job responsibilities.

However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own Personal Data. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us using the contact information provided in this Privacy Policy.

Retention of Personal Data

We store your Personal Data securely throughout the life of your account. We will only retain your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting obligations or to resolve disputes. While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your Personal Data are described below.

Personal Data collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as required under such laws.
Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our suppression list to ensure we do not inadvertently market to you.
Content that you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
Recording of our telephone calls with you including transaction records may be kept for a period of at least five years.
Information collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.

Withdrawal from the DOSI Services

If you decide to deactivate your account for the DOSI Services and not to keep using the DOSI Services, all information (including, without limitation, Personal Data) relating to you will be handled in accordance with applicable law, this Privacy Policy, and our other applicable policies. We shall not consider such deactivation as a withdrawal of consent to our use and disclosure of such information unless we are informed so in writing.

If you withdraw your consent to any or all use of your Personal Data, depending on the nature of the request, we may not be in a position to continue to provide the DOSI Services to you.

A Special Note about Personal Data of Minors

Minors who lack the legal capacity to contract under any applicable laws shall not set up a personal account on the Site to use the DOSI Services. We do not knowingly request to collect personal information from any person under the age of 19. If a User submitting personal information is suspected of being under the age of 19, we will require that User to close his or her account and will not allow that User to continue using the DOSI Services. We will also take steps to delete such User’s Personal Data as soon as possible. Please notify us if you know of any individuals under the age of 19 using our DOSI Services to we can take action to prevent access to our DOSI Services.

Modifications to this Privacy Policy

This Privacy Policy may be revised from time to time. If we make any material change, we will notify you by email (sent to the email address specified in your account), by means of a notice on our site prior to the change becoming effective, or as otherwise required by applicable law.

You can access the latest version of this Privacy Policy By visiting, accessing, or using the Services following any change to this Privacy Policy, you are consenting to the new Privacy Policy.

Inquiries and Complaints

If you have any uncertainty about this Privacy Policy or questions, complaints, access and/or correction requests or comments on the handling of Personal Data related to the Services, you should contact us via dl_dosi_privacy@linecorp.com.

If you believe that we have infringed your rights, you may contact the LINE NEXT Data Protection Officer at c/o dl_dosi_privacy@linecorp.com.

Version

This Privacy Policy was updated on January 10, 2024.