DN Solutions

1. Privacy and Information Processing Policy

01. General Rules

Personal information is information regarding a living person. That is, personal information refers to information that through which a person can be identified such as name, resident registration number, and image. This includes information which may not identify a person on its own, but when combined with other information, may identify a person. A personal information provider is a person who can be identified by the processed information. DNSA will disclose the Privacy and Information Processing Policy on the first page of its Website so that you can always easily review the policy. When the Policy is amended, we will publicly notify you of the amendment through a notice on our Website or individually.

02. Processed Personal Information and Processing Purpose

Unless permitted by relevant laws and regulations or without the personal information provider’s prior consent, DNSA will not process any sensitive information and personal identification information issued for the purpose of identifying an individual that may seriously infringe the privacy of personal information provider.

A. Processed Information

[ Concerning customers ]
Name, postal address, email, company name, service usage data, access information, cookies, and IP address.

[ Concerning employment with DNSA ]
Name, resident registration number, photo, password, postal address, telephone number, cellphone number, email, education, military service, foreign language competence, computer competence, license/certificate, family, and work experience.

B. Purposes of Processing

[ Concerning customers ]
- Member management and customer service including handling of complaints
- Online market research or opinion poll
- Marketing or advertising
- Service offerings and settlement of fees

[ Concerning employment with DNSA ]
- Recruitment screening and contact with applicants
- Wage/salary payment, fringe benefits, HR management including various job performance supports, and evaluations.

03. Processing and the Retention Period of Personal Information

Once the purposes of collection and the use of personal information are met and completed, generally, the relevant information will be promptly destroyed. However, we will retain the following information during the period and for the reasons specified below, and we will obtain consent from the person who provided his or her own personal information, as necessary.

- Retained information (Customer) : Name, postal address, email, and company name
- Retention period : One year
- Reason of retention : User inquiries/requests control, user identification, etc.

- Retained information (Customer) : Service usage data, access information, cookies, and IP address
- Retention period : One year
- Reason of retention : Improve service quality through data analysis of the user’s service usage

- Retained information (Employment) : Name, resident registration number, photo, password, postal address, telephone number, cellphone number, email, education, military service, foreign language competence, computer competence, license/certificate, family, and work experience
- Retention period : Until the expiration of employment relationship However, the personal information of an applicant for employment, who was not employed, will be retained for 1 year for future employment management purposes with the person’s consent.
- Reason of retention : wage/salary payment, fringe benefit, HR management including various job performance supports, and evaluations

※ However, the personal information of an applicant, who was not employed, will be discarded immediately after the completion of the employment.

04. How Personal Information is Destroyed

Any personal information saved in an electronic file format will be deleted using a technology that prevents the recovery of the deleted records. The personal information retained on paper will be shredded or burned.

05. Disclosure of Personal Information to a Third Party

DNSA will collect personal information within the scope of the purpose of the collection, and will not use your personal information beyond the scope of collection purpose or offer or disclose it to a third party. However, the following are the exceptions to the above rule:

- Consent was received from the person who provided his or her own personal information.
- In accordance with specific provisions in other relevant laws.
- The person providing their own personal information or his/her legal representative is in a state in which an opinion/intention cannot be expressed, or prior consent cannot be gained due to an invalid address, but disclosure to a third party is urgently needed for the sake of the data provider or a third party’s life, body, and property.
- If necessary for statistical purposes and academic studies, where personal information is provided in a way as not to identify a specific individual.

DNSA currently offers personal information to third parties as follows:

- Authorized Dealers of DNSA
- Offered personal information : Name, address, contact information
- Usage purpose : Sales leads
- Retention and use period : Indefinitely

06. Contracting of Personal Information Processing

DNSA will not delegate or contract personal information processing to an outside agency without your consent. We contract personal information processing, and regulate necessary matters/issues so that personal information can be appropriately handled under the relevant laws and regulations.

07. Rights and Obligations of Informers and Methods to Exercise the Rights

All personal information providers providing their personal information may request the inspection, revision, deletion, and cessation of the processing of their personal information. However, DNSA may deny such a request in whole or in part in the following cases:

- When specifically required under the law or to comply with obligations under laws and regulations;
- When there is a concern for harm to another person’s life or property, or when there is a concern of unlawfully infringing upon another person’s property;
- In a case where the service contracted with the personal information provider cannot be offered without processing his or her personal information, or when it is difficult to perform the service contracted with the personal information provider, but her or she does not clearly express his/her intention to terminate the contract.

Method and Procedure to Exercise Rights

A personal information provider wanting to exercise the above rights regarding their personal information may complete the Read/Inspect, Revise, Delete, and Suspend the Processing Form and sent it by email or fax to the department in charge of personal information (See “09. Customer Request Service on Personal Information“ concerning the department). Unless there is a legitimate reason, DNSA will take respond to same within 10 days of receiving such a request. When there is a reason to reject or restrict the request, we will inform you of the reason and a method to appeal the decision within 10 days after receiving the request. When the concerned person or legal representative makes a request as above, we can confirm the identity of the person or legal representatives by checking their identification cards such as a resident registration card or a recognized electronic signature.

08. Technical, Administrative, and Physical Protection Measures for Personal Information

DNSA takes the following safeguards in handling personal information so that it will not be lost, stolen, leaked, modified, or damaged:

(Technical actions)

DNSA uses reasonable commercial efforts to comply with the criteria set forth by laws and regulations for the safe storage and transmission of personal information. We protect against computer viruses by using a vaccine program. The vaccine program is periodically updated, but if there is a sudden emergenc of a new virus, we will implement the appropriate vaccine as soon as it becomes available so that personal information infringement can be prevented. To deal with outside infiltration, including hacking, we use an infiltration interruption system and a weakness analysis system.

(Administrative actions)

DNSA uses reasonable commercial efforts to restrict the rights to access personal information to the following cases: a person carrying out sales and marketing activity involving the personal information provider, a person engaging in personal information management, or a person whose task requires the use of personal information. We conduct regular in-house training and external commissioned training for those employees that handle personal information, and we thoroughly manage and supervise them to comply with the laws and regulations regarding personal information protection.

(Physical actions)

DNSA uses reasonable commercial efforts to protect personal information; we limit physical access to the information through the use of locks and similar devices. We control access to the computer room and archives by designating and operating them as specially protected areas.

09. Additional Information for California Residents

This section provides information for California residents about their rights regarding their personal information, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA“).

Right to Opt out (“Do Not Sell“). California residents have the right to opt-out of our sale of their personal information. DN Solutions America Corporation(“DNSA“) does not sell your personal information for monetary consideration but may share your personal information with third parties for marketing purposes. You can opt-out of such sharing by submitting a Do Not Sell request at [DNSA.Marketing@dncompany.com]. We do not sell or share personal information about California residents who we know are younger than 16 years old without opt-in consent. To opt-out of the sharing, including sales, of personal information with third parties that collect information from our Sites via cookies or similar tracking technologies, you can change cookie settings by clicking on “Cookie Settings“ on the “About Cookies On This Site“ banner. You will need to adjust these settings on all of the browsers and devices you use to access our websites. If you clear cookies on your browser, you will need to reset these settings.

Verifiable Requests to Delete, and Requests to Know. Subject to certain exceptions, California residents have the right to make the following requests:

Right of Deletion: California residents have the right to request deletion of their personal information that we have collected about them, subject to certain exemptions, and to have such personal information deleted, except where necessary for any of a list of exempt purposes.

Right to Know: Specific Information. California residents have the right to request a copy of the specific pieces of personal information that we have collected about them in the prior 12 months and to have this delivered, free of charge.

Right to Know: Categories of Personal Information. California residents have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including the:

- categories of personal information collected;
- categories of sources of personal information;
- categories of personal information about them we have disclosed for a business purpose or sold;
- categories of third parties to whom we have sold or disclosed for a business purpose their personal information;
- the business or commercial purposes for collecting or selling their personal information; and
- a copy of the specific pieces of personal information we have collected about them

Right to Non-discrimination. California residents have the right not to be subject to discriminatory treatment for exercising their rights under the CCPA.

Submitting Requests. You may submit requests to us at [DNSA.Marketing@dncompany.com]. In order to make a request, you will need to provide us with your name, email address, telephone number, and mailing address.

Please note that we may require additional information from you in order to verify your request.

Authorized agents may submit requests to us at [DNSA.Marketing@dncompany.com]. If you are submitting a request through an authorized agent, the authorized agent must confirm their relationship with you. We may also request that any authorized agents verify their identity, including by providing information about themselves, such as their name, email, phone number, and address. We may reach out to you directly to confirm your own identity or that you have provided the agent with your permission to submit the request on your behalf.

There may be circumstances where we will not be able to honor your request. For example, if you request deletion, we may need to retain certain personal information to comply with our legal obligations or other permitted purposes. However, we will only use personal information provided in a verifiable consumer request to verify your identity or authority to make the request.

In the past 12 months, we have shared the following personal information with third parties for commercial purposes as follows:

- Authorized Distributors of DNSA : Name, address, contact information

10. Customer Request Service for Personal Information

DNSA has appointed the following department and personal information protection administrator to protect personal information and to process complaints related to personal information:

Department in Charge of Personal Information

- Department : DNSA Sales & Marketing
- Tel : 973-618-2500
- Email : DNSA.Marketing@DNCompany.com
- Business hours : (Mon.-Fri.) 09:00 - 18:00, and closed on Saturdays and Sundays
- 10. Obligation of Public Notification

When the current Privacy and information Processing Policy is amended or deleted, the changes will become effective when notice of such change is posted.

Date of Public Notification: March 10, 2014
Date of Enforcement: March 10, 2014