DHX INC. and its affiliates (hereinafter referred to as "DHX" or "the Company") value user privacy and comply with applicable laws such as the Personal Information Protection Act.

This Privacy Policy explains how the personal information provided by users is collected, used, and protected.

Any modifications to this policy will be announced through a notice on the Company's website or by individual notification.

This policy is effective from September 1, 2021.

In accordance with Article 30 of the Personal Information Protection Act (Establishment and Disclosure of Privacy Policy), the Company discloses the following details.

The Company collects and processes personal information for the following purposes.

Personal information will not be used for purposes beyond those stated below, and in the event of a change in purpose, prior consent from the user will be obtained.

Recruitment & Talent Management: Used as fundamental data for job applications, talent registration, document screening, and interviews.

Technical Support: Used as reference material during technical consultations and support services.

Website Inquiries: Used to respond to inquiries and notify users of complaint resolution.

Company Visits: Used to confirm and guide visitors upon entry.

Security & Safety: Video recordings are collected for security monitoring, fire prevention, and facility safety management.

The Company collects information provided by users and automatically generated data from their devices (e.g., service usage records, access logs, cookies, IP addresses).

Users may refuse consent to data collection; however, refusal may result in restrictions on certain processes such as recruitment.

1. Recruitment & HR Management

Required: Name, email, date of birth, gender, phone number, education, work experience, certifications, unique identifiers, biometric data (fingerprint, iris, facial recognition), and other work-related information.

Optional: Awards, language proficiency, photograph, nationality, military status, veteran status, and sensitive information (disability, medical history, criminal record).

2. Technical Support

Required: Personal ID, password, name, country, address, phone number, email.

For Corporations: Business registration number, company name, client name, position, address, phone number, fax, and contact person’s email.

3. Website Inquiries

Required: Name, email, phone number.

Optional: Any additional details provided in the inquiry.

4. Company Visits

Required: Visitor information (name, company, phone number, destination, purpose of visit), video recordings.

The Company processes personal data within the scope defined in this Privacy Policy and does not disclose it to third parties without user consent, except when required by law or legal investigations.

The Company retains and uses personal data only for the duration necessary to fulfill the intended purpose.

Once the purpose is achieved, the information is immediately deleted, except where retention is required by law.

[Recruitment & Talent Management]: Retention Items: Job application details, talent registration records.

Legal Basis: Consent of the applicant, Fair Hiring Procedure Act, Labor Standards Act, Income Tax Act, National Tax Basic Act.

Retention Period: Ongoing hiring history management: 1 year from the withdrawal date.

Retention of application documents for unsuccessful candidates: 14 to 180 days after the hiring decision (Fair Hiring Procedure Act).

Issuance of employment verification for former employees: 3 years (Labor Standards Act).

Year-end tax settlement processing: 5 years (Income Tax Act, National Tax Basic Act).

[Technical Support]: Retention Items: Consultation history of technical support requests.

Legal Basis: History management of consultations and technical support.

Retention Period: Until membership withdrawal.

[Website Inquiries]: Retention Items: Inquiry details, personal information provided during inquiries, response records.

Legal Basis: Consumer Protection Act in E-commerce Transactions.

Retention Period: 3 years.

[Company Visits]: Retention Items: Visitor details and visit records.

Legal Basis: Visitor consent and relevant laws.

Retention Period: 1 year (immediate deletion upon request).

[CCTV Footage]: Retention Items: Video surveillance recordings.

Legal Basis: Crime prevention, fire safety, facility security.

Retention Period: Up to 60 days from the recording date.

[Website Access Records]: Retention Items: Website visit records, communication logs.

Legal Basis: Communications Security Protection Act.

Retention Period: 3 months.

The Company, in principle, promptly destroys personal information once the purpose of collection and usage has been achieved.

The destruction process and methods are as follows:

(1) Destruction Process: Information entered by users is transferred to a separate database (or stored in a separate document in the case of paper records) after achieving its intended purpose.

It is then retained for a certain period as per internal policies and applicable laws before being permanently deleted.

Personal information transferred to the database is not used for any other purpose unless required by law.

(2) Destruction Methods: Electronic files containing personal information are deleted using technical measures that prevent data recovery.

Printed materials containing personal information are shredded or incinerated to ensure permanent destruction.

The Company does not outsource the processing of collected personal information to external parties without the user’s prior consent.

If outsourcing becomes necessary in the future, users will be notified at least seven days prior through public announcements specifying the entrusted company and details of the outsourced services.

As data subjects, users have the following rights regarding their personal information:

(1) User Rights

Users may request the following at any time regarding their personal data:

Request for access to personal information

Request for correction in case of errors

Request for deletion of personal information

Request to suspend processing of personal information

(2) How to Exercise Rights

Requests related to personal information can be submitted in writing, via email, or by fax.

The Company will process such requests without undue delay.

If a user requests correction or deletion of personal information due to errors, the Company will not use or provide the concerned personal information until the correction or deletion is complete.

Requests can also be made by legal representatives or authorized agents, in which case an official power of attorney must be submitted in accordance with Article 45(2) of the Enforcement Decree of the Personal Information Protection Act.

The Company uses cookies and similar technologies to store and retrieve user information.

Cookies are small text files sent by the website's server to the user’s web browser and stored on their computer’s hard drive.

(1) Purpose of Cookies: Analyze user activity, such as visit frequency and session duration, to improve user experience and provide personalized services.

Users can manage their cookie preferences through their web browser settings.

(2) How to Reject Cookies: Users may configure their browser settings to allow all cookies, prompt a confirmation when cookies are stored, or refuse all cookies.

Browser Settings Example: Internet Explorer: Tools > Internet Options > Privacy > Settings

Chrome: Settings > Show Advanced Settings > Privacy > Content Settings > Cookies

(3) Note on Cookie Rejection

Disabling cookies may restrict access to certain services or features of the website.

The Company takes the following technical, administrative, and physical measures to safeguard personal information in accordance with Article 29 of the Personal Information Protection Act:

(1) Administrative Measures: Regular training for personnel handling personal data.

Compliance monitoring and supervision to ensure adherence to legal requirements.

(2) Technical Measures: Management of access rights to internal systems containing personal information.

Implementation of security programs to prevent unauthorized access.

(3) Physical Measures: Installation of physical security locks in server rooms and data storage areas.

Restriction of access to authorized personnel only.

To protect users' personal information and address any related concerns, the Company has designated the following Data Protection Officer:

Name: Sungwoo Kim,

Position: Chief Executive Officer,

Phone: +82-2-543-6887,

Email: [email protected]

Users may seek dispute resolution or consultation regarding personal information breaches from the following organizations:

Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr),

KISA Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr),

Supreme Prosecutors’ Office: 1301 (www.spo.go.kr),

Cyber Bureau, National Police Agency: 182 (ecrm.cyber.go.kr)

Additionally, if users believe that their rights or interests have been violated due to an administrative decision made by a public institution, they may file an administrative appeal under the Administrative Appeals Act.

Central Administrative Appeals Committee: 110 (www.simpan.go.kr)

Article 1: This Privacy Policy is effective as of January 1, 2025.