This Privacy Notice was last reviewed or revised on January 1, 2026.

​

We, DSML Holdings, headquartered in the Republic of Korea, and our subsidiaries and affiliates across our global operations including Singapore and New York (collectively, “DSML’s,” “us,” or “we”), understand that confidentiality and data privacy are foundational to our fiduciary duties. As an investment management firm handling proprietary investment strategies and sensitive financial information, we are unequivocally committed to respecting your privacy and safeguarding your personal and institutional data.

​

This Privacy Notice details our rigorous approach to data governance when you interact with our website (dsmlholdings.com), our externally facing business activities, and specifically, our Secure Virtual Data Room (VDR) utilized for the distribution of confidential fund materials and due diligence processes.

​

1. Data Controller

​

When DSML’s collects and processes your personal data, we act as the primary data controller authorized under applicable data privacy frameworks, including the Personal Information Protection Act (PIPA) of the Republic of Korea, as well as prevailing regulations in the jurisdictions where we operate. This designation means we bear the responsibility for determining how your personal data is collected, securely utilized, protected, and ultimately disposed of in compliance with strict financial and privacy regulations.

​

2. How We Collect Your Personal Data

​

DSML’s collects data through direct interactions, secure digital infrastructure, and authorized third parties to facilitate our institutional investment operations.

​

• Direct Interaction & VDR Registration: We collect verified identity information—such as your full legal name, institutional affiliation, professional email address, and corporate title—when you request access to our Investor Relations (IR) materials or register for our Secure VDR.

• In-Platform Security & Activity Tracking: Given the proprietary nature of our intellectual property, we continuously monitor and record all activities within our digital assets. This includes tracking document views, download histories, timestamps, IP addresses, and device specifications to prevent unauthorized distribution and ensure absolute compliance with our non-disclosure agreements.

• Regulatory Compliance & Due Diligence: We may acquire data from authorized third parties or public institutional databases to fulfill statutory Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations mandated by financial regulatory authorities.

​

3. Why and How We Use Your Personal Data

​

DSML’s processes your personal data strictly for professional, security, and legal necessities. We do not engage in the indiscriminate collection or commercialization of your data.

​

• VDR Management and Intellectual Property Protection: We utilize your login credentials, access logs, and behavioral data within the VDR to enforce access controls, apply dynamic watermarking to confidential documents, and protect the intellectual property of our funds. This processing is firmly based on our legitimate interest in securing our proprietary assets.

• Investor Relations and Communications: Based on your consent or our legitimate business interest, we process your contact information to deliver targeted updates regarding our investment vehicles, performance reports, and relevant corporate announcements.

• Legal and Regulatory Compliance: We process identity and financial background data to strictly adhere to the Financial Investment Services and Capital Markets Act and other cross-border regulatory mandates governing private fund management.

• System Integrity and Threat Prevention: We deploy advanced analytics on browsing patterns and access requests to detect, prevent, and mitigate cyber threats, fraud, or potential breaches of confidentiality.

​

4. Institutional-Grade Security and What We Do Not Do

​

We treat your data with the same rigorous protection applied to our core financial assets. We utilize industry-leading AES-256 encryption for data at rest and in transit. Access to personal data is restricted exclusively to authorized personnel under strict confidentiality obligations.

​

Furthermore, we make the following explicit commitments:

• We do not sell, rent, or commercialize your personal data to any third parties under any circumstances.

• We do not use automated decision-making processes that produce legal or similarly significant effects without human oversight.

• We actively reserve the right to revoke access to our Sites and VDR immediately upon suspicion of unauthorized use or breach of our confidentiality terms.

​

5. Data Recipients and International Data Transfers

​

To execute our global investment strategies effectively, personal data may be transferred within the DSML’s corporate group, including our operational hubs in Seoul, Singapore, and New York.

​

• Intra-Group and Service Providers: We may share data with our subsidiaries, approved fund administrators, legal counsel, and secure IT infrastructure providers strictly for the execution of the business purposes outlined in Section 3.

• Legal Authorities: We will disclose information to law enforcement or regulatory bodies only when legally compelled by a valid subpoena, court order, or statutory requirement.

• Transfer Safeguards: All cross-border data transfers are governed by robust Data Transfer Agreements containing Standard Contractual Clauses, ensuring your data receives a level of protection equivalent to the stringent standards mandated by the Republic of Korea and leading global privacy frameworks.

​

6. Data Retention and Destruction

​

DSML’s retains your personal data only for the duration necessary to fulfill the business purposes for which it was collected, or as required to satisfy legal, accounting, or reporting obligations. Upon expiration of the applicable retention period—such as the mandatory hold periods prescribed by financial regulations—your data is securely and irreversibly destroyed using advanced technical wiping methods, precluding any possibility of data recovery.

​

7. Your Data Protection Rights

​

Subject to applicable legal and regulatory exemptions, you retain comprehensive rights over your personal data:

• Access and Audit: The right to request information regarding the data we hold about you, including a copy of your VDR activity logs.

• Correction and Deletion: The right to request the rectification of inaccurate data or the erasure of your personal data, subject to our overriding legal retention obligations.

• Restriction and Objection: The right to restrict the processing of your data or object to its use for specific purposes, including Investor Relations communications.

• To opt out of future communications, you may utilize the unsubscribe mechanism provided in our correspondence or contact us directly.

​

8. Contact Information and Dispute Resolution

​

If you have any inquiries regarding this Privacy Notice, require clarification on our VDR security protocols, or wish to exercise your data protection rights, please contact our Global Data Protection Officer directly:

• Email: privacy@dsmlholdings.com

• Official Website: dsmlholdings.com

​

Upon receipt of a data subject request, we will acknowledge your inquiry promptly and outline the subsequent steps in accordance with applicable statutory timelines.