Declaration on the Protection of Personal Information
- Regulations on the handling of personal information shall be made clear and disseminated extensively among employees. In addition, we shall request that our trading partners and similar also handle personal information in an appropriate manner. Moreover, Nippon Kabaya Ohayo shall take measures to ensure that information is not used for anything other than its intended purpose.
- Personal information shall be obtained by legal and proper methods.
- Personal information shall be collected once customers have been pre-notified of the collection and intended use, and have given their consent. Note that personal information shall only be used for the intended use, as agreed by customers.
- No personal information shall be provided to a third party without the consent of the individual concerned.
- When handling personal information, we shall endeavor to properly involve the individual who provided the information to ensure that the content is kept as accurate and up to date as possible.
- We will respond in all good faith to any correspondence received at the following email address from an individual customer requesting the disclosure, correction, deletion or suspension of use of personal information on the customer held by the company.
- All necessary measures shall be taken to ensure no leakage of information held on customers, or other similar incident, occurs.
- In order to protect personal information, the company shall ensure that all employees working under its control are made aware of the importance of informational assets and shall provide the training necessary to protect personal information.
- The company shall be subject to external audits by a third party to ensure personal information is being handled properly, and shall implement any corrective measures required.
Nippon Kabaya Ohayo Holdings Inc.
Representative Director: Motohiro Nozu
Handling Personal Information
Personal information is information on an individual User, including name, address, telephone number, e-mail address, school name and other descriptions etc. that can be used to identify the User. Moreover even if the information of itself alone cannot be used to make an identification, it should still be included in "Personal Information" if it can be easily collated with other information to ultimately identify the individual User.
Obtaining Personal Information
Collecting, using, providing, or storing personal information in contradiction of an individual's wishes, both infringes the individual's rights and also causes loss of trust in the business operator. Therefore, the Company manages personal information in a proper manner; explicitly stating its management rules on the collection, use, provision and storage of personal information. Moreover, we explain the purpose of collecting personal information and clearly explain details of the Company's help desk etc., before the required amount of information is collected from customers.
Measures to Prevent the Loss, Destruction, Falsification, Leakage etc. of Personal Information
The Company undertakes data-security measures to prevent the loss, destruction, falsification, leakage etc. of personal information; these include countermeasures against unauthorized access and anti-virus measures.
Compliance with Laws, Statutory Regulations, and Other Rules
With regard to the handling of personal information, the Company complies with all laws, statutory regulations, and other rules on personal information, including the Act on the Protection of Personal Information; and in addition acts in accordance with its own in-house rules. The Company also trains its employees, including its officers, and makes them aware of these matters.
Intended Use of Personal Information
The intended uses of personal information are as follows. Information is not used for anything beyond these purposes.
- To personally authenticate the User and provide the Service for the User
- To ensure smooth operation of the Points Program, in terms of the issue, calculation and use of points etc.
- To transmit/send communications, e-zines, DM and various types of notifications on the use of the Service
- To provide personal information to the Service's User Firms etc., based on User consent/applications.
- To provide the Service, distributing and displaying advertisements, content etc. based on attribute data, device data, positional information, behavioral history etc.
- To improve the Service; develop new services; study/analyze points usage; and carry out marketing
- To carry out campaigns, surveys, monitoring, and data collection etc.
- To distribute URL information to senders of blank emails
- To confirm/reply to opinions, inquiries and review content about the Service
Stored Address Information from Users
As part of the Service, sometimes we store information on addresses other than those of the users themselves in order to allow us to deliver messages/products etc. as per User requests.
The Service only uses address information to deliver messages, products etc. as requested by Users and it is properly managed as "personal information."
Any registration, amendment, or deletion of address information is left to the Users, and in principle no amendments or deletions are made by the Service side. Anyone wishing to make amendments or deletions should directly contact the user who originated the delivery of the message/product etc.
Note that the Personal Information Help Desk should be contacted as below if the originator of the delivery is unknown.
Voluntary Nature of Providing Personal Information
Customers may be unable to receive the Service unless the various items required are filled in.
Providing Personal Information to Third Parties
In principle, the Company shall not provide personal information to third parties without the consent of the User concerned. Information shall only be provided once details of the recipient and information being provided have been specified and the User's consent has been obtained.
- 1) Recipient and Purpose
- To provide information to the Service's user firms etc. to allow them to provide such services as document requests; applications; reservations and purchases etc.
- 2) Items of Personal Information Provided
- Only those items of information necessary to meet the intended use shall be provided from among the information obtained from the User (as well as service usage history, and applicable information on all types of behavioral records such as browsing, searches, and book marks etc.)
- 3) Procedure/Method of Provision
- The information shall be sent or transmitted either in writing or by electronic method. Note that in the circumstances described below, personal information may be provided without the User's consent unless to do so would contravene any relevant laws or statutory regulations.
- In the event that the User is judged to disadvantage the third party.
- In the event that it is especially required to improve public health or promote the healthy growth of children and it is difficult to obtain consent from the individual concerned.
- In the event that it is necessary to cooperate with a national agency, a local government body or their consignee in the execution of legal or regulatory affairs; and where the execution of such affairs would risk being hindered, if consent were obtained from the individual User.
- In the event of a request for the disclosure of personal information from the Court, the Prosecutor's Office, the police or other agencies of equivalent authority.
- In the event that the individual User explicitly requests that information be disclosed or provided to a third party.
- In the event that disclosure or provision is allowed by law or statutory regulation.
- In the event that personal information is provided when business operations are taken over due to a merger or other event and is handled within the scope of intended use prior to the take-over.
Disclaimer on the Provision of Information to Third Parties
The Company shall bear no responsibility whatsoever for any personal information obtained by third parties in the cases below.
- In the event that Users themselves utilize the functions of this Service or other means to reveal personal information to User Firms etc. (note that each individual user firm should be contacted directly with regard to how they handle personal information.)
- In the event that the individual ends up being accidentally identified from the information input to this Service.
- In the event that personal information is provided by Users to external sites linked from this Service, or if such information is used.
- In the event that information that allows the individual user to be identified (ID, passwords etc.) is obtained by someone other than the User.
Outsourcing of Personal Information Processing
The Company may outsource personal information handling operations in part, or in full. Note that the Company shall bear responsibility for the handling of personal information by the outsourcee.
Use of Statistically Processed Data
The Company shall create statistical data based on personal information received, and shall ensure that such data is processed so that individuals cannot be identified. The Company may use any statistical data that does not allow the identification of individuals without restriction.
Amendments to Personal Information etc.
In principle, only Users themselves may request provision of the "Intended Use of Personal Information", and disclosures, revisions, additions, deletions, cancellations of usage, or suspensions of the provision of information to third parties, of registered personal information (hereinafter "amendments to personal information etc.") For specific methods on how to make amendments, please contact Personal Information Management Help Desk, as listed below. Note that in the following circumstances, we may not support amendments to personal information etc.
- When there is a risk of harm to life, limb, property or other rights/benefits of the User him/herself or a third-party.
- When there is a risk of exerting significant hindrance to the proper implementation of this Service.
- When amendments would constitute a violation of other laws and statutory regulations.
In addition, we may not support amendments to personal information etc. if to do so would incur a large amount of expense or be otherwise difficult to accomplish, and alternative necessary measures would be taken to protect the User's rights and interests.
Accuracy of Personal Information
The Company shall endeavor to ensure that any personal information provided is handled accurately in data-processing. However, the User bears responsibility for ensuring that the content of the personal information provided is accurate and up to date.
Restrictions on Acquiring Sensitive Personal Information
In general, the Company shall not acquire the personal information included in the details listed below. Note that this shall not apply if Users supply such information themselves.
- Matters concerning philosophies, creed, or religion
- Information on race, ethnicity, lineage, domicile (excluding information on the municipality/prefecture of residence), mental & physical disorders, criminal records, or other matters that may cause social discrimination
- Matters concerning conduct such as workers' right to organize, collective bargaining and other group actions
- Information on participation in collective acts of demonstration, and matters concerning the exercise of rights of petition and other political rights
- Information on health care and sex life
Checks on the Individual
When customers register for membership of our Web Services, or when members use the Service, the Company confirms that it is the individual concerned by using information that can personally identify the person (such as name, address, telephone number, date of birth, e-mail address, membership number, password etc.); the same applies when responding to requests for personal information to be disclosed, revised, deleted, or for its use to be suspended etc. Note that the Company is not responsible if someone other than the individual obtains and uses information that can prove the identity of the individual.
Acquisition and Use of Attribute Data, Device Data, Positional Information and Behavioral History
- Access logs in behavioral histories etc., in the following cases
- When a User logs in to use the Service, once the Company has identified the individual it may use behavioral history etc. gathered prior to the log-in to distribute/display ads & content etc., and provide the Service. For details on how to stop the distribution of these ads etc., customers should contact the Personal Information Management Help Desk, as listed below.
Compliance Program for the Protection of Personal Information
The Company has established and implemented a compliance program for the protection of Personal Information which it maintains and improves on an on-going basis.
Introductions and Inquiries
The Company may use customers' personal information within the scope of collection purposes etc. revealed to customers beforehand. In addition, the Company may sometimes present information on services and products etc. used by its customers via e-mail or by post. In the event that customers do not need such information, they may contact the help desk on the e-mail address given below to stop any further distribution.
For inquiries, revisions and deletions regarding personal information, customers should contact the help desk themselves on the e-mail address given below, with the following details:
- 1) Customer number
- 2) Name
- 3) Address
- 4) Contact telephone number
- 5) Details of their request
- Help desk for inquiries on this policy and how the Company handles personal information
- E-Mail: firstname.lastname@example.org
Nippon Kabaya Ohayo Holdings Inc.
Representative Director: Motohiro Nozu
(Note) The Compliance Program is a program that is based on instilling a moral culture of compliance in the Company's officers and employees to build and implement a Code of Conduct and in-house corporate ethics that comply with the law and statutory regulations and business ethics.