Personal Information Protection Policy
Personal Information Protection Policy
BOOKOFF GROUP Privacy Policy
Bookoff Group Holdings Limited ("Bookoff Group", or "we") and its domestic subsidiaries, herein referred to as "our group", aspire to be a trustworthy and sincere corporation, earning the trust of our customers, business partners, shareholders, local communities, and employees. In line with this management philosophy, we believe that properly handling the personal information entrusted to us during our business activities is crucial from both a compliance perspective and as a fundamental social responsibility in gaining the trust of all stakeholders.
To fulfill this responsibility, our group has established the "Bookoff Group Privacy Policy" outlined below. We are committed to ensuring the appropriate handling of all personal information entrusted to us, and to this end, we will promote the dissemination of this policy throughout the entire group via education and training for all executives and employees.
2-14-20 Kobuchi, Minami-ku, Sagamihara-shi, Kanagawa Prefecture, Japan
BOOKOFF GROUP HOLDINGS LIMITED
President and CEO Yasutaka Horiuchi
Compliance
Our group adheres to domestic and foreign laws and regulations applicable to the Bookoff Group regarding the protection of personal information, as well as guidelines established by the Personal Information Protection Commission and other domestic and foreign administrative agencies.
Collection and Use of Personal Information
Our group collects personal information through lawful and fair means. Additionally, we will notify or publicly disclose the purposes of using personal information and manage personal information appropriately within the necessary scope to achieve those purposes.
Security Management Measures
To ensure the proper management of acquired personal information, our group implements appropriate organizational, personnel, physical, and technical security management measures. We work to prevent the leakage, loss, or damage of personal information, and take corrective actions when necessary. When outsourcing the handling of personal information to external parties, we carefully select contractors that meet the required standards for personal information protection. We stipulate in contracts the protection standards we require and regularly monitor the handling of personal information by contractors to ensure compliance. Additionally, when our group or contractors handle personal information in foreign countries, we familiarize ourselves with the relevant systems and regulations for personal information protection in those countries and take necessary and appropriate measures for security management.
Providing Personal Information to Third Parties, Joint Use of Personal Information
Except as otherwise provided by laws and regulations, our group does not disclose acquired personal information to third parties without the consent of the individuals. When it becomes necessary to provide personal information to third parties as stipulated by laws and regulations, we create and maintain records of the required statutory items related to such provision. Similarly, when obtaining personal information from third parties, we confirm and maintain records of the statutory items required for such acquisition.
In cases where we engage in joint use of customer's personal information with our group companies, we provide prior notification or public disclosure to the individuals regarding statutory matters such as the purpose of joint use.
Disclosure, Correction, Suspension of Use
Our group responds appropriately to requests or inquiries from individuals or their representatives regarding the notification of purposes, disclosure, correction, addition, deletion, suspension of use, elimination, or suspension of provision to third parties of personal information held by us, in accordance with relevant laws and regulations.
Handling of Individual Numbers and Specific Personal Information
Our group complies with the "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures" and other relevant laws, regulations, and guidelines regarding the use of individual numbers and specific personal information (including individual numbers). We ensure the appropriate handling of individual numbers, commonly known as "My Number," and specific related personal information within our operations.
Continuous Improvement
Our group commits to continuously improving our management system for handling personal information by periodically reviewing it in response to changes in social conditions and the environment.
Prepared on 5/17, 2024.
BOOKOFF GROUP HOLDINGS Privacy Policy
BOOKOFF GROUP HOLDINGS LIMITED (“the Company” or “we”) manages customer’s personal information appropriately in accordance with the Bookoff Group Privacy Policy.
Below is a list of public announcements regarding our management of personal information:
2-14-20 Kobuchi, Minami-ku, Sagamihara-shi, Kanagawa Prefecture, Japan
BOOKOFF GROUP HOLDINGS LIMITED
President and CEO Yasutaka Horiuchi
Collection and Purpose of Use of Personal Information
We collect customer’s personal information through lawful and fair means. The purposes for which we use this personal information are as follows:
-
(1) Personal Information of Customers
The purpose of purposes for which we use of customer’s personal information acquired as membership information for each service are publicly disclosed on our and our group companies’ websites for each respective service. Please review the purpose of use specific to the service you are utilizing.
-
(2) Personal Information of Business Partners
Personal information of business partners is used for the following purposes:
- - For necessary communication and contract fulfillment in business transactions;
- - For the management of business partner information.
-
(3) Personal Information of Shareholders
Personal information of shareholders is used for the following purposes:
- - For exercising rights and fulfilling obligations in accordance with the Companies Act;
- - For providing various benefits to shareholders in their capacity as shareholders;
- - For implementing various measures to facilitate a smooth relationship between shareholders and the company, considering the relationship between shareholders and the company as members of an association;
- - For managing shareholders, such as creating shareholder data based on prescribed standards under various laws and regulations.
-
(4) Personal Information of Job Applicants
Personal information of job applicants is used for the following purposes:
- - For contacting and providing various information to job applicants;
- - For employment selection processes;
- - For employment procedures after the recruitment decision has been made.
Providing Personal Information to Third Parties
We do not provide personal information to third parties without the consent of the individual, except in the following cases:
-
(1) In accordance with the provisions of laws and regulations.
-
(2) When it is necessary to protect the life, body, or property of an individual and obtaining the consent of the individual is difficult.
-
(3) When it is particularly necessary to improve public health or promote the sound growth of children, but obtaining the consent of the individual is difficult.
-
(4) When it is necessary to cooperate with a national agency, local government, or individual entrusted by them to perform duties prescribed by laws and regulations, and obtaining the consent of the individual may impede the execution of such duties.
-
(5) When it is necessary for a third party, such as an academic research institution, to handle the personal data for academic research purposes, except where there is a risk of unjustified infringement on the rights and interests of individuals.
-
(6) When outsourcing the handling of personal information within the scope necessary for achieving the purpose of use.
-
(7) When it is necessary for business succession planning due to merger or other reasons.
-
(8) When providing to joint users for joint use as prescribed in 3.
Joint Use of Personal Information
We jointly use the collected member information with our group companies in accordance with the publicly disclosed information specified for each service.
Security Management Measures
We take necessary and appropriate security management measures to prevent leakage, loss, or damage of personal information as follows:
-
(1) Establishment of Internal Rules
We establish regulations for the handling of personal information at each stage of acquisition, use, storage, provision, deletion, and disposal.
-
(2) Organizational Security Management Measures
We appoint a management division and a person in charge of managing personal information. We have established a reporting system for the management division and the person in charge to report any violations of laws and regulations or signs thereof. Additionally, we operate a verification process to understand the handling of personal information.
-
(3) Human Security Management Measures
We incorporate guidelines for managing personal information and confidentiality into various regulations. Additionally, we conduct regular education for our officers and employees.
-
(4) Physical Security Management Measures
We limit access to areas where personal information is managed and implement measures such as locking, surveillance, and access control. Moreover, when using devices, electronic media, or documents for managing personal information, we implement measures to prevent theft or loss.
-
(5) Technical Security Management Measures
We implement access controls for personal information, limiting access to authorized personnel. Additionally, we introduce mechanisms to protect information systems managing personal information from unauthorized access.
-
(6) Management in Foreign Countries
When managing personal information in foreign countries, we first understand the systems related to the protection of personal information in those countries. Subsequently, we regularly review and, as necessary, reassess the measures required for ensuring the security management of personal information.
Disclosure, Correction, Suspension of Use, and Inquiries Regarding Personal Data
-
(1) In accordance with the Personal Information Protection Act, if a request is made by the individual for notification, disclosure, correction, addition and/or deletion, suspension of use, elimination, cessation of provision to third parties, or disclosure of records of provision to third parties held by our company, we will promptly respond after confirming that the request is from the individual and meets the requirements stipulated in the Act. However, this does not apply if our company is not obligated under the Act or other laws and regulations.
-
(2) If you wish to make a request as described in (1) above or have inquiries or complaints regarding the handling of personal information, please contact the following support desk; please note that a fee of 3,000 yen (excluding tax) will be charged for the disclosure of personal data and records provided to third parties, depending on the method of disclosure:
Support Desk
BOOKOFF GROUP HOLDINGS LIMITED
Phone: 042−769−1513
Hours: Weekdays 9:00 a.m. - 5:00 p.m. (Closed on Saturdays, Sundays, and holidays)
Prepared on 5/17, 2024.