1. Scope of Application of and Amendment to the Policy
The Company may update the Policy from time to time. Material changes to the Policy shall be posted on the Company’s website with the latest version of the Policy. Any change to the Policy shall be applied at the time of its posting on the website by the Company.
2. Personal Information
For the purpose of the Policy, personal information means any information that can identify an individual. Personal information includes information that can identify a specific individual such as a name, and information used in combination with information that can identify a specific individual such as address, date of birth, phone number, gender, occupation, e-mail address, account information (such as ID and password), device information, location information, service usage history, credit card information, nick name, etc. and interests, family composition, age and other attribute information about an individual.
3. Purposes of Use of Personal Information
Personal information obtained by the Company and its purposes of use are as follows. If you do not wish to provide your personal information to the Company, you may choose not to provide your personal information at your discretion. In such cases, however, please note that the Company may not be able to accomplish the purposes of use specified herein.
Purposes of use of personal information about customers who have used the and customers who have interest in the Services (“Customer(s)”)
- To provide services;
- To verify and authenticate identity;
- To run surveys and campaigns;
- To send out presents;
- To handle inquiries from Customers;
- To improve services and develop new services;
- To run satisfaction surveys on services; and
- To conduct marketing research, statistical processing and analysis
Purposes of use of personal information about clients
- To communicate in relation to business and perform activities incidental or relating thereto; and
- To perform and manage contracts
Purposes of use of shareholders’ personal information
To manage and send notice to shareholders and provide shareholder benefits;
Purposes of use of job applicants’ personal information
To conduct recruitment activities and perform activities incidental thereto
Purposes of use of employees’ personal information
To manage employees and perform activities incidental thereto
- Purposes of use of personal information about customers who have used the and customers who have interest in the Services (“Customer(s)”)
The Company may use or disclose any and all personal information in its possession as statistical information that does not identify an individual, to optimize websites and to analyze for optimal communication with customers.
The Company shall use personal information within the scope of purposes of use as specified to a principal. When using personal information beyond the scope of purposes of use, the Company shall inform the principal of such effect and do so with the principal’s consent.
4. Obtainment of Personal Information
The Company shall obtain information about a Customer primarily in the following cases, to the extent necessary to provide the Services. The following are for illustrative purposes and may not fall under personal information depending on specific details of such information.
When a Customer registers for the Services
When a Customer registers for the Services, the Company will ask the Customer his/her personal information such as “name, e-mail address, date of birth, gender, occupation”.
- When the Customer registers as required to use the Services;
- When the Customer signs up s for events, etc., cooperates to surveys and signs up for campaigns;
- When the Customer files an inquiry to the Company regarding the Services; and
- When a Partner provides personal information it has obtained separately from the Services to the Company
When a Customer uses the Services
When a Customer uses the Services after registration, the Company will obtain the following information regarding the status of use by associating it with information that can identify a user.
- Transaction history such as use and purchase of services and products;
- Registration status for individual services;
- Status about signing up for events, etc. cooperation to surveys and signing up, etc. for campaigns; and
- Participation in surveys, use of bulletin boards, inquiry about the Services or feedback or description on assessment of the Services
When a Customer accesses to a website on which the Services are provided, etc.
When a Customer accesses to a website on which the Services are provided, etc., the Company will automatically obtain, from the Customer’s browser, using its IP address, cookie and web beacon and the like, information such as the Customer’s browsing history and browsing status of advertisements and websites, usage environment (including types of operating systems and browsers) and the like.
5. Handling based on Consent and Right to Revoke Consent
6. Provision of Information to Third Parties
The Company shall appropriately manage personal information and never disclose or provide personal information to any third party without prior consent from a principal except for cases where such disclosure or provision is:
- Based on laws and regulations;
- Necessary for the protection of the life, body, or property of an individual and where it is difficult to obtain a principal’s consent;
- Specially necessary for improving public health or promoting the sound growth of children and where it is difficult to obtain a principal’s consent; or
- Necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and where obtaining a principal’s consent is likely to impede the execution of the said affairs.
7. Entrustment of Handling of Personal Information
The Company may entrust a part of the handling of personal information to a third party. Upon entrustment, the Company shall conclude in advance with such third party an agreement on the compliance with security control measures and exercise necessary and appropriate supervision over such third party.
8. Cookies and IP Addresses, etc.
Please refer here for the handling of Informative Data at the Company.
- The Company may combine cookies obtained by the Company and information obtained by non-Company cookies that have been recorded upon a Customer’s visit to other websites in a manner that cannot identify an individual and use it for marketing activities (including advertisement distribution) of the Company and other companies.
Personal Information Protection Manager and Data Protection Officer
The Company has assigned the following individual as the Company’s personal information protection manager and data protection officer and appropriately manages personal information with such individual playing central roles.
All About, Inc.
Officer of Information Security Office
Inquiries about Disclosure of and Consultation about Personal Information
- With respect to your personal information, you may request for notification on purposes of use, disclosure, rectification, addition, removal, exercise of data portability right, or discontinuation of use, erasure or discontinuation of provision to third parties (“Personal Information Disclosure, Etc.”). Please file your requests for Personal Information Disclosure, Etc., and complaints or inquiries about the handling of personal information at the Company here. There may be cases where personal information is backup data, etc. such that it cannot be checked, rectified or removed by its nature.
- When having received a request for or an inquiry about Personal Information Disclosures, Etc. from a principal, the Company shall verify that such person is a principal by using information that can identify an individual (ID, password, name, address, phone number, date of birth, e-mail address, etc.).
- When having received a request for or an inquiry about Personal Information Disclosures, Etc., the Company shall promptly respond to such request or inquiry to a reasonable extent (to the extent necessary to achieve the purposes of use) only when the Company has been able to verify that the requester or inquirer is a principal.
- A principal has the right to lodge an objection with a competent data protection authority in each country with respect to the handling of personal information relating to the principal.
The Company shall retain a Customer’s personal information as long as it is necessary for the Company to provide the Services to the Customer. The Company shall promptly erase such personal information when it is no longer needed.
Transfer of Personal Information outside the EU
To achieve the purposes of use described in 3. above, the Company may transfer a Customer’s personal information to and handle it in countries outside the EU (including Japan). In countries outside the EU, there may be cases where the same rights of a data subject under the GDPR are not recognized; provided, however, that, the Company ensures that sufficient measures to protect the Customer’s personal information will be secured by means such as concluding GDPR-based, standard contract clauses.
Name of “Authorized Personal Information Protection Organization” of which the Company is a member and Contact Information for Filing Complaints
The Company is a target entity of the following authorized personal information protection organization.
General Incorporated Foundation JIPDEC
Personal Information Protection Consultation Service Office
Roppongi First Building 12F, 9-9 Roppongi 1-chome, Minato-ku Tokyo, 106-0032 Japan
Please contact the following for any inquiries about the Policy.
All About, Inc. Personal Information Manager
6F Ebisu Subaru Building, 20-8 Ebisu 1-chome, Shibuya-ku Tokyo, 150-0013 Japan
To ensure security in the Services, the Company uses SSL (Secure Sockets Layer) technology for the input of personal information to prevent such information from being intercepted, interfered or altered.
Relevant information: Personal Information Protection Policy