April 4, 2022
Tokai Tokyo Financial Holdings, Inc.
We, Tokai Tokyo Financial Holdings, Inc., have established the Personal Information Protection Policy (“the Policy” hereafter) as set out below to describe our handling policy of the personal information of customers, and the Individual Number (the “Information” hereafter).
For details, please refer to the attached “Handling of Personal Information”.
When we handle the Information, we will comply with the laws, regulations, guidelines, and others related to the protection of the Information (the Laws and Regulations hereafter) such as the Act on the Protection of Personal Information, etc., and the Policy we hereby refer to.
We will use the Information only to the extent necessary to achieve the purpose of using the Information unless we obtain the customer's consent or we are allowed to treat the Information as exceptions under the Laws and Regulations. We will use the Individual Number (My Number) only within the range the Laws and Regulations permit. We keep posting the Purpose of Using the Information on our website.
We will not provide personal data to any third party without the customer’s consent unless stipulated otherwise by the Laws and Regulations.
We will keep the Information accurate and updated.
To prevent the unauthorized disclosure or other misuse of the Information, we will take the necessary and appropriate security control measures as described in the attached “Handling of Personal Information.” We will also supervise officers, employees, and outsourcing companies appropriately.
In order to handle the Information appropriately, we will review and improve the Policy from time to time as needed.
Concerning the personal data of customers we possess, when customers request us to disclose, correct, terminate the use, and reveal what we have provided to third parties, we will identify first who actually requests customers' identities, and respond to those requests promptly and appropriately. Please make your requests through the procedures we have prescribed. Also, please be reminded that there is a handling charge for the subject procedures.
In case we provide the Data to a third party in a foreign country and we can identify such third party afterward, customers may request us to offer the information about the Data protection system of the country where the third party is located, and the measures taken by the said country to protect the Data.
As we mention in this announcement later under “5. Provision of the Data to Third Parties in Foreign Countries” in the attachment, we cannot deny completely the possibility that we provide the Data to a third party in a foreign country even before we identify fully who and where the third party is. In such a case, however, if we can identify the said third party afterward, customers, upon their requests, may receive information about the Data protection system of the country where the third party is located, and the measures taken by the said party to protect the Data.
It is not mandatory to obtain consent from customers beforehand if the Data requesting party has a system in place that always helps such a party to take measures considered equivalent to what the Data handling entity needs to take. (“the Equivalent Measures” hereafter) A customer may nevertheless request us to offer the information regarding the matters listed below.
If you have any inquiries, opinions, or complaints regarding the matter related to personal information, please contact the office listed below.
5-1, Nihonbashi 2-chome, Chuo-ku, Tokyo
※Total Risk Control & Compliance Department, Tokai Tokyo Financial Holdings, Inc.
April 4, 2022
Tokai Tokyo Financial Holdings, Inc.
We, Tokai Tokyo Financial Holdings, Inc., use the personal information of customers (“the Information” hereafter) within the scope considered necessary to achieve the following purposes in accordance with the Act on the Protection of Personal Information (Law No. 57, May 30, 2003).
We may share the Information as described below:
・Information on customers, such as their names, addresses, dates of birth, telephone numbers, occupations, and transaction needs
・Information on transactions with customers, such as transaction details and the account balances of assets under custody
While we keep carefully protecting customer’s privacy, we use the Information within the scope considered necessary to conduct our business and achieve the following purposes in accordance with the Act on the Protection of Personal Information
・Through third parties including database service providers.
・Through audio recording, image recording, e-mails reception, and other electronic methods
・Through information in official gazettes, newspapers, magazines, the Internet, and other electronic sources.
(ⅰ) We have established a management system for Personal Data Handling and the system is led by the General Manager of Personal Information Protection.
(ⅱ) We periodically conduct self-inspections regarding the status of the Data Handling and the Audit Department performs audits.
(ⅰ) We give employees regular training to remind them of the points to remember in handling personal data.
(ⅱ) We describe the matters related to the confidentiality of personal data in the Employment Rules
(ⅰ) We implement measures to prevent unauthorized individuals from having access to personal data.
(ⅱ) We take measures to prevent the theft or loss of devices, electronic media, documents, etc. that deal with personal data, and to prevent personal data from being easily read when the said devices, electronic media, etc. are moved.
(ⅰ) We exercise control by specifying the accessible ranges of personal data allowed to the respective staff specifically assigned to handle personal information databases.
(ⅱ) We have introduced systems to protect information systems that handle personal data from being accessed from outside by unauthorized parties or software.
(ⅰ) A customer agrees in advance to allow us to provide personal data to a third party in a foreign country
(ⅱ) A third party in a foreign country implements measures in accordance with the purpose of the provisions of Section 1, Chapter 4 of the Act on the Protection of Personal Information in an appropriate and reasonable manner, and assures us of its implementation of the said measures. In this case, the recipient of personal data shall be our outsourcing companies in foreign countries (outsourcing companies include the companies that our outsourcing companies further subcontract their services in foreign countries).
(ⅲ) A customer’s identity is masked.
(ⅳ) If any of the following is the case
(2) In case where a change in laws and regulations requires us to provide personal data to a third party in a foreign country (*) and we attempt to obtain consent to such a provision of the personal data from a customer, we will follow our rule to offer the information in advance concerning the system for the protection of personal information in the foreign country concerned, the measures the third party in the said country take for the protection of personal information, and other information that should serve as a reference for a customer.
*Countries excluded from “foreign country”
Please be reminded here about the term “foreign country.” Foreign countries that have a personal information protection system in place that is considered equivalent to the one adopted in Japan in terms of protecting the rights and interests of individuals as stipulated in Article 28 of the Act on the Protection of Personal Information (specified by the Personal Information Protection Commission) are excluded from the category of “foreign country” in the context of “third party in a foreign country” here.
*Foreign countries as recipients
The following foreign countries are qualifying candidates for the recipient of personal information.
The United States, Singapore, and Hong Kong
*The investigation of systems adopted by foreign countries for the protection of personal information
The Personal Information Protection Commission investigates and publicizes its result about the systems deployed by certain countries and regions for the protection of personal information, with a view to helping customers to grasp essential differences between Japan's Act on the Protection of Personal Information and the corresponding laws in the countries in question. So, please refer to the underneath.
(2) We charge you a certain fee for our service to answer your request concerning the disclosure of retained personal data. However, when we notify you of purposes of use other than those mentioned above, correction, etc., and when we respond to your requests for suspension of use, etc., we will not charge you fees.
(ⅰ) Service Fee
|The Notification Covers;||The Fee (tax included)|
|name, address, date of birth, telephone number, fax number, e-mail address, contact information, and work information all inclusive||1,100 yen|
|Each item of notification other than those stated above||1,100 yen (*)|
*The minimum fee is 1,100 yen per item, and depending on the content of the request, additional fees may be charged separately in consideration of postage, and others.
(4) Cases in which Disclosure Cannot Be Made
Please note that disclosure is not possible in the following cases;
When we decide against disclosure, we will notify the customer accordingly, mentioning the reason why we do not. However, even if the disclosure is not carried out, we will charge the customer the prescribed fee.
(ⅰ) If the identity of the customer cannot be confirmed
(ⅱ) If the authority of the proxy cannot be confirmed when the request is made by a proxy
(ⅲ) If there is any inadequacy in the prescribed application form or other necessary documents, etc.
(ⅳ) If the fee is not paid within the prescribed period
(ⅴ) If the information item requested is not included in the retained personal data
(ⅵ) If there is a risk of harming the life, body, property or other rights and interests of the customer or a third party
(ⅶ) If there is a risk of causing significant hindrance to the proper execution of our operations.
(ⅷ) If there is a violation of other laws or regulations
For our address and representative, etc., please refer to the website of Tokai Tokyo Financial Holdings, Inc.
If you have opinions, requests, and inquiries concerning public announcements concerning retained personal data, disclosure of retained personal data, etc., handling of personal data to be shared with others, and other matters related to our handling of personal information. please contact us at the address below.
Inquiries, comments, etc. about the personal information
5-1, Nihonbashi 2-chome, Chuo-ku, Tokyo
Total Risk Control & Compliance Department, Tokai Tokyo Financial Holdings, Inc.