Our group collects personal information through lawful and fair means. Additionally, we will notify or publicly disclose the purposes of using personal information and manage personal information appropriately within the necessary scope to achieve those purposes.

To ensure the proper management of acquired personal information, our group implements appropriate organizational, personnel, physical, and technical security management measures. We work to prevent the leakage, loss, or damage of personal information, and take corrective actions when necessary. When outsourcing the handling of personal information to external parties, we carefully select contractors that meet the required standards for personal information protection. We stipulate in contracts the protection standards we require and regularly monitor the handling of personal information by contractors to ensure compliance. Additionally, when our group or contractors handle personal information in foreign countries, we familiarize ourselves with the relevant systems and regulations for personal information protection in those countries and take necessary and appropriate measures for security management.

Except as otherwise provided by laws and regulations, our group does not disclose acquired personal information to third parties without the consent of the individuals. When it becomes necessary to provide personal information to third parties as stipulated by laws and regulations, we create and maintain records of the required statutory items related to such provision. Similarly, when obtaining personal information from third parties, we confirm and maintain records of the statutory items required for such acquisition.
In cases where we engage in joint use of customer's personal information with our group companies, we provide prior notification or public disclosure to the individuals regarding statutory matters such as the purpose of joint use.

Our group responds appropriately to requests or inquiries from individuals or their representatives regarding the notification of purposes, disclosure, correction, addition, deletion, suspension of use, elimination, or suspension of provision to third parties of personal information held by us, in accordance with relevant laws and regulations.

Our group complies with the "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures" and other relevant laws, regulations, and guidelines regarding the use of individual numbers and specific personal information (including individual numbers). We ensure the appropriate handling of individual numbers, commonly known as "My Number," and specific related personal information within our operations.

Our group commits to continuously improving our management system for handling personal information by periodically reviewing it in response to changes in social conditions and the environment.

We do not provide personal information to third parties without the consent of the individual, except in the following cases:

1. (1) In accordance with the provisions of laws and regulations.

2. (2) When it is necessary to protect the life, body, or property of an individual and obtaining the consent of the individual is difficult.

3. (3) When it is particularly necessary to improve public health or promote the sound growth of children, but obtaining the consent of the individual is difficult.

4. (4) When it is necessary to cooperate with a national agency, local government, or individual entrusted by them to perform duties prescribed by laws and regulations, and obtaining the consent of the individual may impede the execution of such duties.

5. (5) When it is necessary for a third party, such as an academic research institution, to handle the personal data for academic research purposes, except where there is a risk of unjustified infringement on the rights and interests of individuals.

6. (6) When outsourcing the handling of personal information within the scope necessary for achieving the purpose of use.

7. (7) When it is necessary for business succession planning due to merger or other reasons.

8. (8) When providing to joint users for joint use as prescribed in 3.

We jointly use the collected member information with our group companies in accordance with the publicly disclosed information specified for each service.

We take necessary and appropriate security management measures to prevent leakage, loss, or damage of personal information as follows:

1. (1) Establishment of Internal Rules

   We establish regulations for the handling of personal information at each stage of acquisition, use, storage, provision, deletion, and disposal.

2. (2) Organizational Security Management Measures

   We appoint a management division and a person in charge of managing personal information. We have established a reporting system for the management division and the person in charge to report any violations of laws and regulations or signs thereof. Additionally, we operate a verification process to understand the handling of personal information.

3. (3) Human Security Management Measures

   We incorporate guidelines for managing personal information and confidentiality into various regulations. Additionally, we conduct regular education for our officers and employees.

4. (4) Physical Security Management Measures

   We limit access to areas where personal information is managed and implement measures such as locking, surveillance, and access control. Moreover, when using devices, electronic media, or documents for managing personal information, we implement measures to prevent theft or loss.

5. (5) Technical Security Management Measures

   We implement access controls for personal information, limiting access to authorized personnel. Additionally, we introduce mechanisms to protect information systems managing personal information from unauthorized access.

6. (6) Management in Foreign Countries

   When managing personal information in foreign countries, we first understand the systems related to the protection of personal information in those countries. Subsequently, we regularly review and, as necessary, reassess the measures required for ensuring the security management of personal information.

1. (1) In accordance with the Personal Information Protection Act, if a request is made by the individual for notification, disclosure, correction, addition and/or deletion, suspension of use, elimination, cessation of provision to third parties, or disclosure of records of provision to third parties held by our company, we will promptly respond after confirming that the request is from the individual and meets the requirements stipulated in the Act. However, this does not apply if our company is not obligated under the Act or other laws and regulations.

2. (2) If you wish to make a request as described in (1) above or have inquiries or complaints regarding the handling of personal information, please contact the following support desk; please note that a fee of 3,000 yen (excluding tax) will be charged for the disclosure of personal data and records provided to third parties, depending on the method of disclosure: