Personal Information Protection Policy (Privacy Policy)
Date of Establishment: May 30, 2017 Asurion Japan Holdings G.K. Executive Manager & CEO, Rob DiRocco
Philosophy:
The handling of customers’ personal information and the personal information of parties involved in our business is essential to the business operations of our company. We recognize that our company bears a heavy responsibility in handling important personal information.
Policies for Responses:
We will establish a management system and procedures to protect personal information, and will acquire and use personal information in an appropriate manner and manage such information properly.
- In handling personal information, we will comply with laws and regulations concerning the handling of personal information, as well as guidelines and other standards established by the government.
- We will acquire, use, provide and entrust personal information in an appropriate manner to the extent necessary to conduct our business.
- When we obtain personal information directly from any relevant person in writing, we will specify the purpose of use and clearly indicate the same to such person, unless otherwise stipulated by laws and regulations.
- When we obtain personal information by any method other than written documents, we will specify the purpose of use and notify the relevant person or make a public announcement thereof, unless otherwise stipulated by laws and regulations.
- In the case where we obtain personal information indirectly, we will do so after confirming that the direct source of such information has obtained such personal information appropriately in accordance with laws and regulations.
- We will not handle personal information beyond the scope necessary to achieve the specified purpose of use. In addition, we will take measures to ensure the foregoing.
- We will not provide the obtained personal information to any third party or any person located outside Japan, unless the consent of the relevant person has been obtained or the laws and regulations permit. However, if required by law, we may disclose personal information to public organizations for purposes of security or observing laws.
- In order to achieve the purpose of use of any personal information, we may use such personal information jointly with any of our affiliates, subsidiaries, partners and other third parties. In the case of joint use, we will notify the relevant person of the details in accordance with the prescribed procedures.
- In order to protect personal information from unauthorized access, disappearance or damage, loss, destruction, falsification, etc., we will take organizational, human, physical and technical preventive measures. In case any problem should occur, we will promptly take corrective action.
- We will establish a contact point for handling complaints and consultation regarding the handling of personal information, and will respond appropriately.
- In light of changes in the business environment, including changes in technology and social conditions, and changes in legal requirements, we will periodically review our personal information protection management system and procedures, and will continuously improve our efforts to protect personal information.
Contact for Inquiries about this Personal Information Protection Policy Personal Information Complaint and Consultation Desk jpn_privacy@asurion.com
Handling of Personal Information
Date of Establishment: May 30, 2017 Amended on August 22, 2023 Asurion Japan Holdings G.K.
Asurion Japan Holdings G.K. (hereinafter referred to as the “Company”) will handle the personal information obtained and held by the Company in an appropriate manner, in compliance with the Act on the Protection of Personal Information and other related laws and regulations, and in accordance with the privacy policy set forth below (hereinafter referred to as this “Policy”).
1. Types of Personal Information Handled
The Company may obtain personal information, including names, addresses, telephone numbers, e-mail addresses, dates of birth, gender, occupations, etc., and the information specified below, in various situations, including the following cases.
(1) When receiving personal information provided by users, etc. of the services provided by the Company: Example of personal information to be obtained: Name, address, date of birth, gender, telephone number, e-mail address, information about the communication device body such as the model name and serial number of the mobile terminal, etc.
(2) When any user’s personal information is automatically recorded when using the services, etc. provided by the Company (e.g., the case where any information recorded on a smartphone or any other device is automatically sent to the Company when using the services provided by the Company): Example of personal information to be obtained: Model of the mobile phone to be used, settings and condition of such mobile phone, etc.
(3) When the Company receives any personal information provided by the outsourcer when the performance of any task is outsourced to the Company by any other business entity: Example of personal information to be obtained: Address, name, date of birth, gender, telephone number, e-mail address, information about the communication device body such as the model name and serial number of the mobile terminal, etc. of any of the users, etc. of the services provided by the outsourcer, various logs recorded on the system, voice data during calls, etc.
(4) When receiving personal information of the officers and employees, etc. of any entity that is the Company’s outsourcer or outsourcee, etc., in association with any business outsourcing agreement, etc.: Example of personal information to be obtained: Names, affiliations, positions, telephone numbers, e-mail addresses, etc. of the employees of any entity that is the Company’s outsourcee or outsourcer, etc.
(5) When receiving personal information provided by the Company’s officers and employees (including retired officers and employees): Example of personal information to be obtained: Personal information related to personnel and labor affairs, such as name, address, date of birth, telephone number, wage information, information about social insurance and pension benefits, and information about health
(6) When receiving personal information provided by job applicants: Example of personal information to be obtained: Name, address, date of birth, telephone number, face photo, salary information, education, qualifications, work history, health information, etc.
2. Publication of Purpose of Use of Personal Information in Our Possession
The Company will use the personal information set forth in 1. above for each of the following purposes. If the Company uses any personal information for purposes other than those specified below, the Company will clarify the purpose of use and obtain prior consent from the relevant person in each case.
(1) In the cases set forth in 1. (1) through (2) above: To provide compensation services, repair and other after-sale services for mobile phones and other electronic devices provided by the Company, as well as related or incidental products, etc., and to communicate with users as necessary for the foregoing purposes To plan, develop and improve compensation services, repair and other after-sale services for mobile phones and other electronic devices provided by the Company, as well as related or incidental products, etc., and to conduct various surveys and analyses To provide maintenance services necessary for the stable provision of compensation services, repair, etc. and other after-sale services for mobile phones and other electronic devices provided by the Company, as well as related or incidental products, etc. (including identification at the time of service reception, implementation of matters such as identification required for secondhand goods transactions, and response to inquiries, etc., for the purpose of fraud prevention measures) To conduct other business of the Company incidental to the foregoing
(2) In the case set forth in 1. (3) above: To conduct the business outsourced by the outsourcer, and to ensure safety management of personal information provided by the outsourcer.
(3) In the case set forth in 1. (4) above: To communicate regarding the tasks outsourced to or outsourced by any other entity, to otherwise record matters related to the tasks outsourced to or outsourced by any other entity, or to ensure safety management and crime prevention measures
(4) In the case set forth in 1. (5) above: To communicate regarding employment, manage personnel and labor affairs, offer employee benefits, complete social insurance procedures, prepare various personnel data, and implement safety management and crime prevention measures To plan, develop and improve the services provided by the Company and products, etc. related or incidental thereto, and to conduct various surveys and analyses
(5) In the case set forth in 1. (6) above: To carry out recruitment procedures, including reviewing and deciding whether or not to hire any person, reviewing and deciding on employment conditions, communicating with job applicants
3. Disclosure of Personal Data in Our Possession
(1) If the Company is requested to disclose any personal data held by it in accordance with the provisions of the Personal Information Protection Act, the Company will make such disclosure to the relevant person after confirming that such request was made by such person himself/herself (excluding the cases where the relevant personal information has been deleted due to the expiration of the personal information retention period prescribed by the Company). Provided, however, that we may not respond to such request for disclosure if the Company is not obligated to make such disclosure under the Personal Information Protection Act or other laws and regulations.
(2) To request the disclosure of any personal data in our possession, the form “Application for Disclosure, Correction or Cessation of Use of Personal Information” prescribed by the Company shall be filled out and sent to the address designated by the Company, together with the identification documents, and the handling fees prescribed by the Company (1,000 yen per request (excluding tax)) shall be paid by such method as is designated by the Company. The Company will commence the procedures for disclosure upon receipt of the application form and identification documents, after confirming the content thereof and also confirming that the payment of handling fees has been made.
4. Correction and Cessation of Use, Etc. of Personal Data in Our Possession
(1) When any content of any person’s personal information is not true and such person makes a request for correction, addition or deletion (hereinafter referred to as “Correction, Etc.”), the Company will investigate the request upon confirming that such request was made by the person himself/herself, and as a result, if such person provides sufficient information to identify the subject information and if the Company determines that such Correction, Etc. is necessary to achieve the purpose of use, the Company will make the Correction, Etc. of the personal data in our possession and notify the person to that effect.
(2) When any person makes a request for cessation of use or deletion of any personal data in our possession based on any of the grounds listed in the following Items (hereinafter referred to as “Cessation of Use, Etc.”), the Company will investigate the request upon confirming that such request was made by the person himself/herself, and as a result, if the Company determines that there are grounds for such request, the Company will perform the Cessation of Use, Etc. as to such personal data in our possession and notify the person to that effect: (i) the personal data in our possession is being handled beyond the scope of the purpose of use publicly announced in advance; (ii) the personal data in our possession was obtained by deception or other wrongful means; (iii) the personal data in our possession was provided to any third party without the consent of such person; or (iv) the personal data in our possession was provided to any third party in a foreign country without the consent of such person.
5. Contact for Inquiries about Personal Information For requests for the disclosure, correction, cessation of use, etc. of any personal data in our possession or for inquiries about the handling of personal information by the Company, please contact the following: Contact e-mail address: jpn_privacy@asurion.com
6. Acquisition of Attribute Data by Methods that Cannot be Easily Recognized by Relevant Persons
The Company may, in cooperation with our business outsourcees, use cookies or similar technology to analyze browsing trends on the website, to administer the website, to track the order in which users browse, and to collect general attribute information about users.
Further, the Company may have third parties advertise or promote the Company on their websites. In this case, advertisements may be displayed on the relevant website based on the user’s website browsing behavior using cookies or similar technologies (hereinafter referred to as “Targeted Advertisements”).
When using Targeted Advertisements, we will indicate on the relevant page that we will use them and will also provide information on how to stop the use of Targeted Advertisements for users who do not wish to see them.
Users who wish to stop the use of Targeted Advertisements are requested to follow the instructions to take the procedures to remove the display thereof.
Please note that general advertisements that do not use specific technology such as cookies may still be displayed even after the display of Targeted Advertisements has been removed.
7. CBPR
The Company and the corporate group of which the Company is a member handle personal information in compliance with the APEC CBPR (Cross Border Privacy Rules) system.
This system constitutes a framework for any organization to transfer personal information within APEC member countries. The details of the APEC framework can be found at the link.
8. The Operation of Our Website
This website is operated for the purpose of providing information regarding the company. When you browse our website, it sometimes requires your personal information. It is entirely optional for you to provide such information. The company is not liable for any damages arising from any information on our website other websites linked to it and browsing itself.
9.Amendment
The Company may make any amendment to this Policy at our discretion. However, if the procedures necessary for such amendment are prescribed by the Personal Information Protection Act or other laws and regulations, any amendment shall be made in accordance with the relevant laws and regulations.
If any material amendment is made to this Policy, the Company will notify users of the effective date and the content of this Policy after such amendment by any one of the following methods: - Posting on the Company’s website - Notification to the relevant person - Any other appropriate method
*English translation is provided for your convenience only and Japanese language version of the privacy policy shall apply.