Scope of Application
- In providing its various services, the Company shall handle the personal information of a customer to the extent necessary to achieve the intended purpose of the relevant service. The Company shall use the personal information of a customer only within the scope of the intended purposes indicated to the customer, excluding cases stipulated as exceptions in the Privacy Act.
Definition of Personal Information
- "Personal Information" refers to information pertaining to a living individual which renders possible the identification of a specific individual based on the name, date of birth, or any other description included therein. Information such as an email address, service user ID, password, credit card information, and bank account information, which cannot be used independently to identify an individual but allow for easy reference to other information that enable the identification of a specific individual, are also included in Personal Information.
- In executing its business, the Company may acquire cookies, IP addresses, location information, terminal identification information, access logs, and other relevant information in order to enhance the convenience of its services. None of the foregoing constitutes Personal Information, since the information cannot be used independently to identify a specific individual. However, in cases where any such information can be used to identify an individual in combination with other information, the relevant information shall be deemed to constitute Personal Information as defined in this Paragraph 2.
- The Company may statistically process the Personal Information provided when using it in order to ensure that it cannot be used to identify a specific individual.
Acquiring Personal Information
- The Company shall acquire Personal Information by an appropriate and legal method, in the course of providing services, in accordance with the relevant laws, regulations, the Company's internal regulations, and other rules and guidelines for the following purposes.
- The Company shall take care not to collect Personal Information from a child under fifteen (15) years of age without the consent of his or her guardian.
Use of Personal Information
The Company shall use the Personal Information acquired in accordance with the relevant laws, regulations, the Company's regulations, and other rules and guidelines within the scope of the following purposes.
- Provision of products and services of the Company
- Provision of information on the products and services of the Company and its partners, as well as notices on various campaigns and changes in rules and policies
- Optimization of targeted advertisement (includes the use of ad networks and email advertisements) in accordance with the age, occupation, sex, hobbies, preferences, and other relevant elements relating to customers
- Improvement of products and services, as well as research and development, based on marketing and market research
- Provision of response to customer inquiries and service usage status reports, as well as communication with customers in emergencies
- Provision of maintenance and support services for the products and services offered by the Company
- Verification of account information, transfer status, and other matters related to financial institutions
- Management of the status of transactions between customers and the Company
- Verification of the identity of customers
- Other purposes incidental to the foregoing
In principle, when we acquire personal information, we will notify or announce its purpose of use in advance. However, this does not apply in the following cases.
- When there is a risk of harming the life, body, property or other rights and interests of customers or third parties
- If there is a danger of harming our legitimate rights and interests
- In cases where it is necessary for a national agency or local public entity to cooperate in carrying out the affairs prescribed by laws and regulations, notifying or disclosing the purpose of use to the customer hinders the performance of the affairs When there is a possibility
- When the purpose of use is found to be obvious from the acquisition situation
The Company shall not change the use purpose of the acquired personal information beyond the scope that it is deemed to be considerably related to the purpose of use before the change and when changing the purpose of use, We will inform or announce to customers about purpose.
Personal Information Security
- The Company shall ensure the implementation of storage procedures, enhance security of the storage system, instruct, manage and supervise officers and employees, and devise information security measures in order to avoid the divulgence, falsification, loss and damage of Personal Information in its possession.
- The Company may outsource the handling of Personal Information, in whole or in part, to an external service provider. In the foregoing case, the Company shall require the relevant service provider to observe the same security standards as the Company, providing necessary and appropriate management and supervision to ensure the security of Personal Information.
- The Company shall endeavor to ensure that the Personal Information in its possession is accurate and up to date.
Provision to Third Parties
As a general rule, the Company shall not provide Personal Information to a third party without the consent of the individual to whom it pertains. However, the Company may provide Personal Information to a third party without the consent of the relevant individual, within the confines of relevant laws and regulations, in the following cases.
Provision Pursuant to Laws or Regulations
- There is a likelihood of harm to the life, person, property, or any other right or interest of a customer or a third party, and it is difficult to obtain the consent of the relevant customer.
- There is a particular need for Personal Information for the improvement of public health or the promotion of the sound growth of children, and it is difficult to obtain the consent of the relevant customer.
- There is a need to cooperate with a state organ, a local government, or an outsourcee thereof with respect to the execution of administrative duties prescribed by laws or regulations, and obtaining the consent of the relevant customer is likely to hinder the execution of said duties.
Request for Disclosure, Correction, Suspension of Use, and Deletion
- Should there be a request from an individual for the disclosure, correction, suspension of use, or deletion (hereinafter referred to as "Disclosure") of any Personal Information pertaining to said individual that has been provided to the Company, the Company shall address the request appropriately and expeditiously in accordance with its prescribed procedures upon verification that the relevant Personal Information pertains to the individual. Requests for Disclosure should be directed to the party specified in "10. Contact Information".
- Even if a request for disclosure is made by the individual to whom the relevant Personal Information pertains, the Company may not disclose the Personal Information, in whole or in part, in the following cases. Should the Company decide not to make the disclosure, it shall promptly notify the individual to this effect.
The disclosure constitutes a violation of another law or regulation.
The disclosure is likely to harm the life, body, property, or other rights or interests of the Person or a third party.
The disclosure is likely to interfere significantly with the proper execution of the Company's business operations.
Outsourcing of Personal Information
- The Company may outsource work involving the handling of Personal Information, in whole or in part. The Company shall be responsible for the handling of Personal Information by the outsourcing service provider.
- In an effort to ensure appropriate handling of Personal Information, the Company shall promote continual improvement, including the revision of this Policy, training of its employees, and a review of the Personal Information protection and management framework from time to time.
7th Fl., KDX Nishi-gotanda Building, 7-20-9 Nishi-gotanda, Shinagawa-ku, Tokyo 141-0031
Staff in Charge of Personal Information Protection and Management, bitbank, inc.