NETSTARS Co., Ltd. (hereinafter, “the Company”) sets forth the following Privacy Policy in connection with the conduct of its business. The Company has established a framework for the protection of personal information and manages such information with the utmost care.
1. Corporate Name, Representative, and Personal Information Protection Manager
The Company has appointed a Personal Information Protection Manager as specified below, and all personal information shall be acquired, accessed, used, provided, jointly used, and managed under the responsibility of the Personal Information Protection Manager.
NETSTARS Co., Ltd.
Representative Director and CEO: Tsuyoshi Ri
Personal Information Protection Manager: Tetsuya Inada, Director of Management Division
Sumitomo Fudosan Hatchobori Building, 3-3-5 Hatchobori, Chuo-ku, Tokyo, Japan
2. Consent Regarding Personal Information
The Company shall only use the personal information provided by our customers within the scope of the purposes of use, etc., that have been publicly announced, notified, or consented to in advance, except in cases where the customer has personally given consent or where permitted by law. In cases where customers’ personal information is to be used beyond the said scope, we will notify customers in advance of the purpose and scope of such use and obtain their consent.
3. Purposes of Use of Personal Information
The Company shall acquire and use personal information within the scope of the purposes of use set forth below.
(1) Personal Information of Users and Prospective Users of the Company’s Services
Personal information will be used for the following purposes in connection with the Company’s payment information processing services, payment proxy services, customer acquisition support business, and all businesses related or incidental thereto.
(2) Personal Information of Job Applicants
Personal information will be used for the following purposes.
(3) Personal Information of Company Employees
Personal information directly acquired in writing from employees of the Company will be used for the following purposes.
(4) Personal Information of Visitors to the Company’s Office
In order to maintain the security of the Company’s office, we carry out room access management, keep visitor records, and handle the personal information of persons entering and leaving the office.
In addition, to prevent information leakage or theft of equipment and to maintain the security of the entire organization, we take appropriate measures and make every effort to ensure the proper management of such personal information.
(5) Personal Information Related to the Company’s Investor Relations Activities
Personal information will be used for the following purposes.
(6) Retained Personal Data of Other Individuals Who Contact the Company or Participate in Exhibitions, Seminars, or Events other than those listed in (1) to (5) above
Retained personal data of such individuals will be used for the following purposes.
4. Use of Cookies
The Company’s website uses cookies (information exchanged between the website and the user’s web browser) to improve usability and enhance website content. On the Company’s website, cookies are used to record the user’s domain name, but do not collect any information that can identify individual users such as email addresses. Users who wish to opt out of receiving cookies can disallow the use of cookies in their web browser settings. However, please note that if cookies are disabled, some services provided through the website may not be fully usable.
5. Provision of Personal Information to Third Parties
The Company shall not provide customers’ personal information to third parties without obtaining customers’ prior consent. However, this shall not apply in the following cases.
(1) Cases based on laws and regulations
(2) Cases where provision of personal information is necessary for the protection of life, body, or property, and it is difficult to obtain the customer’s consent
(3) Cases where provision is particularly necessary for the improvement of public health or the promotion of the sound development of children, and it is difficult to obtain the customer’s consent
(4) Cases where it is necessary to cooperate with a national government agency, local government, or a person entrusted thereby in the execution of duties prescribed by law, and obtaining the customer’s consent may impede the execution of such duties
(5) Cases where the handling of personal information is entrusted to a third party within the scope necessary to achieve the purposes of acquisition or use
(6) Cases where personal information is provided due to corporate merger or other succession of business
6. Entrustment of Handling of Personal Information
The Company may entrust personal information, within the scope necessary to achieve the purposes of use, to contractors with whom the Company has entered into an agreement regarding the handling of personal information.
7. Requests for Disclosure, etc. of Retained Personal Data and Records of Third-Party Provision
(1) Purposes of Use of Retained Personal Data and Records of Third-Party Provision
As set forth in 3. (1) through (6) above.
(Excluding applicant information obtained from recruitment websites or recruitment agencies as set forth in 3. (2) (a) (i))
(2) Procedures for Requests for Disclosure, etc.
We will respond promptly to requests for notification of the purposes of use of retained personal data handled by the Company, as well as requests for disclosure, correction, addition, or deletion, suspension of use or erasure of such retained personal data, suspension of provision to third parties, and disclosure of records of provision to third parties. For specific procedures relating to such requests (including where to submit requests, application forms, and identity verification), please contact us via the contact information provided below.
(3) Complaints Regarding the Handling of Retained Personal Data
For complaints or other inquiries regarding the handling of personal data retained by the Company, please contact us via the contact information provided below.
(4) Measures for the Security Management of Retained Personal Data
The Company has taken the following measures for the security management of retained personal data, after assessing the external environment in which such data is handled.
| Organizational Security Management Measures | We take necessary measures to establish an appropriate organizational structure, ensure operations in accordance with internal rules relating to the handling of personal data, establish methods for confirming the status of personal data handling and systems for responding to incidents such as data leakage, and to assess handling status and review our security management measures as appropriate. |
| Human Security Management Measures | We provide regular training to our employees regarding important considerations in the handling of personal data. In addition, we obtain written pledges that include provisions concerning the confidentiality of personal data. |
| Physical Security Management Measures | We take necessary measures to control areas in which personal data is handled, prevent theft of equipment and electronic media, prevent information leakage when electronic media are transported, and ensure the deletion of personal data and the secure disposal of equipment and electronic media. |
| Technological Security Management Measures | We take necessary measures with respect to our information systems, including access control, identification and authentication of users, prevention of unauthorized external access, and prevention of information leakage associated with the use of our information systems. |
For complaints or consultations regarding the handling of personal information, please contact us via the contact information provided below.
NETSTARS Co., Ltd. Information Security Committee, Personal Information Consultation Desk
Sumitomo Fudosan Hatchobori Building, 3-3-5 Hatchobori, Chuo-ku, Tokyo
E-mail: security_info@netstars.co.jp
Operating Hours: Mon-Fri 10:00am-7:00pm (Closed on weekends, holidays, and New Year period)
Name of Authorized Personal Information Protection Organization and Contact for Complaint Resolution
Japan Users Association of Information Systems
Phone: 03-6264-1312
2F/5F NBF Higashi Ginza Square Building, 1-13-14 Tsukiji, Chuo-ku, Tokyo
Operating Hours: Mon-Fri 10:00am-7:00pm (Closed on weekends and holidays)
Name of Authorized Personal Information Protection Organization and Contact for Complaint Resolution
Japan Information Processing Development Center
Phone: 03-5860-7565 / 0120-700-779
Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo
Operating Hours: Mon-Fri 9:30am-12:00pm / 1:00pm-4:00pm (Weekdays only)