1. Name of the Business Operator Handling Personal Information
Concordia Financial Group, Ltd.
2. Declaration of the Protection of Personal Information
The Company (hereinafter, “we,” “our” or “us”) declares as follows with regard to the policy on the protection of personal information:
- We comply with relevant laws and regulations, etc. regarding the protection of personal information. Accordingly, we establish various regulations regarding the handling of personal information, thoroughly convey the regulations to our employees, and revise those regulations as necessary.
- We specify the purpose of use in advance with regard to the handling of personal information. Except as required by laws and regulations, we do not use it for any purposes other than the specified purpose.
- When acquiring personal information, we promptly notify or announce the purpose of use to the individual who is identified by personal information (hereinafter, “the Person”), unless the purpose of use has been announced in advance. Announcements are made by posting on the Company’s website. When acquiring personal information regarding the Person in writing, we clearly state the purpose of use in advance.
- We acquire personal information by appropriate and lawful means.
- We do not use undisclosed and special information, including personal information comprising descriptions as required by laws and regulations regarding a Person’s race, creed, social status, medical history, criminal record, fact of having suffered damage by a crime, or other descriptions etc. prescribed by cabinet order as those of which the handling requires special care so as not to cause unfair discrimination, prejudice or other disadvantages to the Person, which may come to our knowledge in the course of the business, for any purposes other than ensuring appropriate business operations and other purposes deemed necessary.
- We strive to keep personal data accurate and up-to-date within the scope necessary for the achievement of the purpose of use.
- We implement security control measures at the appropriate and reasonable level to prevent leakage, etc. of personal data. In addition, we continue to make improvements through this ongoing initiative.
- When contracting out the handling of personal data to outside parties, we select appropriate contractors and supervise them as necessary and properly so as to ensure security control of personal data.
- We do not provide personal data to third parties, unless the Person’s prior consent is obtained, except as required by laws and regulations.
- When requested to disclose, correct, add, delete, discontinue the use of, or erase retained personal data, we properly respond to such request in accordance with the relevant laws and regulations.
- We sincerely treat opinions and inquiries regarding the handling of personal information.
3. Purpose of Use of Customers’ Personal Information
In accordance with the Act on the Protection of Personal Information, we use customers’ personal information (retained personal data) with the following business description and within the scope necessary for the achievement of the purpose of use.
|Business description||Management and controls of banks and other companies that can be held as subsidiaries in accordance with the Banking Act, and all operations incidental or relating thereto|
|Purpose of use||
We use customers’ personal information for the purposes of management and controls, etc. related to the following operations of the Company and our subsidiaries and affiliates (hereinafter, “the Group”). If the purpose of use of specific personal information is limited by laws and regulations, etc., we do not use it for any purposes other than the designated purpose:
|Limit of the purpose of use||
4. Procedures for Discontinuation of Sending Materials
When a customer requests a suspension of sending disclosure magazines and other reference items, we discontinue the delivery of future materials. (It takes up to two months from the reception of the request to the said discontinuation).
5. Outsourcing of the Handling of Personal Information
We contract out the handling of customers’ personal data to outside parties in, for example, the cases listed below. When using outsourcing services, we select appropriate contractors and supervise them as necessary and properly to ensure safety management of customers’ personal data.
(Examples of outsourced administrative work)
- • Administrative work related to the management of shareholder registers, etc.;
- • Administrative work related to the delivery of materials, etc.; and/or
- • Business related to the operation and maintenance of information systems
6. Procedures for Requesting Disclosure, Correction, etc. and Discontinuation of Use, etc. of Retained Customers’ Personal Data
We respond to customers’ requests to disclose, correct/add or delete, discontinue its use of, erase, or discontinue to provide third parties with customers’ personal data that we retain by the following methods (hereinafter, “Disclosure, etc.”):
- For request for Disclosure, etc.
Please send your request to our office shown below in Section 7.
- Documents, etc. to be submitted when requesting for Disclosure, etc.
- A. “Disclosure Request of Retained Personal Data,” “Request for Correction, etc. of Retained Personal Data” or “Request for Discontinuation of Use of Retained Personal Data” which we established; or
- B. Documents for verifying the Person’s identity (we verify the Person’s identity in accordance with the Act on Prevention of Transfer of Criminal Proceeds).
- Those who can request Disclosure, etc.
- A. The Person;
- B. If the Person is a minor or an adult ward, a statutory agent; and
- C. Agent that the Person delegates for the procedure for requesting Disclosure, etc.
- Information subject to Disclosure, etc.
Our retained personal data (excluding information related to examination, evaluation, etc.)
7. Inquiries regarding the Handling of Personal Information, etc.
Concordia Financial Group, Ltd. Risk Management Department
Tel. 03-5200-8204 (open hours) 9:00 a.m. - 5:00 p.m. on weekdays except Saturdays, Sundays and national holidays
8. Joint Use of Customers’ Personal Data
Companies of the Concordia Financial Group jointly use customers’ information as follows mainly for the purposes of providing comprehensive financial services, etc. Meanwhile, if the customer’s consent is required separately for delivering and receiving personal data by laws and regulations, etc., we obtain the said consent before jointly using the information in accordance with such laws and regulations, etc.
- Scope of joint users
Concordia Financial Group, Ltd. and its Group companies listed below:
- • The Bank of Yokohama, Ltd.
- • The Higashi-Nippon Bank, Limited
- • Hamagin Tokai Tokyo Securities Co., Ltd.
- • Hamagin Finance Co., Ltd.
- • Hamagin Research Institute, Ltd.
- • Sky Ocean Asset Management Co., Ltd.
- • Yokohama Capital Co., Ltd.
- • Yokohama Guarantee Co., Ltd.
- • Hamagin Business Challenged Co., Ltd.
- • The Higashi-Nippon Business Service Co., Ltd
- • The Higashi-Nippon Guarantee Service Co., Ltd
- • The Higashi-Nippongin JCB Card Co., Ltd
- Purpose of use
- A. Joint research and joint development on financial products and services, etc.;
- B. Proposals and guidance to individual customers regarding financial products and services, etc., and determination of validity of those activities; and
- C. Appropriate operation of management and controls as a group, such as identifying and managing various risks.
- Items of personal data to be used jointly
- A. Address;
- B. Name and operating name;
- C. Date of birth;
- D. Contact information, including phone number;
- E. Occupation/workplace;
- F. Transaction status;
- G. Information on assets and liabilities;
- H. Information on transaction needs;
- I. Information on the transaction history; and/or
- J. Information on judgments of credit transactions.
- Name of the person responsible for the management of personal data for joint use:
Concordia Financial Group, Ltd.
9. Proper Handling of Specific Personal Information, etc.
In accordance with the Act on the Use of Numbers to Identify a Specific Individuals in the Administrative Procedures (hereinafter, "the Act") and other applicable regulations, we set forth a basic policy regarding the handling of individual numbers (hereinafter, “Individual Number”; called My Number in Japanese)”) and specific personal information of customers, etc. (hereinafter, “Specific Personal Information, etc.”) as follows:
- Compliance with relevant laws and guidelines, etc.
When handling Specific Personal Information, etc. of customers and other stakeholders, we comply with the Act and other related laws and guidelines, including the Act on the Protection of Personal Information as well as the Declaration of the Protection of Personal Information and other regulations that we have established and publicized separately. In addition, we strive to continuously improve the handling of Specific Personal Information, etc. of customers and other stakeholders.
- Purpose of use of Individual Numbers
- A. When obtaining an Individual Number of customers, etc., we notify, publicize or clearly state the purpose of use thereof, and handle the Individual Number within the scope necessary for the achievement of the purpose of use. Individual Numbers are not used for any purposes other than those permitted by the Act.
- B. The purpose of use of Individual Numbers in the Company is as follows:
-  Preparation of statutory documents related to payment of remuneration, fees, etc.;
-  Preparation of payment records for distribution of dividends and surplus, and interest on funds;
-  Preparation of payment records for real estate usage fees, etc.;
-  Preparation of payment records for the transfer of real estate, etc.; or
-  Preparation of other statutory documents that require the inclusion of the Individual Numbers by laws and regulations, etc.
- Security Control Measures
We take necessary and appropriate security control measures on Specific Personal Information, etc. of customers and other stakeholders for the prevention of leakage, loss or damage as well as the management thereof. In addition, we supervise employees and contractors (including subcontractors, etc.) who handle Specific Personal Information, etc. as necessary and properly.
- Response to your opinions and requests
- A. We strive to properly and promptly respond to your opinions or requests regarding the handling of Specific Personal Information, etc.
- B. For opinion and requests regarding the handling of Specific Personal Information, etc., please contact the section in charge of inquiries regarding the handling of personal information, etc.