1.Definition

Personal Information means information (i) containing a name, date of birth, or other identifier or the equivalent (meaning all items (excluding individual identification codes) made in writing, recorded, in the form of a sound or motion, or made by any other means, in a document, drawing, or electronic or magnetic record (this includes a record created in electronic or magnetic form (meaning electronic form, magnetic form, or any other form that cannot be perceived with the human senses) which can be used to identify a specific individual (this includes any information that can be easily collated with other information and thereby used to identify that specific individual); or (ii) containing an individualidentification code, as defined in the Act on the Protection of Personal Information of Japan (the “Act”).

2.Protection of Personal Information

Jasmy Incorporated (the “Company”), based on the understanding that the Personal Information of customers and anyone involved in the Company’s business activities (including shareholders and employees; collectively, the “Related Parties”) is closely related to the rights and benefits of individuals and should be handled appropriately and carefully under the philosophy of respecting the personalities of individuals (privacy protection), pledges to comply with all relevant laws and regulations, such as the Act, and to do the following for the purpose of handling Personal Information:

(1) The Company will comply with the Act, guidelines on the Act with respect to the economic and industrial sectors, and other relevant laws, regulations, standards, guidelines provided by the Japanese government, and the like; adhere to practices concerning the handling of PersonalInformation that are generally deemed fair and appropriate; and appropriately handle Personal Information. In addition, the Company will continue to make efforts to improve the handling of Personal Information. (2) The Company will clarify the rules on the handling of Personal Information and ensure that anyone engaged in the Company’s business, such as officers and employees (the “Employees, Etc.”), are informed thereof. In addition, the Company will ask business partners and the like to appropriately handle Personal Information. (3) When acquiring, using, and providing Personal Information, the Company will notify or announce the specified purpose of use or obtain consent, and handle the Personal Information without using it beyond the extent necessary to achieve such purpose of use (unintended use). (4) When handling Personal Information, the Company, in principle, will specify a period of retention within the extent necessary for the purpose of use and appropriately manage the Personal Information. (5) In order to prevent and rectify any issues, such as unauthorized access to Personal Information and leakage, destruction, loss, or falsification of Personal Information, the Company will implement any necessary measures to perform appropriate security management and continue to make efforts to improve such management. (6) The Company will accept requests from the Related Parties at its designated point of contact for any disclosure, correction, deletion, or suspension of use concerning Personal Information owned by the Company and will address those requests in good faith. In addition, the Company will establish an exclusive point of contact for complaints or consultations regarding Personal Information from the Related Parties and address them in good faith.

3.Purpose and Extent of Use

The Company will use Personal Information acquired through the businesses conducted by the Company, its parent company, the parent company’s consolidated subsidiaries, equity method companies, related companies, affiliated companies, and their agents (the “Company Group”) (such businesses, the “Company Group Business”) within the extent of the purposes indicated below. In addition, the Company may entrust any part of its business for smooth operation and provide Personal Information within the required extent to an entrusted party. In such cases, the Company will conclude an agreement on the handling of Personal Information with an entrusted party and appropriately supervise them.

(1) Provision of products and services by the Company Group Business (*) that involves the handling of Personal Information (the “Products, Etc.”); (2) Provision of after-sales services (including maintenance and support) in relation to the preceding item; (3) Receipt of various fees and other charges in relation to the Company Group Business and credit protection; (4) Study and development of new Products Etc. in relation to the Company Group Business; (5) Notice regarding information on the Products Etc.; (6) Training on sales and marketing methods with respect to the Company Group Business and employee education on adopting appropriate methods; (7) Market research in relation to the Company Group Business and other research and studies; (8) Organization of events, such as prize contests and campaigns; (9) Preparation of statistical figures for management analysis and use of the results of the analysis; (10) Responding to requests, such as those for Personal Information disclosure based on the Act and supervision and audits concerning the handling of Personal Information; (11) Activities related to CSR (corporate social responsibility); (12) Management of contractual relationships with business partners; (13) Management of shareholders for purposes including:
(i) exercising and implementing rights and obligations based on the Companies Act;
(ii) the Company providing various benefits to shareholders in compliance with the law;
(iii) implementing various measures for amicable relationships between shareholders and the Company; and
(iv) creating data on shareholders in accordance with standards designated based on various laws and regulations; (14) Employment of the Employees, Etc. (including reemployment; the same will apply hereinafter) and personnel management; (15) Benefits packages for the Employees, Etc. (including notice of the group of employee stock owners, the group for employee welfare, and the like, and the operation and management thereof); (16) Management of facilities and equipment; (17) Any other activities to the extent necessary to conduct the business concerning each of the preceding items; (18) Provision of Personal Information to the Company Group to the extent necessary to achieve the purposes of use specified in each of the preceding items; (19) Notice of the Company’s services, products, various events, and campaigns, and the operation and management thereof, as well as provision of various information, conducting questionnaires, developing new services and Products, Etc., and responding to matters, such as inquiries and requests regarding, among others, the content posted on the Company’s homepage.

* Content of the Company Group Business
Communications, services incidental to the Internet, and information-related services;
Leasing of goods, wholesaling of various products, and other types of wholesaling;
Sale of machines and appliances, other types of retail, and non-store retail;
Other living-related services, machine repairs and the like, money-lending, and credit card-related services;
Auxiliary financial services, insurance (including insurance agencies and insurance services), and other services.

4.Provision of Personal Information to Third Parties

Except for cases falling under any of the following, the Company will not provide any Personal Information to a third party. In addition, the Company may entrust any part of its business for smooth operation and provide Personal Information within the required extent to an entrusted party. In such cases, the Company will appropriately supervise such party, including concluding an agreement on the handling of Personal Information with them. The Company will be responsible for the management of Personal Information handled by the Company or that entrusted by the Company to an entrusted party.

(1) The Related Parties extend their consent; (2) The Company discloses and provides information in a form from which the Related Parties may not be identified, such as statistical data; (3) The Company is required to disclose and provide Personal Information based on the relevant laws and regulations; (4) Provision of Personal Information is necessary to protect the life, body, or assets of a person, and it is difficult to obtain consent from the Related Parties; (5) The Company must cooperate with the government, local public entities, and the like, so that they may conduct public affairs, and obtaining consent from the Related Parties has the risk of hindering the conduct of such affairs. (6) Otherwise, the Company may provide the information owned by the Company as specified below (the “Designated Information”) to the Company Group to the extent necessary to achieve the purposes of use indicated in this policy (“Privacy Policy”) by the means or methods specified below (the “Provision Means”). Upon disclosure or provision of Designated Information, the Company will implement measures to protect Personal Information. Upon request from the Related Parties concerning disclosure or provision to a third party under this item, the Company will suspend disclosure or provision to a third party.
*Designated Information: Personal Information, records of product purchases, records of applications for services acquired in engaging in business of the Company Group, or other information regarding products or services provided on documents or via telephone or orally when Employees, Etc. visit customers.
*Provision Means: provision by using an ASP, provision by email, and provision by using a cloud service.

5. Requests for Disclosure, Etc.

With respect to Personal Information subject to the Company’s disclosure, if the Related Parties request disclosure of, correction of, addition to, or deletion of their own information, or request the suspension of use of or erasure of the Personal Information, or the suspension of provision to a third party (collectively, the “Disclosure, Etc.”), after confirming that the requests are from the Related Parties themselves, the Company, in principle, will issue a written reply in response to such requests within a reasonable period and extent based on the relevant laws and regulations. If the Disclosure, Etc. leads to any of the following, the Company may not accept requests of the Disclosure, Etc., including requests for clarification of the existence of such Personal Information:

(1) There is a risk of harming the life, body, assets, or other rights or benefits of the person who made the request or third parties; (2) There is a risk of promoting or inducing illegal or unjust acts; (3) There is a risk of harming national security, hampering trust relationships with other countries or international organizations, or incurring disadvantages in negotiations with other countries or international organizations; (4) There is a risk of hindering the prevention, suppression, or investigation of crimes and other matters of public security or the maintenance of order; (5) There is a risk of significantly hindering permitted acts with respect to the Company’s business; and (6) There will be a violation of other laws or regulations.

6. Contact for Inquiries About Personal Information

If you have any requests with respect to deletion or inquiries regarding Personal Information, please contact the following:
Jasmy Incorporated
Address: 1-2-3 Kita-Aoyama, Minato-ku, Tokyo 107-0061
Email ：jasmy-info@jasmy.co.jp
Homepage：https://www.jasmy.co.jp/contact_company_en

If the Company receive a request for disclosure, correction, deletion, suspension of use, or suspension of provision to a third party of Personal Information, the Company will address it appropriately and promptly after confirming that the request is from the subject of the Personal Information.

Supplementary Provision

This Privacy Policy became effective on July 26, 2019. This Privacy Policy may be amended following any establishment, amendment, and the like of relevant laws, regulations, various guidelines, and the like. Any amendments to this Privacy Policy will be announced on the Company’s homepage.