Privacy Policy and Procedure
(This is a translation from the Japanese texts. It should be treated as a reference only. The Japanese original supersedes this English translation.)
We hereby establish Privacy Policy and Procedure and build a structure to protect the personal information of our customers by educating all our employees to recognize the importance of protecting the personal information and to put the preventive measures into full practice. The policy purports to explain how we protect and treat the personal information, including an individual tax ID (“My Number”) and information containing My Number (both collectively “Specific Personal Information”).
1. Compliance to Act on the Protection of Personal Information and other related acts
We comply with Act on the Protection of Personal Information (“APPI”), Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures and other laws, regulations and guidelines related to the protection of the personal information.
2. Purposes of use of the personal information
In compliance with laws and regulations for the protection of the personal information, we use your personal information in our services described (1) below, and for the purposes described (2) below, to the extent necessary to achieve the purposes. We clarify and define the purposes of use in details for our customers. We make efforts to restrict the purposes of use of your personal information, wherever possible, according to the circumstances: e.g., we will use your survey answer only for tallying.
(1) Our services
- Overseas remittance service and other services related thereto
(2) Purposes of use
- To enroll and register customers for our membership and provide international remittance service;
- To verify the identity of our customers and their qualification for our services pursuant to Act on Prevention of Transfer of Criminal Proceeds, Foreign Exchange Act, Act on Submission of Statement of Overseas Wire Transfers for the Purpose of Securing Proper Domestic Taxation and other relevant laws and regulations;
- To properly execute remittance requests by providing the personal information, to the extent necessary to perform the transactions, for third parties, including financial institutions and other financial service providers, domestic and abroad;
- To properly execute transactions requested by other financial institutions or financial service providers, where they entrust us to perform certain transactions, in whole or in part, involving the personal information;
- To exercise our rights or fulfill our obligations arising from the contracts with customers and/or pursuant to relevant laws and regulations;
- To announce the winners of prizes and to send the prizes to them;
- To analyze existing service or to develop new service by market research, data analysis and customer survey;
- To conduct direct marketing and/or make various proposals on our services;
- To offer and propose products and services of our partners;
- To close our customer accounts and to manage them after the closure;
- To perform any and all other transactions with our customers appropriately and smoothly.
We will not use certain personal information for the purpose other than stipulated by laws or regulations, where such use of specific information is restricted by laws and regulations:
In compliance with Article 26 of Cabinet Office Order on Funds Transfer Service Providers, we take measures to ensure that we will not use sensitive information except for the purposes to carry out proper business operation and for the purposes deemed only necessary. Such sensitive information includes the personal information regarding racial, ethnic or family origins, faith, registered domicile, medical or criminal records and other special non-publicized information concerning individuals we may acquire in the course of our business.
We will not collect Specific Personal Information or use it for the purposes other than defined by Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures.
3. Proper collection of personal information and Specific Personal Information
We will collect your personal information and Specific Personal Information appropriately and lawfully to the extent only to achieve the purposes of use described in 2 above through the sources exemplified below:
- Customers to provide their personal information and Specific Personal Information via application forms in writing and/or to input and upload to our website screens or mobile application their personal data, selfie and/or photos of identification cards, among other things; and
- Customers to make inquiries and consultation by phone and other electronic means. Note that we may record the telephone conversation in order to improve our service quality and to validate the contents.
4. Non-Disclosure of personal
information to third parties
We will properly manage the personal information of our customers and will not disclose it to third parties except in the cases mentioned below. We will not disclose Sensitive Information to third parties except in the cases permitted by the relevant laws, regulations or guidelines. Nor will we disclose Specific Personal Information to third parties except in the cases clearly set forth in Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures.
- where customers consent to the disclosure;
- where we need to disclose the personal information to our entrusted contractors to perform the services requested by our customers; or
- where we are required to disclose it pursuant to relevant laws and regulations;
We may, from time to time, outsource the handling of a whole or part of the personal information to our entrusted contractors in performing the overseas remittance service and maintaining IT systems, among others. In this case, we will take necessary and proper oversight of our entrusted contractors.
5. Security measures to protect the personal information
We establish the policies to keep the personal information of our customers accurate and up-to-date and to define the organizational, human, physical and technical measures to prevent unauthorized access, loss, falsification or leakage. We implement necessary and appropriate measures to manage the personal information of the customers by maintaining the security system, developing the administrative structure and educating the employees among others.
6. Other pertinent information on cross-border data transfer
Other pertinent information related to the cross-border transfer of the personal information is as follows:
(1) With regard to international remittance services, we are unable to specify the country the personal information is transferred to since it varies depending on the destinations of the remittances, the routes to the destinations and the locales of our partner financial institutions, their group companies and their partner financial institutions.
Since the countries involved cover almost all the world, we are unable to explain here (i) the legal framework of the personal data protection of each country and (ii) the protective measures taken by each financial institution the personal information is transferred to. Our partners are financial institutions or financial service providers duly licensed by or registered with the competent authorities of the countries permitted to conduct overseas remittance business in their countries; therefore, they comply with the laws and regulations for the personal data protection in their respective domiciles.
The Personal Information Protection Commission Japan discloses its analyses on the legal frameworks of certain countries for your reference:
https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/#gaikoku
We provide additional information, so far as it has become available to us, as to the countries your personal information has been transferred to. Contact us at the address shown in Article 9.
(2) We hire contractors located in Brazil to outsource the development, maintenance and operation of our IT system. We provide them with the personal information of our customers to the minimal extent only necessary to carry out the outsourced tasks. They have adopted a structure and measures in conformity with the standards stipulated by APPI. The legal frameworks of the two countries are shown below.
|
Country |
Federative Republic of Brazil |
|
Outline of the legal framework that may affect the contractor’s implementation of the measures required by APPI |
Federative Republic of Brazil General Data Protection Law (No.13709/2018) The Regulator: National Data Protection Agency https://www.ppc.go.jp/files/pdf/offshore_DPA_report_R3_12.pdf |
|
How to ensure the contractor to implement the measures required by APPI |
We bind the contractors by the contracts and confidentiality agreements to properly manage the personal information and the data accesses. We supervise them and require them to take necessary measures, such as encryption, from the perspective of information security. We collect annual reports from them on the status of their implementation of such measures. We take necessary actions such as checking the information published by Japanese Government bodies regarding the legal framework of the countries where the contractors reside. |
|
Obstacles to the implementation of the measures required by APPI |
None (as of 1st of April 2022). |
(3) We hire promoters overseas and outsource certain operations to them to receive customer referrals, verify their identities and collect the application forms with respect to the international remittance service. We provide them with the personal information of our customers to the minimal extent only necessary to carry out the outsourced tasks. They have adopted a structure and measures in conformity with the standards stipulated by APPI. The legal frameworks of their countries are shown below.
|
Country |
Republic of Indonesia, Socialist Republic of Vietnam and Democratic Socialist Republic of Sri Lanka |
|
Outline of the legal framework that may affect the contractor’s implementation of the measures required by APPI |
Republic of Indonesia https://www.ppc.go.jp/files/pdf/indonesia_report.pdf Socialist Republic of Vietnam https://www.ppc.go.jp/files/pdf/vietnam_report.pdf Democratic Socialist Republic of Sri Lanka https://www.parliament.lk/uploads/acts/gbills/english/6242.pdf |
|
How to ensure the contractor to implement the measures required by APPI |
We bind the contractors by the contracts and confidentiality agreements to properly manage the personal information and the data accesses. We supervise them and require them to take necessary measures, such as encryption, from the perspective of information security. We collect annual reports from them on the status of their implementation of such measures. We take necessary actions such as checking the information published by Japanese Government bodies regarding the legal framework of the countries where the contractors reside. |
|
Obstacles to the implementation of the measures required by APPI |
None (as of 1st of April 2022). |
(4) Contact us at the address described in Article 9 if you need more information on the measures the contractors adopt as required by APPI.
7. Procedure to request disclosure of the personal data
We will process a request from an individual or his attorney for the disclosure of his personal data we hold as follows. Such disclosure includes notification of the purposes of use, disclosure, correction and deletion of the personal information.
- After verifying the identity of the individual and/or his attorney, we will inform of the detailed procedure to request to disclose his personal information. We may respond in writing or by another means or by the means designated by him unless it is difficult for us to do so. We may require a request in a prescribed format in certain cases.
- A request from an individual or his attorney for the disclosure of his personal data should be made using the prescribed form, which should be mailed to the address in Article 9 below with the proof for his identification enclosed.
- There will be no fee for the disclosure. He shall bear his own costs, such as the cost of his communication with us and the cost for his preparation of his identification as described above.
- We will respond within a reasonable period of time.
8. Compliance to laws and regulations and updates
We abide by laws and regulations of Japan and other rules applicable to the personal information of the customers and review this policy from time to time for improvement.
9. Contact
Contact the following address for more details:
Unidos Co., Ltd.
Compliance Department
Stairs Building 2F, 2-4-8 Hyakunin-cho, Shinjuku-ku
Tokyo 169-0073
Phone 03-3280-1029 (Weekdays 10:00 - 18:00)