Privacy Policy

K.I.N Co.,Ltd. (hereinafter referred to as the “Company”) recognizes the importance of appropriately protecting personal information (Personal information as defined in the Act on the Protection of Personal Information, including personal data and retained personal data. The same shall apply hereinafter.) in the operation of its EC business, and will endeavor to protect Personal Information appropriately in accordance with our policy as set forth below.

K.I.N Co.,Ltd.
169-1 Shoshinji – cho, Shimogyo – ku Kyoto, Japan 600-8116

Compliance with Laws and Regulations

The Company shall comply with the Act on the Protection of Personal Information and other relevant laws and regulations, the “Guidelines Concerning the Act on the Protection of Personal Information in the Economic and Industrial Sector” and this Privacy Policy in acquiring, utilizing, and otherwise handling personal information of the Company’s customers, business partners, officers and employees, etc. (hereinafter referred to as “Customers, etc.”).

Acquisition of Personal Information

The Company will acquire personal information of Customers, etc. in an appropriate and fair manner through its website, by e-mail, in writing, or by other means, specifying the purpose of utilization as much as possible. When you use the Company’s services, information about Customers, etc., such as communication records, may be recorded in the Company’s facilities. In addition, when we answer the telephone with Customers, etc., the Company may record the conversation with Customers, etc. in order to accurately understand the content of the inquiry and to improve the quality of the Company’s services.

Specification and Public Announcement of Purposes of Utilization

When utilizing personal information of customers, etc., the Company will publicly announce and collect such information after specifying the purpose of utilization as much as possible in advance in this Privacy Policy or on the website of each service. We will handle personal information in accordance with the publicly announced purposes of utilization. The purposes of utilization of personal information acquired by the Company are as follows.

For purposes of utilization for which consent has been obtained from Customers, etc.

To disclose and utilize the information in a manner that does not allow identification of Customers, etc. (as an individual, e.g., statistical data) for the purpose of analyzing service usage, content layout, and making decisions to improve service quality.

To provide various services (including after-sales services) provided by the Company or third parties such as the Company’s business partners.

To provide information related to various services provided by the Company or third parties such as the Company’s business partners to Customers, etc., whether by telephone, in writing by mail, by fax, by e-mail, or by any other means.

To provide various services by subcontractors who are obligated to maintain confidentiality with the Company.

To conduct recruitment activities such as selection, communication, salary determination, etc.

For proper employment management after hiring.

For other purposes of utilization for which consent has been voluntarily obtained from the relevant individual.

For other purposes, to obtain consent from the relevant Customers, etc., for the utilization of personal information.

Utilization Within the Purposes of Utilization

The Company will handle personal information of Customers, etc. only within the scope necessary to achieve the purpose(s) of utilization that has been specified and publicly announced in advance. However, in the cases set forth in the following items, the Company may handle personal information of Customers, etc. beyond the scope necessary to achieve the purpose(s) of utilization which has been specified and publicly announced in advance.

Cases in which the handling of personal information is based on laws and regulations.

Cases in which the handling of personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person.

Cases in which the handling of personal information is especially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person.

Cases in which the handling of personal information is necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and in which obtaining the consent of the person is likely to impede the execution of the affairs concerned.

Retention Period

When handling personal information, the Company shall, in principle, specify a retention period within the scope necessary for the purpose of utilization, and shall delete such personal information without delay after the retention period has elapsed or the purpose of utilization has been achieved. However, in the cases set forth below, such personal information may not be deleted even after the retention period has elapsed or the purpose of utilization has been achieved.

Cases in which the information must be retained in accordance with the provisions of laws and regulations.

Cases in which consent has been obtained from the person.

Cases in which the Company retains personal information within the scope necessary to carry out its own business operations, and in which there are reasonable grounds for not deleting such personal information.

In addition to the cases listed in the preceding three items, when there is a special reason for not deleting such personal information.

Security Control Measures

The Company shall endeavor to keep personal information of Customers, etc. accurate and up-to-date, and shall take necessary and proper measures for the management of the security of information to protect it from unauthorized access, alteration, leakage, loss, or damage.

Supervision of Employees

When the Company has its officers and employees handle personal information of Customers, etc., the Company shall provide necessary and appropriate supervision over the Company’s officers and employees to ensure the management of the security of such personal information of Customers, etc. In addition, the Company will provide its employees with the education and training necessary to ensure the proper handling of personal information.

Supervision of Trustees

When the Company entrusts a third party with the handling of personal information of Customers, etc., in whole or in part, the Company shall provide necessary and appropriate supervision over the trustee to ensure the management of the security of such entrusted personal information.

Provision to a Third Party

1. The Company will not provide personal information of Customers, etc. to a third party without obtaining the consent of Customers, etc. However, the Company may disclose or provide personal information of Customers, etc., to a third party without obtaining the consent of the person in the following cases.

(1) Cases in which the provision of personal information is based on laws and regulations.

(2) Cases in which the provision of personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person or when the Company deems it urgent.

(3) Cases in which the provision of personal information is especially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person, or when the Company deems it urgent.

(4) Cases in which the provision of personal information is necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by one in executing the affairs prescribed by laws and regulations and in which obtaining the consent of the person are likely to impede the execution of the affairs.

(5) Cases in which the provision of personal information to a subcontractor to whom the Company entrusts its services in whole or in part is necessary for the provision of the Company’s services.

(6) Cases in which the provision of personal information to financial institutions, collection agencies, or other subcontractors is necessary, within the scope necessary to achieve the purpose of utilization.

2. In particular, when personal information is provided to a third party in a foreign country, the name of the foreign country, its system for protecting personal information, and the measures taken by the third party to protect personal information will also be posted on the Company’s website in advance.

Joint Utilization, etc.

1. If the person or entity to whom personal information is provided falls under any of the following items, the Company may treat the person or entity to whom personal information is provided as not falling under the category of “third party” and entrust, provide, or jointly utilize personal information of Customers, etc. with such third party without obtaining the consent of Customers, etc.

(1) Cases in which the Company entrusts the handling of personal information in whole or in part within the scope necessary for the achievement of the Purpose of Utilization.

(2) Cases in which personal information is provided as a result of the succession of business in a merger or otherwise.

(3) Cases in which personal information is used jointly between specific individuals or entities and in which this fact, the items of the personal information used jointly, the scope of the joint users, the purpose for which the personal information is used by them, and the name of the individual or business operator responsible for the management of the personal information is, in advance, notified to the person or put in a readily accessible condition for the person.

Request for Disclosure, etc.

When Customers, etc. wish to request notification of the purpose of utilization of personal information, disclosure, correction, addition, or deletion of personal information or records of provision to a third party, or to stop the utilization or provision of personal information to a third party, please follow the Company’s prescribed procedures. * For more information about the procedures, please contact us.

Processing of Complaints

The Company will respond promptly and appropriately to complaints and other inquiries from Customers, etc. regarding the handling of personal information. Complaints and other inquiries regarding personal information should be directed to the following address.

【Contact for inquiries regarding personal information】
K.I.N Co.,Ltd.
E-mail: contact_kin@kin-japan.com

Response in the Event of Leakage

In the event of a leakage, etc. of personal information of Customers, etc., the Company shall take prompt and appropriate measures, such as promptly notifying Customers, etc. of the facts.

Continuous Improvement

In order to ensure the proper handling of personal information, the Company will appoint a personal information protection manager and endeavor to continuously improve the handling of personal information within the Company through the development of internal regulations regarding the protection of personal information, employee training, and the conduct of internal audits.

Handling of Anonymized Personal Information, etc.

Anonymized personal information means information relating to an individual that can be prepared in a way that makes it not possible to identify a specific individual by taking measures prescribed by laws and regulations, and also makes it not possible to restore that personal information.

When Creating Anonymized Personal Information

(1) The Company will process personal information properly in accordance with the standards prescribed by laws and regulations.

(2) The Company will take measures for the management of the security of information to prevent the leakage of information related to the deleted information and the processing method in accordance with the standards prescribed by laws and regulations.

(3) The Company will disclose the items of information contained in the anonymized personal information it has created as follows.

(4) The Company will not collate the anonymized personal information with any other information in order to identify a person from whom the information was created.

When Providing Anonymized Personal Information to a Third Party

(1) The Company will disclose on its website the categories of information on an individual that is contained in the anonymized personal information it will provide to the third party and the means of providing it.

(2) The Company will state to the third party explicitly that the information it will provide is anonymized personal information.

(Prohibition against Identifying Persons)

Handling of Pseudonymized Personal Information, etc.

Pseudonymized personal information means information relating to an individual that can be prepared in a way that makes it not possible to identify a specific individual unless collated with other information by taking the measures prescribed by laws and regulations.

When Creating Pseudonymized Personal Information

(1) The Company will create pseudonymized personal information after proper processing in accordance with the standards prescribed by laws and regulations.

When Pseudonymized Personal Information and Deleted Information, etc. Are Acquired

(1) The Company will take measures for the management of the security of information to prevent the leakage of Deleted Information, etc. in accordance with the standards prescribed by laws and regulations

(2) When the Company especially acquires pseudonymized personal information that is personal information, the Company shall promptly disclose the purpose of utilization of such information unless it has previously disclosed such purpose.

When Handling Pseudonymized Personal Information as a Database

(1) The Company will take necessary and proper measures for the management of the security of information to protect it from unauthorized access, alteration, leakage, loss, or damage.

(2) The Company will not collate the pseudonymized personal information with any other information in order to identify a person from whom the information was created.

(3) The Company will not use contact addresses and other information contained in the pseudonymized personal information for telephoning, for sending by mail or by correspondence delivery, for delivering a telegram, for transmitting information using a facsimile machine or electronic or magnetic means, or for visiting a residence.

(4) Other handling of pseudonymized personal information, except for cases exempted by laws and regulations, shall be in accordance with the handling of personal information.

Handling of Information Related to Personal Information, etc.

Information related to personal information means information relating to a living individual that doesn’t fall under personal information, pseudonymized personal information, and anonymized personal information.

When information related to personal information is provided by a third party as personal data, the personal information acquired from Customers, etc. and the information related to personal information provided by the third party may be collated, and the information related to personal information may become personal data that identifies the person.

Items of information related to personal information subject to above: All information related to personal information

Purpose of utilization after acquisition: Same as the purpose of utilization of personal information specified and publicly announced.

When Providing Information Related to Personal Information to a Third Party as a Database

(1) When the Company provides information related to personal information to a third party, the third party may collate the personal information in its possession with the provided information related to personal information, and the information related to personal information may become personal data that identifies the person. If so, the Company will take steps to verify this information in accordance with laws and regulations.

(2) The purpose of utilization of information related to personal information after it is provided and acquired as personal data will be notified or publicly announced at the destination.

Changes to the Privacy Policy

The Company may, from time to time, review this Privacy Policy and make changes, in whole or in part. If we decide to change the personal information we collect from Customers, etc., change the purposes for which we utilize that information, or otherwise change our Privacy Policy, we will publicly announce those changes by posting them on the Company’s website. The revised Privacy Policy will be effective upon posting on the Company’s website. Please note that we do not obtain new consent solely for the purpose of changing the Privacy Policy.