- When collecting personal information, the purpose of use shall be clearly indicated, and the collected information shall be used and/or provided within the scope of the purpose of use, and taken measures to ensure that personal information is not handled beyond the scope of the purpose of use.
- Collected personal information shall be managed accurately and kept up to date to the extent required for the intended purpose.
- Collected personal information shall be managed strictly to prevent and correct illegal access, loss, disposal, modification, and leakage; adequate security measures shall be taken.
- Individuals may review and edit their own personal information stored by the information provider after authenticating personal identification following our predefined procedure to the extent appropriate. If an error is discovered in the retained information after disclosure, it shall be corrected immediately. In addition, when we receive complaints about the handling of personal information, we will respond appropriately and promptly.
- Recognizing the importance of protecting personal information, we comply with laws, regulations, national guidelines, and other standards related to the protection of personal information, and shall establish internal regulations for the protection of personal information, build internal systems, ensure systematic security, and continuously improve them.
Enacted April 1, 2021
Mitsubishi HC Capital
Representative Director, President & CEO
1. Processing Personal data
"Personal data" means any data relating to an identified or identifiable natural person, including, without limitation, Customers' names, addresses, dates of birth, telephone numbers, e-mail addresses.
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(2) Types of personal data to be acquired
The types of personal data to be acquired will be specified prior to the provision of the Service by the Company.
(3) Purposes of use of personal data
The Company will collect personal data for the following purposes of use:
- (i) to set up Customers' accounts;
- (ii) to provide Services to Customers;
- (iii) to improve and develop Services; and,
- (iv) to conduct other activities related to Services.
The Company will process the personal data only within the scope of the purposes of use.
In the case of processing the Customers' personal data for purposes other than the above, the Company will notify Customers in advance of such new purposes of use and other matters as required by applicable laws.
The personal data that Customers are to provide is necessary in order for the Company to provide the Service to the Customers, and there may be cases in which Customers who have not provided such data will be unable to use Service.
(4) Retention Period
The Company will retain the Customers' personal data as long as the Company requires such data for achieving the purposes of use specified in 1(3) above, but will promptly delete the same in the case that such data is no longer necessary.
- (a) In the case that the country in which the third party is located is outside the EEA, such country does not have the same data protection laws as the EEA, i.e., many of the rights provided to data subjects in the EEA are not given;
- (b) The Customers' personal data will be provided and processed for the purposes specified in 1(3) above by third parties outside the EEA; and
- (c) The Customers' personal data will be provided to third parties located outside the EEA.
In addition to the above, in the case that the Company provides the Customers' personal data to a third party located in a country outside the EEA, the Company will ensure that adequate measures are taken concerning the protection of the Customers' personal data by executing standard contract clauses based on the GDPR, etc.
(6) Rights of Customers
The Customers may request from the Company access to, rectification or erasure of, and restriction of processing of their personal data, may object to the processing of the Customers' personal data, and may request data portability. The Company accepts such Customers' requests at the contact point set forth in "2. Contact" below.
The Company may refuse the Customers' requests if the Company deems that there is no basis for such Customers' requests or if they are deemed excessive.
The Customers may raise objections with the data protection authorities having jurisdiction over the location of the Customers' domicile with regard to the processing of their personal data.
<Mitsubishi HC Capital>
Legal & Compliance Department
3-1, Nishi Shimbashi 1-chome, Minato-ku, Tokyo, 105-0003 Japan
About Usage of Cookies and Web beacons
A person can refuse to receive a cookie, or can display a warning message when receiving a cookie by changing the setting of a web browser. For more details, please see the instructions of a web browser you are using. Moreover, a person can reject a Web beacon by setting to refuse the receipt of a cookie.
But, in the first case, please note that a person may not be able to use the all or part of our services provided in the website.
Mean information exchanged one another between a web server that controls a web site and a web browser that a person uses. Cookies may be saved as files in the disk of a person's PC. If you use a cookie, the web server can track and record information about which pages in the web site the particular computer visits etc. However, we cannot identify the person unless he or she enters the personal information into the web site.
- Web Beacons:
Mean technology that functions with a cookie to check how many times a person accesses a particular page. However, we cannot identify the person unless he or she enters the personal information when receiving cookies.