Privacy policy
Personal Information Protection Policy
I. General
As an advanced information communications company, SBI Africa Co., Ltd. (the “Company”) offers a wide array of products and services (the “Services”) to customers through the internet using the latest information technology and financial instruments. We, therefore, consider the handling of Personal Information very important. Learning from recent mishaps and acts of negligence in industry at large related to Personal Information, we are taking proactive steps to safeguard the private information of our customers by building a secure environment as outlined in this Personal Information Protection Policy (“Privacy Policy”).
1. Acquisition and Utilization of Personal Information
The Company may obtain and use Personal Information (as defined hereinafter) of users of the Services (individually “User” or collectively, “Users”) after clarifying the purpose of use thereof and use it only within the scope of purpose. The purpose of use will be specified in 2. Purpose of Use of II. Handling of Personal Information below and the General Managers of individual departments which handle Personal Information shall be responsible for establishing and carrying out the confirmation procedures for the prevention of deviation from the purpose of use. The Company will also establish and arrange the internal management scheme and take safety management measures in order to prevent the use of Personal Information beyond the scope of the purpose of use.
2. Management and Protection of Personal Information
The Company will carefully and closely manage Personal Information and will not disclose or provide such Personal Information to any third party unless the Company obtains the prior consent of Users whose Personal Information is concerned or unless the Company does so in accordance with laws and regulations or otherwise stated in this Privacy Policy. The Company will lay down and carry out preventive and corrective measures against risks resulting from any unlawful access to Personal Information, or any divulgement, loss, falsification, leakage of or damage to Personal Information.
3. Compliance with Laws, Regulations, and Norms
The Company will comply with the laws and regulations, guidelines in Japan and other rules that are applicable to the use and handling of Personal Information in the Company's possession.
4. Response to Inquiries and Complaints
The Company will arrange the scheme and procedures for reception of and response to inquiries and complaints from any User whose Personal Information is concerned as to the handling of his or her Personal Information. We will respond properly and promptly to any request for disclosure, correction, addition, deletion, refusal of use or provision regarding Personal Information.
5. Continuous Improvement of Schemes and Mechanisms of Management of Personal Information Protection, and Amendments of the Privacy Policy
The Company will continuously improve the scheme and mechanism of the management and protection of Personal Information. The Company will review the content of this Privacy Policy appropriately and endeavor to improve this Privacy Policy. The content of this Privacy Policy can be amended unless otherwise stipulated in laws, regulations, and this Privacy Policy. The amended Privacy Policy will be valid when notified to all Users or uploaded on our website in accordance with our procedures.
II. Handling of Personal Information
1. Personal Information
“Personal Information” in this Privacy Policy means “personal information” as stipulated in the Act on the Protection of Personal Information of Japan (Act No. 57 of May 30, 2003; “Personal Information Protection Act”); and therefore, means information which can identify a specific living individual by name, date of birth, address or other description, or which includes a code that can identify a specific individual. In addition, any information which cannot identify Users solely by itself but can easily be collated with other information and, as a result thereof, can identify Users, is also included in the scope of Personal Information.
In this Privacy Policy, "Personal Data" means personal information that constitutes personal information databases as defined in the Personal Information Protection Act.
*“Personal Information” described in this Privacy Policy does not include .specific personal information as stipulated in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures (Act No. 27 of May 31, 2013).
2. Purpose of Use
To help carry out the Services, the Company may acquire from and use Personal Information of Users within the scope necessary for the purposes stated below:
(1) To provide, perform, improve and refine the Services, or to develop new services;
(2) To notify Users of information regarding the Services, etc.;
(3) To exercise rights or to perform obligations based on the Personal Information Protection Act and other relevant laws and regulations;
(4) To respond to inquiries, requests, etc. from its Users;
(5) To request cooperation for questionnaires, monitoring, or interviews related to the Company's Services, or to send information on various events, or to implement such requests;
(6) To identify Users who have violated the Terms of Use or who intend to use the Services for unlawful or illegitimate purposes, and to block their use of Services;
(7) To protect the rights and interests of the Company or third parties by preventing, investigating, and identifying activities that may be illegal or fraudulent; and
(8) To carry out operations incidental to (1) through (7) above and operations to properly and smoothly manage the business of the Company.
3. Person who is Responsible for the Management of Personal Information
SBI Africa Co., Ltd.
Representative Director Shinji Matsui
4. Entrustment of Personal Information Handling
We may entrust an individual or a business operator to handle Users’ Personal Information in whole or in part, to the extent necessary for achieving the Purpose of Use. In such case, we will examine their eligibility sufficiently, obligate such individual or business operator to maintain confidentiality obligations by contract, and perform the necessary and appropriate supervision over such individual or business operator.
5. Third Party Disclosure
The Company will not disclose your Personal Information to any third party except as stated in Section II.4. above, or in the following circumstances:
(1) We may disclose your Personal Information upon your prior consent.
(2) We may use data related to a User for statistical calculations if such data does not reveal the identity of a User.
(3) We may use your Personal Information if required by law.
(4) We may use your Personal Information to protect human life, body or assets if obtaining your consent for some reason is difficult.
(5) We may use your Personal Information to improve public health, to promote child development, or for some other special situation if obtaining your consent for some reason is difficult.
(6) We may use your Personal Information to cooperate with a national institution, a local public body, or a related outsourcer that must perform work to comply with Japanese law if obtaining your consent would be an obstacle to performing the relevant work.
6. Common Use of Personal Information
The Company may allow common use of Personal Information listed in Item (1) "Items of Personal Information Subject to Common Use" held by the Company among the parties described in Item (2) "Parties Authorized for Common Use". Notwithstanding the foregoing, Personal Information regarding recruitment described in Item (1) may only be used for the purpose described in Item (3)e. Also, if certain common use is restricted under relevant laws or regulations, such as the Financial Instruments and Exchange Act and Insurance Business Act, Personal Information will be handled in compliance with such laws or regulations.
(1) Items of Personal Information Subject to Common Use
a. An individual's name, address, date of birth, contact information, such as telephone number and e-mail address, information on transaction needs publicized information, and other information relating to one's personal attribution.
b. Transaction records, point information, type of products and services offered to Users, and other information relating to individual transactions.
c. Control numbers, such as User and transaction numbers, and other information necessary for management of transactions.
d. Information on applicants in recruitment of the Company, applicant's name, gender, date of birth, address, contact information such as the telephone number and e-mail address, educational background, professional experience, reason for application, and other information relating to recruitment of the Company.
(2) Parties Authorized for Common Use
The SBI group companies listed on the following website (hereinafter, the "SBI Group Companies"). Notwithstanding the foregoing, parties authorized for common use may be changed from time to time as needed.
http://www.sbigroup.co.jp/english/company/group/overview.html(3) Purpose of Common Use
a. On the Occasion of Use of SBI Group Companies' Services as a Registered Member
For personal identity authentication at and after log-in, automatic display of membership information in various situations, and other purpose related to improvement of the registered members' convenience when using SBI Group Companies' services.
b. Execution of Transactions with SBI Group Companies
For delivery of products, provision of services, settlement of price, response to inquiries, confirmations by SBI Group Companies, provision of applicable after-sales services and other purpose related to operations necessary to execute a transaction when a User is making reservations and purchasing products or services, applying for a prize competition, or otherwise engaging in transactions with SBI Group Companies.
c. Advertising and Marketing by SBI Group Companies
- * For provision of information by SBI Group Companies through various e-mail newsletter.
- * For provision of information regarding SBI Group Companies' services through e-mail, mail, and telephone.
- * For provision of contents and advertisements in light of personal attribution, such as gender, age, residence, hobbies, and taste, as well as purchase history, or browsing history of websites managed by SBI Group Companies.
- * For development of new services and improvement of existing services by analyzing Users' usage of SBI Group Companies' services.
- * For drawing of prizes for surveys, campaigns, and prize competitions, as well as shipping, and contacting to applicants for matters relating to such drawing of prizes.
d. Response to Inquiries
For response to inquiries directed to SBI Group Companies by e-mail, mail, or telephone, etc.
e. Recruitment
Personal information regarding applicant's personnel information, including resume, submitted for the purpose of seeking an employment opportunity at SBI Group Companies, will be used for evaluation and selection process of recruitment.
f. Other Incidental Use
For use necessary for provision of SBI Group Companies' services that are incidental to the abovementioned items a. through e.
g. Others
SBI Group Companies may use, in course of providing their services to customers, Personal Information for purpose other than the purposes listed in the items a. through f. above. In such case, such use will be disclosed on an applicable website on which SBI Group Companies provide the relevant services
(4) Name of the Company Responsible for the Management of Personal Information
SBI Holdings, Inc.
Address and name of the representative of SBI Holdings, Inc. are referred in the following page:
https://www.sbigroup.co.jp/company/information/profile.html(5) For Inquiries Related to Common Use
General Affairs Department, SBI Holdings, Inc.
Telephone number (main): +81-3-6229-0100
7. Provision of Personal Data to Third Parties in Foreign Countries
The Company may provide User’s Personal Data to a third party in a foreign country in any of the following cases.
(1) When the User has given prior consent to allow the provision of his/her Personal Data to a third party located in a foreign country.
(2) When Personal Data is provided to a third party in a foreign country that has implemented, in an appropriate and reasonable manner, measures for the handling of Personal Data in accordance with the intent of the provisions of Chapter IV, Section 2 of the Personal Information Protection Act and has secured such implementation with Company.
(3) When permitted by law.
8. Use of Cookies
The Company uses “cookies” on some web pages to enable a more personalized online experience.
Cookies are used to identify your computer and to maintain status information; so you do not need to re-enter your information each time you return to our web site. The Company cannot use cookies to obtain Personal Information about you.
For the cookie transmission-receipt setting, the User may choose by selecting the appropriate settings on your browser from among “Accept all cookies,” “Reject all cookies,” and “Inform the user upon receiving a cookie.” How to activate the setting differs from one browser to another. You should check the setting method for cookies in the help menu of the browser you use. It should be noted that, if you choose the setting to reject all cookies, you could be subjected to restrictions on using various services on the internet, such as denial of service requiring verification.
The Company uses Google Analytics, a web analytics service provided by Google, for the purpose of evaluating your use of this website and providing other services relating to this website activity and internet usage. By using cookies, Google Analytics collects anonymous data on where you have come from, which pages you visit, and how long you spend on the website. User may refuse the use of these cookies by selecting the appropriate settings on your browser with the use of Google Analytics Opt-out Browser Add-on.
For further information, please see Google’s site:
- Google Analytics' use of cookies
(https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage)- Google Privacy & Terms
(https://policies.google.com/privacy?hl=en-US)- Google Analytics Opt-out Browser Add-on
(https://tools.google.com/dlpage/gaoptout?hl=en)9. Notification of Purpose of Use of Disclosure
If a User requests to receive a notification on the purpose of use of his/her Personal Information to be disclosed that is held by the Company, we will reply within a reasonable period of time and scope after verifying that the requester is indeed the subject person.
10. Disclosure
Upon a request of a User (only the person whose information is concerned), the Company will first verify your identity and conduct necessary research and then provide a timely disclosure or appropriate response. However, we may keep all or part of such Personal Information undisclosed, if such disclosure falls under any of the following categories; and in this case, we will promptly notify such User:
(1) if such disclosure is likely to harm the life, body, property, or other rights or interests of such User or any other third parties;
(2) if such disclosure is likely to hinder the proper execution of our business; and
(3) if such disclosure may result to violation of any laws and regulations.
11. Correction and Deletion
If a User requests to correct, to update, or to delete Personal Information that the Company has about such User, we will first verify your identity then correct, update, or delete information in a timely and appropriate manner, and notify such User of such correction, update, or deletion.
12. Discontinuation of Personal Information Use
12. Discontinuation of Personal Information Use
If we receive a request from a User to discontinue using his or her Personal Information, discontinue providing his or her Personal Information to any third party, or to delete it (“Discontinuation”), we will first verify your identity and conduct necessary research, and then based on such research, will implement the Discontinuation and notify such User.
Upon such Discontinuation, the User may not be able to use some of our products and services. Please bear this in mind before making such a decision. In addition, we may not be able to abide by the User’s request to stop using or to delete Personal Information due to related laws and regulations. Further, if such Discontinuation is unduly expensive or otherwise difficult to implement, we will, if possible, take necessary alternative measures to protect the rights and interests of such User.
13. Disclosure Inquiries, Consultations and Objections
The Company accepts applications related to Sections II. 9, II.10, II.11, II.12 and Section III, and inquiries, consultation or objections about Users’ Personal Information, upon the procedure described below. The Company may not be able to respond to your application or inquiry if you do not follow the guidelines below.
[Inquiry, consultations and objections procedure]
Make all applications or inquiries by telephone, postal service, or email to the address given below.
You will be given details about how to proceed once you make an inquiry or other application. However, when you use the method below, we will first verify your identity (or proxy); then we will respond to your inquiry or application by letter delivered through the postal service or by some other method. Depending on the application content, the Company may send you a designated form to fill out and to return to us.
[Reception method, inquiry counter]
Location: Izumi Garden Tower 14F, 1-6-1 Roppongi, Minato-ku, Tokyo 106-6015
Telephone number: +81-3-6229-0086 (the “Help Desk”)
Email: SBIAF_RECIPIENTS@sbigroup.co.jp
Inquiries by phone can be made Monday to Friday from 10:00 am to 5:00 pm (Closed Saturdays, Sundays, and holidays).
[Verification of you or your proxy]
If you make an application in person, the Company will verify your identity using your driver's license, passport, health insurance identification card, or seal-registration certificate. Documents used to verify your identity must be valid or issued within the last three months. We will also verify information registered at the Company such as your registered call-back number, name, home address, and telephone number. If a proxy makes an application on your behalf, the Company will verify the proxy using a letter of proxy and a seal-registration certificate of the seal affixed to the letter of proxy. We will then contact you by telephone for final verification.
[Procedure fees]
Disclosure requests require no fee payment from you to the Company. However, the Company will not cover User expenses related to postage, transportation, or preparing verification documents.
14. Matters concerning Security Control Action
The Company shall take necessary and appropriate action for the security control of Personal Information including preventing the leakage, loss or damage of its handled Personal Information. In addition, the Company shall exercise necessary and appropriate supervision over employees or entrusted persons so as to seek the security control of the personal data.
If you need detailed information about the Company’s action for the security control of personal data, please contact the Help Desk.
15. Disagreement with Privacy Policy
If you disagree with this Privacy Policy in whole or in part, we will not permit you to use our products and services.
16. Other
The use of this website and the interpretation of the content of website shall be governed by the laws of Japan.
III. Handling of Personal Information of Users residing on the territory of the European Economic Area (EEA)
- The General Data Protection Regulation (the “GDPR”) requires that special measures be taken to protect the Personal Information of the residents of the EEA. In case of discrepancies between this Privacy Policy and the GDPR, the principles of the GDPR shall apply with respect to Users residing in the EEA.
- The Company collects Personal Information to manage the Company’s website and Users may authorize such processing in accordance with Article 6(1)(a) GDPR. Furthermore, it is in the Company’s legitimate interest to ensure the stability and security of the website in accordance with Article 6(1)(f) GDPR.
- The Company will store Personal Information as long as necessary to fulfill the purposes of the Privacy Policy and will promptly delete such Personal Information when it is no longer needed. The specific period of time will be determined by taking into account the purpose for which the Personal Information is collected and processed, the nature of the Personal Information, and the legal or business necessity for storing the Personal Information.
- Under the GDPR, Users residing in the EEA have the right to request a copy of the Personal Information stored by the Company (Article 15 GDPR). Users also have the right to request rectification (Article 16 GDPR), deletion (Article 17 GDPR) or restriction of processing (Article 18 GDPR) of their Personal Information.
- Users residing in the EEA have the right to receive the Personal Information relating to them that they have provided to the Company in a structured, commonly used and machine-readable format and to transmit that personal data directly to another data controller without any interference on the Company’s part (Article 20 GDPR).
- By providing the Company with an email address, Users residing in the EEA can obtain from the Company to send information requested by the Users or confirm the completion of a request for rectification, deletion, restriction of processing, or transmission of the Personal Information (Art. 19 GDPR).
- Users residing in the EEA have the right to object to the processing of their Personal Information at any time (Article 21 GDPR). Such objections regarding the processing of Personal Information may be made to the Company to the address provided in Section II.13 of this Privacy Policy and pursuant to the procedure provided therein.
- Users residing in the EEA have the right to take legal action against potential violations of their rights to the processing of their Personal Information and to lodge a complaint with the competent data protection supervisory authority.
- Personal Information collected will be processed in Japan. The European Commission has recognized that Japan ensures an adequate level of data protection in the meaning of Article 45 GDPR. Hence, the transfer of Personal Information between the EU and Japan is permitted without the need for a specific authorization.