Privacy Policy
This Privacy Policy has been established and published by PayPay Bank Corporation ("Bank") in compliance with the Act on the Protection of Personal Information of Japan ("Act").
About This Privacy Policy
The Bank shall protect and use your personal information appropriately in accordance with the applicable laws and regulations as well as the provisions of this Privacy Policy and continuously improve the Bank' s management system and measures for protecting personal information in order to properly adjust to changes resulting from advancements in information technology.
Using Personal Information
- (1) The Bank shall, unless otherwise set forth in the Act, limit the use of your personal information to the purposes identified by the Bank. Such purposes are posted on the Bank' s website and in the Bank' s head office.
- (2) The Bank shall use your personal information only for the purposes permitted under the Regulation for Enforcement of the Banking Act of Japan and other laws and regulations.
- (3) The Bank shall immediately stop using personal information for the purpose of sending emails or telemarketing, or other direct marketing purposes when requested by you.
Collecting Personal Information
The Bank shall collect your personal information by fair and lawful means only for the purposes identified above.
Disclosing Personal Information to Third Parties
Unless otherwise set forth in the Act, the Bank shall not disclose your personal information to any third party without obtaining your consent in advance.
When the Bank discloses personal information to a third party in a foreign country and needs to take measures to ensure that the third party will continue to take reasonable measures as set forth in the Act and other applicable laws and regulations, the Bank shall provide you with information on the measures taken by the Bank including the name of the foreign country as requested by you.
Contracting with Third Party
When the Bank contracts with a third party to perform services involving the use of personal information, the Bank shall determine if contracting is appropriate based on factors including the third party' s security control measures set forth in the Act and supervise the third party appropriately by disclosing personal information only after executing a services agreement with the third party containing the confidentiality provision and other terms and conditions necessary for the Bank to appropriately supervise such third party.
Security Control Measures
The Bank shall take the following security control measures as appropriate to prevent your personal information from being lost, falsified, leaked or otherwise accessed by unauthorized persons:
- (1) General Policies
The Bank has established general policies regarding compliance with the applicable laws, regulations, guidelines and other provisions, the department in charge of handling inquiries and complaints, and other necessary matters to ensure that personal information is handled properly. - (2) Rules for Handling Personal Information
The Bank has established rules and procedures governing methods for collecting, using, storing, disclosing, deleting, disposing of and otherwise handling personal information, a responsible person and persons in charge as well as their duties. - (3) Organizational Security Control Measures
The Bank has assigned a person responsible for handling personal information and clarified the scope of personal data that are accessible to each officer or employee who handles personal data and procedures for handling personal data. The Bank has also established a reporting system in which officers and employees can report suspected violation of laws or regulations, or leak of personal information to the responsible person as well as a system for taking appropriate measures.
The Bank requires officers and employees who handle personal information to regularly evaluate their compliance with the rules concerning the handling of personal data and also requires a compliance audit conducted by a different department. - (4) Human Security Control Measures
The Bank has included provisions regarding the confidentiality of personal information in its employee manual and requires officers and employees to submit a statement of compliance with confidentiality requirements.
The Bank also provides regular training for officers and employees on compliance requirements for handling personal information. - (5) Physical Security Control Measures
The Bank controls entry to and exit from areas where personal information is handled to prevent unauthorized persons from accessing personal information.
The Bank also takes measures to prevent devices, electronic media, documents or other items containing personal information from being stolen, lost or otherwise used by unauthorized persons as well as measures to prevent personal information from being easily identified by encrypting the information even when moving between rooms in the office. Personal information is deleted and devices, electronic media, documents or other items containing personal information are disposed of in such a way that they cannot be reconstructed. - (6) Technical Security Control Measures
The Bank uses access control to limit the number of persons in charge who can access personal information and limit the use of databases containing personal information.
The Bank has also introduced a system to protect information systems for processing personal information from external illegal access or illegal software and prevent information leakage and other security issues. - (7) Understanding Laws and Regulations of Other Countries
When storing personal data outside Japan, the Bank takes the security control measures as appropriate by understanding the laws and regulations concerning the protection of personal information of the country where personal data are stored.
Request for Disclosure
The Bank shall respond to your request for disclosure appropriately and promptly when you follow the procedures as set forth in the Act.
The details of the procedures are posted on the Bank' s website.
Inquiries
The Bank shall respond to your comments and requests regarding the Bank' s policies and procedures for handling personal information appropriately and promptly. For comments, requests and inquiries regarding the Bank' s policies and procedures for handling personal information and security control measures, please contact the Customer Center.
For complaints regarding the Bank' s policies and procedures for handling personal information, please contact the Customer Center.
*only in Japanese
- Membership with Personal Information Protection Organizations
-
The Bank is a member of the following accredited personal information protection organizations. These organizations listen to your complaints and provide you with consultations on their members' policies and procedures for handling personal information.
- (1) All Banks Personal Data Protection Council
https://www.abpdpc.gr.jp (external website)
[Contact information for complaints and consultations] Call 03-5222-1700 or visit the nearest JBA Banking Consultation Office ("Ginko Torihiki Sodansho") - (2) Personal Information Consultation Office at Japan Securities Dealers Association
https://www.jsda.or.jp (external website)
[Contact information for complaints and consultations] Telephone number: 03-6665-6784 - (3) Personal Information Complaint and Consultation Office at the Financial Futures Association of Japan
https://www.ffaj.or.jp (external website)
[Contact information for complaints and consultations] Telephone number: 03-5280-0881
- (1) All Banks Personal Data Protection Council
*In the event of any discrepancy or inconsistency between the English and Japanese versions of these Terms and Conditions, the Japanese version will prevail.