MCJ Co., Ltd.

In accordance with the Act on the Protection of Personal Information (hereinafter, referred to as the “Act”), we shall make public announcements of the matters set out below (including matters where it is mandated to “put those matters in a readily accessible condition for the person” and “put the matters listed.in an accessible condition for the person (such condition includes cases in which a response is made without delay at the request of the person)”). Please note that the following matters for public announcement are subject to additions or changes at any time and without notice.

i. Matters relating to public announcement for the purpose of utilization of personal information

1. Purpose of utilization in cases in which personal information is obtained directly by means other than written document and when personal information is obtained indirectly (Article 18, Paragraph 1 of the Act)
1) Personal information representative types and purposes of utilization
When acquiring personal information from customers, it shall be handled within the scope of “purpose of utilization” set out below. However, in cases stipulated in Article 18, Paragraph 4 of the Act, the said personal information may be acquired without public announcement, etc., of its purpose of utilization.

1. Personal information of customers who purchase our products or use our services at our stores

• ・Reception, reservations, accounting, membership (joining) proceedings, issuing or membership cards
• ・Identification checks and age checks (when it is mandated that the individual be at least 20 years old to use a product/service)
• ・Cautions or warnings relating to acts that are in violation, or at risk of being in violation, of our terms of service, etc.,
• ・Making contact (for the purposes of surveys, lost-and-found items in and around our stores, or crime prevention/safety management)
• ・Counseling
• ・Shipping of products
• ・Follow-up services
• ・Introduction to the products and services offered by Group companies
• ・Sending of emails
• ・Advertising
• ・Information about promotions, monitoring, events, etc.
• ・Marketing activities for the opening of new stores
• ・Creation, maintenance, and storage of registers of the names of users as stipulated by laws and regulations, etc.
• ・Hygiene management
• ・Crime and safety management

2. Personal information of customers who purchase our products or services through mail-order services, etc.

• ・Procedures relating to the placing of orders or for checking/changing the details of an order
• ・Shipping of products
• ・Making contact (contact in cases where it was not possible to deliver products, etc.)
• ・Settling of payments (provision (of funds)/checking to financial institutions)
• ・Payment confirmation
• ・Issuing of invoices, certificates, etc.
• ・Follow-up services
• ・Introduction to the products and services offered by Group companies
• ・Sending of emails
• ・Advertising

3. Personal information of customers who have requested to purchase or trade in a product

• ・Acceptance of applications
• ・Identity checks and age checks
• ・Payment
• ・Shipping of goods
• ・Making contact (shipping of goods, information regarding estimate amounts/payments, etc.)
• ・Creation, maintenance, and storage of ledgers as stipulated by laws and regulations, etc.
• ・Introduction to the products and services offered by Group companies
• ・Sending of emails
• ・Advertising

4. Personal information of persons who signed up for a customer promotional campaign, prize competition, etc.

• ・Age checks (when it is mandated that the individual be at least 20 years old to use a product/service)
• ・Drawing of names (lottery system)
• ・Dispatching of prizes
• ・Making contact (contact in cases where it was not possible to deliver prizes, etc.)
• ・Information about products and services
• ・Sending of emails
• ・Advertising

5. Personal information of persons who applied to or participated in events, workplace visits, etc.

• ・Smooth operation of events, workplace visits, etc.
• ・Making contact (emergency contact, surveys, etc.)
• ・Publishing of photographs and videos shot at events (in newspapers, magazines, pamphlets, posters, pages on website, etc.)
• ・Information about products and services
• ・Sending of emails
• ・Advertising

6. Personal information for persons who submitted creative works or participated in contests

• ・Making contact to notify of the results of lottery wins or the winning of competitions
• ・Dispatching of prizes
• ・Publishing of submitted creative works (in newspapers, magazines, pamphlets, posters, pages on website, etc.)

7. Personal information of persons who have registered to membership services

• ・Age checks (when it is mandated that the individual be at least 20 years old to use a product/service)
• ・Provision of web services (including identity verification when logging in)
• ・Making contact to provide information about web services
• ・Sending of emails and checking of usage status
• ・Simplified data entry for when applying to take part in a promotional campaign
• ・Customization of website in accordance with a customer’s registration details
• ・Advertising

8. Personal information of customers who subscribed to our email newsletters and notifications, and who consented to receive such

• ・Distribution of email newsletters and notifications

9. Personal information of customers who have consented to receive direct mail through the post

• ・Distribution of direct mail through the post

10. Personal information of persons who have sent an inquiry, consultation, or comment

• ・Responses to inquiries, consultations, and comments
• ・Making contact (responses and questions to inquiries, surveys, etc.)
• ・Investigations and checks with outsourcing partners and Group companies as necessary to respond to an inquiry, consultation, or comment

11. Personal information of persons who have submitted their opinions or feedback on our products and services

• ・Products and services development, improvements, and sales promotions

12. Personal information of persons who have taken part in surveys, studies, etc.

• ・Products and services development, improvements, and sales promotions
• ・Sending of emails
• ・Advertising

13. Personal information of persons who have requested catalogs, documents, and other such materials

• ・Provision of catalogs, documents, and other such materials
• ・Making contact and follow-up services

14. Personal information obtained from suppliers and through our sales activities

• ・Communication for commercial transactions, deliveries and the arrangement of the relevant persons, making contact regarding the sending of invoices, and follow-up services
• ・Information about business activities, products, and services
• ・Management of contractual relationships

15. Personal information recorded in inquiries and orders received from our suppliers

• ・Investigating and cross-checking the accuracy of inquiries, orders, etc.

16. Personal information obtained from publicly available sources, registers of names distributed at events, etc.

• ・Information about business activities, products, and services

17. Personal information about persons who have visited Company workplaces

• ・Checks on persons who have visited Company workplaces
• ・Crime prevention (ensuring security on Company premises by checking information recorded on security cameras, etc.)

18. Personal information handled in outsourced business operations

• ・Execution of outsourced business operations

19. Personal information relating to images of persons captured by security cameras installed in facilities owned by the Group

• ・Preventing crime and disasters within facilities and maintaining safety within facilities

20. Personal information of shareholders

• ・Management and explanatory information for shareholders as stipulated in the Companies Act
• ・Implementation of shareholder incentives

21. Personal information of job applicants

• ・Screening of job candidates

22. Personal information of employees, etc.

• ・Employment and human resources management
• ・Intra-Group secondment and transfers
• ・Coordination with suppliers
• ・Publishing of interviews on external websites and public relations materials, such as company profiles
• ・Provision of employee benefits

23. Personal information of retired persons

• ・Executing and communicating of obligations under laws and regulations related to labor matters

In addition to the above, we will use personal information in an appropriate manner within the scope of the purposes of utilization individually consented to. Telephone calls received by the Group may be recorded for the purposes of improving our telephone support services and for ensuring an accurate understanding of inquiries.

2) Usage of statistically processed data
We may utilize and publish any personal information received upon deleting any items by which individuals can be identified for the purposes of creating and analyzing statistical data, optimizing our website, and for optimizing communication with customers.

ii. Matters of “Retained personal data” that must be placed “in an accessible condition for the person” (Article 27 of the Act)

“Retained personal data” refers to personal data for which the Group holds the right to disclose, amend, add or delete the contents of, suspend the use of, erase, or stop the provision of to third parties. The purpose of utilization of retained personal data handled by the Group is as follows:

1) Name of business entity that handles the personal information
MCJ Co., Ltd.

2) Purpose of utilization
The purpose of utilization of retained personal data held by the company is as per “1. Purpose of utilization in cases in which personal information is obtained directly by means other than written document and when personal information is obtained directly” (see above), except where permitted by law. In order to achieve the purpose of utilization set out in the items above, we may provide the said retained personal data to a third party upon obtaining the consent of the individual customer.

iii. Sensitive personal information

The Group shall not acquire sensitive personal information from customers without first obtaining their consent, except in the following circumstances:

• 1. When based on laws and regulations
• 2. When it is necessary to protect the life, physical body, or property of a person and it is difficult to obtain the consent of the individual
• 3. When it is particularly necessary for the improvement of public health or the promotion of healthy child development and it is difficult to obtain the consent of the individual
• 4. When it is required that the Group cooperate with a national government body, a regional government, or a person commissioned by such to execute given duties stipulated under laws and regulations, and there is the possibility that obtaining the consent of the individual would hinder the execution of said duties
• 5. When the said sensitive information is made public by the person themselves, a national government body, a regional government, a party listed in the items under Article 76, Paragraph 1, or any other party prescribed by the rules of the Personal Information Protection Commission
• 6. When otherwise stipulated by cabinet order

iv. Handling of anonymously processed information (Articles 36 and 37 of the Act)

The Group may, upon processing obtained personal information in accordance with the standards stipulated by the Personal Information Protection Commission in such a way that individuals cannot be identified, utilize that information as anonymously processed information.
We make public announcements of the following matters with regard to the handling of anonymously processed information.

1) Preparation of anonymously processed information
Information that includes anonymously processed information prepared by the Company comprises the items set out below. The Group also plans to continuously prepare anonymously processed information that includes the said information using the same method.

• 1. Locality information (prefecture/municipality/town/village)
• 2. Gender
• 3. Year of birth
• 4. Product purchase history
• 5. Product sales history
• 6. Service utilization history

2) Provision of anonymously processed information to third parties
The Group may sometimes provide anonymously processed information prepared by the Group to third parties. In such cases, provision to the said third party by email or written document. Further, when doing this, we shall clearly state that the said provided information is anonymously processed information. Information that includes anonymously processed information provided by the Company to the third party comprises the items set out below.

• 1. Locality information (prefecture/municipality/town/village)
• 2. Gender
• 3. Year of birth
• 4. Product purchase history
• 5. Product sales history
• 6. Service utilization history

v. “Provision to A Third Party” of personal information (Article 23, Paragraph 1 and Paragraph 5 of the Act)

The Group shall not provide to a third party any personal data obtained from customers without first obtaining their consent, except where any of the following apply.

• 1. When based on laws and regulations
• 2. When it is necessary to protect the life, physical body, or property of a person and it is difficult to obtain the consent of the individual
• 3. When it is particularly necessary for the improvement of public health or the promotion of healthy child development and it is difficult to obtain the consent of the individual
• 4. When it is required that the Group cooperate with a national government body, a regional government, or a person commissioned by such to execute given duties stipulated under laws and regulations, and there is the possibility that obtaining the consent of the individual would hinder the execution of said duties

The Group may handle personal information in the circumstances set out below, but this shall not constitute “Provision to A Third Party.”

• 1. When outsourcing the business operations listed in “Purpose of utilization in cases in which personal information is obtained directly by means other than written document and when personal information is obtained indirectly” to an external company, etc.
• 2. When the Group merges with a third-party business or sells its business to a third party (such a case shall be conditioned on the said third party having equivalent standards as the Company for handling personal information as the Basic Policy)

If outsourcing to an overseas business, we shall select businesses located in countries specified in the rules of the Personal Information Protection Commission or businesses with systems that meet the standards set out in the rules of the Personal Information Protection Commission, and mandate that those businesses take the necessary measures with regard to the protection of personal information by concluding strict contracts over such protections, which we shall then supervise as appropriate.

vi. Joint use of personal data (Article 23, Paragraph 5, Item iii of the Act)

The Group may jointly use a customer’s personal data with specific individuals or entities in accordance with that stipulated in Article 23, Paragraph 5, Item iii of the Act

1) Personal data items for joint use
Name, address, age, date of birth, telephone number, email address, gender, profession, and other necessary information
2) Scope of joint users
MCJ Co., Ltd., consolidated subsidiaries and companies accounted for using the equity method of MCJ Co., Ltd., and franchisees
3) Purpose of utilization of joint users
The purpose of utilization of personal information shall be the same as that of the Group.
4) Parties responsible for the management of personal data
MCJ Co., Ltd.

vii. Matters relating to procedures to meet “Requests for Disclosure and Others” (Article 32)

1. Items subject to requests for disclosure and others

With respect to retained personal data, if there is a request from an individual or their agent asking to be informed of the purpose of utilization, or asking for disclosure thereof, amendments/additions/deletions thereto, or suspension or erasure thereof, or the cessation of its provision to third parties (hereinafter, referred to as “Requests for Disclosure and Others”), the Group shall respond to this request. However, if suspending use or ceasing provision to a third party, we shall also delete membership information relating to the said retained personal information (name, address, telephone number, email address, loyalty points, email newsletter distribution settings, etc.) for reasons of management.
“Retained personal data” items that may be subject to disclosure are as follows:

• 1. Name
• 2. Address
• 3. Age
• 4. Date of birth
• 5. Telephone number
• 6. email address
• 7. Profession
• 8. Affiliation
• 9. Family composition
• 10. Hobbies
• 11. Preferences
• 12. Bank account number
• 13. Purchased or used products
• 14. Information relating to used services
• 15. Used membership services or mailing services
• 16. Requested catalogs, materials
• 17. Attended exhibitions, seminars, events, and lectures
• 18. Entered prize events, competitions, promotional campaigns, etc.
• 19. Survey responses, inquiries
• 20. Information by which customers can be identified either by a single piece of information or a combination thereof, including browsing history and other such information

2. Where to send “Requests for Disclosure and Others”

Requests for Disclosure and Others should be sent by post to the address below together with the application form specified by the Company and other required documents.
Please also write on the envelope “Documents for Disclosure Request Enclosed” in red lettering.

MCJ Co., Ltd. Personal Information Protection Office, Otemachi PLACE East Tower 6F, 2-3-2, Otemachi, Chiyoda-ku, Tokyo, 100-0004

<Personal Information Relating to Shareholders>
With regard to the personal information of the Company’s shareholders, please contact us on the information below to confirm the relevant procedure.
Name: Mitsubishi UFJ Trust and Banking Corporation Stock Transfer Agency
Telephone number: +81 (0)120-232-711 (toll-free from Japan)
Open: 09:00 to 17:00 (weekdays)

3. Written documents (forms), etc., for submission when making “Requests for Disclosure and Others”

To make “Requests for Disclosure and Others,” first download the following application form (A), fill in all the specified information, and post it to the above address together with the relevant identity verification documents (B).

4. “Requests for Disclosure and Others” by agents

If the party making the “Requests for Disclosure and Others” is the legal representative of the individual themselves, a minor, or an adult ward, or they are an agent otherwise entrusted by the concerned individual to make the “Requests for Disclosure and Others,” the following documents (A or B) must also be enclosed in addition to the documents specified in the previous items.

5. Fees for “Requests for Disclosure and Others” and their collection method

Please enclose a postal money order for 800 JPY with the application form for each application. Any fees associated with the purchase of the postal money order and any fees for posting the application to the Company shall not be borne by the Company.
*If the fees included with the application are insufficient or not enclosed with the application form, the Company shall inform the sender of such; however, if payment is not made within the specified time frame, the Company shall proceed as if no “Requests for Disclosure and Others” were made.

6. Method of response to “Requests for Disclosure and Others”

We will respond in writing to the address written on the applicant’s application form.

7. “Purpose of Utilization” of personal information acquired in relation to “Requests for Disclosure and Others”

Personal information acquired in the process of making “Requests for Disclosure and Others” shall be handled only within the scope necessary for the making of the “Requests for Disclosure and Others.”
Submitted documents shall be retained for a period of two years following the resolution of the “Requests for Disclosure and Others,” after which, they shall be discarded.

8. If “Disclosure and Others” are not performed

The Company shall not perform disclosures and other such acts if, as shown in the specific examples below, the application procedure set out in these regulations is not performed fully and correctly or if the requirements in respect of making a request as set out in the Act are not met (however, the specified fee relating to the disclosure will still be required). In the event that the Company decides not to perform the disclosure or other such act, the person making the request will be informed of this decision and the reason for it.

[Specific examples]

• ・ When it is not possible to confirm that the concerned individual is who they say they are, such as when the address written on the application form, the address written on the identity verification document for the individual, and the address registered with the Company do not match
• ・ When the application is made by an agent but it is not possible to confirm the power of attorney of the agent
• ・ When the specified application form is not filled in fully or correctly
• ・ When the target information subject to the “Requests for Disclosure and Others” does not fall under “Retained personal data” as specified in the Act
• ・ When there is a risk of harm to the life, physical body, property, or other rights and interests of the individual or third party
• ・ When there is a risk of causing significant disruption to the proper execution of the Group’s business operations
• ・ When doing so would result in the violation of any other laws and regulations

viii. Matters relating to the contact point for “complaints” (Article 27, Paragraph 1 of the Act, Article 8 of the Cabinet Order to Enforce the Act, and Article 35 of the Act)

1. Contact point for making complaints relating to personal information
Any complaints regarding the Company’s handling of personal information should be directed to the points of contact set out below.

Complaints by posted letter
MCJ Co., Ltd. Personal Information Protection Office, Otemachi PLACE East Tower 6F, 2-3-2, Otemachi, Chiyoda-ku, Tokyo, 100-0004

Visits to company workplaces
Please note that we are unfortunately unable to accept submissions of complaints made by directly visiting Company workplaces

2. Name of “Authorized Personal Information Protection Organization” to which the Company belongs and point of contact for making complaints
The Group does not currently belong to any authorized personal information protection organization.

ix. Other

Competent court
Any dispute arising out of or in connection with the Group’s protection of personal information shall be subject to the exclusive jurisdiction of the Tokyo District Court in the first instance.

Revisions
The Group may revise part of its personal information protection policy in order to improve its protection of personal information or in order to respond to changes in laws and regulations or other standards. The Group shall notify of any revisions by posting the information on the Company website or by any other appropriate means.


Revised on: October 18, 2021

October 18, 2021
MCJ Co., Ltd.

MCJ Co., Ltd. (hereinafter, referred to as the “Company”) shall handle appropriately the personal information of customers who use the Company website (hereinafter, referred to as the “Company Website”) in accordance with our personal information protection policy (privacy policy) and Matters for Public Announcement Based on Act on the Protection of Personal Information.

1. Protection of personal information

The Company Website uses SSL encryption technology when sending and receiving personal information in order to prevent unauthorized access, loss, destruction, tampering, or leaking. SSL is an industry-standard communications protocol for encrypting information sent and received over the Internet. The technology helps prevent the theft or tampering of data by third parties by performing encryption and authentication of communications between web browsers and web servers.
Providing information using a browser that does not support SSL increases the risk that said information may be viewed or exploited by third parties outside of the Company’s control during the process by which the information reaches the Company. We recommend that you use a browser with strong security credentials, such as one that supports SSL.

2. Use of Cookies

Some pages on the Company Website use a technology known as “Cookies,” which are used to make any subsequent visits to the website even more convenient.
Cookies are an industry standard technology used by web servers to identify the web browsers used by visitors to a website. Cookies are used to identify the web browsers used by visitors to a website. The Cookies will not be able to individually identify visitors unless the visitor enters personal information. However, for visitors who have registered personal information, the cookies that have been sent from their computer may be cross referenced with the cookies stored on the web server to identify them whenever they visit the Company Website. Depending on the web browser used, it may be possible to change the settings to disable the cookies function. However, if the cookies function is disabled, it may not be possible to use all or part of the Company Website.

3. Third-Party website links

Some parts of the Company Website contain links to the websites of Group companies and of third parties (hereinafter, collectively referred to as “Third-Party Websites”). Clicking on these links will cause you to leave the Company Website. The Company plays no part in the creation of the content on Third-Party Websites and bears no responsibility regarding the handling of personal information on the Third-Party Websites. This policy does not cover the handling of personal information on Third-Party Websites. If you access Third-Party Websites via a link on the Company Website, it is recommended that you read the personal information protection policy of those Third-Party Websites before providing your personal information.

4. Personal information of visitors classified as minors

The personal information of visitors classified as minors must only be provided upon obtaining the consent of their guardian.

5. Use of tools
Use of Google Analytics

The Company Website uses “Google Analytics”—an access analytics tool provided by Google. Google Analytics uses cookies to collect web traffic data. This traffic data is collected anonymously and cannot be used to identify individuals.
For details, please click here（https://marketingplatform.google.com/about/analytics/terms/us/）