PRIVACY POLICY

Privacy PolicyPrivacy Policy

April 1, 2022
Regalo Capital Co., Ltd.

We recognize the importance of personal information and consider it our social responsibility to protect it. In conducting our business activities, we position the protection of personal information as one of the most important aspects in our business operations, and we will comply with the relevant laws and regulations, such as "Act on the Protection of Personal Information" and the "Act on Use of Numbers to Identify Specific Individuals in Administrative Procedures". and will do our utmost to handle personal information appropriately in accordance with the following.

1.Company Name, Address, and Name of Representative

Regalo Capital Co., Ltd.
2nd Floor Astre Building, 1-9-6 Ebisu Nishi, Shibuya-ku, Tokyo, 150-0021
President Takashi Ito

2.Acquisition, Use and Provision of Personal Information

(1)
Personal information will be acquired by appropriate and lawful means within necessary scope for our business activities. In case of acquiring personal information from third parties, we will verify the provider’s compliance with laws and confirm that the personal information has been acquired lawfully.
(2)
When handling personal information, we will specify the purpose of use as much as possible and disclose it on our website. The purposes of use of personal information by our company are as stated in Attachment 1.
(3)
We will use personal information appropriately within the necessary scope to achieve the specified purposes of use. We will not handle personal information beyond the necessary scope to achieve the specified purposes of use, unless we have consent from the individual in advance or unless required by laws and ordinances.
(4)
When providing acquired personal data to third parties, we will obtain the individual’s consent in advance, except as required by laws and regulations.
(5)
Notwithstanding the above, personal numbers and specific personal information shall not be acquired or used for purposes other than those specifically stated by laws and regulations. We will not provide personal numbers and specific personal information to third parties, unless specifically stated by laws and regulations.
(6)
We may entrust the handling of personal data to other business operators within the necessary scope in order to achieve our business objectives. In such cases, we will appropriately select service providers and conduct necessary and appropriate supervision to ensure the secure management of personal information.

3.Request for Disclosure, etc.

(1)
In the event of a request for disclosure of retained personal data by the individual themselves, we will disclose the information, unless it would significantly impede the proper execution of our business.
(2)
In the event of a request for correction, addition or deletion of the content of retained personal data by the individual themselves, we will conduct the necessary investigation within the scope necessary to achieve the purposes of use, and make corrections based on the investigation results.
(3)
In the event of a request for suspension of use, deletion, or suspension of provision to third parties of the retained personal data by the individual themselves, if it is confirmed that there are justifiable grounds for the request, we will suspend the use,etc., of the retained personal data in the issue.
(4)
Specific procedures for requesting disclosure, etc. are as stated in Attachment 2.

4.Measures for Security Management

We take necessary and appropriate measures to ensure security management of personal data, including prevention of leakage, loss or damage of personal data, based on the "Practical Guidelines for Security Management Measures, etc. of Personal Information Protection in the Financial Field" and the “Guidelines for the Proper Handling of Specific Personal Information (Business Operator Edition), Security Management Measures for Specific Personal Information (Business Operator Edition), etc. issued by the Financial Services Agency. The main contents of these measures are as follows.

(1)Formulation of Personal Information Protection Policy
In order to ensure the proper handling of personal data, we have formulated this policy (Basic Policy on Personal Information Protection).
(2)Establishment of Rules related to the Handling of Personal Data
We have established basic rules for the acquisition, use, storage, and other handling of personal data.
(3)Organizational Security Management Measures
We have appointed a Personal Data Management Officer responsible for overseeing management of personal data and Personal Data Managers in each department responsible for managing personal data. We regularly check the status of personal data. In the event of incidents such as leakage of personal data, we have established a reporting system from employees to the Personal Data Management Officer. In addition, we regularly inspect the handling of personal data.
(4)Personnel Security Management Measures
We have concluded non-disclosure agreements with employees regarding personal data and thoroughly ensure the security management of personal data for employees. In addition, we regularly provide employees with education and training regarding the handling of personal data.
(5)Physical Security Management Measures
We manage employees’ access to areas where personal data is handled. We take measures to prevent theft, loss, or other incident related to equipment, electronic media, documents, etc. that handle personal data. We implement measures to ensure that personal data cannot be easily identified when transporting such equipment, electronic media, etc. .
(6)Technical Security Management Measures
Access to information systems and devices that handle personal data is controlled by IDs and passwords. We have implemented mechanism to protect information systems that handle personal data from unauthorized access from external sources or malicious software.

5.Continuous Improvement

We establish this policy and rules for handling personal information to ensure their ongoing effectiveness. We strive for continuous improvement through dissemination among officers and employees and periodic reviews.

6.Contact Point for Complaints and Consultation regarding the Handling of Personal Information

We will endeavor to respond promptly and sincerely to complaints and consultations regarding the handling of personal information received from individuals.

7.Contact Point for Inquiries and Complaints regarding the Handling of Personal Information

The contact information for complaints, etc. is as follows.

Department: Internal Control Division
Address: 2F Astre Building, 1-9-6 Ebisu Nishi, Shibuya-ku, Tokyo 150-0021
Phone: 03-6416-4240 (representative)
Office hours: Monday to Friday (excluding public holidays) 9:30 am to 6:30 pm

Page Top