Privacy Policy-Basic Policy for the Protection of Personal Information
1. Introduction
As a member of the Sompo Group, Sompo Asset Management Co., Ltd. (hereinafter referred to as the "Company") recognizes that it is the Company's social responsibility to protect personal information under the Sompo Holdings Privacy Policy and strives to do so in accordance with the Act on the Protection of Personal Information; Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure and other relevant laws and ordinance (including foreign); and the Guidelines on the Act on the Protection of Personal Information; Guidelines for the Protection of Personal Information in the Financial Sector; Guidelines for the Correct Handling of Information to Identify a Specific Individual and any other relevant guidelines.
2. Policy Guidelines
- 2-1.The Company shall acquire personal information within the scope required for its business operations, through fair and lawful means. We shall retain personal information thus acquired for the period required to accomplish its purposes of use or the period required or authorized under laws and regulations.
(Example)
・Recording telephone conversations in order to respond to client inquiries. - 2-2.The Company will only use personal information to the extent necessary for the accomplishment of the purposes listed in Section 3-1 below, and shall not use it for other purposes.
- 2-3.The Company will endeavor to keep personal information accurate and up to date to the extent necessary for its business operations.
- 2-4.The Company will safely manage the personal information for the purposes of its business operations with necessary security measures to prevent leakage, loss, etc. therein
- 2-5.The Company will handle the personal information for the purposes of business use in an appropriate manner in compliance with the Act on the Protection of Personal Information
- 2-6.The Company will properly and promptly respond to complaints regarding the handling of personal information.
- 2-7.The Company will handle personal information in compliance with the Act on the Protection of Personal Information and other relevant laws and regulations.
3. Purposes of Use
3-1.The Company will use the personal information acquired through the business operations for the following purposes.
- Purposes of Use for Investment Trust Marketing
- To solicit and sell the securities issued or the products provided by the Company, or to publicize services provided by the Company.
- To make determinations concerning the appropriateness of products and services in light of principles regarding suitability and other factors.
- To accept applications for securities, products provided by the Company, or services including, without limitation, the opening of an account for transaction.
- To confirm the identity of a client or his or her proxy.
- To report the results of transactions, balance and other details to the client.
- To process documents concerning transactions with the clients.
- To conduct research and development of products provided by the Company and services through market research, data analyses and questionnaire surveys.
- To carry out the appropriate processing of personal information in case the Company is entrusted with the management of the personal information of their investors in part or in whole as an administrative agent by other investment business operators.
- To execute business with the client appropriately and smoothly.
- Purposes of Use for Investment Advisory Business
- To carry out business relating to investment advisory contract (advisory business) and / or discretionary investment contract.
- To provide investment advisory services.
- To report the results of investment and the balance of assets under contract.
- To inform and / or provide various Company products and services.
- To execute business with the client appropriately and smoothly.
If personal information is to be obtained during operations related and / or pertaining to business and other activities by the Company other than the cases described above, the Company shall inform the purpose of use to the client at the time such personal information is obtained.
3-2.Public Announcement and Disclosure of the Purposes of Use
The Company announces the purposes of use of personal information on its website (https://www.sompo-am.co.jp) and these are kept for inspection at the Company's Headquarters.
3-3.Measures for Security Control of Personal Information
The Company sets up personal information manager to promote company-wide protection of personal information, establishes internal regulations for the protection of personal information and secures proper handling of the personal information at the relevant departments in which these data is processed.
Basic Guidelines - ・The Company has in place basic guidelines for the appropriate handling of personal information
Discipline in the handling of personal data - ・The company has in place a methodology for the handling of personal information related to acquisition, use, storage, provision, and disposal
Structural measures for safety management -
(1)Organizational structure
- ・Installation of an officer in charge of personal information control and a clear description of their responsibilities
- ・Installation of an officer in charge of personal data control and a clear description of their responsibilities
- ・Installation of an officer in charge of identity verification information control and a clear description of their responsibilities
-
(2)Management that has a disciplined approach to the handling of personal data.
- ・Periodic self-inspection of personal data handling protocols and verification by responsible officer
-
(3)Steps to ensure proper handling of personal data
- ・Use of ledger system to manage personal data
-
(4)System in place to respond to data leaks
- ・Training for employees and executives to ensure a speedy and appropriate response to data leaks.
-
(5)Understanding state of personal data handling and amendments to measures in place to ensure safe handling of data.
- ・Understanding state of personal data handling and amendments to measures in place to ensure safe handling of data. This is achieved through Periodic self-inspection of personal data handling protocols and verification by responsible officer.
Personnel measures for safety management - ・Regular training for employees and executives on the handling of personal data.
- ・Inclusion of privacy protection articles in employee guidelines.
Physical measures for safety management - ・Passwords used for personal data files saved onto computers or memory devices.
- ・Physical destruction of mechanical and digital devices with personal data saved on them in the event of disposal
Technological measures for safety management - ・Thorough management of ID and passwords.
- ・Introduction of initiatives to protect systems that handle personal data from unauthorized access from external parties and the use of unauthorized software.
Oversight of employees - ・Necessary oversight to ensure safe management of personal data. This includes periodic self-inspection of personal data handling protocols and verification by responsible officer to ensure proper understanding of the state of personal data handling by employees.
Understanding the external environment - ・When handling personal information in a foreign country, the Company shall implement safety management measures based on its understanding of the personal information protection systems in the country concerned. Please see the below link (Personal Information Protection Commission JAPAN, Japanese text only) for details on personal information protection systems in foreign countries. https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/#gaikoku
3-4.Disclosure of Personal Information to a Third Party
- 1. The Company will not disclose personal information to a third party except in cases that fall under any of the following situations:
- (1)Where personal information is disclosed with the consent of the person concerned;
- (2)Where the disclosure of personal data is required by the law;
- (3)Where the handling of personal information is entrusted to a third party to the extent necessary for achieving the objectives of use, or;
- (4)Where the disclosure of personal data is allowed by the Act on the Protection of Personal Information. Moreover, when entrusting an external entity with the handling of client's personal information in (3) listed above, the Company will carry out the appropriate and necessary supervision of the external entity to which the handling of personal information is entrusted in order to ensure the safekeeping of such information.
- 2.Except as provided for under laws and regulations, when the Company has provided personal data to a third party, it records matters related to such providing (e.g., when, and to whom, the personal data were provided, and the type of data provided), and when it has acquired personal data from a third party, it confirms and records matters related to such acquisition of data (e.g., when and from whom the personal data were acquired, the type of data acquired and how the third-party provider acquired the data).
- 3.Personal information of non-residents of Japan is handled in accordance with the applicable laws and regulations of each country concerned. When transferring personal information on residents of the European Economic Area (EEA) from inside the EEA to outside the EEA, the company employs strict information controls and thorough security measures. In some cases, data are transferred from the Company to third-party service providers, subcontractors, and partners in joint use of personal information, and then such data are stored on servers in Japan or in other countries outside the EEA. While such countries may be ones for which the European Commission has not determined that data security measures are adequate, the personal data that we provide are managed appropriately under sufficient security management measures.
3-5.Joint Use of Personal Information
The Company may use personal information jointly with Sompo Holdings, Inc. (hereinafter referred to as the "Holdings Company") and its group companies for the purpose of business management within the following scope.
(Items of Personal Data jointly used)
- The personal data of the shareholders of the Holdings Company and its group companies: The shareholder's name, address, number of the holding shares, etc.
- The personal data which the Holdings Company and its group companies retain:
- The customer's name, address, telephone number, e-mail address, gender, date of birth and other information regarding the client's transactions such as the contract information on proposal forms and the contents regarding insured events.
(Scope of the Group Companies, which will jointly use Personal Data)
- Please refer to the Holdings Company's website regarding the scope of the group companies, which will jointly use personal data.
(The Name of the Entity Responsible for the Management of the jointly used Personal Data)
-
Sompo Holdings, Inc.
Address and Group CEO information can be found through link below.
https://www.sompo-hd.com/company/summary/
3-6.Matters regarding the Personal Data retained by the Company
- (1) The name of the business entity handling the personal information data: Sompo Asset Management Co., Ltd.
- (2) Purposes of use of all the personal data: as listed in Section 3-1 above.
- (3) Procedures for accepting request by a person for the disclosure of the personal data of the person: as listed in Section 4-4 below.
- (4) The contact desk for complaint regarding management of personal data retained by the Company: as listed in Section 5-1 below.
3-7.Procedures for Requesting the Disclosure of Personal Information
The Company will properly respond to a request from a client for disclosure, correction, and suspension of use of his or her retained personal data, as well as disclosure of records detailing provision of said data to third parties based on the Act on the Protection of Personal Information, etc. As for the request for disclosure, correction and suspension of use of the personal data, as well as disclosure of records detailing provision of said data to third parties, submission of the identification document of the requesting person is necessary for entering the procedure. In principle, a fee of ¥2,000 (including consumption tax) will be collected for requesting disclosure of the personal data.
4. Handling of Specific Personal Information
The Company handles individual numbers and specific personal information as described below.
4-1.Proper acquisition of individual numbers and specific personal information
The Company shall acquire individual numbers and specific personal information through lawful and fair means. We shall never request the provision of individual numbers and specific personal information except as provided for in laws and regulations.(Example) Acquisition of information through customer filling out and submitting a form.
4-2.Handling and scope of use of individual numbers and specific personal information
- The Company shall handle the individual numbers and specific personal information that it has acquired only within the scope of use restricted by laws and regulations. The scope of use by The Company is shown below. We shall never acquire, use, or provide to third parties individual numbers and specific personal information beyond this scope. (1) Individual numbers and specific personal information may be used in the following administrative tasks related to individual numbers as stipulated in laws and regulations:
- (i) Administration of preparation of payment records
- (ii) Other tasks related to individual numbers and specific personal information stipulated by law.
4-3.Security measures
- The Company shall implement appropriate security measures for purposes such as preventing leakage of, loss of, and damage to individual numbers and specific personal information, such as establishment of rules on handling them and maintaining structures for implementation of security controls.
4-4.Use of subcontracting in handling of personal information
- The Company may utilize subcontractors for a portion of tasks relating to individual numbers and information. When subcontracting administration related to individual numbers to an outside party, we will employ necessary and appropriate supervision, including checking on the subcontractor’s approach to information controls.
The Company will respond to requests such as those for notification, disclosure, revision, and suspension of use of individual numbers and specific personal information in the manner described under Part 7 of “Handling of Personal Information,” above.
For further inquiries, please contact to the below.
5. Contact
- 5-1.Please direct your inquiry, referral and / or complain about the Company's handling of personal information to:
Contact Desk
Corporate Planning Department
Sompo Asset Management Co., Ltd.
Kyoritsu Nihonbashi Building
2-16, Nihonbashi 2-chome, Chuo-ku, Tokyo 103-0027 Japan
Tel: +813-5290-3585
URL: https://www.sompo-am.co.jp
President and CEO: Nobuhiro Kojima
The Company is a member of both the Investment Trusts Association and the Japan Investment Advisers Association which are authorized personal information protection organizations approved by the Finance Services Agency. Both of the Associations will receive complaints and provide consultation with respect to its members' handling of personal information.
Contact for complaints and consultation
Japan Investment Advisers Association, Complaints Desk
Tel: +813-3663-0505
URL: https://www.jiaa.or.jp/index_e.html
The Investment Trusts Association, Investor Consultation Desk
Tel: +813-5614-8440
URL: https://www.toushin.or.jp/english/