Privacy Policy
Privacy Policy
Whole Group Privacy Policy
MARUI GROUP (the Company and its subsidiaries and affiliates) collects personal information on its customers and other stakeholders in order to provide services that satisfy customers through its business activities. This personal information is an important asset to the ongoing growth of MARUI GROUP. Accordingly, the appropriate management of such information is a major management responsibility. MARUI GROUP has therefore established the MARUI GROUP Privacy Policy to function as a shared Groupwide policy for guiding efforts to appropriately manage and protect all personal information collected by MARUI GROUP.
1. Scope of Application
The MARUI GROUP Privacy Policy is applicable to all MARUI GROUP officers and employees. We also request that our business partners adhere to this privacy policy.
2. Information Security
MARUI GROUP appoints a chief security officer to promote the protection and appropriate management of Groupwide information assets. The chief security officer is assigned responsibility and authority for the execution of all MARUI GROUP information security measures related to the protection and appropriate management of personal information as well as other information security tasks. Moreover, the Information Security Committee has been put in place to monitor the status of information security and to discuss the necessary measures. This committee submits reports on its activities to the Compliance Promotion Board, which is chaired by the president. These provisions make for a framework that allows for the swift implementation of Groupwide information security measures.
3. Acquisition, Use, Provision, and Outsourced Handling of Personal Information
MARUI GROUP shall collect information through legitimate methods, clearly explaining the purpose for which the collected information will be used as opposed to relying on deception or other wrongful means. Collected personal information will only be used for the purpose initially agreed upon, and appropriate management will be practiced while implementing measures to prevent such information from being used for other purposes.
MARUI GROUP will not provide personal information to a third party without consent from the individual in question except when lawfully requested by public institutions or in other cases mandated by law. When contracting third parties to perform the handling of personal information, MARUI GROUP will select entities that have sufficient measures in place to protect personal information and ensure that this information is managed appropriately by including stipulations pertaining to the protection of personal information in contracts and other agreements.
4. Measures for Protection of Personal Information
MARUI GROUP shall take steps to prevent unauthorized access, destruction, damage, or leakage of personal information. In the event that an information security incident occurs, swift action will be taken to address this incident. In addition, MARUI GROUP shall establish rules regarding the appropriate management and use of personal information, appoint individuals responsible for managing such information, and provide thorough training to Group officers and employees. Audits of divisions as well as of first- and second-tier subcontractors tasked with handling personal information are conducted as appropriate and necessary for protecting personal information.
5. Compliance with Laws and Standards Regarding Personal Information
MARUI GROUP shall comply with laws such as Japan's Act on the Protection of Personal Information, national policies, and other standards regarding the handling of personal information. In addition, internal regulations and manuals are prepared to facilitate compliance with the MARUI GROUP Privacy Policy, and adherence to these provisions is expected. Disciplinary and other measures will be taken as appropriate should a leak of personal information or other information security incident occur.
6. Continuous Improvement of Personal Information Management Systems
MARUI GROUP shall develop, implement, and continuously improve personal information management systems to ensure that personal information is protected.
7. Inquiries Regarding Personal Information
MARUI GROUP shall respond to any inquiries regarding the disclosure, revision, or deletion of personal information as well as any complaints or consultations from individuals or proxies acting on behalf of individuals pertaining to personal information it has collected.
8. Use of Cookies
MARUI GROUP uses cookies for some of the content provided on its websites. Cookies are files saved in a user's browser when they access a website. These files do not contain information that could be used to identify a specific individual. However, there are cases in which this information may be used in conjunction with other information in a way that could be used to identify a specific individual. MARUI GROUP will only acquire and use information in these cases after receiving consent from the individual in question or after confirming that prior consent has been received as stipulated in the Act on the Protection of Personal Information and in the relevant guidelines.
It is possible to disable the use of cookies by adjusting one's browser settings. Should a user disable the use of cookies, it may impact their ability to view certain parts of MARUI GROUP websites.
9. Revision of Privacy Policies
Information on important changes to the MARUI GROUP Privacy Policy will be provided through MARUI GROUP's corporate website. Should a revision to the MARUI GROUP Privacy Policy be implemented, the revised policy will be applied effective from the date that the revised policy is disclosed.
Group Companies with Privacy Policies
- MARUI GROUP CO., LTD.
- Epos Card Co., Ltd. (Japanese only)
- MARUI CO., LTD.
- M & C SYSTEMS CO., LTD. (Japanese only)
- MARUI FACILITIES Co., Ltd. (Japanese only)
- MOVING CO., LTD. (Japanese only)
- MRI Co., Ltd. (Japanese only)
- AIM CREATE CO., LTD. (Japanese only)
- MARUI HOME SERVICE Co., Ltd. (Japanese only)
- Epos Small Amount and Short Term Insurance Co., Ltd. (Japanese only)
- tsumiki Co., Ltd. (Japanese only)
- D2C & Co. Inc. (Japanese only)
- okos Co., Ltd. (Japanese only)
- marui unite Co., Ltd. (Japanese only)
- MARUI KIT CENTER CO., LTD. (Japanese only)
MARUI GROUP’S Privacy Policy
MARUI GROUP CO., LTD., has defined the following policies for the management of personal information including the names, addresses, and email addresses of customers, business partners, shareholders, officers, and employees.
The terms used in these policies are based on the definitions put forth by the Act on the Protection of Personal Information and other relevant legislation. Personal information acquired by Group companies other than MARUI GROUP CO., LTD., and other personal information defined as applicable for management under the regulations of these companies shall be managed in accordance with the regulations of each company.
1. Company Name, Address, and Representative
MARUI GROUP CO., LTD.
3-2, Nakano 4-chome, Nakano-ku, Tokyo 164-8701, Japan
Hiroshi Aoi, President and Representative Director, Representative Executive Officer
2. Compliance with Relevant Legislation, Guidelines, etc.
MARUI GROUP shall manage personal information appropriately and in compliance with the Act on the Protection of Personal Information and other relevant legislation as well as the guidelines and other standards set forth by the Company's Personal Information Protection Promotion Committee and this privacy policy.
3.Collection of Personal Information
MARUI GROUP shall only collect personal information through appropriate and legal means.
With regard to information classified as "special care-required personal information" in the Act on the Protection of Personal Information, expressed consent must be received from the individual in question prior to collecting such information.
Furthermore, MARUI GROUP will only collect and use "Individual Numbers" and "Specific Personal Information" as defined in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures for the purposes permitted under this law.
4.Purposes of Use of Personal Information
MARUI GROUP will only use collected personal information for the following purposes or for purposes that are clear from the method through which this information was collected. Personal information will not be used for other purposes without expressed consent from the individual in question except in cases when such usage is permitted by law.
Purposes of Uses for Personal Information of Customers and Business Partners
- Use for confirmation and verification of identity of customers and business partners
- Use for the purpose of performing transactions in the retailing, fintech, or other businesses of MARUI GROUP or in performing related procedures
- Use for the purpose of supplying information related to products, services, or other offerings of the businesses of MARUI GROUP*
- Use for the purpose of responding to inquiries or consultations from customers or business partners
- Use for improvement of digital services (websites, apps, etc.) provided by MARUI GROUP based on input received via surveys and other means
-
Use for the purpose of performing procedures associated with the above items
* MARUI GROUP may perform analyses of website viewing records, purchase histories, and other information acquired from customers or may link preference, website viewing records, and other information acquired from third parties to customer information held by the Company in order to distribute advertisements regarding products, services, and other offerings.
Purposes of Uses for Personal Information of Shareholders or Employees of Shareholders
- Use for the purpose of exercising rights or obligations defined by the Companies Act of Japan
- Use for the purpose of supplying information regarding the businesses of MARUI GROUP
- Use for the purpose of facilitating discussion with shareholders regarding the businesses of MARUI GROUP
- Use for the purpose of providing shareholder and other benefits from MARUI GROUP
- Use for the purpose of managing shareholders in accordance with relevant legislation
- Use for the purpose of responding to inquiries or consultations from shareholders
Purposes of Uses for Personal Information of Officers and Employees of MARUI GROUP CO., LTD., and Group Companies
- Use for business-related communications
- Use for the purpose of payment of compensation (salaries, bonuses, allowances, etc.), execution of human resource or labor management tasks, or provision of welfare benefits
- Use for the purpose of promoting occupational health and safety, health, and healthcare management
- Use for the purpose of performing procedures related to social health insurance or other welfare programs
- Use for the purpose of performing other procedures related to officers and employees
5.Joint Usage of Personal Information
Joint usage of names, addresses, email addresses, business cards, and other personal information collected from customers and business partners may be conducted between MARUI GROUP CO., LTD., and Group companies in order to realize more comprehensive use of personal information for the purposes described in "Purposes of Uses for Personal Information of Customers and Business Partners" under "4. Purposes of Use of Personal Information" above. Joint usage of personal information collected by Group companies will be conducted in accordance with the relevant regulations of the companies engaged in joint usage. Joint usage will not be conducted with regard to information for which such use is prohibited by the regulations of the relevant companies.
The following Group companies engage in joint usage of personal information.
- MARUI GROUP CO., LTD.
- Epos Card Co., Ltd.
- MARUI CO., LTD.
- M & C SYSTEMS CO., LTD.
- MARUI FACILITIES Co., Ltd.
- MOVING CO., LTD.
- MRI Co., Ltd.
- AIM CREATE CO., LTD.
- MARUI HOME SERVICE Co., Ltd.
- Epos Small Amount and Short Term Insurance Co., Ltd.
- tsumiki Co., Ltd.
- D2C & Co. Inc.
- okos Co., Ltd.
- marui unite Co., Ltd.
The company responsible for management of personal information used jointly is as indicated in "1. Company Name, Address, and Representative" above.
In addition to the above, joint usage of personal information collected from officers and employees of MARUI GROUP CO., LTD., and Group companies may be conducted between MARUI GROUP CO., LTD., MARUI GROUP's health insurance union, and MARUI GROUP UNION in order to achieve more comprehensive use of personal information for the purposes described in "Purposes of Uses for Personal Information of Officers and Employees of MARUI GROUP CO., LTD., and Group Companies" under "4. Purposes of Use of Personal Information" above. MARUI GROUP CO., LTD., shall be responsible for the management of personal information used jointly in this manner.
6.Subcontracting of Personal Information Handling
MARUI GROUP may subcontract the handling of personal information it has collected to third parties in order to facilitate smooth operations or the provision of higher quality services to customers or shareholders. In these cases, the personal information provided will be limited to the minimum amount necessary to perform the tasks for which the third party is contracted.
7.Provision of Personal Information to Third Parties
Personal information will not be provided to third parties (with the exception of cases involving subcontractors handling personal information) without advance consent from the individual in question except when lawfully requested by public institutions or in other cases mandated by law.
8.Security Control Measures
MARUI GROUP implements security control measures as necessary and appropriate for the management of personal information to prevent destruction, damage, or leakage of such information. In addition, oversight of divisions as well as of first- and second-tier subcontractors tasked with handling personal information is practiced as appropriate and necessary for this purpose.
Personal Information Protection Policies
- This privacy policy stipulates the need for compliance with relative legislation, guidelines, and other provisions for ensuring the appropriate management of personal information as well as the venues for processing of questions and complaints.
Personal Information Management Regulations
- MARUI GROUP has established regulations for handling personal information that stipulate the management procedures and responsible parties for personal information-related processes including collection, use, storage, provision, deletion, and disposal.
Organizational Security Control Measures
- Personal information security control execution management representatives and oversight representatives are appointed, and the employees responsible for the handling of personal information as well as the scope of information for which they are responsible are clearly defined. Systems are in place for reporting any detected violations or signs of potential violations of the Act on the Protection of Personal Information or of personal information-related regulations to the personal information security control oversight representatives.
- Regular self-checks as well as audits by auditing divisions are performed with regard to the status of personal information management.
Human Resource-Level Security Control Measures
- Regular employee training is held detailing the matters requiring caution with regard to the handling of personal information.
- Provisions regarding the confidentiality of personal information are included in work regulations.
Physical Security Control Measures
- Management of access to areas in which personal information is handled is practiced and restrictions on the devices that can be taken into these areas are implemented as necessary, and measures are in place to prevent unauthorized viewing of personal information.
- Measures are in place to prevent the theft or loss of devices, electronic media, or documents containing personal information. In addition, steps are taken to prevent easy identification of personal information on such devices, electronic media, and documents during transport within business sites or elsewhere.
Technological Security Control Measures
- Access restrictions are instituted to limit the scope of individuals with responsibility for handling personal information as well as the scope of personal information databases.
- Frameworks have been introduced to protect systems processing personal information from unauthorized external access or unauthorized software.
Tracking of External Conditions
-
When personal information is stored overseas, MARUI GROUP shall implement security control measures based on an accurate understanding of the requirements regarding the protection of personal information in the respective countries.
Note: Please click here for information regarding personal information stored overseas and the associated security control measures.(Japanese Only)
9.Continuous Improvement of Personal Information Management Systems
MARUI GROUP shall develop, implement, and continuously improve personal information management systems to ensure that personal information is protected.
10.Requests for Disclosure, etc., of Possessed Personal Information
MARUI GROUP shall respond promptly to any requests for the disclosure, revision, ceased use, or deletion of personal information for reasons stipulated in the Act on the Protection of Personal Information upon confirming that the requesting individual is indeed the individual to whom said information relates. For information on the process for requesting such action, please refer to "Process for Requesting Disclosure, etc., of Possessed Personal Information" below.
Questions regarding the process for requesting disclosure or other actions pertaining to possessed personal information or other aspects of this privacy policy should be directed to the contact venue indicated in "13. Contact Venue for Inquiries" below.
Process for Requesting Disclosure, etc., of Possessed Personal Information
Requests for the disclosure or other actions pertaining to possessed personal information shall be processed via regular mail. When submitting such requests, please enter the required information in the disclosure, etc., request form available below and mail it together with a copy of a publicly recognized proof of identification that can be used to verify the identity of the requester (driver's license, certificate of residence, etc.) to the contact indicated in "13. Contact Venue for Inquiries" below. The proxy disclosure, etc., request form should be used when submitting a request as a proxy of the individual in question. Personal information acquired as part of the process for requesting disclosure or other actions pertaining to possessed personal information shall only be used as necessary for the purpose of processing the given request.
11.Handling of Anonymized Information
- When creating anonymized information, MARUI GROUP shall take the necessary steps to ensure that the individuals with whom the information is associated cannot be identified and that the original personal information cannot be reproduced.
- When using anonymized information, MARUI GROUP will not compare this information to other information for the purpose of identifying the individuals with whom the anonymized information is associated.
- Items regarding the individuals whose personal information was used by MARUI GROUP to create anonymized information will be disclosed as required by relevant legislation.
- When providing anonymized information to third parties, MARUI GROUP shall disclose items regarding the individuals whose personal information was used to create the anonymized information and the purpose for which this information was provided as required by relevant legislation. In addition, MARUI GROUP shall inform the third party of the fact that the information has been anonymized.
12.Use of Cookies
MARUI GROUP uses cookies for some of the content provided on its websites. Cookies are files saved in a user's browser when they access a website. These files do not contain information that could be used to identify a specific individual. However, there are cases in which this information may be used in conjunction with other information in a way that could be used to identify a specific individual. MARUI GROUP will only acquire and use information in these cases after receiving consent from the individual in question or after confirming that prior consent has been received as stipulated in the Act on the Protection of Personal Information and in the relevant guidelines.
It is possible to disable the use of cookies by adjusting one's browser settings. Should a user disable the use of cookies, it may impact their ability to view certain parts of MARUI GROUP websites.
13.Contact Venue for Inquiries
Please contact the following venue for questions or complaints regarding the handling of personal information by MARUI GROUP as well as for requests for disclosure or other actions pertaining to possessed personal information as described in "10. Requests for Disclosure, etc., of Possessed Personal Information" above.
| Contact Venue | Compliance and Legal Affairs Section, General Affairs Department, MARUI GROUP CO., LTD. |
|---|---|
| Email Address | privacy@0101.co.jp |
| Address for Submitting Requests for Disclosure, etc., of Possessed Personal Information | 3-2, Nakano 4-chome, Nakano-ku, Tokyo 164-8701, Japan |
14.Revision of Privacy Policy
This policy is to be reviewed as necessary by the Board of Directors and revised when deemed prudent through sufficient discussion. Minor revisions, such as changes to organization names, may be made at the discretion of the chief security officer. Information on important changes to this policy will be provided through MARUI GROUP's corporate website. Upon revisions, the revised privacy policy shall be applied effective as of the date of announcement.
Established on June 25, 2018
Revised on September 20, 2019
Revised on March 2, 2020
Revised on April 14, 2021
Revised on April 1, 2022
Revised on October 1, 2024
