Personal Information Protection Policy

MORI TRUST CO., LTD. (hereinafter referred to as “Mori Trust”) is deeply aware of the importance of the protection of personal information and believes it has a responsibility to ensure the appropriate handling and protection of personal information. In addition to complying with the Act on the Protection of Personal Information, related laws and guidelines, Mori Trust also strives to protect personal information as outlined hereunder.

When acquiring personal information, Mori Trust will notify the user of the purpose of use for said information in advance and will obtain that information in a fair and appropriate manner and only obtain it within the scope necessary for achieving the stated purpose of use.
Mori Trust will define the purpose of use of personal information and make use of such information only within the scope allowing for the achievement of that purpose of use, with the exception of cases where the consent of the individual to which said information pertains is obtained beforehand and cases treated as exceptions by laws and regulations.
Mori Trust endeavors to keep the personal data it handles accurate and up to date within the scope of the stated purpose of use pertaining to the information in question and take the measures deemed necessary and appropriate for the management of the safety of that information. Mori Trust will also conduct the appropriate management of the information in question by means of ensuring that employees and contractors are compliant with the aforementioned measures.
Mori Trust will not provide personal data to third parties without the prior consent of the individual to which the data in question pertains, except in cases treated as exceptions by laws and regulations.
Mori Trust will promptly respond to requests such as those issued for the disclosure, correction, suspension of use, or deletion of retained personal data in accordance with laws and regulations.
Mori Trust will respond promptly and appropriately to complaints regarding handled personal information issued by the individual to whom that information pertains.
Mori Trust will continuously review and improve the measures it has taken to protect personal information.

Established on March 31, 2005
Revised on November 29, 2019
　Revised on June 18, 2021
Revised on August 1, 2021
Revised on April 1, 2022
Revised on May 10, 2023
Revised on June 22, 2023

MORI TRUST CO., LTD.

About the Handling of Personal Information

The following personal information is acquired and used by Mori Trust.

1. Company names, addresses, and names of representatives

Miwako Date
President and Chief Executive Officer
MORI TRUST CO., LTD.
Kamiyacho Trust Tower 4-1-1 Toranomon, Minato-ku, Tokyo 105-6903

2. About Personal Information Subject to Acquisition

The information provided by customers to Mori Trust consists of the following.

Information relating to profiles, such as names, addresses, phone numbers, genders, dates of birth, occupations, workplaces, email addresses, department names, job titles, and information contained in various kinds of identity verification documents
Information required for transactions, such as account information, information on payments, invoicing, and information on other such matters
Images such as portrait (face) photos, information contained on health insurance cards, IP addresses, account IDs, location information, nicknames, individual-identifying information, device-identifying information, purchase data, and other such data
Contents and history of inquiries, etc.
Information concerning applications for event participation, answers for questionnaires, and other such information

Mori Trust may also collect access data and other data pertaining to usage methods. This includes the following information.

Device-identifying information, which refers to “Cookie IDs,” “IDFA,” “Advertising IDs,” and other standard/commonly used information for the provision of services.
Information about the device, OS, browser, and other such elements used by the customer when browsing the Internet or when using applications
Internet or application activity history of the customer
Other information acquired in connection with the above

3. About the Use of Personal Information

The personal information collected by Mori Trust will be used for the following purposes.
If information is directly provided (such as in writing) by the individual to whom it pertains, the purpose of use will be clearly indicated on each occasion, except in cases that should be treated as exceptions pursuant to any laws or regulations.

In order to confirm and examine the other party in terms of a contract
In order to enter into contracts, for the registration of business partners, for payment or request processing, and for other such communications
In order to conduct necessary investigations, such as those involved in the acquisition of property and with respect to rights in terms of building plans, etc.
In order to respond to inquiries and consultations about the business of Mori Trust
In order to inform customers about Mori Trust and Mori Trust Group properties, management services and other such elements
In order to inform customers about Mori Trust and Mori Trust Group products, services and other such elements
In order to conduct the administration of memberships for the purpose of maintaining membership organizations operated by Mori Trust, in order to go about issuing invoices for administration fees, and so on
In order to conduct investigative analyses, such as analyses of customer trends or for product planning
In order to undertake operations such as the provision of information generated based on surveys, analyses, user attributes, and activity history
In order to provide management services related to Mori Trust properties and in order to confirm the safety of customers in emergencies
In order to conduct screening for hiring, communications for interviews, and notifications for hiring results
For other purposes related to the business of Mori Trust (including group companies)
In cases where the need arises to contact the relevant customer for other reasons

4. About the Provision of Personal Information to Third Parties

Mori Trust does not provide personal information to third parties with the exception of the following cases.

Cases where the consent of the individual to whom the information pertains has been provided
Cases involving joint usage of the information in question with Mori Trust Group companies to achieve the purpose of use disclosed or specified by Mori Trust, or
cases involving provision to operational contractors within the scope of the purpose of use (information about customers who use the PRIME CHEF service may be provided to the chef in question, including delivery companies, in accordance with requests to that effect provided by the customer)
Cases involving the provision of the data in question in the form of statistical data processed and rendered in a state wherein individuals cannot be identified
Cases where provision is requested in accordance with laws and regulations, etc.
Cases where there is an urgent need to protect the vital interests of a person, such as their life, body or property

5. Joint Use With Group Companies

Mori Trust will share personal data with the following group companies in order to achieve the above purpose of use.

(1) Group companies with which joint usage is undertaken

Mori Trust Group Companies
https://www.mori-trust.co.jp/corporate/group_lists/

(2) Personal data subject to joint usage

Information listed in the above “2. About Personal Information Subject to Acquisition”

(3)Individuals responsible for managing personal data subject to joint usage

Mori Trust is responsible for personal data subject to joint usage. Please refer to section 1 in the above for the address and representative of Mori Trust.

6. Entrustment of Personal Information to External Entities

Mori Trust may outsource the handling of personal information it has collected or which has been provided by the individual to whom the information in question pertains for the purposes of undertaking administrative services, work involved in invoicing, and other such actions. Mori Trust will appropriately manage and supervise external contractors.

7. Entrustment of Personal Information to Entities in Foreign Countries

In the cases of section 3 or 5 in the above, Mori Trust may provide personal information to companies located in foreign countries (meaning a country or region outside Japan). Mori Trust will take necessary measures to ensure that the appropriate protection of personal data can be undertaken in accordance with its own security criteria. That includes defining within consignment contracts and other agreements, stipulations which make it mandatory for contracting companies implement appropriate security administration, stipulations outlining the undertaking of handling such as management and supervision, and stipulations on the adoption of appropriate encryption measures in relation to the routes by which personal data is accessed.

8. Matters Concerning Safety Management Measures

Mori Trust will take necessary and appropriate safety management measures to prevent and manage the leakage of, loss of, or damage to personal data. Moreover, Mori Trust will conduct necessary and appropriate supervision of employees and contractors handling personal data (including subcontractors of contractors).

9. Disclosure, Correction, Addition/Deletion, Suspension of Use, Erasure, and Suspension of the Provision of Personal Information to Third Parties

(1) Contact Point for Customers

Please contact the below for disclosures, corrections, additions or deletions, discontinuations of use, erasure, or suspension of the provision of personal information to third parties. We will respond in accordance with laws and regulations.

Address	: Kamiyacho Trust Tower 4-1-1 Toranomon, Minato-ku, Tokyo 105-6903
MORI TRUST CO., LTD., General Administration and Human Resources Division, General Administration and Human Resources Department, Legal & Compliance Group
E-mail	: kojinjoho@mori-trust.co.jp
TEL #	: 03(6435)7158
Hours of Reception	: 9:00-17:45 / Unavailable on Saturdays, Sundays, National Holidays, and during the Year End/New Year Period

(2) Items for which requests will be accepted

[1] Requests for notification of the purpose of use of personal data retained by Mori Trust
[2] Requests for the disclosure of personal data retained by Mori Trust
[3] Requests for corrections, additions or deletions of the contents of personal data retained by Mori Trust
[4] Requests for the suspension of use or erasure of personal data retained by Mori Trust
[5] Requests for the suspension of provision to third parties of personal data retained by Mori Trust

(3) Procedure Method

[1] We ask that the individual to whom the information pertains contacts the contact person mentioned above.
[2] Mori Trust will send you a form to fill in your request depending on the content of your inquiry.
[3] Please fill out the request form and send it to the above contact person along with documentation used to confirm your identity.
Documentation used for the confirmation of your identity needs to be a certificate issued by a public institution, meaning a copy of your driver’s license, health insurance card, or other such ID.
[4] As a rule, Mori Trust will respond to your request in writing after conducting a confirmation concerning the content of your request.
[5] If you would like to issue your request via proxy, please send in your request form together with your proxy statement and the above identification documents. For details, please contact the above contact person directly.

10. Complaints and Consultations Concerning Personal Information

If you have any complaints, would like to consult with Mori Trust regarding personal information, or have any other questions regarding personal information, please contact the person in charge of the matter at Mori Trust (outlined in the above).

11. About the Handling of Personal Information in Relation to Linked Websites

The Mori Trust website (www.mori-trust.co.jp) may provide you with links to websites operated by other companies or organizations in order to provide you with more useful information and services. Mori Trust assumes no responsibility for the collection or handling of personal information on the linked websites.
Please use them at your own discretion.

12. About the Use of Cookies

Some websites operated by Mori Trust make use of cookies and make use of the third party service to analyze access to and use of the relevant websites and to post information, including advertisements deemed suitable for customers. If you wish, you may stop or disable cookies on your browser. However, some parts of the website may not function properly if you do. Please contact your browser provider for information on browser setup. Also, please visit this page for more information about the use of cookies for each service, the information collected through cookies and the opt-out process.

13. Changes to Mori Trust’s Personal Information Protection Policy

Mori Trust will make changes to the content of its Personal Information Protection Policy as deemed necessary. Important changes will be announced to customers in an easily understood manner through notifications provided on its website, etc. Please review the most up-to-date privacy policy.