Personal information protection policy

Principles of personal information protection

Fez Inc. (hereinafter, “Company”) is engaged in business activities centered on the retailtec business.
Personal information (including specific personal information, hereinafter referred to as "personal information") obtained from customers through business activities is important information for our Company, and we recognize that ensuring the protection of that personal information an important social responsibility of a corporation.
As such, we will comply with laws, regulations, and other norms concerning the protection of personal information. We also maintain an awareness of the environment related to data and trends in public opinion. We handle personal information obtained through our business activities in accordance with the following policies, and are committed to providing peace of mind to our customers and our employees concerning the protection of personal information and the fulfillment of our social responsibilities.

Personal information protection policy

1. Concerning the acquisition, use, and provision of personal information 
-We acquire personal information through legal and fair means.
-We use personal information within the extent required to fulfill the purpose of use and only to the extent necessary to conducting business activities.
-We do not use acquired personal information for reasons other than the purpose of use. We implement necessary measures to prevent unauthorized use.
-When receiving consent from the individual, we indicate the purpose and scope of use as clearly as possible and only use information to the extent for which consent was received.
-In the event of a need to use information for reasons outside the purpose of use, we only use information after receiving consent for the new purpose of use.
-Excluding where required by law, we do not provide personal information to any third party without the consent of the individual.
-Furthermore, when receiving data from a third party that contains personal information, we only accept data under an appropriate agreement concerning the protection of personal information.

2. Laws, ordinances, government guidelines, and other rules
We comply with laws and ordinances related to businesses that handle personal information, continuously work to ascertain the status of such laws, work to enlighten employees (hereinafter, “employees”) involved with relevant operations, and conduct regular reviews to ensure proper management.

3. Safe handling of personal information
-To prevent various risks, including unauthorized access to personal information, or personal information leaks, loss, or damage, we have built and maintain a structure for implementing rapid corrective action to ensure the safe management of personal information.
-We conduct inspections and rapidly implement corrections for any discovered violations or incidents, and also implement preventative measures to address vulnerabilities.
-We conduct training related to safety to reinforce awareness among employees.

4. Complaints and consultations
To address complaints and consultations regarding the handling of personal information, we have established a help desk for inquiries related to personal information, created a structure to enable rapid responses, and we work to respond in good faith.

5. Continuous improvements
-To protect personal information, we monitor and audit the status of compliance with internal regulations, work to discover violations, incidents, accidents and vulnerabilities, and conduct management reviews. We reflect these results in our management policies and internal regulations, and strive to continuously improve our management system for personal information protection.
-Improvements to our management system for personal information protection are compliant with relevant laws and JIS Q 15001.

Fez Inc. Jumpei Itami, Representative Director

Created / Revised
Created: August 1, 2019
Revised: November 15, 2019

About the handling of personal information

We publish the following in accordance with the requirements of JIS Q 15001:2017 and

1. Acquired personal information and the purpose of use

The personal information we acquire and the purpose of use for said information are as follows.

(1) Personal information acquired from customer companies through our retailtec business or entrusted to us through business consignment
-To conduct marketing research and analysis for customer companies, formulate management strategies and marketing strategies, distribute advertisements, and measure and verify the effectiveness of advertisement distribution
-To deliver information related to products/services and events/campaigns of customer companies based on the status of use of customer company products/services
- Company development activities for the purpose of providing new products and services. Company research and analysis for the purpose of improving the quality of various products and services.
-Maintenance and after-sales support for Company services
-The aggregation of personal information that has been processed statistically for use as research results and for the publication of those results
-To properly carry out other operations consigned by customer companies

(2) Personal information of the person in charge of the Company's business partners / For communication related to transactions
-For various contract procedures, billing and payment 
-To provide information on our various services and events
-Communication about events in which you are participating
-For maintenance and after-sales support for related to Company services
-To respond to inquiries and improve responses to inquiries

(3) Personal information of those who request materials or make inquiries
-To respond to inquiries and improve responses to inquiries
-To provide information on our various services and events
-Communication about events in which you are participating

(4) Personal information of candidates and applicants
-For guidance and communication regarding recruitment activities
-To confirm and provide information on applications for events and seminars
-To request cooperation in questionnaires and to report the results of questionnaires
-To respond to inquiries and improve responses to inquiries

(5) Personal information about our employees
-For human resource labor management, welfare benefits, medical examinations stipulated by laws and regulations, and communication in cases of an emergency
-For posting to corporate sites, various media, or magazines for the purpose of external publicity

2. Provision of personal information to third parties

Excluding the following cases, in principle, we do not disclose or provide retained personal information to any third parties.
(1) When consent has been received from the individual
(2) When in accordance with law
(3) When it is necessary to protect a person's life, body, or property, and it is difficult to obtain the consent of the individual
(4) When it is particularly necessary to improving public health or promoting the sound development of children, and it is difficult to obtain the consent of the individual
(5) When it is necessary to cooperate with a national agency, a local government, or a duly empowered party carrying out duties stipulated by laws and regulations, and there is a risk that receiving consent from the individual would interfere with the execution of said duties
(6) When outsourcing the handling of personal information to the extent necessary to achieve the purpose of use

3. The acquisition and handling of information that cannot be used to identify individuals

(1) Use of informative data
The Company may collect informative data (refers to information that alone cannot be used to identify an individual, including cookies, ad identifiers (IDFA, AAID), member IDs, browsing histories, and purchase history) related to customers through websites or from customer companies or partner companies, and use said information in our various services, including advertisement distribution. Informative data is non-personal information that cannot identify a specific individual by itself, but depending on specific conditions, could lead to the identification of an individual customer.
In such cases, we handle relevant informative data as personal information in accordance with this policy.

(2) Use of statistically processed data
In some cases, we may use personal information provided to us to create statistical data that has been processed so that a specific individual cannot be identified. The Company may use statistical data that cannot identify a specific individual without restrictions under the Act on the Protection of Personal Information.

4. Requests for disclosure

The Company recognizes that the individual reserves the right to request notification of the purpose of use, disclosure, correction, addition, deletion of content, suspension, elimination of use, and suspension of provision of personal information to third parties (hereinafter, “disclosure”). When there is a request from the individual or his/her proxy for disclosure in accordance with procedures prescribed by the Company, we will respond without delay, excluding cases where non-disclosure is recognized by law, such as when there is a risk to the life, body, property, or other interests of the individual or a third party.

To prevent fraudulent requests by impersonation, etc., when a disclosure request is received, we will use reasonable methods to confirm the identity of the individual, such as requesting the submission of documents to confirm identity. 
Once all requirements for identity confirmation specified by the Company are fulfilled, the Company will consider the request to be from the person and respond accordingly. In cases where the request is from a third party other than the individual who has obtained the personal information or personal identification documents of the individual, the Company shall not be liable for any damages incurred by the individual resulting from the claim excluding cases of intentional gross negligence or violation of the Consumer Contract Act on the part of the Company.
We kindly ask you to pay close attention to the management of your own personal information.

(1) Help desk for disclosure requests
To request disclosure, provide the required information on the Personal Information Disclosure Request Form stipulated by the Company, attach the documents necessary for identity confirmation, and mail it to the inquiry help desk indicated below.When mailing the request to the Company, please use a method that allows confirmation of the delivery record, such as mail with a delivery record or simple registered mail.We would also appreciate it if you could write in red ink on the envelope, “Personal Information Disclosure Request Form Enclosed.”

(2) Documents for submitting requests for disclosure
When making a request for disclosure, please submit all the materials requested by the Company, including the Company’s prescribed “Personal Information Disclosure Request Form” and necessary documents, including documents for identity confirmation.

(3) Identify confirmation
To confirm the identity of the individual requesting disclosure, in principle, the Company will perform confirmation by calling back the telephone number registered in advance with the Company. If confirmation by telephone is not possible, we will request you submit a copy of your driver's license, resident card, or health insurance card for verification.

(4) Proxy requests for disclosure
When entrusting a request for disclosure to a proxy, please enclose the following documents in addition to the Personal Information Disclosure Request Form.
1) Documents (copy) to confirm the identity of the proxy (any one of the following): A driver's license, a copy of proxy’s resident card, or the health insurance card of the insured person. *Use copies with the main address information blacked out.
2) Power of attorney (Affix the seal of the individual to a letter indicating power of attorney and attach the seal registration certificate for that seal. If the proxy is a legal guardian such as a person with parental authority, then it is also possible to submit a document indicating the relationship between the parties instead of the power of attorney (a copy of the family register, a copy of the resident card, etc., in which both the name of the individual and the proxy are indicated and the relationship are shown).

(5) Fees related to requests for disclosure or notification of the purpose of use
When requesting disclosure of personal information and notification of the purpose of use, a fee of 500 yen (including tax) will be charged for each request. Please enclose a postal money order worth 500 yen with the documents to be submitted. The customer is responsible for the cost of purchasing the fixed-amount postal money order and the postage to our Company. Please note that if the fee is insufficient or if the fee is not enclosed, we will not be able to disclose information or notify you of the purpose of use.

(6) Method of response to requests for disclosure
We will respond via the method desired by the individual, either by delivering a document to the address indicated by the party making the request or by providing an electronic record such as an e-mail to the mailing address indicated on the request. However, if disclosure by the desired method requires large expenses or it is difficult to provide disclosure via said method, then we will respond via an electronic record file format or method of electronic record provision stipulated by our Company, or by responding in writing.

5. Revisions to privacy policy

We review our privacy policy as appropriate and strive to continuously improve the handling of collected information in light of any changes in social requirements, etc.

6. Inquiries

Feel free to contact us at the following help desk if you have any questions about our privacy policy, to issue a complaint, or for any inquiries concerning disclosure, correction, or suspension of use.

Fez Inc.
Help desk for inquiries related to personal information
〒101-0035 Granfirst Kanda Konyacho 3F15 Kanda Konyacho, Chiyoda-ku, Tokyo
TEL: 03-6447-5947 (Weekdays: 10:00 –17:00) FAX: 03-6447-5948 (24/7)

<Manager for matters concerning personal information>
Keisuke Yamada, Personal Information Protection Manager

Created: August 1, 2019
Revised: February 15, 2021
Revised: December 15, 2021
Revised: April 1, 2022

Fez Inc. has acquired PrivacyMark certification.