Privacy Policy
This English version has been prepared for your reference only. If there is a conflict between the Japanese version and the English version, the Japanese version will control.
GMO Financial Holdings, Inc. (“we”, “us”, and “our”) establishes this privacy policy (“Policy”) based on the "Act on the Protection of Personal data" and the "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures", and protects your Personal Information. This Policy provides how we collect, use, and protect your Personal Information and Individual Numbers as well as how we respond to your complaints. For the purpose of this Policy, “GMO-FH Group” means GMO Financial Holdings, Inc. and its subsidiaries.
Revision Date:April 1, 2022
GMO Financial Holdings, Inc.
SHIBUYA FUKURAS, 1-2-3, Dogenzaka, Shibuya-Ku, Tokyo, 150-0043
COO Tomitaka Ishimura
1. Compliance with applicable laws and regulations
We comply with this Policy, applicable laws and regulations regarding the protection of Personal Information and Individual Numbers, as well as guidelines provided by the Personal Information Protection Commission.
2. Collecting and usage of Personal Information
We collect Personal Information and Individual Numbers in an appropriate and fair manner and keep at the minimum which is necessary to achieve our purposes of usage. Also, we use Personal Information and Individual Numbers appropriately to the extent which is necessary to achieve our purposes.
3. Processing purposes
The purposes for which we process your Personal Information are as follows:
- Introducing GMO-FH Group’s business activities as well as products and services via mail and email;
- Conducting market research for GMO-FH Group’s business by analyzing and examining Personal Information of GMO-FH Group’s customers;
- Conducting questionnaires and surveys as well as responding to your comments and inquiries;
- Developing GMO-FH Group’s new business, products and services, as well as providing you with information regarding products and services based on your preferences and needs by analyzing and examining Personal Information of GMO-FH Group’s customers;
- Management and administration of our shareholders’ related matters including shareholder benefits programs;
- Management and administration of our human resource matters;
- Reporting to the government and regulatory entities, as well as the associations GMO-FH Group belongs ;
- Providing our subsidiaries and third parties with business services regarding management and administration of General affairs, Human resources, Accounting & Finance, and Sales, etc.;
- Operations and maintenance of application service provider business for financial institutions;
- Fulfilling our legal obligation, and exercising our legal rights which are defined by laws and regulations;
- Management of GMO-FH Group’s business ;
- Procedures relevant to any items above; and
- Other purposes of usage which were discretionary agreed by each data subject.
The purposes for which we process your Individual Numbers are as follows:
- Administration of our employees’ unemployment insurance, health insurance, and pension insurance;
- Preparation of records regarding withholding tax on salaries and retirement benefits;
- Administration of resident tax;
- Administration of defined contribution pension plan;
- Preparation of certificates regarding remuneration payment; and
- Preparation and provision of statutory documents for financial instrument transactions relating to employee stock ownership plan.
4. Collection of Information relating to natural persons
When we collect Information relating to natural persons through third parties and if it is used to identify the data subject by linking it with our Personal Data which we already have stored, we will obtain your prior consent and process it within the scope listed in “3. Processing purposes”.
5. Processing Special Care-required Personal Information
Unless otherwise provided in applicable laws or regulations, we do not collect or disclose to third parties any Special Care-required Personal Information including, but not limited to race, beliefs, social status, medical record, and criminal record, without your prior consent.
6. Security measures
We endeavor to keep Personal Data and Individual Numbers which we have collected accurate and up to date. We have implemented security measures to prevent any leakage, destruction, loss, unauthorized disclosure of, or access to Personal Data and Individual Numbers (“data breach”). We take appropriate monitoring and supervising activities to our employees and external contractors.
-
a.Establishment of the Policy
This Policy is established to ensure that we process your Personal Information and Individual Numbers legally and in an appropriate manner. -
b.Implementation of rules in relation to Personal Data processing
Procedures and manuals of each stage of Personal Data processing such as collection, use, storage, disclosure, and deletion are established. -
c.Organizational security measures
- We have established an organizational structure to safeguard Personal Data and Individual Numbers, and have appointed our Data Protection Officer.
- We have prepared a Personal Data control register to clarify the scope of Personal Data that we process.
- In preparation for any data breach, we have set a specific department which is in charge of any data breach. The department has implemented a system to investigate the fact, find the root causes, report to the Personal Information Protection Commission, contact and inform to the person, announce the remediation plan.
- We periodically conduct internal audit regarding our operating effectiveness of Personal Data processing.
-
d.Human security measures
- All new employees are required to submit non-disclosure agreements regarding confidentiality of Personal Data and Individual Numbers.
- We periodically conduct education and training regarding Personal Information and Individual Numbers.
-
e.Physical security measures
- We have implemented internal controls to prevent theft of documents, hardware or devices where Personal Information or Individual Numbers is stored.
-
f.Technological security measures
- We have access controls implemented to limit the Personal Information and Individual Numbers processing coverage.
- We have implemented measures to prevent unauthorized access to information systems which store Personal Information or Individual Numbers from outside.
-
g.Understanding foreign data protection laws and regulations
- We use cloud services to store and retain some Personal Data and Individual Numbers. The data centers of those service providers are located in U.S., Chile, Ireland, Netherlands, Denmark, Finland, Belgium, Singapore, and Taiwan. We have reviewed the terms and conditions of the services provided by cloud service providers, and we endeavor to understand the data protection laws and regulations in those countries and regions.
7. Restriction on sharing Personal Data with third parties
We do not disclose any Personal Data to third parties without your prior consent, unless otherwise permitted by laws or regulations. However, disclosing Personal Data and Individual Numbers to our third party contractors does not fall under this provision, and we manage and supervise the contractors to comply with this Policy.
8. Joint processing of Personal Data
We may process your Personal Data jointly in the following situations. However, when the processing is restricted by the Financial Instruments and Exchange Act or other laws or regulations, we will not process it jointly except in the cases where we have obtained your prior consent or applicable laws and regulations eased the restriction.
-
a.Items of Personal Data
- Name, address, date of birth, telephone number, occupation, preferences and other information of GMO-FH Group’s customers;
- Transactions, balances, and other information regarding service usages of GMO-FH Group’s customers; and
- Name, address, shareholder number and other information of our shareholders.
-
b.Scope of joint processors
GMO Financial Holdings, Inc. and its subsidiaries -
c.Purposes of joint processing
- Developing, introducing, and providing comprehensive products and services of GMO-FH Group;
- Conducting market research related to GMO-FH group business, developing new businesses, conducting product development, and introducing products which are tailored to the customers by analyzing and examining personal data of GMO-FH Group’s customers;
- Comprehensive group-wide risk management and compliance related operation and management; and
- Providing shareholder benefits.
-
d.Party who is responsible for joint processing
GMO Financial Holdings, Inc.
SHIBUYA FUKURAS, 1-2-3, Dogenzaka, Shibuya-Ku, Tokyo, 150-0043
COO Tomitaka Ishimura
9. Updates to this Policy
We may update this Policy, from time to time, to improve our processing Personal data and to comply with applicable laws and regulations.
10. Request for access, etc.
When we receive a request for confirmation of processing purposes, access, rectification, suspension of processing Personal Data, or suspension of sharing Personal Data with third parties, we endeavor to respond appropriately and promptly after identity verification is completed. Please note that if we receive a request for disclosure of whether we retain your Individual Number or not, we will reply if we retain it or not.
For the details, please see the Japanese version of this Policy.
11. Contact details
We endeavor to respond sincerely and promptly to your comments, inquiries, complaints, etc. regarding Personal Information and Individual Numbers. If you have any comments, inquiries, complaints, etc., please contact us at:
GMO Financial Holdings, Inc.
Legal Department
E-mail :
Please note that we may record the phone conversation for our quality and training purposes.