Nippon Institutional Securities Co., Ltd. (hereinafter referred to as the “Company”) believes that it is the Company’s mission to carefully handle personal information, anonymized information and pseudonymized information (hereinafter ersonal information, anonymized information and pseudonymized information are referred to as “Personal Information, Etc. related information; and personal numbers as well as specific personal information (hereinafter personal numbers and specific personal information are referred to as “Specific Personal Information, Etc.”). In keeping with this mission, the Company hereby announces the Basic Policy for the Protection of Personal Information (hereinafter referred to as the “Basic Policy”).
2. Compliance with relevant laws and regulations
It is the Company’s deep conviction that the Protection of Personal Information, Etc., related information and Specific Personal Information Etc., as well as the maintenance of confidentiality, are its social responsibility. Recognizing this responsibility, the Company pledges that it will handle Personal Information, Etc., related information and Specific Personal Information, Etc. in an appropriate manner in compliance with the Act on the Protection of Personal Information, (Act no. 57 of 2003; hereinafter referred to as the Personal Information Protection Act), the Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure (Act no. 27 of 2013; hereinafter referred to as the “My Number Act”), and other applicable laws and regulations, as well as in conformity with this Basic Policy. Unless specifically indicated otherwise, definitions of terms shall be as defined in the Personal Information Protection Act, the My Number Act, and laws and regulations subordinate to them (including guidelines stipulated by the Personal Information Protection Commission and other such entities).
3. Objectives of use
The Company will handle personal information to the extent necessary for achieving the objectives of use and will not use such information beyond the scope of these objectives unless it has consent to do so from the person concerned or doing so is permitted under laws and regulations.
Notifications, public announcements or indications regarding other objectives of use may be provided separately to the Basic Policy.
- To solicit and sell the products provided by the Company, or publicize the securities, products and services of the Company.
- To solicit, distribute, or introduce the services of the financial products offered by the Company, its affiliates, or its business partners; or to introduce the Company’s affiliates.
- To confirm the identity of a client or a business counterparty (in the case of a corporation, this shall be the representative, member of staff or other such individual who is the person concerned as the subject of the Personal Information, Etc.; the same shall apply hereinafter), or his or her proxy.
- To process the documents concerning the transactions with the clients or business counterpartys.
- To conduct the research and development of products provided by the Company and services through market research, data analyses and questionnaire surveys.
- To carry out the appropriate processing of personal information in part or in whole the Company is entrusted with by other operators.
- To perform transactions with the client or business counterparty appropriately and smoothly.
- To make necessary contact with the client or business counterparty and respond to his or her needs appropriately and smoothly.
- To respond to inquiries from the client about the handling of personal information.
- To implement the Company’s business management and internal control.
- To implement group control over the Company’s group.
- Objectives of use if such objectives are stipulated separately by the Company for its businesses or services.
4. Limitations on the objectives of use where information is obtained through questionnaires, etc.
The Company will make every effort to limit the objectives of use depending on situation in which it acquires personal information. For example, when answer are provided for various questionnaires, etc., the objectives of use will be made clear by stipulating specifically that the information will be used for the sole purpose of gathering information for the questionnaire, etc.
5. Joint use
The Company may use personal data jointly as follows:
- Items of personal data used jointly:
Items on transaction information including names, addresses, dates of birth, occupations.
- Scope of the parties that will jointly use personal data
- The Company
- Nikko Asset Management Co., Ltd.
- Sumitomo Mitsui Trust Holdings, Inc. and the consolidated subsidiaries and equity method affiliates listed in that company’s securities reports, as well as the consolidated subsidiaries and equity method affiliates listed in the disclosure material of Sumitomo Mitsui Trust Bank, Limited (in cases where the joint use of personal data is restricted by the Financial Instruments and Exchange Act or other applicable laws and regulations, the Company will ensure that personal data is handled in accordance with such laws and regulations).
- Objectives of the use of personal data
To recognize and manage various risks required for management of the Sumitomo Mitsui Trust Group, and to provide general services.
- The name, address and representative of the company responsible for the management of the jointly used personal data:
Name: Sumitomo Mitsui Trust Holdings, Inc.
Address: See the Sumitomo Mitsui Trust Holdings, Inc. website (https://www.smth.jp) for details.
Representative: See the Sumitomo Mitsui Trust Holdings, Inc. website (https://www.smth.jp) for details.
The Company may make separate stipulations about joint usage for the businesses and services it provides. The Company will not use Specific Personal Information, Etc. jointly.
6. Rightful obtainment and use
will obtain and use personal information and Specific Personal Information, Etc. to the extent necessary to operate its business, and in the appropriate and lawful manner.
- The Company will not obtain personal information and Specific Personal Information, Etc. by using a false pretext or illegal means.
- The Company will not infringe on the interest of the person concerned when it obtains personal information from a third party. Moreover, the Company will not obtain personal information from a third party if it finds that the information in question has been leaked by an entity that is engaged in illegal collection of such information.
- The following sources provided below are examples of where the Company may obtain personal information.
- Where theperson concerned directly provides information to the Company by filling out various questionnaires, etc. (this includes cases where the person concerned inputs data into a screen via a website, etc.).
- Where the person concerned directly provides information by filling out or submitting forms, etc., for securities or for a new application form for the Company’s products or services (this includes cases where the person concerned inputs data into a screen via a website, etc.).
- Where the Company obtains personal information by receiving audio- and video- tapes and e-mail.
- Where the Company obtains personal information carried in official gazettes, newspapers, magazines and on the Internet.
- The Company may not be able to provide its services in part or in whole if a client has declined to provide personal information requested by the Company.
7. Notice, public announcement and disclosure of the objectives of use when Personal Information, Etc. and Specific Personal Information, Etc is obtained
The Company will announce the objectives of use of Personal Information, Etc. and Specific Personal Information on its website pursuant to laws and regulations.
When the Company obtains Personal Information, Etc. and Specific Personal Information Etc., it will promptly notify the person concerned or poclicly announce the objectives of use pursuant to laws and regulations unless the objectives of use of such information have been announced in advance.
When the Company obtains personal information and Specific Personal Information, Etc. directly from documents provided by the person concerned, it will disclose, as a rule, the objectives of use in advance.
8. Ensuring the accuracy of personal data
The Company will endeavor to keep personal data accurate and up-to-data to the extent necessary for achieving the objectives of use.
The Company will specify the period in which personal data are kept in accordance with the objectives of use and will endeavor to delete such data after the elapse of the specified period except in cases where the safekeeping period is specified by laws and regulations.
9. Matters regarding measures taken for safekeeping
The Company will promptly disclose matters regarding the measures it takes for safekeeping in response to individual inquiries.
10. Disclosure to a third party
The Company will not disclose personal data or related data to a third party unless it has consent to do so from the person concerned or doing so is permitted under laws and regulations.
The Company may entrust an external entity with the handling of personal data and Specific Personal Information, Etc. in part or in whole to the extent necessary for achieving the objectives of use.
When entrusting an external entity with the handling of personal data and Specific Personal Information, Etc. in part or in whole, the Company will carry out the appropriate and necessary supervision of the external entity with which the handling of personal data is entrusted (including sub-contractors and beyond) in order to ensure the safekeeping of such data.
12. Procedures for handing requests, etc. for the disclosure of personal data
The Company will handle requests on the following regarding personal data held by the Company as well as the Company’s records of disclosure of said data to third parties (hereinafter referred to collectively as “held personal data, etc.”) in accordance with the procedures specified by the Company: notification of objectives of use, disclosure, correction, addition, deletion, suspension of use, elimination and the cancellation of disclosure to third parties and necessary actions to ensure the continuous implementation of equivalent measures by third parties in foreign countries (hereinafter referred to collectively as a “request for disclosure”) For further details, please see the “Procedures for Filing Request for the Disclosure of Personal Information.” The outline of these procedures is as follows:
- Filing a request for disclosure:
Requests for disclosure and inquiries are accepted at the Company’s Information Desk.
- Documents required:
Request fill in and submit the “Application for the Disclosure of Personal Information”
specified by the Company.
- Confirming the identity of the requester or his or her proxy:
Confirmed through sumission the identification document specified by the Company.
- Collection of fee:
A fee will be collected by the method specified by the Company for notification of objectives of use or a request for disclosure is made.
13. Information Desk responding to inquiries and receiving complaints
The Company appropriately responds to inquiries and complaints about the handling of Personal Information, Etc. and Specific Personal Information, Etc.. Please direct inquiries and complaints to:
Information Desk at Nippon Institutional Securities Co., Ltd.
Refer to the company outline and list of officers on the Company’s website (https://www.ni-sec.com) for details such as the Company’s address and its representative
14. Recognized Personal Information Protection Organization
The Company is a member of the following recognized personal information protection organizations.
Names of personal information protection organizations and the customer inquiries windows for complaints or consultations are as follows.
Japan Securities Dealers Association
Personal Information Consultation Office Tel: 03-3667-8427
15. Review and revision of the Basic Policy
The Company may, from time to time, review the contents of this Basic Policy and revise them in response to revisions of applicable laws and regulations as well as changes in the information technology environment.
The Company will publicy announce the revised Basic Policy through posts on the Company’s web site or other such methods.
- The Board of Directors shall have the authority to establish, amend and abrogate this Management Policy. The head of the Compliance Department, however, will have the authority to make minor amendments such as those resulting from changes in the corporate organization.
Established October 22, 2018
Announced November 1, 2018
Updated April 1, 2022