All About Privacy Policy (EU only)
*For those residing outside the EU, please refer here
In light of the importance of protection of personal information, All About, Inc. (the “Company”) hereby sets forth “All About Privacy Policy” (the “Policy”) for the purpose of establishing and operating a management system for protecting personal information including policies and regulations regarding the protection of personal information and their operating structure, and endeavoring to properly handle and continuously improve such management system.
1. Scope of Application of and Amendment to the Policy
-
The Policy shall be applied to the use of any services, along with a privacy policy stipulated for each service, terms of service and rules or guidelines incidental thereto (“Rules”). If there is any conflict between any provisions of the Rules and any provisions of the Policy, the Rules shall prevail.
-
The Company may update the Policy from time to time. Material changes to the Policy shall be posted on the Company’s website with the latest version of the Policy. Any change to the Policy shall be applied at the time of its posting on the website by the Company.
2. Personal Information
For the purpose of the Policy, personal information means any information that can identify an individual. Personal information includes information that can identify a specific individual such as a name, and information used in combination with information that can identify a specific individual such as address, date of birth, phone number, gender, occupation, e-mail address, account information (such as ID and password), device information, location information, service usage history, credit card information, nick name, etc. and interests, family composition, age and other attribute information about an individual.
3. Purposes of Use of Personal Information
-
Personal information obtained by the Company and its purposes of use are as follows. If you do not wish to provide your personal information to the Company, you may choose not to provide your personal information at your discretion. In such cases, however, please note that the Company may not be able to accomplish the purposes of use specified herein.
-
Purposes of use of personal information about customers who have used the and customers who have interest in the Services (“Customer(s)”)
- To provide services;
- To verify and authenticate identity;
- To run surveys and campaigns;
- To send out presents;
- To handle inquiries from Customers;
- To improve services and develop new services;
- To run satisfaction surveys on services; and
- To conduct marketing research, statistical processing and analysis
-
Purposes of use of personal information about clients
- To communicate in relation to business and perform activities incidental or relating thereto; and
- To perform and manage contracts
-
Purposes of use of shareholders’ personal information
To manage and send notice to shareholders and provide shareholder benefits;
-
Purposes of use of job applicants’ personal information
To conduct recruitment activities and perform activities incidental thereto
-
Purposes of use of employees’ personal information
To manage employees and perform activities incidental thereto
-
Purposes of use of personal information about customers who have used the and customers who have interest in the Services (“Customer(s)”)
-
The Company may use or disclose any and all personal information in its possession as statistical information that does not identify an individual, to optimize websites and to analyze for optimal communication with customers.
-
The Company shall use personal information within the scope of purposes of use as specified to a principal. When using personal information beyond the scope of purposes of use, the Company shall inform the principal of such effect and do so with the principal’s consent.
4. Obtainment of Personal Information
The Company shall obtain information about a Customer primarily in the following cases, to the extent necessary to provide the Services. The following are for illustrative purposes and may not fall under personal information depending on specific details of such information.
-
When a Customer registers for the Services
When a Customer registers for the Services, the Company will ask the Customer his/her personal information such as “name, e-mail address, date of birth, gender, occupation”.- When the Customer registers as required to use the Services;
- When the Customer signs up s for events, etc., cooperates to surveys and signs up for campaigns;
- When the Customer files an inquiry to the Company regarding the Services; and
- When a Partner provides personal information it has obtained separately from the Services to the Company
-
When a Customer uses the Services
When a Customer uses the Services after registration, the Company will obtain the following information regarding the status of use by associating it with information that can identify a user.
- Transaction history such as use and purchase of services and products;
- Registration status for individual services;
- Status about signing up for events, etc. cooperation to surveys and signing up, etc. for campaigns; and
- Participation in surveys, use of bulletin boards, inquiry about the Services or feedback or description on assessment of the Services
-
When a Customer accesses to a website on which the Services are provided, etc.
When a Customer accesses to a website on which the Services are provided, etc., the Company will automatically obtain, from the Customer’s browser, using its IP address, cookie and web beacon and the like, information such as the Customer’s browsing history and browsing status of advertisements and websites, usage environment (including types of operating systems and browsers) and the like.
5. Handling based on Consent and Right to Revoke Consent
By giving consent to this Privacy Policy, a Customer is deemed to have agreed on the handling of personal information by the Company, and the Company shall handle the Customer’s personal information based on such consent by the Customer, provided, however, that the Customer may revoke such consent at any time. Upon use of the Services by a Customer below the age of 16, his/her guardian shall need to consent to the use of the Services or such Customer shall need to consent to the use of the Services after obtaining permission from his/her guardian.
6. Provision of Information to Third Parties
The Company shall appropriately manage personal information and never disclose or provide personal information to any third party without prior consent from a principal except for cases where such disclosure or provision is:
- Based on laws and regulations;
- Necessary for the protection of the life, body, or property of an individual and where it is difficult to obtain a principal’s consent;
- Specially necessary for improving public health or promoting the sound growth of children and where it is difficult to obtain a principal’s consent; or
- Necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and where obtaining a principal’s consent is likely to impede the execution of the said affairs.
7. Entrustment of Handling of Personal Information
The Company may entrust a part of the handling of personal information to a third party. Upon entrustment, the Company shall conclude in advance with such third party an agreement on the compliance with security control measures and exercise necessary and appropriate supervision over such third party.
8. Cookies and IP Addresses, etc.
-
The Company may use cookies and web beacons in the Services. The Company does not consider information such as cookies and IP addresses (including that based on web beacons; hereinafter referred to as “Informative Data”) personal information as it cannot identify a specific individual; provided, however, that such information shall be handled as personal information if information that can identify a specific individual is used in combination. If you wish to discontinue targeting advertisements distributed by the Company (opt-out), please click here. You need to opt out for each browser you use. Therefore, please note that, if you remove opt-out cookies issued by the Company, install a new browser or change your computers or smartphones, you will need to go through opt-out procedures again.
Please refer here for the handling of Informative Data at the Company. - The Company uses targeting advertisement services provided by the following companies to understand how the Services are used. Thus, the Company uses cookies provided by the following companies in some pages. If you wish to find out more about how cookies are used, information obtained by cookies and out-out procedures, please refer to the following websites of relevant companies.
- The Company may combine cookies obtained by the Company and information obtained by non-Company cookies that have been recorded upon a Customer’s visit to other websites in a manner that cannot identify an individual and use it for marketing activities (including advertisement distribution) of the Company and other companies.
-
Personal Information Protection Manager and Data Protection Officer
The Company has assigned the following individual as the Company’s personal information protection manager and data protection officer and appropriately manages personal information with such individual playing central roles.
All About, Inc.
Officer of Information Security Office -
Inquiries about Disclosure of and Consultation about Personal Information
- With respect to your personal information, you may request for notification on purposes of use, disclosure, rectification, addition, removal, exercise of data portability right, or discontinuation of use, erasure or discontinuation of provision to third parties (“Personal Information Disclosure, Etc.”). Please file your requests for Personal Information Disclosure, Etc., and complaints or inquiries about the handling of personal information at the Company here. There may be cases where personal information is backup data, etc. such that it cannot be checked, rectified or removed by its nature.
- When having received a request for or an inquiry about Personal Information Disclosures, Etc. from a principal, the Company shall verify that such person is a principal by using information that can identify an individual (ID, password, name, address, phone number, date of birth, e-mail address, etc.).
- When having received a request for or an inquiry about Personal Information Disclosures, Etc., the Company shall promptly respond to such request or inquiry to a reasonable extent (to the extent necessary to achieve the purposes of use) only when the Company has been able to verify that the requester or inquirer is a principal.
- A principal has the right to lodge an objection with a competent data protection authority in each country with respect to the handling of personal information relating to the principal.
-
Retention Period
The Company shall retain a Customer’s personal information as long as it is necessary for the Company to provide the Services to the Customer. The Company shall promptly erase such personal information when it is no longer needed.
-
Transfer of Personal Information outside the EU
To achieve the purposes of use described in 3. above, the Company may transfer a Customer’s personal information to and handle it in countries outside the EU (including Japan). In countries outside the EU, there may be cases where the same rights of a data subject under the GDPR are not recognized; provided, however, that, the Company ensures that sufficient measures to protect the Customer’s personal information will be secured by means such as concluding GDPR-based, standard contract clauses.
-
Name of “Authorized Personal Information Protection Organization” of which the Company is a member and Contact Information for Filing Complaints
The Company is a target entity of the following authorized personal information protection organization.
General Incorporated Foundation JIPDEC
Personal Information Protection Consultation Service Office
Roppongi First Building 12F, 9-9 Roppongi 1-chome, Minato-ku Tokyo, 106-0032 Japan
0120-700-779
Please contact the following for any inquiries about the Policy.
All About, Inc. Personal Information Manager
6F Ebisu Subaru Building, 20-8 Ebisu 1-chome, Shibuya-ku Tokyo, 150-0013 Japan -
Security
To ensure security in the Services, the Company uses SSL (Secure Sockets Layer) technology for the input of personal information to prevent such information from being intercepted, interfered or altered.
-
Other
The Company may handle personal information differently from the above based on provisions of the GDPR and other relevant laws and regulations. The Company may change its privacy policy in whole or in part. In the event of a material change, the Company shall notify you on websites on which the Services are provided in an easily understandable manner.
Relevant information: Personal Information Protection Policy