MICIN, Inc. (the “Company”) shall provide the personal information protection policy (this “Policy”) as follows in relation to our treatment of users’ personal information, etc. (i.e. personal information, pseudonymously processed information, anonymously processed information and personally referable information) and comply with this Policy together with the Act on the Protection of Personal Information (Law No. 57 of 2003) (the “Act”) (the terms used herein shall have the same meanings as ascribed thereby) and its related laws and regulations.
The Company may provide specific policy(ies) regarding treatment of personal information, etc. for each service depending upon each service used by a customer and the Company shall comply with such policy(ies) together with this Policy.
Collection of Personal Information
When the Company deals with the personal information, it shall specify its purpose of use to the extent possible and collect and deals with the personal information appropriately within the scope that is necessary to achieve the purpose of use that is provided in “2. Purpose of Use of Personal Information” upon announcing its purpose of use in advance.
Purpose of Use of Personal Information
The Company shall collect the personal information to the extent necessary for the appropriate operation of management and business upon clarifying the purpose of use and use the personal information within the scope of such purpose.
Use by the Company
- To provide, maintain, improve, develop and progress the services provided by the Company;
- To provide the information regarding new products and services provided by the Company based on the user’s attributional information (including, but not limited to, identification of gender, etc. of user within the scope where the individual may not be identified, and identification of history of action and access within the Company’s services and the services subscribed by the Company);
- To conduct the advertising, invitation of various questionnaires and campaigns, reception of application, contact to winners and dispatch of presents by the Company;
- To prepare and use the statistics data by using the information that is registered with the Company at the time of application for services provided by the Company (at the time of member registration) and the information and log data regarding the history of use of services (for the avoidance of doubt, the statistics data will not include any information that may identify the individual);
- To decline the use of services by the users that would breach the terms for use of services provided by the Company or the agreement on use of services;
- To view and amend the registration information regarding the use of services provided by the Company and to view the state of use of such services; and
- To conduct the duties that are necessary to respond to the queries, consultation and complaints and resolve any dispute regarding the use of services provided by the Company.
- Any other case that is necessary to accomplish the purpose that is related or incidental to the above purposes.
Provision to Third Parties (including the Use by the Company)
- To provide the information to related parties and agencies in the case of responding to disputes and litigations;
- To provide the information to administrative agencies and judicial agencies pursuant to the related laws and regulations.
Regardless of the above purposes of use, the data obtained from Apple HealthKit shall be used only for the services that relate to the medical, physical and fitness application. The data of Apple HealthKit will not be used for the Company’s or third party’s marketing, advertisement, mining of data of history of use.
Management of Subcontractor
The Company may outsource the treatment of personal information to the extent necessary for the achievement of the purpose of use and, if so, the Company shall select the subcontractor which the Company believes treats the personal information appropriately. In addition, the Company shall provide the personal information for the subcontractor only to the extent necessary to achieve the purpose of use and request the subcontractor to deal with the personal information appropriately in accordance with the agreement, etc. and review its status regularly.
Treatment of Personally Referable Information
When the user uses the services provided by the Company, the personally referable information regarding the user (e.g. IP address, status of use of functions, time of use etc.) shall be automatically recorded on the web server. This information shall be used for the following purposes:
- To analyze the cause of problem that occurs on the server and resolve such problem;
- To monitor the existence of frauculent access; and
- To improve and develop the services provided by the Company.
Unless the user gives consent, the Company will not identify the user himself/herself from the personally referable information that is provided in this Clause or link such information to the personal information that has already been obtained.
Provision of Personal Data to Third Parties
The Company may provide the personal information to a third party within the scope as provided in “2. Purpose of User of Personal Information” above, but in other cases, the Company will not provide to any third party the personal data except for the following cases:
- If there is a consent of the user (including, but not limited to, the case where the user expressly requests the disclosure or provision to a third party, and the case where the information that is necessary for the settlement of credit card information, etc. that was input by the user is provided to an external settlement operator to the extent that is necessary to settle the consideration incidental to the use of the services by the user);
- If it is required by the laws and regulations (including, but not limited to, the case where it is requested by the court, public prosecutors office, police, bar association or any agency that has the authority similar thereto to dislose the user’s personal information, and the case where it is requested to provide the personal information at the audit, etc. by the regulative authority such as the Ministry of Health, Labour and Welfare);
- If it is necessary to protect human lives, bodies or estate and it is difficult to obtain the user’s consent;
- If it is necessary in particular to improve the public health or promote the sound cultivation of children but it is difficult to obtain the user’s consent;
- If the national agency or municipal body or any person who is outsourced by the national agency or municipal body is required to cooperate with the performance of duties as provided by the laws and regulations and the Company finds that obtaining the user’s consent may cause some obstruction in the performance of its duties;
- If the relevant third party is an academic research institution, etc. and the relevant third party needs to treat the relevant personal data for the purpose of academic research (including the case where part of the purposes to treat the relevant personal data is the purpose of academic research and except for the case where it is likely to unfairly infringe on the personal right and interest);
- If the Company outsources all or part of the treatment of personal information to the extent necessary for the achievement of the purpose of use;
- If the personal information is provided incidental to the succession of business due to merger or any other event;
- If the personal information is provided to the company with which the Company jointly provides the services in order to respond to a query.
The Company uses the cloud services that are necessary for the development and operation of the services such as API behavior monitoring and if the Company outsources the treatment of personal information to outside as part of such services, there may be the case where the personal information will be provided to a third party located in a foreign country (i.e. in a country or region outside Japan). Please check here in relation to the names of countries to which the cloud services that are being actually used are provided and the personal information protection systems of such foreign countries. In relation to the third party to which the personal information is provided, the Company has confirmed the compliance of the legal regulations regarding the protection of personal information of the relevant country by way of the agreement, etc. with the Company.
The Company may jointly use the personal data as follows:
(1) Items of Personal Data to be Jointly Used
Unless there is a specific request from the customer himself/herself, all the personal data of the customer himself/herself regarding the services provided by MICIN Insurance, Inc.;
(2) Scope of Joint Users
MICIN Insurance, Inc.;
(3) Purpose of Joint Use
To achieve the “2. Purpose of User of Personal Information”; and
(4) Name and Address of Person Who Is Responsible for the Management of the Relevant Personal Data and Name of Representative
MICIN Insurance, Inc. (Summary of Company)
Procedures to Respond to Requests for Disclosure, etc.
If any request is made for notification, disclosure, correction of purpose of use (correction of, addition to and deletion of contents), suspension of use (suspension of use and deletion), or suspension of provision to third parties by the principal (or its representative) of thepersonal data that are being possessed, or for disclosure of the record of provisions to third parties, the Company shall respond to such request to the reasonable extent. Please use the form designated by the Company (Application for Disclosure, etc.) at the application for disclosure. If the person who makes a request contacts the addressee that is described in the below-mentioned “Point of Contact for Opinions, Queries, Complaints and Requests for Disclosure, etc. regarding the Treatment of Personal Information”, the Company shall send such form to such person.
In order to verify the principal, please attach to the Application for Disclosure, etc. a copy of identification (either of driver’s license (please submit the license upon deleting the principal’s permanent residence (honsekichi)), health insurance certificate, pension book or passport).
If a representative makes an application, please attach a copy of each of the following documents indicating that such representative is authorized by the principal and a copy of the representative’s identification (the same as above):
In the case of legal representative:
- Full copy of the family register;
- Certificate of Adult Guardianship Registration Matters; and
- Other materials that indicate the legal authorization.
In the case of voluntary representative:
- Power of attorney (together with the certificate of seal impression of the principal that is subject to disclosure).
After receiving the Application for Disclosure and these verification documents, the Company shall give notification in writing in relation to the personal information for which the request for disclosure, etc. is made. In addition, the charge for request for disclosure of personal information and request for notification of purpose of use of personal information is JPY 1,000. Please make remittance to the bank account as designated by the Company.
Point of Contact for Opinions, Queries, Complaints and Requests for Disclosure, etc. regarding the Treatment of Personal Information, etc.
Please contact the following point of contact for any opinions, queries, complaints or requests for disclosure, etc. regarding the treatment of personal information, etc. by the Company. Please become aware that we are unable to deal with any on-site direct request.
Point of Contact
MICIN, Inc.’s point of contact for queries regarding personal information:
12F, TOKIWA BRIDGE, 2-7-1, Otemachi, Chiyoda-ku, Tokyo, 100-0004
The Company shall review where appropriate the status of operation regarding the treatment of users’ personal information and continuously make endeavors to improve such status. The Company may amend this Policy depending upon the needs thereof. If any amendment is made, it shall be uploaded on the Company’s website.
Enacted on 1 February 2016
Lastly amended on 29 August 2022
Seigo Hara, CEO