TOP > Privacy Policy

Citizen Finedevice Co., Ltd. (the “Company”) hereby prescribes as follows the processing of personal data (meaning information prescribed as personal data in light of the applicable personal information protection laws of each country; the same applies hereinafter) of the following data subjects:

(a) our customers and business partners (including officers, employees, and the like of customers and business partners if the customer and business partner is a legal entity; and including potential customers and potential business partners as well as persons who access our websites; the same applies hereinafter);

(b) job applicants as well as former employees.

The Company complies with the applicable personal information protection laws of each country, such as the Personal Information Protection Act of Japan, in accordance with this Privacy Policy.

1. Categories of personal data processed by the Company

The Company employs lawful and fair means to obtain and use the following personal data (including personal information provided for in the Personal Information Protection Act of Japan) for business activities (see details on the Company’s business activities here). Some of it may be collected automatically.

(1) Personal data of customers (including individuals and corporations)

  • - Identification information, such as name, date of birth, gender, address, telephone number, email address, credit card information (card number, security code, and expiration date), company or association name, department, place of work, title, account number, photograph and information stated on business card
  • - Information related to product preferences, such as questionnaires related to products and services and video recording data for online customer services
  • - Information related to communications from customers, such as details entered in inquiry forms and telephone record data
  • - Cookie-based information of customers who visit the Company’s website, such as user activities, user environment (IP address, etc.), and user attributes
  • - Information of each customer who applies for or participates in campaigns or events related to products and services handled by the Company or any of the Company’s group companies or business partners
  • - Information related to sales promotion and sales negotiations for the products of the Company

(2) Personal data of business partners

  • - Information necessary for transactions, such as name, company or association name, department, place of work, title, address, telephone number, email address, account number photograph, and information stated on business card
  • - Information related to sales negotiations
  • - Information related to communications from customers, such as details entered in inquiry forms and telephone record data
  • - Information related to membership sites for business partners, such as ID and password, registration date, registered person, area, date and time of final login, details of sales negotiations, status of communication tool use (including contents of communication), and status of use of content pertaining to communication and information transmission (including contents of responses to surveys)
  • - Information related to communications received from business partners, etc., including details stated in inquiry forms

(3) Personal data of regular employment or internship applicants and of former employees

  • - Information related to recruitment selections and internships, such as the following: name; date of birth; address; telephone number; email address; name of scholastic institution, faculty, and school; work experience; and information on CVs
  • - Information related to paperwork for retiring officers, such as term of office, remuneration, and account number
  • - Information related to paperwork for the shareholder association for former employees, such as the following: company name; employee code; and monthly contribution, securities account information, and number of shares held pertaining to the shareholder association

(4) Other personal data

  • - Information used as material for in-house magazines in the Company’s group companies, such as images and text
  • - Information related to systems for provision of awards, such as name, address, telephone number, email address, account number, and portrait of award recipient
  • - Information related to the security of offices, such as images from security videos

*Cookie-based information of customers who visit the Company’s website, such as user activities, user environment (IP address, etc.), and user attributes, may or may not qualify as personal data (or personal information provided for in the Personal Information Protection Act of Japan) depending on the applicable personal information protection laws of each country. This information is handled as personal data (or personal information provided for in the Personal Information Protection Act of Japan) in this Privacy Policy only to the extent that such information qualifies as personal data (or personal information provided for in the Personal Information Protection Act of Japan) under the applicable personal information protection laws of the country in question.

2. Purposes for processing personal data

When the Company processes personal data (including personal information provided for in the Personal Information Protection Act of Japan; the same applies throughout “2.” (Purposes for processing personal data)) for business activities, the Company will process that personal data within the scope necessary for achieving the purposes for processing by specifying those purposes for processing in advance and will not conduct processing for any other purpose, except in cases where your consent has been obtained or where such processing is authorized under the personal information protection laws of the country in question.

The purposes for processing personal data that the Company processes for business activities are as follows. The Company will provide separate notification to persons involved or make a public announcement in relation to the purposes for processing of personal data of officers and employees, etc. of the Company.

(1) Personal data of customers

(i) For handling of orders, etc.

  • - To confirm the contents of products or services ordered, etc.
  • - To invoice for products and services ordered, etc. and confirm payment or payment status
  • - To sell and provide products and services

(ii) For provision of membership services

  • - To provide membership services
  • - To provide log-in functions for membership service sites
  • - To provide operational information, such as information on membership services and changes in conditions of use
  • - To ascertain the registration status of member information and status of use for membership services
  • - To deal with violations of the Company’s terms, policies, etc. related to membership services, such as fraudulent credit card transactions

(iii) To provide information

  • - To provide product information (including catalogs) and information on campaigns, events, questionnaires, monitor-based research, etc. related to products and services handled by the Company or the Company’s group companies or business partners through the delivery or display of advertising, such as email magazines or direct mail (including provision of information corresponding to customer interests and preferences based on analysis of product purchasing history and other similar information)
  • - To provide support and maintenance information, etc. related to products and services handled by the Company or the Company’s group companies or business partners through the delivery or display of advertising, such as email magazines or direct mail (including provision of information corresponding to customer interests and preferences based on analysis of product purchasing history and other similar information)
  • - To customize information provided in the services handled by the Company or the Company’s group companies or business partners and advertisement distribution in line with customer age, occupation, gender, interests and preferences, etc. and to deliver trial products for monitor-based research, etc.

(iv) For operational management of campaigns and events

  • - To operate and manage campaigns, events, questionnaires, monitor-based research, etc. related to products and services handled by the Company or the Company’s group companies or business partners

(v) For sales negotiations, sales promotion, etc.

  • - For communications, sales negotiations, or arrangements necessary for business, and procedures related to those communications, negotiations and arrangements
  • - To send notices of releases of new products and events, etc., and greeting cards, etc.
  • - To provide digital content for the purpose of ordering promotional goods, distribution of news regarding new products, etc., distribution of information related to advertising, management of sales, etc.
  • - To provide information for sales promotion related to products and services handled by the Company

(vi) For product development, marketing activities, etc.

  • - To conduct, tabulate, and analyze questionnaires and monitor-based research, prepare and analyze statistical materials, and collect and analyze data to plan, develop, and improve products and services handled by the Company and use for business, sales, and marketing activities (including analyzing individual customer’s interests and preferences, etc.)
  • - To use for improvement of websites, campaigns, and events of the Company by analyzing information on customers who access the Company’s website (including analyzing individual customer’s interests and preferences)

(vii) To deal with inquiries and after-sales services, etc.

  • - To deal with, confirm, and record inquiries and consultations related to products and services handled by the Company
  • - To issue warranties related to products and to deal with, confirm, and record customer services and after-sales services, etc., such as repair, support, and maintenance

(2) Personal data of business partners

  • - For communications, sales negotiations, or arrangements necessary for business, and procedures related to those communications, negotiations and arrangements
  • - To send notices of releases of new products and events, etc., and greeting cards, etc.
  • - To conduct monetary payments and other actions related to performance of agreements
  • - To deal with, confirm, and record inquiries and consultations
  • - To provide membership services
  • - To provide log-in functions for membership service sites
  • - To provide operational information, such as information on membership services and changes in conditions of use
  • - To ascertain the registration status of member information and status of use for membership services
  • - To deal with violations of the Company’s terms, policies, etc. related to membership services

(3) Personal data of regular employment or internship applicants and of former employees

  • - To execute and manage duties related to recruiting activities and internships
  • - For provision of information on recruitment and the like to, or communication with, regular employment or internship applicants
  • - To deal with labor-related laws concerning former employees, perform duties related to the shareholder association, conduct monetary payments and other actions related to performance of agreements, and for other necessary communications

(4) Other personal data

  • - To issue and distribute in-house magazines for the Company’s group companies
  • - To provide awards, etc. to award recipients based on systems for provision of awards
  • - For management of entry and exiting and security management for facilities of the Company
  • - For security management of offices

Please note that the Company may omit notice, etc. of the purposes for processing if those purposes for processing are clear in consideration of the circumstances of acquisition of that data.

3. Sources of personal data

We may collect personal data directly from you or indirectly from the following third parties:

(1) Customers and business partners

  • - Other companies within the same corporate group
  • - In cases where a customer or another party involved in a transaction is a corporation, and group companies obtain from that corporation the personal data of that corporation’s officers and employees
  • - Website use analytics service providers, including Google LLC (cookies, IP addresses, provider information, information on devices used, web browser information, and user behaviour and attributes are provided)
  • - In other cases where personal data is lawfully obtained from third parties (including publicly disclosed information stated in Kampo (official gazettes), on websites, in commercially available literature, etc.)

(2) Regular employment or internship applicants and former employees

  • - Cases where personal data is obtained from employment-related agents, recruiting websites, etc.
  • - Cases where personal data is lawfully obtained from third parties during one’s employment with the Company
  • - Other cases where personal data is lawfully obtained from third parties

Please note that the Company may process information that it obtains through its products and services (including its websites and apps) by linkage with personal data that the Company already holds. In such cases, the Company will manage such linked information according to this Privacy Policy.

4. Legal basis, etc. for processing

The Company processes your personal data in accordance with applicable personal information protection regulations.

If you do not provide your personal data even when the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, the Company might not be able to provide you with products and services of the Company (including websites and apps of the Company).

5. Retention period, etc. for personal information

The Company maintains the accuracy and recency of personal data within the extent necessary for the achievement of the purposes for processing. Furthermore, to decide on an appropriate retention period for personal data, the Company considers the volume, nature, and confidentiality of the personal data, the potential risk of damage caused by unauthorized use or disclosure of the personal data, the purposes for which the Company processes the personal data and whether the Company can achieve those purposes by other means, and applicable legal requirements.

If your personal data that the Company has collected is no longer necessary, the Company will delete or anonymize your personal data, and if such measures are impracticable, the Company will store your personal data safely until deletion becomes practicable and ensure that new processing will not be conducted.

6. Provision of personal data

The Company provides to third parties the personal data set forth in “1.” (Categories of personal data processed by the Company) above in order to fulfill the purposes set forth in “2.” (Purposes for processing personal data) in the following cases.

If the Company delegates processing of personal data to any processors (service providers), the Company will conduct necessary and adequate supervision over those processors (service providers) for the security of personal data.

(1) Provision to processors (service providers)

(i) Personal data related to customers

  • - Providers of EC site operation and management system services
  • - Providers of online customer system services
  • - Providers of customer management system services
  • - Providers of data storage services
  • - Providers of fraud detection services
  • - Providers of payment services
  • - Financial institutions
  • - Providers of data analysis services
  • - Providers of advertising services
  • - Providers of data collection services
  • - Providers of public relations services
  • - The Company’s group companies
  • - Providers of client management services
  • - Any other contractors that provide services necessary for the business activities of the Company

(ii) Personal data of business partners

  • - Financial institutions
  • - The Company’s group companies
  • - Providers of client management services
  • - Providers of data storage services
  • - Providers of data collection services
  • - Any other contractors that provide services necessary for the business activities of the Company

(iii) Personal data of applicants for regular employment or internship applicants and of former employees

  • - Providers of data storage services
  • - Providers of business services related to the employee shareholding association
  • - Any other contractors that provide services necessary for the business activities of the Company

(2) Other cases

In addition, the Company may, in the following cases, also provide to third parties the personal data set forth in “1.” (Categories of personal data processed by the Company).

  • - Cases where you have consented in advance
  • - Cases where the provision of personal data is conducted in accordance with laws or regulations
  • - Cases where the provision of personal data is necessary for the protection of the life, body, or property of an individual and when it is difficult to obtain your consent
  • - Cases where the provision of personal data is especially necessary for improving public health or promoting the sound growth of children and when it is difficult to obtain your consent
  • - Cases where the provision of personal data is necessary for cooperation with a state organ, a local government, or a party delegated thereby and obtaining your consent is likely to impede execution of those affairs
  • - Cases where the third party is an academic research institute, etc. and processes personal data for academic studies (excluding cases involving unjust infringement of individual rights)
  • - Cases where the Company’s business involving personal data is succeeded due to merger, company split, transfer of business, or similar reasons
  • - Other cases permitted under applicable laws and regulations

The Company may, without limitation, provide information that has been de-identified or aggregated.

7. Safety management measures

The Company takes the following safety management measures for the safe management of personal data.

  • - Formulation of basic policies: To ensure proper processing of personal data, the Company formulates basic security policies, including those related to compliance with related laws, regulations, guidelines, and the like, and reception desks for processing questions and complaints.
  • - Preparation of rules related to processing of personal data: The Company formulates procedures for processing personal data in relation to processing methods, persons responsible, persons in charge, and their duties for acquisition, use, storage, provision, deletion, disposal, and all other steps.
  • - Organizational safety management measures: In addition to appointing persons responsible for processing personal data, the Company clarifies which employees process personal data and the scope of personal data processed by such employees, and maintains systems for reporting and communication when violations or suspected violations are discovered.
  • - Human safety management measures: The Company conducts regular employee training regarding important matters related to the processing of personal data.
  • - Physical safety management measures: In areas where personal data is processed, the Company prevents unauthorized access, manages room access, restricts devices brought into such areas, and takes measures to prevent loss, theft, or damage of electronic media and documents.
  • - Technical safety management measures: The Company limits access to personal data by controlling the persons in charge and the scope of databases, and implements measures to protect information systems from unauthorized external access and malicious software.
  • - Ascertainment of the external environment: If you wish to be provided with information regarding foreign countries in which the Company stores personal data, please contact the inquiry desk shown in “9. Inquiry desk” below.

8. Your rights

The Company respects the rights you hold under personal information protection regulations applicable to you. Depending on the applicable laws and regulations of the country or region, you may be granted certain rights regarding your personal data.

If you wish to exercise such rights, please contact the Citizen Finedevice Co., Ltd. personal information inquiry desk shown in “9. Inquiry desk” below.

If you wish to request notification of the purpose of use, disclosure, correction, suspension of use, deletion of retained personal data, or disclosure of records of provision to third parties under the Personal Information Protection Act of Japan, please contact the inquiry desk below for the prescribed procedures.

9. Inquiry desk

If the Company receives inquiries regarding the processing of personal data (including personal information defined under the Personal Information Protection Act of Japan), the Company will respond appropriately in accordance with applicable laws and regulations.

For inquiries regarding personal data or this Privacy Policy, please contact the inquiry desk below.

Citizen Finedevice Co.,Ltd.

6663-2, Funatsu Fujikawaguchiko-Machi,Minamitsuru-gun,Yamanashi,

401-0395, Japan

Business Hour: 8:30-17:30 (Japan time) Monday through Friday

For the address of the Company and the name of its representative, please refer to the corporate profile webpage on the Company website.
Corporate Profile | Citizen Finedevice Co., Ltd.

10. Pseudonymously Processed Information

(1) When producing pseudonymously processed information provided for in the Personal Information Protection Act of Japan (“Pseudonymously Processed Information”), the Company processes personal data (including personal information provided for in the Personal Information Protection Act of Japan) in accordance with standards prescribed by the rules of the Personal Information Protection Commission of Japan (the “Rules of the Personal Information Protection Commission”) as those necessary to make it impossible to identify a specific individual unless collated with other information.

(2) When the Company produces Pseudonymously Processed Information or obtains Pseudonymously Processed Information, deleted information concerning the Pseudonymously Processed Information, or the like, the Company takes measures for the safe management of the deleted information, etc. in accordance with standards prescribed by the Rules of the Personal Information Protection Commission as those necessary to prevent the divulgence of the deleted information, etc.

(3) If the Company handles Pseudonymously Processed Information that is personal information provided for in the Personal Information Protection Act of Japan, the Company will use it to the extent necessary for the purposes for processing set out in “2.” (Purposes for processing personal data) above and will handle it appropriately under the Personal Information Protection Act of Japan, including disclosing to the public the changed purposes for processing when the Company changes the purposes for processing and uses that Pseudonymously Processed Information for other purposes.

(4) If the Company handles Pseudonymously Processed Information that is not personal information provided for in the Personal Information Protection Act of Japan, the Company will handle it appropriately under the Personal Information Protection Act of Japan, including forgoing any sharing or disclosure of that Pseudonymously Processed Information with or to a third party, except in the case where permitted by the Personal Information Protection Act of Japan.

11. Anonymously processed information

(1) When producing anonymously processed information provided for in the Personal Information Protection Act of Japan (“Anonymously Processed Information”), the Company processes personal data (including personal information provided for in the Personal Information Protection Act of Japan; the same applies hereafter in “11.” (Anonymously processed information)) in accordance with standards prescribed by the Rules of the Personal Information Protection Commission of Japan as those necessary to make it impossible to identify a specific individual and restore the personal data used for the production of the Anonymously Processed Information.

(2) When the Company produces Anonymously Processed Information, the Company takes measures for the safe management of that information in accordance with standards prescribed by the Rules of the Personal Information Protection Commission.

(3) When the Company produces Anonymously Processed Information, the Company discloses to the public, pursuant to the Rules of the Personal Information Protection Commission, the categories of information relating to the individual contained in the Anonymously Processed Information.

(4) If the Company shares or discloses Anonymously Processed Information with or to a third party, the Company will, in advance and pursuant to the Rules of the Personal Information Protection Commission, disclose to the public the categories of personal data contained in the Anonymously Processed Information to be shared or disclosed with or to a third party and its method of provision and will state to the third party explicitly to the effect that the information being shared or disclosed is Anonymously Processed Information.

(5) In handling Anonymously Processed Information, the Company does not conduct any act with the purpose of identifying a principal concerned with the personal data used to produce Anonymously Processed Information, such as collating the Anonymously Processed Information with other information in order to identify a principal concerned with the personal data used to produce the Anonymously Processed Information.

12. Website management

(1) The Company has taken appropriate system-based and operational security measures, such as measures related to server management systems and access restrictions, to safely manage personal data (including personal information provided for in the Personal Information Protection Act of Japan; the same applies hereafter in “12.” (Website management)) in the operation of the Company website.

(2) When you provide personal data via the Company website, the Company protects your personal data by using technology on the website to encrypt communications, such as SSL (Secure Sockets Layer).

13. Regarding cookies, etc.

(1) Cookies and other such similar technology (“Cookies, Etc.”) may be used on the Company website.

(2) The Company may use information obtained through Cookies, Etc. for the following purposes:

(i) to make it possible for a customer to browse the Company website as a continuation of the previous visit without repeatedly entering the same information when the customer visits the Company website subsequently;

(ii) to statistically analyze the use status and the like of the Company website without including information that identifies any customer individually and to improve the service of the Company website; and

(iii) to distribute the Company’s advertisements to customers who have used the Company website and third persons who have characteristics similar to those customers; the main advertisement distribution services the Company website uses for this purpose are set out in Paragraph 5 below.

(3) Information that the Company obtains through Cookies, Etc. may or may not fall under personal data (or personal information provided for in the Personal Information Protection Act of Japan) pursuant to applicable personal information protection regulations of the country in question. If the information constitutes personal data (or personal information provided for in the Personal Information Protection Act of Japan), the Company will manage the information under this Privacy Policy.

(4) A customer may refuse acceptance of Cookies, Etc. or cause warnings to appear when he or she has accepted Cookies, Etc. by changing the settings of the web browser he or she is using. However, customers are requested to acknowledge in advance that the Company may become unable to provide some services in those cases.

(5) A customer may stop the distribution of advertisements by accessing the following websites that each advertisement distributor provides and refusing the acceptance of Cookies, Etc. However, customers are requested to acknowledge in advance that they may become unable to use products and services of various companies in that case.

Main advertisement distributors

Privacy (cookie) policies

Method of stopping the distribution of advertisements

Google Japan G.K. and Google Network

Google Privacy Policy

Block certain ads

14. Regarding access logs

(1) The Company obtains and records each customer’s IP address, access information, and the like on the Company website, so the Company may obtain use information regarding web pages and the like that the customer has visited (“Access Logs”).

(2) The Company may use Access Logs for the following purposes:

(i) to statistically analyze the use status and the like of the Company website without including information that identifies any customer individually and to improve the service of the Company website;

(ii) to determine causes of, and solve, problems in the Company’s web server; and

(iii) if a customer has registered personal data (including personal information provided for in the Personal Information Protection Act of Japan) for membership services and the like of the Company, the Company may associate the information with information that the Company holds and that identifies the customer as an individual.

(3) Access Logs that the Company obtains may or may not fall under personal data (or personal information provided for in the Personal Information Protection Act of Japan) pursuant to applicable personal information protection regulations of the country in question. If the Access Log constitutes personal data (or personal information provided for in the Personal Information Protection Act of Japan) under applicable personal information protection regulations of the country in question, the Company will manage the Access Log under this Privacy Policy.

15. Personal data of minors

The Company takes necessary measures with respect to the personal data of persons who are minors (including personal information provided for in the Personal Information Protection Act of Japan; the same applies hereafter in “15.” (Personal data of minors)) in accordance with applicable laws and regulations. Please note that the Company may, when necessary, request a guardian’s consent in relation to the personal data of a person who is a minor.

16. Regarding external transmission of information
      concerning visitors of the Company website

The Company uses services provided by an external business operator (“External Services”) on the Company website for ascertaining the status of use of the Company’s services and for improving the Company’s services, and the Company transmits information concerning visitors of the website that is necessary for the use of External Services while affording respect to privacy protection concerns. Transmitted information is managed and used in accordance with the privacy policy and the like of the business operator that provides External Services and to whom the information is transmitted. The details of External Services that the Company uses for the Company website are set out below.

(1) Google Analytics

  • - Provider of External Services: Google LLC and its affiliates
  • - Contents of transmitted information:
  • - Information related to systems, devices, networks, and communications commonly used for Internet communications
  • - Location information
  • - Data related to actions on websites Data related to pages browsed
  • - User identifiers (cookies, device identifiers, etc.)
  • - Purposes of use by the Company's services: To analyze user browsing trends and history
  • - Purposes of use by External Services: To analyze user browsing trends and history
  • - Disclosure matters, etc. based on Article 27-12 of the Telecommunications Business Act
  • - Opt-out measures: If you do not wish to participate in the use of External Service, please take the necessary measures through the link below:
  •  Google Analytics Opt-out Browser Add-on

* Please refer to the following link for information on how data is collected and processed by Google Analytics.
How Google uses information from sites or apps that use our services

17. Regarding other matters

The Company may change this Privacy Policy without notice in order to seek more appropriate management or to act in response to amendments of related laws and regulations and the like.

In this case, the Company conducts notification by publishing the changed version of this Privacy Policy without delay (if there is a notification method necessary pursuant to applicable laws and regulations, the Company will act in accordance with that method) and processes personal data (including personal information provided for in the Personal Information Protection Act of Japan) in accordance with the changed version of this Privacy Policy from the time of that notification. However, if it is a change in detail that requires your consent pursuant to applicable laws and regulations, the Company will obtain your consent by a method designated by the Company.

Established: October 1, 2017
Last revised: April 1, 2026

Privacy Policy

Contact
Inquiry form
By telephone