Privacy Policy on Protection of Personal Information

In conducting its business, the Japanese Bankers Association will take all possible measures to protect and use personal information appropriately in accordance with the following policy.

(1)　Personal information shall be acquired in an appropriate and lawful manner within the scope necessary for business operations or within the scope permitted by law. Sensitive information will not be acquired, used, or provided to third parties, except for certain exceptions, such as when required by law.

(2)　When managing personal information, we will specify the purpose of use as much as possible. For example, when personal information is acquired in response to questionnaires, etc., Japanese Bankers Association (hereinafter “the association”) will endeavor to limit the purpose of use according to the circumstances of acquisition, such as using the information only to compile the results of the questionnaire.

(3)　Except with the prior consent of the person or when required by law, personal information will not be managed beyond the scope necessary to achieve the specified purpose of use.

(4)　When providing acquired personal data to a third party, we will obtain the consent of the person in advance, except when required by law.

(5)　If the person in question requests us to stop using your personal information for direct marketing purposes, such as sending direct mailings or making phone calls to you, we will stop using your personal information for such purposes.

The association acquires personal information from the following sources, for example.

(Examples of sources of information to be acquired)
- When information is provided directly through documents that customers are asked to fill out and submit to send various publications or to respond to inquiries, complaints, etc.
- When information pertaining to dishonored bills and checks is provided by financial institutions participating in clearinghouses
- When information pertaining to loans, etc. is provided by members of the Personal Credit Information Center
- When personal information pertaining to employees of its members is provided by members, for the purpose of communication, etc.

When personal information is acquired, unless the purpose of use has been announced in advance, the purpose of utilization will be promptly notified or disclosed by appropriate methods. 

(For the purposes of utilization of personal information held by the association during its business, please refer to "Purposes of Use of Personal Information Held by the Japanese Bankers Association in the Course of Its Business." (Japanese only))

(1)　Joint Use of Personal Data by the Personal Credit Information Center
The Personal Credit Information Center engages in the joint use of personal data, including information published in the government gazette, with its members, to assist their credit decisions. This is conducted in accordance with Article 27, Paragraph 5, Item 3 of the Act on the Protection of Personal Information.
(For more details, please refer to "4. Joint Use of Personal Data" in the section on "Handling of Personal Information" by the Personal Credit Information Center. (Japanese only))

(2)　Joint Use of Dishonor Information in Bill and Check Clearing
The association engages in the joint use of dishonor information, as reported in dishonor and transaction suspension reports, with financial institutions participating in clearing houses. This is done to ensure the smooth circulation of bills and checks, as well as to assist financial institutions in their credit decisions. This practice is based on Article 27, Paragraph 5, Item 3 of the Act on the Protection of Personal Information.
(For more details, please refer to the "Disclosure Statement on the Joint Use of Dishonor Information." (Japanese only))

(1)　Among the customer information obtained in the course of receiving and responding to consultations and complaints, the association may provide the details of complaints and consultations and the results of responses, for which the name of the customer's bank is provided, to the customer’s bank *1 in a consolidated manner. The purpose of this process is to prevent complaints and improve products and services at the customer's bank*1.

(2)　Provision of personal data to the customer’s bank*1 can be stopped at the request of the customer (please note that the customer will be required to provide the above personal data when the customer requests the customer's bank to resolve a complaint, etc.). *2

(3)　If you do not want to provide your personal data to your bank*1, please let us know when you submit your request for consultation or complaint. If you make such a request after your consultation or complaint has been received, the association will cease the provision of your personal data thereafter, so please notify us by telephone at the contact information below.

Contact to request suspension of provision of personal data
JBA Customer Relations Center  Tel. 0570-017109 or 03-5252-3772

*1
Since some of the association's members are non-banks (bank holding companies and bankers associations), personal data will be provided to these parties when transactions are related to them.
*2
In cases where a customer requests that the bank resolve the complaint, the personal data of the customer may be provided to JBA Customer Relations Center, All Banks Personal Data Protection Council, or customer relations center of regionally-based bankers associations to which the customer has also submitted a complaint.

(1)　When a request for disclosure of retained personal data or third-party provision records pertaining to yourself is made, the data will be disclosed to you, unless there is a risk of causing significant obstruction to the proper execution of business.

(2)　When a request for correction, addition, or deletion of retained personal data pertaining to yourself is made, the necessary investigation will be conducted within the scope necessary to achieve the purpose of utilization, and if correction, etc., is required, it will be carried out based on the results of the investigation.

(3)　When a request for suspension of use, deletion, or suspension of provision to third parties of retained personal data pertaining to yourself is made, and if it is determined that there is a legitimate reason for the request, the utilization of such retained personal data, etc., will be suspended.

(For specific procedures for requests for disclosure, etc., please refer to "Procedures for requests for disclosure, etc., of retained personal data and third-party provision records." (Japanese only))
Procedures for requests for disclosure of personal credit information held by the Personal Credit Information Center of the Japanese Bankers Association (Japanese only)
Procedures for requests for disclosure of personal information held by the Information Center for Cash Card Compensation  (Japanese only)
Procedures for requests for disclosure of dishonor and transaction suspension reports held by the Clearing House  (Japanese only)
Procedures for requests for disclosure, etc., of retained personal data and third-party provision records held by JBA Customer Relations Center and Mediation Committee (Japanese only)
Procedures for requests for disclosure, etc., of retained personal data and third-party provision records other than the information above (Japanese only)

To prevent the leak, loss, or damage of personal data and to ensure the security of personal data, necessary and appropriate actions will be taken in accordance with Act on the Protection of Personal Information and other related laws and regulations, the "Guidelines on the Act on the Protection of Personal Information," the "Guidelines for Protection of Personal Information in the Finance Sector," and the "Practical Guidelines on Security Control Measures Under the Guidelines for Protection of Personal Information in the Finance Sector."

For actions taken to ensure the security of retained personal data, please refer to "Actions Taken to Ensure the Security of Retained Personal Data." (Japanese only))

For example, the association outsources the handling of personal data in the following cases. When outsourcing, the association will exercise necessary and appropriate supervision over the outsourced party.

(Examples of outsourced operations)
Operations related to the mailing of brochures, DVDs, and other publications to customers.
Operations related to the operation and maintenance of information systems.

In handling personal information (including security control actions), the association complies with Act on the Protection of Personal Information and other related laws and regulations, the various sections of the "Guidelines on the Act on the Protection of Personal Information," the "Guidelines on the Protection of Personal Information in the Financial Sector," and the "Practical Guidelines on Security Control Measures Under the Guidelines for Protection of Personal Information in the Finance Sector."

To ensure the thorough security control of personal data, appropriate education and training will be provided regularly to officers and employees.

Regular and ad hoc inspections and audits will be conducted regarding the handling of personal data, etc.

In the event of a leak, etc., of personal information, the association will take actions such as reporting to the supervisory authorities, disclosing the facts and measures for preventing recurrence, and notifying the affected individuals of the facts.

The handling of personal information (including security control actions) will be continuously reviewed and improved as necessary.

Personal Credit Information Center
Toll-Free: 0120-540-558
For Mobile Phones or PHS: 03-3214-5020
Reception Hours: Monday to Friday (excluding public holidays and bank holidays)
9:00 AM to 12:00 PM, 1:00 PM to 5:00 PM
(For procedures on filing complaints regarding personal credit information at the Personal Credit Information Center, please refer to "Complaint Handling Procedures." (Japanese only))

Phone: 03-3216-3761 (Main Line)
Reception Hours: Monday to Friday (excluding public holidays and bank holidays)
9:00 AM to 5:00 PM