Privacy Policy

Personal Information Protection Policy

We recognize it as a social responsibility to protect all Personal Information (including “Personal information that we have acquired or are seeking to acquire ”,"Specific Personal Information") that we handle in the course of our running mobile telecommunication related businesses such as renting and selling the devices as well as communication traffic businesses. We comply with laws and regulations in terms of Personal Information Protection and other relevant codes and standards. Additionally, in order to accomplish issues described below, we structure Personal Information Protection Management System and continue to make endeavors to improve the system by paying close attentions to the latest trends in IT technology, increase in social demands and expectations, changes in the business environment and so forth.

  1. We acquire and use Personal Information only within the necessities of proper business execution and employee managements. We do not acquire or use Personal Information beyond the clearly specified purposes of use.
  2. We are committed to being in full compliance with Personal Information Protection laws and regulations, governmental guidelines, General Data Protection Regulation (GDPR) and other codes and standards.
  3. In order to assure the accuracy and security of Personal Information, We put in place measures such as information security to prevent unauthorized access to Personal Information, lost, destroyed, falsified, or divulged Personal Information from taking place. In case these incidents take place, the causes of the incidents shall be identified and corrective actions as well as preventive measures shall be immediately taken.
  4. We promptly respond in good faith to complaints and consultations with regard to our way of handling Personal Information. In accordance with laws and regulations, we accept requests from customers, the owners of their own Personal Information, for the disclosure of the Personal Information related matters (including the purpose of use, the disclosure, correction, addition, deletion of the information or the termination of use or provision of the information).
  5. In accordance with changes in laws and regulations, we revisit Personal Information Protection Management System in a timely and proper manner and continue to improve the system.
  6. We may change this policy without prior notice to the owners of Personal Information. When changes are made, all changes will be described and recorded at the bottom of this Personal Information Protection Policy. In an event critical changes are made in this policy, we will announce the changes on our website clearly with no delay.

Contact Details for complaints, consultations, and requests for disclosure, etc.

Telecom Square, Inc.
Personal Information Service Desk
Address: 8-1 Sanbancho, Sanbancho Tokyu Building 7F,Chiyoda-ku, Tokyo, 102-0075, Japan
E-mail : privacy@telecomsquare.co.jp
Tel: 03-3239-3278 Business hours: Mon-Fri 10:00-16:00

Enacted: April 1, 2005
Last revised: December 16, 2024
Telecom Square, Inc.
Yuji Yoshitake
Representative Director and President

Our way of handling Personal Information

Personal Information such as the name and address of customers and attribute information of theirs including their location data we acquire in the course of our running mobile telecommunication related businesses such as renting and selling the devices as well as communication traffic businesses shall be handled, in accordance with Telecom Square Inc.'s Personal Information Protection Policy, specifically in ways as follows.

■Acquisition of Personal Information and purpose of use of Personal Information

We acquire Personal Information properly from our customers upon their consent and use the information for the purposes described below. In addition, we define the duration in which Personal Information remains with us in accordance with the need for achieving the purpose of use, and we will dispose of the information once the duration expires, or after achieving the purpose of use. In case a customer is nonage (*1), we assume that the customer's parents or persons in parental authority give consent on the customer's behalf. If there is a possibility that a nonage person has provided Personal Information without the above consent, the parents or persons with parental authority shall contact us. *1 In Japan, it refers to those under 18 years of age, but outside of Japan, and the definition of nonage varies among countries.

  1. Personal information we acquire
    In the businesses and services that we provide, we acquire from our customers information as follows for the purpose of offering services and functionalities as follows.
    1. (1) Mobile Telecommunication Businesses (device rental and communication traffic sales)
      1. 1) We acquire from our customers
        -Cookie information
      2. 2) Customers provide us with
        -Email address
        -Full name
        -Phone number
        -Home address and other information that we request by way of designated customer information formats
  2. Specific purpose of use of Personal Information (Mobile Telecommunication Businesses: device rental and communication traffic sales)
    1. (1) To provide the mobile telecommunication device rental service, sell communication traffic, and offer other related services
    2. (2) To offer digital content services
    3. (3) To sell other goods
    4. (4) To implement PRs, advertising, and marketing activities focused on specific interests and preferences as well as general marketing activities
    5. (5) To integrate with external services
    6. (6) To implement marketing surveys and analyze outcomes from the surveys
    7. (7) To analyze the utilization of our services, to analyze the implementation of business measures, to measure the effectiveness of our business tactics aiming at planning new services, to analyze the planning of new services, to analyze data in order to improve the quality of services and enhance the level of customer services, and to conduct various other analyses and surveys.
    8. (8) To respond to inputs, inquiries, and requests from customers
    9. (9) To prevent the abuses of services, fraudulent contracts, and dishonest payments as well as to investigate and respond to the issues
    10. (10) To introduce seminars, exhibitions, promotion events that we host, co-host, or support, through direct mails, e-mails or etc.
    11. (11) To introduce products that our affiliated companies and we offer, through direct emails e-mails or etc.
    12. (12) To conduct investigations, report, and communicate in the event of an incident or accident regarding our service security.
  3. How to acquire Personal Information
    1. (1) When registering an account online
    2. (2) When ordering our services or products
    3. (3) When viewing or using our website
    4. (4) When applying to receive our direct mail or email
    5. (5) When making an inquiry to us
    6. (6) When responding to a questionnaire at seminars, exhibitions, promotion events that we host, co-host, or support
    7. (7) When acquiring information based on the relationship with our company.
  4. Storage period
    We deal with and store Personal Information within the scope of the purpose of use. We will also promptly dispose of personal data that is no longer needed.
  5. Inquiries by telephone
    We may record conversations with customers or users on a phone for the purpose of enhancing customer service quality and of revisiting the conversation later on.

■Customers’ rights

Customers have the following rights regarding Personal Information.
For requests or inquiries regarding the various rights regarding Personal Information, please contact the Personal Information Service Desk described in "Personal Information subject to disclosure."

  • Right to request access (disclosure of purpose, type, recipient, storage period, acquisition source, etc.)
  • Right to request corrections
  • Right to request elimination
  • Right to request restrictions on the handling operation
  • Right to object to the handling operation
  • Right to request transfer or copying (portability) of information so that it can be used on services other than ours
  • Right to withdraw consent at any time
  • Right to make a complaint at any time with the supervisory authority of the country in which the customer lives
  • Right not to be subjected to discriminatory treatment in exercising the above rights

*Residents of the following regions who wish to file a complaint should contact the data authority agency of their country of residence. The contact information of the data protection authorities in each country can be found at the following website.

【EE area】Data Protection Authorities(https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

【USA】California Consumer Privacy Act(https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?lawCode=CIV&division=3.&title=1.81.5.&part=4.&chapter=&article=

■Our use of a third party's service

We may process personal data using third-party services in the following business areas.

  1. Business in Scope: WiFiBOX
    Third-Party Service Used: Shopify
    Potential Foreign Countries for 'Provision to Third Parties Abroad': Canada, United States
    For information on the measures Shopify takes to protect personal information, please refer to their privacy policy (https://www.shopify.com/jp/legal/privacy).
  2. Business in Scope: WiFiBOX, eSIM Square, eSIM Mart
    Third-Party Service Used: Stripe
    Potential Foreign Country for 'Provision to Third Parties Abroad': United States
    Stripe collects identification information from devices connected to its service. Stripe uses this information to operate and improve its service, including for fraud detection purposes. For more information on the measures Stripe takes to protect personal information, please refer to their privacy policy (https://stripe.com/jp/privacy).
  3. Business in Scope: WiFiBOX, eSIM Square
    Third-Party Service Used: Mailchimp
    Potential Foreign Countries for 'Provision to Third Parties Abroad': United States
    For information on the measures taken by Mailchimp to protect personal
    information, please refer to the company's Privacy Policy(https://www.intuit.com/privacy/statement/

For detailed information on the regulations of the aforementioned countries, please refer to the website of the Personal Information Protection Commission.

■Transfer outside the EEA

  1. We may transfer personal data to countries outside the EEA. This transfer destination includes third parties (persons that process data), such as our group, cloud service vendors, and service operating companies. We will supervise third parties that handle the personal data to ensure that they implement the proper and appropriate protective measures according to the transfer situation in accordance with the GDPR.
  2. We will assume that customers have consented to the following by using our services:
    -In the countries outside the EEA, sufficient personal data protection laws and regulations may not be yet established; therefore, the same level of protection measures as stipulated in the GDPR cannot necessarily be guaranteed.
    -In order to achieve the purpose of use, personal data may be transferred to third parties (persons that process data), such as our group, cloud service vendors, and service operating companies, located in countries outside the EEA.

■Our Cookie Policy

We may use cookies and tracking technologies when we attempt to acquire customers' information. Additionally our websites, online services, smartphone apps, Emails and advertisements may use cookies and tracking technologies.

Cookies work to enable devices accessing websites to save information the websites designate such as Identification information of browsers used for access, IP addresses, page views and so forth. We acquire such information in order to manage our websites so as for our customers to use the websites, apps' pages and servers under more convenient setup for further visits. We also use them to distribute more relevant advertising contents and to analyze (*4) interests and concerns of customers for enhancing websites and services. (We use “Google Analytics” for the analyses.)

Customers can refuse our using cookies to them. In the case, customers shall be persuaded that we may not be able to provide the most favorable setup of websites for the customers and that the customers may not be able to use all services we offer. Customers make inquiries to their browser providers for changing the setup.

*4 We use Google Analytics.

■Personal Information handled by a third party

We will not disclose or provide Personal Information to a third party without a prior consent from a user unless we are requested by Personal Information Protection Act and other related laws or regulations. Nonetheless, cases as follows are exceptions.

  1. When we get subcontracted to a third party the scope of works to procure goods and to do the tasks of our service base.
  2. When we are merged with or taken over by another company
  3. When the government, local governments or a person entrusted by the governments need to carry out legitimate tasks and it may undermine their performance to obtain a consent from a user.
  4. Any other cases that Personal Information Protection Act and other related laws and regulations exempt.

■Use of statistically processed data

We may create statistical data from personal information we acquire and no individual can be identified from the data. We can use such data from which no individual can be identified with no restrictions.

■Dissemination of Matters Concerning Personal Information Subject to Disclosure and Records of Provision to Third Parties

  1. Company name, address, and name of representative
    Company name :Telecom Square, Inc.
    Address :7F Sanbancho Tokyu Building, 8-1 Sanbancho, Chiyoda-ku, Tokyo, 102-0075, Japan
    Name of representative:Yuji Yoshitake
  2. Title, affiliation, and contact information of the Personal Information Protection Officer and Data Protection Officer (DPO)Personal Information Protection Officer: Chief Administrative Officer (CAO)
    Department :Administration Department
    Data Protection Officer (DPO): Chief Secretary
    Department :Corporate Planning Office
  3. Purpose of use of “Personal Information subject to disclosure”
    Purposes of using “Personal Information subject to disclosure” we have are described in “Acquisition of Personal Information and purpose of use of Personal Information”.
  4. Contact details for complaints over our way of handling of “Personal Information subject to disclosure”
    Telecom Square, Inc.
    “Personal Information Service Desk”
    Address: 8-1 Sanbancho, Sanbancho Tokyu Building 7F,Chiyoda-ku, Tokyo, 102-0075, Japan
    E-mail:privacy@telecomsquare.co.jp
    Tel: 03-3239-3278 ◆Business hours: Mon-Fr 10:00-16:00
  5. Authorized Personal Information Protection Organization
    You may also contact the authorized personal information organization listed below with any inquiries , requests, or complaintsregarding our handling of personal information.
    *Only complaints regarding the handling of personal information are accepted.

    JIPDEC Informaition Desk
    Japan Institute for Promotion of Digital Economy and Community
    Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo
    TEL:03-5860-7565

    JADAC Information Desk
    Center for the Protection of Personal Information in Telecommunications
    Hourai-Sugamo Building., 2-11-1 Sugamo, Toshima-ku, Tokyo (A unit of Japan Data Communications Association)
    Tel: 03-5907-3803
    Business hours: Mon - Fri 10:00 - 12:00 and 13:00 - 15:00 (Closed on weekends, national holidays, and New Year holidays)

  6. Requests for disclosure, revision, addition, deletion, suspension, elimination etc. (hereinafter “disclosure”), of “Personal Information subject to disclosure”
    1. We will respond properly in case we receive requests from customers asking disclosure of their “Personal Information subject to disclosure”. Disclosure requests should be made as follows.
    2. In order to make a disclosure request, please download prescribed application forms below. Please mail or email the forms to us together with the necessary documents.
      1. Documents needed
      3. JPY 1,100 as a fee (including Japan consumption tax) shall be charged for handling a request for the notice or disclosure of the purpose of use. (If sent by postal mail, cash registered mail should be used.)
      4. Mailing address for request forms
        8-1 Sanbancho, Sanbancho Tokyu Building 7F, Chiyoda-ku, Tokyo 102-0075 Japan
        Telecom Square, Inc.
        Personal Information Service Desk.
        Email: privacy@telecomsquare.co.jp
        (It will take approximately two weeks to complete processing a request after receiving it and email our response.)
    3. Personal Information obtained through processing a disclosure request
      Personal Information obtained through processing a disclosure request shall be handled only within the scope of necessity.
  7. Measures taken for the safe management of personal information subject to disclosure
    1. Formulation of basic policy

      In compliance with the Personal Information Protection Law and related laws and regulations, we have established and published our “Personal Information Protection Policy” and “Handling of Personal Information” regarding the proper handling of personal information.

    2. Discipline for handling personal data

      Based on the above “Personal Information Protection Policy,” the Company has established regulations that stipulate basic matters concerning the handling of personal information and the necessary and appropriate measures to be taken for the safe management of personal data.

    3. Organizational safety control measures
      1. Appointment of a person responsible for the handling of personal data
      2. Establishment of a reporting and communication system in the event that a violation of laws and regulations or signs of such violations are detected.
      3. Implementation of periodic self-inspection and development of audit system
    4. Human security management measures
      1. Execution of nondisclosure agreement at the time of employment contract
      2. Periodic training of employees
      3. Provisions of employment regulations including matters concerning confidentiality
    5. Physical security management measures
      1. Access control in areas where personal data is handled
      2. Prevention of access to personal data by unauthorized persons
      3. Prevention of theft of equipment, electronic media, documents, etc. that handle personal data
      4. Prevention of leakage, etc. when electronic media, etc. are carried
      5. Deletion of personal data and disposal of equipment, electronic media, etc.
    6. Technical security management measures
      1. Identification and authentication of personal data handlers
      2. Establishment of personal data management categories and access control
      3. Measures to prevent unauthorized access from outside, etc.
      4. Measures to prevent information leakage such as data encryption and password protection
      5. Monitoring and auditing of information systems
    7. Understanding the external environment
      1. In the case where personal data is handled in a foreign country, to understand the systems, etc. concerning personal information in that foreign country
      2. Periodic confirmation of the implementation status of security control measures at contractors, etc.
    8. Website Security

      To ensure that our customers can enter their personal information with confidence, all pages of our website, including those for entering personal information, are equipped with SSL (*3). The information entered is encrypted and sent to the web server, preventing information from being intercepted during transmission.

Telecom Square, Inc. has acquired 'Privacy Mark' that certifies operators who handle personal information properly by the Japan Information Processing Development Corporation (JIPDEC).

privacy mark

This document was prepared in Japanese and translated into English. The Japanese text is the original and the English text is for reference purposes only. If there is any conflict or inconsistency between these two texts, the Japanese text shall prevail.