PRIVACY POLICY

BBF Inc. (hereinafter referred to as “Our company”) answers to diversified customer needs and recognizes the importance of personal information management in the information and communications business by appropriately incorporating the latest information and communication technologies such as the Internet into the business in the mail order industry. Based on the lessons learned from the recent occurrence of incidents involving personal information, to prevent accidents and incidents, privacy policy is defined and declared as follows for building an environment and system in which customers can use our services safely.

1. Compliance with laws and regulations concerning personal information protection

Our company complies with laws and regulations regarding the handling of personal information, national guidelines, “Personal Information Protection Management System-Requirements” (JIS Q 15001: 2017) and other standards.

2. Acquisition and use of personal information

When acquiring personal information, our company will clarify the purpose of use and obtain it in a lawful and fair manner and will not handle it beyond the scope of the purpose of use. Appropriate measures will be taken to prevent usage outside the purpose. The purpose of use defined by our company is as described in “Handling of Personal Information”. In addition, unless otherwise permitted by law, personal information will not be provided to a third party without consent. Our company has formulated internal rules regarding the handling of personal information, and has all employees, employees, contract employees, etc., engaged in the company's business (hereinafter referred to as “employees”) thoroughly informed and operate according to the following rules.

3. Safe management of personal information

In order to ensure the accuracy and safety of personal information, our company will implement safety management measures for the protection of personal information and comply with the leakage, loss or damage of personal information, related laws, national guidelines and other standards. Effort will be made to prevent violations, possible economic disadvantages, loss of social credibility, and possible impact on the principal. In addition, safety management measures will be reviewed regularly, and if there are any deficiencies, corrections will be made as appropriate. When consigning or subcontracting the handling of personal information, the contract is signed with thoroughly supervised content of the consignment contract for protecting personal information and the subcontractor, and the management of the consignee and the subcontractor is performed with thorough supervision.

4. Handling complaints and issues consultation

Our company will sincerely handle complaints and consultation regarding personal information without delay.

5. Continuous improvement of personal information protection management system

Our company will comply with laws and regulations regarding the handling of personal information to protect and properly handle personal information, national guidelines and other standards. In addition, a personal information protection management system that complies with the Japanese Industrial Standards “Personal Information Protection Management System-Requirements” (JIS Q 15001: 2017) will be established, implemented and maintained , with continuous improvements planned for our personal information protection management system. When there are important changes to the privacy policy of our company, it will be announced and posted on our website.

BBF Inc. Jun Tamura
Enacted on March 15, 2012
Revised on August 29, 2019
[Inquiries regarding privacy policy]
BBF Inc. Complaint/Consultation Information Desk
Uchisaiwai-cho Tokyu Bldg.7F, 1-3-2, Uchisaiwai-cho,
Chiyoda-ku, Tokyo 100-0011 Japan
Personal information protection manager
Tel: 03-5202-4700

<Handling of personal information>

- Purpose of use when obtaining personal information
In relation to usage of this service, our company will use the obtained information only for the following purposes and will neither disclose nor provide them to a third party. Sufficient measures are being taken for this. However, in order to achieve the purpose of use, the information may be outsourced or subcontracted to a subcontractor selected by our company. In that case, our company will perform necessary and appropriate procedures and supervision based on the Personal Information Protection Law for the contractor.

1. Personal information of applicants and employees

(1) For recruitment selection
(2) For various operations
(3) For emergency response
(4) For labor management

2. Personal information related to business partners, executives and employees of other companies, etc.

(1) For various communications and business negotiations necessary for business
(2) For conclusion of various contracts
(3) For business partner information management and payment/revenue processing

3. Personal information of customers using our services

(1) For member, user management
(2) For packaging and shipping products
(3) For notification (including e-mail) of matters necessary for our business operations
(4) For advertising, promotion and sales promotion activities (including e-mail)
(5) For projects such as campaigns and conducting surveys
(6) For issuing and sending e-mail newsletters
(7) For purchase of products and services, purchase related to usage, billing information management and charges
(8) For handling various inquiries and after-sales service
(9) For research and analysis of marketing data and development of new services
(10) For research of usage status related to products and various services
(11) To create statistical data to be provided to business partners
(12) For executing business operations when entrusted with the handling of personal information
(13) For exercising rights and fulfilling obligations based on laws, etc.

4. Regarding optionality of providing personal information

The decision is up to the user to provide personal information to us. However, if the necessary items are not provided, it may be not be possible to conclude a contract or provide sufficient services.

5. Regarding revision

In order to continually improve the customer's personal information protection management system and respond to changes in laws and regulations, our company will revise the privacy policy and review our personal information protection rules as appropriate.

6. Regarding cookies

In our company website, cookies (an industry standard technology for the web server to identify customer’s computer) are not used for management of personal information.

7. Regarding access logs and files

In our company website, in order to research user trends, access logs and files will be used. Although we will be able to obtain statistical website usage information such as access date/time, IP address, domain name, browser type, cookies etc., it will not be used to collect and analyze personal information. While there may be cases where other companies' services may be used for access analysis and web beacons, the web beacons will not identify individuals.

8. Regarding security

In our company website, upon registering important personal information of customers, they will be managed with a dedicated server that is protected by encrypted communication such as SSL, with measures taken to prevent unauthorized access from outside and information leakage. In addition, internal education on personal information protection is periodically conducted to further strengthen the personal information management system.

<Notice regarding inquiries for personal information>

1. Inquiries related to personal information

In our company, when there is notification of purpose of use related to personal information to be disclosed by the actual person, or application for disclosure, correction / addition / deletion, suspension / deletion of use (hereinafter collectively referred to as “disclosure, etc.”) is received, we will respond in good faith in accordance with laws and regulations.

2. Purpose of use of personal information to be disclosed

“Purpose of use of personal information to be disclosed” covers “1.”, “2.” and “3.” (except for (12) ) of “Purpose of use when obtaining personal information”. “Purpose of use of personal information obtained outside direct writing” is (12) of “3.”

3. Procedures

For procedures regarding complaints and consultation of personal information and disclosure of personal information, etc., a document is required for checking that it is done by the actual person or agent.

4. Fees

A specified fee for notification of purpose of use or disclosure of personal information will be charged.

5. Contact us

For complaints and consultation regarding personal information or to apply for disclosure of personal information, contact the following complaint/consultation information desk.

[Contact us]

BBF Inc. Complaint/Consultation Information Desk
Uchisaiwai-cho Tokyu Bldg.7F, 1-3-2, Uchisaiwai-cho,
Chiyoda-ku, Tokyo 100-0011 Japan
Personal information protection manager
Tel: 03-5202-4700
Click here for inquiries from the Web.

Name of authorized personal information protection organization

JIPDEC

Where to file a complaint

JIPDEC Personal Information Protection Consultation Service Office
Roppongi First Building, 9-9 Roppongi 1-chome,
Minato-ku Tokyo, 106-0032 Japan
Tel: 03-5860-7565 0120-700-779
For disclosures, disclosing personal information of fees related to charges of notification for purpose of use and billing notifications, the following fees will be charged.
800 JPY (including tax) per charge
Enclose 800 yen in postal flat-rate money order in the submitted documents. The customer is responsible for paying for the purchase of postal flat-rate money orders and postage.
* There will be notification when the fee is either insufficient or not included in the submitted documents. However, if the payment is not made within the predetermined period, we will handle it as if there was no request for notification of disclosure or purpose of use.

Purposes of use of personal information obtained for requests for disclosure, etc.

Personal information obtained due to requests for disclosure are treated only within the required range of requested disclosure, etc. In principle, the submitted documents will not be returned. After the response to the request for disclosure, etc. is completed, it will be properly managed and discarded.

Regarding free disclosure of personal information

For the reasons specified below, our company cannot respond to disclosure of personal information requested by customers. Reason will be notified if non-disclosure, etc. is decided. The prescribed fee will also be charged for non-disclosure and non-notification of the purpose of use.
(1) When the actual person cannot be confirmed, such as when the address described in invoice, identity confirmation document, address in our registration, etc. does not match.
(2) When proxy rights cannot be confirmed upon request by an agent.
(3) When predetermined submission documents are incomplete.
(4) When personal information retained by our company cannot be identified due to the contents of invoice.
(5) If the subject of disclosure request not correspond to the retained personal data referred to in Article 2, paragraph 5 of the law.
(6) When there is a risk of harming the life, body, property or other rights and interests of the person or a third party
(7) When there are violations to other laws and regulations
(8) When there is a risk of significant hindrance to the proper implementation of our company’s business