Privacy Policy

We recognize it as a social responsibility to protect all Personal Information (including "Specific Personal Information") that we handle in the course of our running mobile telecommunication related businesses such as renting and selling the devices as well as communication traffic businesses. We comply with laws and regulations in terms of Personal Information Protection and other relevant codes and standards. Additionally, in order to accomplish issues described below, we structure Personal Information Protection Management System and continue to make endeavors to improve the system by paying close attentions to the latest trends in IT technology, increase in social demands and expectations, changes in the business environment and so forth.

1. We acquire and use Personal Information only within the necessities of proper business execution and employee managements. We do not acquire or use Personal Information beyond the clearly specified purposes of use.
2. We are committed to being in full compliance with Personal Information Protection laws and regulations, governmental guidelines, General Data Protection Regulation (GDPR) and other codes and standards.
3. In order to assure the accuracy and security of Personal Information, We put in place measures such as information security to prevent unauthorized access to Personal Information, lost, destroyed, falsified, or divulged Personal Information from taking place. In case these incidents take place, the causes of the incidents shall be identified and corrective actions as well as preventive measures shall be immediately taken.
4. We promptly respond in good faith to complaints and consultations with regard to our way of handling Personal Information. In accordance with laws and regulations, we accept requests from customers, the owners of their own Personal Information, for the disclosure of the Personal Information related matters (including the purpose of use, the disclosure, correction, addition, deletion of the information or the termination of use or provision of the information).
5. In accordance with changes in laws and regulations, we revisit Personal Information Protection Management System in a timely and proper manner and continue to improve the system.
6. We may change this policy without prior notice to the owners of Personal Information. When changes are made, all changes will be described and recorded at the bottom of this Personal Information Protection Policy. In an event critical changes are made in this policy, we will announce the changes on our website clearly with no delay.

Contact Details for complaints, consultations, and requests for disclosure, etc.

Telecom Square, Inc.
Personal Information Service Desk
Address: 8-1 Sanbancho, Sanbancho Tokyu Building 7F,Chiyoda-ku, Tokyo, 102-0075, Japan
E-mail :privacy@telecomsquare.co.jp
TEL : 03-3239-3278 ◆Business hours Mon-Fri 10:00-16:00

Enacted: April 1, 2005
Last revised: March 25, 2024
Telecom Square, Inc.
Yuji Yoshitake
Representative Director and President

Personal Information such as the name and address of customers and attribute information of theirs including their location data we acquire in the course of our running mobile telecommunication related businesses such as renting and selling the devices as well as communication traffic businesses shall be handled, in accordance with Telecom Square Inc.'s Personal Information Protection Policy, specifically in ways as follows.

Acquisition of Personal Information and purpose of use of Personal Information

We acquire Personal Information properly from our customers upon their consent and use the information for the purposes described below. In addition, we define the duration in which Personal Information remains with us in accordance with the need for achieving the purpose of use, and we will dispose of the information once the duration expires, or after achieving the purpose of use. In case a customer is nonage (*1), we assume that the customer's parents or persons in parental authority give consent on the customer's behalf. If there is a possibility that a nonage person has provided Personal Information without the above consent, the parents or persons with parental authority shall contact us. *1 In Japan, it refers to those under 18 years of age, but outside of Japan, and the definition of nonage varies among countries.

1. Personal information we acquire
   In the businesses and services that we provide, we acquire from our customers information as follows for the purpose of offering services and functionalities as follows.
   1. (1) Mobile Telecommunication Businesses (device rental and communication traffic sales)
      1. 1) We acquire from our customers
         -Cookie information
      2. 2) Customers provide us with
         -Email address
         -Full name
         -Phone number
         -Home address and other information that we request by way of designated customer information formats
   2. (2) Human Resources Management
      For the purpose of exercising human resources management and dissemination of our corporate information, administration with regard to recruiting, employment, and employee benefits, we acquire Personal Information and manage it properly.
   3. (3) Subcontracting
      In order to practice subcontracted works, we get the necessary information (*2) provided and manage it properly.
      *2 This information is not subject to disclosure in our company.
2. Specific purpose of use of Personal Information (Mobile Telecommunication Businesses: device rental and communication traffic sales)
   1. (1) To provide the mobile telecommunication device rental service, sell communication traffic, and offer other related services
   2. (2) To offer digital content services
   3. (3) To sell other goods
   4. (4) To implement PRs, advertising, and marketing activities focused on specific interests and preferences as well as general marketing activities
   5. (5) To integrate with external services
   6. (6) To implement marketing surveys and analyze outcomes from the surveys
   7. (7) To analyze the utilization of our services, to analyze the implementation of business measures, to measure the effectiveness of our business tactics aiming at planning new services, to analyze the planning of new services, to analyze data in order to improve the quality of services and enhance the level of customer services, and to conduct various other analyses and surveys.
   8. (8) To respond to inputs, inquiries, and requests from customers
   9. (9) To prevent the abuses of services, fraudulent contracts, and dishonest payments as well as to investigate and respond to the issues
   10. (10) To introduce seminars, exhibitions, promotion events that we host, co-host, or support, through direct mails, e-mails or etc.
   11. (11) To introduce products that our affiliated companies and we offer, through direct emails e-mails or etc.
   12. (12) To conduct investigations, report, and communicate in the event of an incident or accident regarding our service security.
3. How to acquire Personal Information
   1. (1) When registering an account online
   2. (2) When ordering our services or products
   3. (3) When viewing or using our website
   4. (4) When applying to receive our direct mail or email
   5. (5) When making an inquiry to us
   6. (6) When responding to a questionnaire at seminars, exhibitions, promotion events that we host, co-host, or support
   7. (7) When applying for employment with our company
   8. (8) When acquiring information based on the relationship with our company.
4. Storage period
   We deal with and store Personal Information within the scope of the purpose of use. We will also promptly dispose of personal data that is no longer needed.
5. Inquiries by telephone
   We may record conversations with customers or users on a phone for the purpose of enhancing customer service quality and of revisiting the conversation later on.

Customers’ rights

Customers have the following rights regarding Personal Information.
For requests or inquiries regarding the various rights regarding Personal Information, please contact the Personal Information Service Desk described in "Personal Information subject to disclosure."

• Right to request access (disclosure of purpose, type, recipient, storage period, acquisition source, etc.)
• Right to request corrections
• Right to request elimination
• Right to request restrictions on the handling operation
• Right to object to the handling operation
• Right to request transfer or copying (portability) of information so that it can be used on services other than ours
• Right to withdraw consent at any time
• Right to make a complaint at any time with the supervisory authority of the country in which the customer lives
• Right not to be subjected to discriminatory treatment in exercising the above rights

*If you are a resident of the EEA and would like to make a complaint, please contact the data protection authority of the country in which you live. Contact information for each country's data protection authority can be found on the following website:

[Archived content] Data Protection Authorities - European Commission (europa.eu)

Our managing security

1. Appointing a person in charge of Personal Information Protection and Structuring Personal Information Protection System
   -We appoint a person in charge of Personal Information Protection and secure a structure where facts or indications violating Personal Information Protection Act should be reported to the person in charge.
2. Trainings and educations
   -We constantly train and educate our employees as to what Personal Information Protection is all about.
3. Website security
   -Our websites are equipped with SSL (*3) so that customers can put their Personal Information with no worries about the security of the information. Information provided by a customer for our website is encrypted and sent to servers. This blocks any access from outside of the information contents in the course of the information is transferred. Secure Socket Layer (SSL) is a function to encrypt data to be transferred securely.

*3 SSL (Secure Socket Layer) is a mechanism that encrypts data for transmission and reception.

Our use of a third party's service

In the course of service provision of "WiFiBOX", one of our renal services, we handle and deal with personal data by way of "Shopify", a foreign e-commerce platform, for the purpose of sales as well as customer management.
Countries listed below fall in an issue, "the provision of personal data for a third party in foreign countries.

• ・Canada
• ・The United States of America
• ・Singapore

With regards to related laws and regulations in the countries, please refer to https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/#gaikoku
Also, you can review the third party's policies and measures to protect personal information by way of their privacy policy in the website https://www.shopify.com/jp/legal/privacy

Transfer outside the EEA

1. We may transfer personal data to countries outside the EEA. This transfer destination includes third parties (persons that process data), such as our group, cloud service vendors, and service operating companies. We will supervise third parties that handle the personal data to ensure that they implement the proper and appropriate protective measures according to the transfer situation in accordance with the GDPR.
2. We will assume that customers have consented to the following by using our services:
   -In the countries outside the EEA, sufficient personal data protection laws and regulations may not be yet established; therefore, the same level of protection measures as stipulated in the GDPR cannot necessarily be guaranteed.
   -In order to achieve the purpose of use, personal data may be transferred to third parties (persons that process data), such as our group, cloud service vendors, and service operating companies, located in countries outside the EEA.

Our Cookie Policy

We may use cookies and tracking technologies when we attempt to acquire customers' information. Additionally our websites, online services, smartphone apps, Emails and advertisements may use cookies and tracking technologies.

Cookies work to enable devices accessing websites to save information the websites designate such as Identification information of browsers used for access, IP addresses, page views and so forth. We acquire such information in order to manage our websites so as for our customers to use the websites, apps' pages and servers under more convenient setup for further visits. We also use them to distribute more relevant advertising contents and to analyze (*4)interests and concerns of customers for enhancing websites and services. (We use “Google Analytics” for the analyses.)

Customers can refuse our using cookies to them. In the case, customers shall be persuaded that we may not be able to provide the most favorable setup of websites for the customers and that the customers may not be able to use all services we offer. Customers make inquiries to their browser providers for changing the setup.

*4 We use Google Analytics.

Personal Information handled by a third party

We will not disclose or provide Personal Information to a third party without a prior consent from a user unless we are requested by Personal Information Protection Act and other related laws or regulations. Nonetheless, cases as follows are exceptions.

• When we get subcontracted to a third party the scope of works to procure goods and to do the tasks of our service base.
• When we are merged with or taken over by another company
• When the government, local governments or a person entrusted by the governments need to carry out legitimate tasks and it may undermine their performance to obtain a consent from a user.
• Any other cases that Personal Information Protection Act and other related laws and regulations exempt.

Use of statistically processed data

We may create statistical data from personal information we acquire and no individual can be identified from the data. We can use such data from which no individual can be identified with no restrictions.

Personal Information subject to disclosure

1. Company name
   Telecom Square, Inc.
2. A Person in charge of Personal Information Protection and Data Protection Officer (DPO)
   A Person in charge of Personal Information Protection: Chief Administrative Officer (CAO)
   Data Protection Officer (DPO): Chief Secretary
3. Purpose of use of “Personal Information subject to disclosure”
   Purposes of using “Personal Information subject to disclosure” we have are described in “Acquisition of Personal Information and purpose of use of Personal Information”.
4. Contact details for complaints over our way of handling of “Personal Information subject to disclosure”

   Telecom Square, Inc.
   “Personal Information Service Desk”
   Address: 8-1 Sanbancho, Sanbancho Tokyu Building 7F,Chiyoda-ku, Tokyo, 102-0075, Japan
   E-mail:privacy@telecomsquare.co.jp
   Tel: 03-3239-3278 ◆Business hours: Mon-Fr 10:00-16:00

5. Authorized Personal Information Protection Organization
   We are certified by Japan Data Communications Association (JADAC), an authorized organization with respect to personal information. Inputs, requests, or complaints over our way of handling Personal Information can be submitted to this organization instead. The contact details are as follows.

   JADAC Information Desk
   Center for the Protection of Personal Information in Telecommunications
   Hourai-Sugamo Building., 2-11-1 Sugamo, Toshima-ku, Tokyo (A unit of Japan Data Communications Association)
   Tel: 03-5907-3803
   Business hours: Mon - Fri 10:00 - 12:00 and 13:00 - 15:00 (Closed on weekends, national holidays, and New Year holidays)

6. Requests for disclosure, revision, addition, deletion, suspension, elimination etc. (hereinafter “disclosure”), of “Personal Information subject to disclosure”
   1. (1) We will respond properly in case we receive requests from customers asking disclosure of their “Personal Information subject to disclosure”. Disclosure requests should be made as follows.
   2. (2) In order to make a disclosure request, please download prescribed application forms below. Please mail or email the forms to us together with the necessary documents.
      1. (i) Documents needed
         • Application for disclosure (PDF)
         • A public document identifying a person as the owner of the requested information (or the agent of the information owner) must be presented.
         • Power of attorney (PDF)
         • Public documents used for personal identification (PDF)
      3. (ii) JPY 1,100 as a fee (including Japan consumption tax) shall be charged for handling a request for the notice or disclosure of the purpose of use. (If sent by postal mail, cash registered mail should be used.)
      4. (iii) Mailing address for request forms
         8-1 Sanbancho, Sanbancho Tokyu Building 7F, Chiyoda-ku, Tokyo 102-0075 Japan
         Telecom Square, Inc.
         Personal Information Service Desk.
         Email: privacy@telecomsquare.co.jp
         (It will take approximately two weeks to complete processing a request after receiving it and email our response.)
   3. (3) Personal Information obtained through processing a disclosure request
      Personal Information obtained through processing a disclosure request shall be handled only within the scope of necessity.

This document was prepared in Japanese and translated into English. The Japanese text is the original and the English text is for reference purposes only. If there is any conflict or inconsistency between these two texts, the Japanese text shall prevail.