8-17-1 Nishishinjuku, Shinjuku-ku, Tokyo
SEPTENI HOLDINGS CO., LTD.
Yuichi Kouno, Representative Director

SEPTENI HOLDINGS CO., LTD. (the “Company," "we" or “our”) will handle personal information obtained in relation to our business operations as follows. Rules regarding the Company's handling of personal information in individual services and initiatives shall be set forth separately for each individual service and initiative.

(1) The Company shall acquire personal information or personally referable information* (hereinafter referred to, collectively, as "personal information, etc.,") in relation to its business operations using any of the following methods.
a. Direct acquisition, from the individual in question
    E.g.: We acquire personal information from the individual by them filling out a paper form, or by direct entry into a website form.
b. Indirect acquisition, from the individual in question
    E.g.: We acquire personal information, etc., published in a publication or on the internet.
c. Direct or indirect acquisition, from a website operated by the Company
    E.g.: We acquire site usage history automatically via tags set on a website operated by the Company.
d. Indirect acquisition from a third party
    E.g.: We acquire personal information via a data management platform or social media.

(2)The Company may acquire personal information, etc., by methods that may not be easily perceived by the individual in question. Please click here for information regarding the transfer of information about the user who uses our website(s) and application(s) (if any) (“User”) to third party servers* and the use of cookies on our website(s).

*About personally referable information
“Personally referable information” means information relating to an individual which does not fall under the categories of personal information, pseudonymously processed information and anonymously processed information. It does not include statistical information.
E.g.: Postal (zip) codes, email addresses, gender, occupation, hobbies and interests, customer ID numbers, information stored in cookies, IP addresses, device ID numbers, advertisement identifiers (AAID/IDFA), other identifiers and location data, browsing histories, purchasing histories and other log data pertaining to Internet usage, etc.
The Company acquires (and handles) any personally referable information as personal information if it can be readily collated with other information and thereby identify a specific individual.

*What is "transfer of User information to third party server"?
"Transfer of User information" means that User information is transferred to the third party's server without User's intent when User visits or uses the website(s) and the application(s).

The items of personal information, etc. that we collect and the purposes for which we use such personal information, etc. are as follows.

(1) Information about our customers and partners who enter into agreements with us (including personnel working for the customer or partner, if the customer or partner is a corporation or entity. The same applies below):
- Purpose of Use: To enter into agreements with our customers and partners (including membership registration for use of websites operated by the Company).

(2) Information about members registered on our website(s):
- Purpose of Use: To enter into agreements with our customers and partners (including membership registration for use of websites operated by the Company).

(3) Information about customers or partners who request something:
- Purpose of Use: To process requests from our customers and partners and fulfill agreements with our customers and partners.

(4) Information about those performing administrative functions related to agreements between their company or other entity:
- Purpose of Use: To process requests from our customers and partners and fulfill agreements with our customers and partners.

(5) Information about our customers and partners who contact us:
- Purpose of Use: To contact those customers and partners.

(6) Information about attendees and potential attendees of our or our affiliates’ exhibitions or seminars, etc.:
- Purpose of Use: To provide information about exhibitions, seminars, products and services, etc. of the Company and its affiliates.

(7) Information about users and prospective users of products and services, etc., of the Company and its affiliates:
- Purpose of Use: To provide information about exhibitions, seminars, products and services, etc. of the Company and its affiliates.

(8) Information about users of products and services, etc., of the Company and its affiliates:
-Purpose of Use: To develop, improve and enhance the products and services of the Company and its affiliates.

(9) Information about our customers and partners with whom we have direct or indirect contact for the purpose of marketing, selling and promoting the products and services of the Company and its affiliates:
-Purpose of Use: To market, sell and promote the products and services of the Company and its affiliates

(10) Information about visitors and users of our websites:
- Purpose of Use: To analyze site usage and browsing status, in order to improve our websites.

The Company may make use of personally referable information provided to it by third parties in conjunction with personal information already in the possession of the Company. Please see here for details regarding such cases.

(1) The Company may provide personal Information to third parties within the extent permitted by law (including when obtaining the consent of the individual in question, and performing procedures required by law.)

(2) The Company may entrust the handling of personal information to third parties ("contractors"), within the necessary scope to achieve the purpose(s) of utilizing Personal Information described in Section 2. In such cases, the Company shall enter into an agreement with the contractor, who must meet selection criteria for contractors, and appropriately manage work performed by the contractor.

(3) Third-party providers and contractors may include third parties located outside of Japan (*).

*The Company provides details regarding cases where we provide, or entrust the handling of, personal information to third parties located outside of Japan.

The Company makes shared use of personal information as follows.

(1) The categories of the jointly utilized Personal Information:
a. Information acquired in relation to an agreement between the Company and a customer and/or partner
b. Contact details of customers and/or partners

(2) The scope of a jointly utilizing entity: The Group companies
（http://www.septeni-holdings.co.jp/septenigroup.pdf）

(3) The utilization purpose for the jointly utilizing person:
a. For having an appropriate Group company respond to inquiries about the Group’s products and services
b. For developing and improving products and services of the Group companies and improving their quality
c. For the marketing, sale and sales promotion of the products and services of the Group companies

(4) The entity responsible for controlling the jointly utilized Personal Information:

8-17-1 Nishishinjuku, Shinjuku-ku, Tokyo
SEPTENI HOLDINGS CO., LTD.
Yuichi Kouno, Representative Director

(5) How to acquire Personal Information: In writing, in the form of electronic data, or by other means

Customers and partners may decide voluntarily whether to provide their personal information to us. If they do not provide their personal information, they may be unable to receive the services which they wish to receive.

(1) Individuals may make the following demands ("Demands for Disclosure, etc.") to the Company, within the scope permitted by law, with regard to personal information handled by the Company.
a. Notification of the purpose of use
b. Disclosure of records of personal information or records of provision to third parties
c. Corrections, additions or deletions of personal information, a utilization cessation or deletion, or cessation of provision to third parties

(2) Procedures regarding Demands for Disclosure, etc., are as follows.
a. Privacy Consultation Desk, which is written about in “Inquiries” below, will receive the Demand for Disclosure etc.
b. The person who makes a procedure for Demand for Disclosure etc. is required to send by mail a request form prescribed by the Company and necessary documents, including identification documents.When you wish for information disclosed to be provided in electronic record form, please make that fact known when requesting disclosure. We will inform you regarding specific methods of disclosure.
c. The person making the Demand for Disclosure, etc., will be charged a prescribed fee per demand for notification of the purpose of utilizing personal information, disclosure of the contents of personal information or records of provision to third parties.

The details of the procedure are available here.

The Company shall endeavor to keep personal information that the Company collects or attempts to collect accurate and up-to-date, and will implement necessary and appropriate measures for managing the security of the information as follows for protecting the information from unauthorized access, falsification, leakage, loss or other damage.

(1) Formulation of basic policy
To ensure that personal information is handled appropriately, the Company has formulated a basic policy covering matters such as compliance with relevant laws, regulations and guidelines and a point of contact for dealing with privacy-related questions and complaints.

(2) Development of rules governing the handling of personal information
The Company has formulated rules on the handling of personal information, setting out handling methods, the persons responsible/in charge, their responsibilities, etc., at every stage of the process, from collection, use, storage and provision to deletion and destruction.

(3) Organizational measures for managing the security
a. The Company has established a person responsible for the handling of personal information and has also clarified the employees who handle personal information and the scope of personal information handled by these employees, and developed a system for reporting to and liaising with the person responsible in the event of discovery of an actual or suspected breach of laws or privacy regulations.
b. The Company implements periodic self-inspections on the status of handling personal information.

(4) Human measures for managing the security
a. The Company regularly provides training to employees on matters to be considered when handling personal information.
b. The Company stipulates rules regarding maintaining the confidentiality of personal information in its work regulations.

(5) Physical measures for managing the security
a. In areas where personal information is handled, the Company restricts employee access and the equipment which can be brought in and we also take measures to prevent unauthorized persons from viewing personal information.
b. The Company takes measures to prevent the theft and loss of equipment, electronic media and documents containing personal information. Moreover, when carrying such equipment, electronic media or documents around, such as when moving between offices, the Company takes measures to ensure they cannot be easily accessed.

(6) Technical measures for managing the security
a. The Company uses access control to limit the scope of persons in charge of handling personal information and the scope of the personal information database or the equivalent they handle.
b. The Company introduces frameworks to protect information systems that handle personal information against illegal access from outside or malware.

(7) Assessment of external environment
When the Company handles personal information in overseas countries (including cases where the Company entrusts the handling of personal information to third parties located outside of Japan), it implements security control action based on an understanding of privacy legislation and other systems in place for the protection of personal information in the countries in which it stores personal data.

In the event of a personal information leak or other such incident, the Company reports to the relevant supervisory authorities in accordance with the Act on the Protection of Personal Information and related guidelines, and takes necessary measures, such as measures to prevent recurrences or the occurrence of similar incidents, in accordance with the instruction of the relevant supervisory authorities.

Secretary General of Information Security Bureau

For inquiries, complaints, consultations on the handling of and the Procedure for Demand for Disclosure etc. of Personal Information please contact Privacy Consultation Desk.

Authorized personal information protection organization

Established

April 1, 2002

Revised

October 1, 2003

Revised

May 25, 2004

Revised

November 10, 2004

Revised

August 17, 2005

Revised

February 7, 2006

Revised

May 15, 2006

Revised

October 20, 2006

Revised

December 13, 2006

Revised

December 18, 2006

Revised

April 1, 2008

Revised

December 10, 2008

Revised

July 15, 2010

Revised

January 1, 2011

Revised

February 1, 2015

Revised

January 1, 2016

Revised

January 1, 2018

Revised

January 1, 2020

Revised

April 1, 2022

Revised

July 1, 2023

Revised

March 28, 2024

This English translation is for reference purposes only and not a legally definitive translation of the original Japanese texts. If a difference arises regarding the meaning herein, the original Japanese version shall prevail as the official authoritative version.