Declaration of Privacy Policy
ARK Mori Building 31F, 1-12-32 Akasaka, Minato-ku, Tokyo
Capital Servicing Co., Ltd.
Representative Director Daniel Shireman

 

Declaration of Privacy Policy


Capital Servicing Co., Ltd., operating as a loan servicing firm, will endeavor to protect personal information that we will do our utmost to observe the Japanese Act on the Protection of Personal Information and other relevant statutes. To enforce this in our day-to-day operations, we will follow the guidelines below:

1. Due and proper acquisition of personal information
In acquiring personal information, we will define the business purposes for its utilization, and acquisition will be done in a due and proper manner and only within the bounds necessary for achieving the business purposes.

2. Utilization purpose of personal information
We will not utilize personal information inappropriately and will utilize acquired personal information for the business purposes below but never utilize such information without consent of the principal of such information:

  • Servicing works on Specified Monetary Claims
  • Purchasing of non-Specified Monetary Claims
  • Administrative service business
  • Collection agency businesses
  • Succeeding the position of a group credit life insurance contractor including servicing of its insurance premium afterward and preparing group credit life insurance reports
  • Asset liquidation and securitization relevant businesses (Specified corporate bond relevant businesses)
  • Servicer reporting businesses
  • Businesses on administrative and general affairs, personnel affairs, accounting, IT supporting and internal auditing
  • Servicer consulting businesses
  • Purchase, Sale and Brokerage Businesses for Specified Monetary Claims
  • Due Diligence Business and Administrative Representation of Claim Transfer
  • Intermediary business of money lending
  • Administration agency business for lending operations
  • Arrangement business concerning the securitization of assets

3. Securing safety and integrity of personal information
We will take the following Security Measures to ensure the safety and integrity of personal information. For details, please contact the Personal Information Inquiry Counter.

  • We will formulate basic policies for appropriate handling of personal information specifying (i) to observe the Japanese Act on the Protection of Personal Information and other relevant statutes including these guidelines and (ii) to respond to inquiries and indications.
  • We will formulate (i) the Personal Information Protection Rules that stipulate handling manners, responsible persons, persons in charge, and their duties which are laid out according to the respective levels of acquisition, usage and retention, provision, deletion, and disposal of personal information, (ii) the handling rules at the stage of managing outsourced companies and responding to leaks.
  • Organizational Security Measures will be responsible for (i) assigning the head of Personal Information Protection, the Personal Information Management Officer, and the Personal Information Protection Manager of each department responsible for personal data, etc., and clarifying their roles and responsibilities, etc., (ii) developing a system for reporting to manager if any matter or its sign in violation of laws or rules are identified, and (iii) manage the handling status of personal data in the Personal Information Books and perform regular self-inspections and audits.
  • Human Security Measures will be responsible for (i) regularly conducting internal training for employees, including precautions regarding the handling of personal data, and provide thorough dissemination of security control actions to employees and their education and training, (ii) concluding contracts on non-disclosure of personal data with employees, (iii) clarifying employees’ roles and responsibilities, etc., (iv) confirming employees’ compliance with personal data management procedures.
  • Physical Security Measures will be responsible for (i) managing entry and exit in areas where personal data is handled, (ii) implementing measures to prevent unauthorized persons from browsing personal data, (iii) managing devices, electronic media, documents, etc. that handle personal data by locking and setting passwords, (iv) taking measures to prevent theft and loss, and (v) taking measures to prevent personal data from being easily revealed when carrying the devices, etc.
  • Technological Security Measures will be responsible for (i) identifying and authenticating personal data users, (ii) controlling access and setting up management classifications for personal data, (iii) managing access authority for personal data, (iv) setting up preventative measures against leakage and damage to personal data, (v) recording and analyzing access to personal data, (vi) recording and analyzing operational status of information systems handling personal data, (vii) monitoring and auditing information system handling personal data.
  • Security Measures will put in place measures to ensure the understanding of the relevant local legal and regulatory environment in order to protect personal information in a foreign country, if personal data is stored in a foreign country.

4. Supervision of employees
We will conduct training seminars for our board members and employees to understand well the importance of personal information and to appropriately manage the safety of it.

5. Supervision of vendors
When we entrust the handling of personal information to outside vendors, we will select entities that can observe our Personal Information Protection Policy, and supervise them in their handling of such information. Should the task be further entrusted, we will supervise those vendors as well to ensure appropriate handling of the information.

6. Disclosure on personal data we hold, etc.
When the principal requests disclosure, correction, amendment, deletion, suspension of use or erasure regarding the personal data we hold and the records we provided to third parties, we will respond by a letter or sending a CD-R (including DVD-R) in accordance with the requirements of the law, provided, that we will require identification of the principal (in accordance with our internal procedures) or, in the case of agents, proof of agency as defined in ordinances; furthermore, in case of correction, amendment, deletion etc., official papers evidencing the new data will be required. Fees for disclosure will be JPY 3,000 (inclusive of consumption tax). For details, please contact the Personal Information Inquiry Counter.

7. Compliance program
In order to promote the protection of personal information and appropriate administration thereof, we have developed a compliance program to provide training and supervision to employees. As laws and circumstances on these issues evolve, we will routinely update these programs.



Personal Information Inquiries Counter
TEL: 03-6230-5542
Business hours: Monday to Friday, 9:30 to 17:00 (excluding bank holidays and Year End and New Year's holidays)
Fax: 03-6230-5220
E-mail: privacysupport@capserv.com

 

Postal Inquiries:
ARK Mori Building 31F
1-12-32 Akasaka, Minato-ku, Tokyo, 107-6031 Japan
Capital Servicing Co., Ltd.
Privacy Policy Inquiries Counter