Privacy Policy

Mizuho Leasing Co., Ltd.

Shusaku Tsuhara
President and CEO
Address & Representative name（Corporate Information）
April 1, 2022

 

Mizuho Leasing Co., Ltd. (hereafter, “the Company”) has formulated the following Personal Information Protection Policy (hereafter, "the Privacy Policy”) setting out its policy on protecting personal information. 

 

< Legal Compliance >
The Company recognizes that it has a public duty to appropriately protect personal information. In the course of its business, the Company complies with the Act on the Protection of Personal Information and all other related laws and regulations and strictly adheres to the Privacy Policy and other internal regulations to ensure personal information is managed appropriately. 

 

< Appropriate Collection of Personal Information > 
The Company collects personal information in a proper and lawful manner as required for its business activities. 

 

< Use of Personal Information > 
The Company uses personal information in accordance with the stated purposes of use. Personal information is not used beyond the extent necessary to fulfill those purposes without obtaining the prior consent of each individual or when permitted by law. The stated purposes of use can be found on this website and in other Company documents. 

 

<Prohibition of inappropriate use>
The Company does not use personal information in any manner that may promote or induce illegal or unjust acts.
 

< Limits on Provision of Personal Information to Third Parties >
The Company does not provide personal data to third parties without obtaining the prior consent of each individual or in cases when required to do so by law. However, the Company may provide personal data to third parties without prior consent within the extent necessary to fulfill the stated purposes of use, or as a result of a business merger or when sharing information with specified parties. 

 

< Security Management Measures > 
The Company makes every effort to ensure personal data storage and management systems are accurate and up to date and implements all reasonable security management measures to prevent data leaks and other issues. 

1. Formulation of Personal Information Protection Policy
   ・The Company formulates this policy to ensure proper handling of personal data.
2. Development of disciplinary rules for handling of personal data
   ・The Company formulates and adheres to various rules and procedures for the handling method, officials responsible and in charge, and their duties in each stage, such as obtainment, use, storage, provision, deletion, and disposal.
3. Organizational Security Management Measures
   ・The Company appoints an official responsible for the security management of personal data and has a system through which to report to the responsible official in the case there is a fact or indication that laws and regulations, this policy, or the Company’s rules have been violated.
   ・An audit of the handling of personal data is conducted by a person from another department.
4. Personnel Security Management Measures
   ・Matters concerning confidentiality of personal data are provided for by rules of employment, etc.
   ・Training on matters concerning the handling of personal data is provided to the employees on a regular basis.
5. Physical Security Management Measures
   ・In a section in which personal data is handled, employees’ room entry and exit are managed, and carry-in devices are restricted.
6. Technical Security Management Measures
   ・Access control is being implemented, and the ranges of those in charge and personal data handled are limited.
7. Supervision of contractors
   ・The Company appropriately supervises contractors who handle personal data.

 

< Continuous Improvements >
The Company endeavors to make continuous improvements to the handling of personal information, including changes to the Privacy Policy where necessary. 

 

< Procedure for Requesting Information Disclosure, etc. >
The Company endeavors to respond promptly and appropriately to requests related to personal information. Please use the contact details below for requests regarding notification of use, disclosure, corrections, or additions and deletions of personal data, or to request termination of use by the Company or provision to third parties. 

 

< Membership and Use of Personal Credit Information Agencies >
After obtaining prior consent, the Company assesses individual creditworthiness by accessing any personal credit information that may be held by its affiliated credit information agencies and their partner organizations.
After obtaining prior consent, the Company also provides personal credit information derived from business transactions with customers to its affiliated credit information agencies. 

 

< Affiliated Personal Credit Information Agency > 
Credit Information Corp. (CIC)
First West Building, 1-23-7, Nishi-Shinjuku, Shinjuku-ku, Tokyo, 160-8375
Phone: 0570-666-414
Website: http://www.cic.co.jp/

 

< Partner Organizations of Affiliated Personal Credit Information Agency >
Japanese Bankers Association
3-1, Marunouchi 1-chome, Chiyoda-ku, Tokyo 100-8216 
Phone: 03-3214-5020
Website: http://www.zenginkyo.or.jp/pcic/index.html

 

Japan Credit Information Reference Center Corp.
1-10-14, Kita-ueno , Taito-ku, Tokyo 110-0014
Phone: 0570-055-955
Website: http://www.jicc.co.jp/

 

< Email Addresses >
In some cases, the Company may treat email addresses as personal information, even if the email address is unconnected to personal information. Email addresses are not used outside the stated purposes of use without prior consent, and unauthorized provision of email addresses to third parties is prohibited.  

 

○ Contact Details to Request Information Disclosure, etc.

Customer Support Officer
Mizuho Leasing Co., Ltd. 
2-6 Toranomon 1-chome, Minato-ku, Tokyo 105-0001

 

Free dial: 0120-505-225 (Japan only) 
09:00-17:00 Monday to Friday
Closed on Company holidays

Email address: kojinjoho@mizuho-ls.co.jp 

Mizuho Leasing Co., Ltd.

June 29, 2005

 

Mizuho Leasing Co., Ltd. (hereafter, “the Company”) uses personal information from customers, business partners, shareholders and job applicants in the course of conducting the following business activities and in accordance with the following stated purposes of use. Personal information is not used beyond the extent necessary to discharge those activities. 

 

– Personal Information from Customers and Business Partners – 

 

Business Activities 
○ Leasing and sale of machinery, tools, facilities and other items for industrial, engineering, civil engineering, transport, communication, office, medical, retail and other applications. 
○ Leasing and sale of intangible property rights such as copyrights, patents, design rights and utility model rights. 
○ Leasing, sale, brokerage and management of real estate
○ Financial services 
○ Services related to the sale of life insurance
○ Non-life insurance agency services
○ Type II financial instrument business
○ Financial instrument brokerage business
○ Credit collection agency services
○ Information management and provision services
○ All other business activities associated with or related to the foregoing 

 

Purposes of Use 
To provide products and services through the business activities listed above, the Company uses personal information for the following purposes. 
○ Assess creditworthiness, conclude, execute and maintain contracts, exercise rights and execute business activities in accordance with contracts and laws
○ Manage, appraise, trade and conduct other activities related to assets under contract (including movable assets, real estate, intangible property rights, credit obligations, etc.)
○ Promote products and services provided by the Company, consolidated subsidiaries and other parts of the Group
○ Conduct market surveys, analyze data and support the development of new products and services
○ Confirm the identity of an individual or their agent
○ In the credit business, provide personal information to third parties such as affiliated personal credit information agencies within the extent necessary to appropriately conduct business activities 
○ Appropriately conduct business activities in cases where the handling of personal data has been outsourced from other businesses or entities
○ Ensure the appropriate and smooth execution of other business transactions with customers and business partners

 

– Personal Information from Shareholders –

 

Purposes of Use 
○ Exercise rights and obligations to shareholders in accordance with legal requirements 
○ Provide benefits commensurate with the status of shareholders
○ Implement various measures to ensure a smooth relationship between the Company and its shareholders
○ Manage the shareholder base by compiling data on shareholders in accordance with standards prescribed in laws and regulations

 

– Personal Information from Job Applicants – 

 

Purposes of Use 
○Conduct recruitment and selection processes for new employees and provide information and notices related to those processes

Mizuho Leasing Co., Ltd.

Shusaku Tsuhara
President and CEO
Address & Representative name（Corporate Information）
April 1, 2022

 

The Company has various finance-related companies within its Group. In addition, the Company is part of Mizuho Financial Group, which also consists of various finance-related companies, such as banks, securities firms, trust banks, and other financial institutions. By leveraging the expertise of each respective Group company and strengthening collaboration within the Group, the aim is to provide higher value-added financial products and services, and to be of greater service to customers.
For this purpose, the Company may share personal information with Group companies and within Mizuho Financial Group when considered necessary and within the following scope.
 

1. Personal information to be shared is as follows.
   (1) Customer information, including name, date of birth, address, contact details such as telephone number and email address, family details, employer details, information on assets and liabilities, transaction needs, information in the public domain, etc.
   (2) Information related to the content of individual transactions with a customer, such as the type of product and service used by the customer, contract date, transaction amount, balance and due date 
   (3) Information necessary for the management of customer transactions, such as management numbers, including deal numbers, transaction history information, information used to make a transaction decision, etc.
    
2. Personal information can be shared within the following scope.
   The Company, and consolidated subsidiaries and equity-method affiliates accounted for within financial statements and other documents of the Company (hereafter, the Company and Group companies; click here for a list of said companies), and Mizuho Financial Group Inc., and consolidated subsidiaries and equity-method affiliates accounted for within financial statements and other documents of Mizuho Financial Group
    
3. Personal information can be shared for the following purposes.
   (1) To propose and notify about various products and services, and to research and develop products and services
   (2) To make decisions on the provision of various products, services, etc.
   (3) To appropriately conduct business management operations as a Group, such as understanding and managing various types of risk
    
4. Other
   The following entities are responsible for managing personal information.
   ・Sharing of personal information within the Company and Group companies: The Company
   ・Sharing of personal information within Mizuho Financial Group and its consolidated subsidiaries and equity-method affiliates: Mizuho Financial Group

Mizuho Leasing Co., Ltd.

July 31, 2019

 

 

This Personal Data Protection Policy stipulates the processing of Personal Data (defined below) in cases where Mizuho Leasing Company, Limited (hereinafter referred to as “the Company”) and its group companies process Personal Data of natural persons residing in the European Economic Area (28 EU Member States plus Iceland, Liechtenstein and Norway; hereinafter simply referred to as the “EU”) and such processing of Personal Data is subject to the General Data Protection Regulation (Regulation (EU) 2016/679) (hereinafter referred to as the “GDPR”).

 

Article 1: Contents of Personal Data processed by the Company, Purposes of and Legal Basis for Processing, and Storage Periods

The contents of Personal Data (as defined in Article 4 of the GDPR, hereinafter referred to as “Personal Data”) obtained by the Company, the purposes of processing (as defined in Article 4 of the GDPR, hereinafter referred to as “Processing”), the legal basis for Processing, and the storage periods (unless specifically provided for by applicable laws) are as follows. To be more precise, as the legal basis for Processing Personal Data provided for in point (f) of Article 6 (1) of the GDPR, the Company has the purposes of the legitimate interests of the improvement of customer services provided by the Company and the management and development of information related to human resources in the Company (hereinafter referred to as “Legitimate Interests”). 

 

① Personal Data related to customers or potential customers (hereinafter referred to as “Personal Data Related to Customers”) 

1. Contents:
   Name, name of the company, title, address of the company, phone number of the company, fax number of the company, e-mail address, mobile phone number, gender, etc.
2. Purposes of Processing:
   The improvement of customer services provided by the Company and the management and development of information related to human resources in the Company, and any other purposes related to these.
3. Legal basis for Processing:
   Consent, preparation for conclusion of a contract, requirements by applicable laws, or Legitimate Interests.
4. Storage periods:
   Until the time when the actual or potential business relationship between the Company and the customer ends.

 

② Personal Data related to directors or employees and/or potential directors or employees of the Company and its group companies (hereinafter referred to as “Personal Data Related to Human Resources”)

1. Contents:
   Name, title, job duties, e-mail address, mobile phone number, gender, date of birth, home address, home phone number, salary, career, educational background, family information, language, network ID, etc.
2. Purposes of Processing:
   Recruitment, maintenance and management of an employment contract, maintenance and establishment of work environment, tax processing, filing with relevant authorities, and any other purposes related to these.
3. Legal basis for Processing:
   Consent, preparation for conclusion of a contract, requirements by applicable laws, or Legitimate interests.
4. Storage periods:
   Until the time when the data subject (as defined in Article 4 of the GDPR, hereinafter referred to as “Data Subject”) of the Personal Data retires or it is decided not to recruit him/her.

Article 2: Provision of Personal Data to Third Parties

The recipients or the types of recipients in cases where the Company provides third parties with Personal Data to the extent permissible by applicable laws are as follows. 

 

① Personal Data Related to Customers

• The Company’s group companies 
• The Company’s subcontractors
• Other business partners related to the business with the customer

 

② Personal Data Related to Human Resources

• The Company’s group companies
• Subcontractors that the Company uses for human resource services
• Government authorities related to finance, labor, tax and immigration

 

Article 3: Indirect Obtainment of Personal Data

The sources, which are not publicly disclosed and not accessible by the public, from which the Company indirectly obtains Personal Data are as follows. 

 

① Personal Information Related to Customers

• The Company’s group companies
• The Company’s subcontractors
• Other business partners related to the business with the customer

 

② Personal Information Related to Human Resources

• The Company’s group companies

 

Article 4: Transfer of Personal Data to Outside the European Union

There are cases in which the Company transfers Personal Data obtained by it to a third country outside the EU. In such cases, in the absence of an adequacy decision pursuant to Article 45 (3) of the GDPR by the European Commission in said third country, the Company shall take appropriate safeguards as prescribed in the GDPR, including the conclusion of a contract that contains standard data protection clauses.

 

Article 5: Rights of Data Subjects

Data Subjects of Personal Data obtained by the Company shall have each of the following rights.

• The right to request that the Company provide access to his or her Personal Data 
• The right to request that the Company rectify or erase Personal Data or restrict Processing concerning the Data Subjects
• The right to object to Processing of Personal Data by the Company
• The right to request that the Company offer the convenience of data portability
• The right to lodge a complaint with a supervisory authority

 

Article 6: Consent and the Possibility of Withdrawal Thereof

If the legal basis for the obtainment of Personal Data obtained by the Company is the consent of the data subject of the Personal Data, the Data Subject shall have the right to withdraw his or her consent at any time, provided, however, that such withdrawal of consent shall not affect the lawfulness of Processing based on the consent before its withdrawal.

 

Article 7: Requirement for the Provision of Personal Data

1. With respect to Personal Data Related to Customers, Personal Data of the representative and officers or employees of the department concerned is required when the customer is concluding a contract with the Company. Although neither the representative, officers nor employees of the department concerned is subject to any legal obligation to provide the Company with such Personal Data, the Company may choose not to engage in any transaction with the customer if the customer refuses to provide said information.
2. With respect to Personal Data Related to Human Resources, this is required when the Data Subject is concluding a delegation or employment contract with the Company. Although the Data Subject of the Personal Data is not subject to any legal obligation to provide the Company with such Personal Data, the Company may choose not to delegate to or employ the Data Subject if the Data Subject refuses to provide said information.
3. There are cases in which the Company is obliged to obtain Personal Data under applicable laws. In such cases, Article 7 (1) and (2) above shall not apply, and the Company may not engage in any transaction concerned with respect to Personal Data Related to Customers, nor carry out the delegation or employment concerned with respect to Personal Data Related to Human Resources.

 

Article 8: Inquiries

Any questions about this Personal Data Protection Policy should be directed to the following officer.

 

Address: 1-2-6 Toranomon Minato-ku, Tokyo, Japan
Department: Customer Support Officer 
Telephone No.: +81-120-505-225
Email: kojinjoho@mizuho-ls.co.jp

 

Article 9: Changes to Personal Data Protection Policy

The Company may appropriately make changes to this Personal Data Protection Policy from time to time. In order to correctly understand this Personal Data Protection Policy, please regularly check this website.

*For the Company’s group companies (consolidated subsidiaries or equity-method affiliates, as defined in laws and regulations), “the Company” in this Personal Data Protection Policy shall be deemed to be replaced with the name of any such individual group company. (A list of the Company’s group companies to which this Personal Data Protection Policy applies can be found here.)

 

-end-