Sony Bank - Establishment and revision history

Terms And Conditions For Sony Bank Visa Debit Agreement

Date of revision : 2022/4/17
Division : Revision

Changes and details

Current ：: Article 2 - Definitions
(2) “Merchant Establishment(s)” means Visa Worldwide Pte. Limited(“Visa Worldwide”), and branches, shops and facilities (including online shopping sites) of financial institutions or credit companies which are affiliated with Visa Worldwide and are considered as appropriate by the Company as well as financial institutions that manage automatic teller machines (“ATM”) and cash dispensers (“CD”) operated by financial institutions which are affiliated with Visa Worldwide.
Previous：: Article 2 - Definitions
(2) “Merchant Establishment(s)” means branches, shops and facilities (including online shopping sites) of financial institutions or credit companies which are affiliated with Visa Worldwide Pte. Limited (“Visa Worldwide”) and are considered as appropriate by the Company as well as financial institutions that manage automatic teller machines (“ATM”) and cash dispensers (“CD”) operated by financial institutions which are affiliated with Visa Worldwide.
Current ：: Article 4 - Management of Card and Visa Debit PIN
1. The ownership of the Card belongs to the Company, and the Member must manage the Card with the care of a prudent manager. The Member must strictly manage the Card in a manner to ensure that it will not be used by others, and strictly manage his/her Visa Debit PIN, card number, expiry date, Authentication Information as specified in Article 15, Paragraph 1, and other information (collectively, the “Card Information”) in a manner to ensure that it will not be known by others. The Member must avoid using his/her date of birth, telephone number or other numbers that can be easily guessed by others for his/her Visa Debit PIN. If there is any possibility of unauthorized use of the Card due to forgery, theft or loss, or if the Member becomes aware of unauthorized use of the Card, the Member must promptly notify the Company thereof.
Previous：: Article 4 - Management of Card and Visa Debit PIN
1. The ownership of the Card belongs to the Company, and the Member must manage the Card with the care of a prudent manager. The Member must strictly manage the Card in a manner to ensure that it will not be used by others, and strictly manage his/her Visa Debit PIN, card number, expiry date, and other information (collectively, the “Card Information”) in a manner to ensure that it will not be known by others. The Member must avoid using his/her date of birth, telephone number or other numbers that can be easily guessed by others for his/her Visa Debit PIN. If there is any possibility of unauthorized use of the Card due to forgery, theft or loss, or if the Member becomes aware of unauthorized use of the Card, the Member must promptly notify the Company thereof.
Current ：: Article 11 - Limit on Use
5. The Member must comply with any foreign exchange and foreign trade control laws and regulations applicable, currently or in the future, to Purchase Transactions overseas, and upon request from the Company, submit permits, certifications and other documents designated by the Company that the Company deems necessary to ensure compliance with these laws and regulations. The Member shall also agree in advance that the Company may at its own discretion limit, suspend, etc., the use of the Service.
Previous：: Article 11 - Limit on Use
5. The Member must comply with any foreign exchange and foreign trade control laws and regulations applicable, currently or in the future, to Purchase Transactions overseas, and upon request from the Company, submit permits, certifications and other documents designated by the Company that the Company deems necessary to ensure compliance with these laws and regulations. The Member shall also agree in advance that the Company may at its own discretion limit or suspend the use of the Service.
Current ：: Article 12 - Suspension of Use of Service
1. If the Member violates or is likely to violate these Terms and Conditions, if the Company considers, after taking into account the status of the Member’s use of the Service, that his/her use of the Service is not appropriate, or if the Company considers it necessary, the Company may immediately take measures to temporarily or permanently suspend his/her use of the Service (including the cancellation of his/her membership) without giving notice to the Member.
Previous：: Article 12 - Suspension of Use of Service
1. If the Member violates or is likely to violate these Terms and Conditions, if the Company considers, after taking into account the status of the Member’s use of the Service, that his/her use of the Service is not appropriate, or if the Company considers it necessary, the Company may immediately take measures to temporarily or permanently suspend his/her use of the Service without giving notice to the Member.
Current ：: Article 15 - Personal Authentication Service
1. When a Member makes a Purchase Transaction at a Merchant Establishment that has the Personal Authentication Service available, the Member must authenticate himself/herself by using Visa Secure ("Personal Authentication Service") provided by Visa Worldwide according to the following procedures if the Company deems it necessary.
(1) The Company sends a password for the Personal Authentication Service ("Authentication Information") to the e-mail address registered by the Member in advance.
(2) The Member enters the Authentication Information in accordance with the instructions on the screen designated by the Merchant Established. If the information the Member enters matches the Authentication Information, the Purchase Transaction will be executed.
2. The customer is responsible for maintaining his/her Authentication Information in strict confidence and should not disclose it to any third parties.
3. In the event that the Purchase Transaction is unsuccessful due to the failure of personal authentication, the Company shall not be liable for any disadvantage the Member suffers as a result thereof.

Paragraph 4,5,6 deleted
Previous：: Article 15 - Verification Service
1. Member may use “Verified by Visa” offered by Visa Worldwide (“Verification Service”) by completing the following procedures:
(1) The Member must register certain verification information including the password for the Verification Service (“Verification Information”) on the screen designated by the Company in advance.
(2) When making a Purchase Transaction at a Merchant Establishment which provides the Verification Service, the Member must enter his/her Verification Information on the screen designated by the Merchant Establishment. When the information entered by the Member matches the registered Verification Information, the Member will be able to make a Purchase Transaction.
2. The Member shall agree that the registered Verification Information is used as Verification Information for the Verification Service.
3. If the Member’s Card Information is changed due to reissuance of his/her Card, the Verification Information registered by the Member shall become ineffective. In this case, the Member must register the Verification Information again in accordance with the procedures specified in paragraph 1.
4. If the Member forgets his/her Verification Information, the Member must register the Verification Information again in accordance with the procedures specified in paragraph 1.
5. Once the Member has registered the Verification Service, the Member is not at liberty to cancel the registration of the Verification Service except where the Service is canceled pursuant to Article 13.
6. The Company may, at its own discretion, temporarily suspend or discontinue the Verification Service by posting the notice on its website or notifying the Member in the manner specified by the Company. The Company shall not be liable in any way for any disadvantage the Member suffers as a result thereof.
Current ：: Article 18 - Compensation for Damage Caused by Card Loss or Theft
2. If a claim is made pursuant to the preceding paragraph, the Company shall compensate the Member for the amount equivalent to the loss or damage arising on or after the date which is thirty (30) days (or if and to the extent that the Member demonstrates that there were unavoidable circumstances which prevented him/her from giving notice to the Company, thirty (30) days plus the period during which such circumstances continue) prior to the date on which the Member gave notice to the Company to any extent not exceeding the Limit on Use specified in Article 11, paragraph 1. However, if the Member gives notice to the Company after the lapse of sixty (60) days following the date on which the Loss or Theft occurred, the Company shall not compensate the Member for loss or damage. The Company shall be liable to compensate the Member for any loss or damage incurred by the Member as a result of the use under Article 11, paragraph 4 to any extent not exceeding the Limit on Use specified in Article 11, paragraph 1.
Previous：: Article 18 - Compensation for Damage Caused by Card Loss or Theft
2. If a claim is made pursuant to the preceding paragraph, the Company shall compensate the Member for the amount equivalent to the loss or damage arising on or after the date which is thirty (30) days prior to the date on which the Member gave notice to the Company to any extent not exceeding the Limit on Use specified in Article 11, paragraph 1. However, if the Member gives notice to the Company after the lapse of sixty (60) days following the date on which the Loss or Theft occurred, the Company shall not compensate the Member for loss or damage. The Company shall be liable to compensate the Member for any loss or damage incurred by the Member as a result of the use under Article 11, paragraph 4 to any extent not exceeding the Limit on Use specified in Article 11, paragraph 1.
Current ：: Article 20 - Disclosure of Personal Information
1. The Member shall agree in advance that the product purchased in a Purchase Transaction, the details of the Service and other transactions, and information incidental thereto as well as his/her personal information and Card Information will be shared among Merchant Establishments,companies contracting with Merchant Establishments, etc., Visa Worldwide, insurance companies and the Company for the purpose of identifying and confirming the details of, the Purchase Transaction.
Previous：: Article 20 - Disclosure of Personal Information
1. The Member shall agree in advance that the product purchased in a Purchase Transaction, the details of the Service and other transactions, and information incidental thereto as well as his/her personal information and Card Information will be shared among Merchant Establishments, acquirers, insurance companies and the Company for the purpose of identifying and confirming the details of, the Purchase Transaction.
Current ：: Article 21-Benefits, etc.
1. As an additional consideration for the use of the Service by a Member, the Company may provide the Member with benefits (including, but not limited to, cash back, points, etc.; "Benefits, etc.") depending on the use of the Service. Specific matters and conditions regarding Benefits, etc. shall be determined by the Company and posted separately on the Company's website or other locations designated by the Company.
2. If a Member cancels the Service, or if the Company terminates the Service in whole or in part, any rights to Benefits, etc. that have been provided but have not yet been exercised by the Member at the time thereof, or any Benefits, etc. scheduled to be provided, shall be extinguished.
3. In the event that the Company refunds a Member the amount of any pending or confirmed payments based on Visa Debit Transaction for any reasons including the cancellation of a Purchase Transaction due to a return or cancellation, where the Company has already provided the Member with any Benefits, etc.related to the Visa Debit Transaction, the Member shall refund or return such Benefits, etc.("Returns, etc.") immediately after the refund of the pending or confirmed payment.
4. In the event that a Member violates or is likely to violate the Terms and Conditions or any other terms and conditions separately stipulated by the Company, or in the event that the Member's use of the Service is restricted or suspended, the Company may, at any time and at its discretion, request that the Member return the Benefits, etc. already provided to the Member. In this case, the Member shall promptly comply with the request for Returns, etc.
5. The Company may, at its own discretion, determine the method of return as set forth in the preceding two paragraphs. If the Member owes money to the Company in accordance with the preceding two paragraphs, the Company may set off the relevant refund obligation against the Member's deposits or other claims against the Company at any time at its discretion without prior notice to the Member in an equivalent amount.
Previous：: Addition of new provision
Current ：: Article 22 - Dispute
Previous：: Article 21 - Dispute
Current ：: Article 23 - Mutatis Mutandis Application of Other Terms and Conditions
Previous：: Article 22 - Mutatis Mutandis Application of Other Terms and Conditions
Current ：: Article 24 - Modification of these Terms and Conditions
Previous：: Article 23 - Modification of these Terms and Conditions

Privacy Policy
Disclosure Items Pertaining to Personal Information and Specific Personal Information Handled by Sony Bank

Date of revision : 2022/4/1
Division : Revision

Changes and details

Current ：: Plans of Use of Personal Information (excluding "Personal number")
1. The Company shall acquire and use the personal information of the customers by appropriate and lawful means to the extent required to conduct the following operations.

Deposit business, transfer business, money exchange business, loan business, foreign exchange business, and business incidental thereto
Investment trust business, insurance sales business, financial instruments intermediary business, trust business, corporate bond business, and other businesses that a bank may engage in pursuant to law and other businesses incidental thereto
Other business that banks are able to carry on and business incidental thereto (including the business that will be permitted to be handled in the future)
More specifically, this service is used for the following purposes.
Pursuant to Article 13-6-6 the Regulations Enforcement of the Banking Act and other regulations, the information on the borrowers’ ability to repay debt provided by the Personal Credit Information Bureaus will not be used or provided to a third party for purposes other than the investigation of borrowers’ ability to repay debt.
In addition, pursuant to Article 13-6-7 of the Regulations Enforcement of the Banking Act, the Company will not use or provide to any third party any special non-public information such as information on race, creed, family origin, registered domicile, health and medical, or criminal records for purposes other than those for securing appropriate management of the business and other necessary purposes.
In addition, the purpose of use will be clearly defined for the customer. For example, when responding to various questionnaires, etc., the purpose of use will be limited according to the occasion when the questionnaire was obtained, such as for the purpose of aggregating questionnaires.

・To accept applications for financial products and services, such as opening accounts for various types of financial products
・To verify the customers' identification based on the Act on Prevention of Transfer of Criminal Proceeds and to confirm the qualifications for using financial products and services
・For the management of continuous transactions, such as the management of dates in the transaction of deposit transactions and loan transactions
・To make decisions when applying for a loan or when using a loan on a continual basis, etc...
・For judging the appropriateness of the provision of financial products and services, such as judging in light of the principles of conformity
・In the case of credit business, to provide personal information of the customers to third parties to the extent necessary for conducting appropriate operations, such as providing the customer's personal information to the affiliated credit information Bureaus
・For the purpose of properly carrying out the outsourced business in cases where the processing of personal information is entrusted in whole or in part by other business operators, etc.
・For the exercise of rights and the fulfillment of obligations under contracts with the customers and laws
・For research and development of financial products and services through market research, data analysis, and surveys
・For various proposals related to financial products and services such as sending out direct mail
・For analyzing information on browsing history and transactions to distribute advertisements and direct mailings regarding financial products and services that match your interests and preferences
・For analyzing acquired behavioral history and other information, calculating credit scores, and providing such scores to third parties
・For various proposals of products and services such as partner companies
・For the cancellation of various transactions and for ex post facto management after the cancellation of transactions
・For proper and smooth fulfillment of inquiries about transactions, inquiries and other transactions with the customers
Previous：: Plans of Use of Personal Information (excluding "Personal number")
1. The Company shall acquire and use the personal information of the customers by appropriate and lawful means to the extent required to conduct the following operations.

Deposit business, transfer business, money exchange business, loan business, foreign exchange business, and business incidental thereto
Investment trust business, insurance sales business, financial instruments intermediary business, trust business, corporate bond business, and other businesses that a bank may engage in pursuant to law and other businesses incidental thereto
Other business that banks are able to carry on and business incidental thereto (including the business that will be permitted to be handled in the future)
More specifically, this service is used for the following purposes.
Pursuant to Article 13-6-6 the Regulations Enforcement of the Banking Act and other regulations, the information on the borrowers’ ability to repay debt provided by the Personal Credit Information Bureaus will not be used or provided to a third party for purposes other than the investigation of borrowers’ ability to repay debt.
In addition, pursuant to Article 13-6-7 of the Regulations Enforcement of the Banking Act, the Company will not use or provide to any third party any special non-public information such as information on race, creed, family origin, registered domicile, health and medical, or criminal records for purposes other than those for securing appropriate management of the business and other necessary purposes.
In addition, the purpose of use will be clearly defined for the customer. For example, when responding to various questionnaires, etc., the purpose of use will be limited according to the occasion when the questionnaire was obtained, such as for the purpose of aggregating questionnaires.

・To accept applications for financial products and services, such as opening accounts for various types of financial products
・To verify the customers' identification based on the Act on Prevention of Transfer of Criminal Proceeds and to confirm the qualifications for using financial products and services
・For the management of continuous transactions, such as the management of dates in the transaction of deposit transactions and loan transactions
・To make decisions when applying for a loan or when using a loan on a continual basis, etc...
・For judging the appropriateness of the provision of financial products and services, such as judging in light of the principles of conformity
・In the case of credit business, to provide personal information of the customers to third parties to the extent necessary for conducting appropriate operations, such as providing the customer's personal information to the affiliated credit information Bureaus
・For the purpose of properly carrying out the outsourced business in cases where the processing of personal information is entrusted in whole or in part by other business operators, etc.
・For the exercise of rights and the fulfillment of obligations under contracts with the customers and laws
・For research and development of financial products and services through market research, data analysis, and surveys
・For various proposals related to financial products and services such as sending out direct mail
・For various proposals of products and services such as partner companies
・For the cancellation of various transactions and for ex post facto management after the cancellation of transactions
・For proper and smooth fulfillment of inquiries about transactions, inquiries and other transactions with the customers
Current ：: Shared use of personal information (Except for "Personal number")
Matters related to joint use with Sony Financial Group (related to Article 27, paragraph 5, item 3 of the Protection Law)
Previous：: Shared use of personal information (Except for "Personal number")
Matters related to joint use with Sony Financial Group (related to Article 23, paragraph 5, item 3 of the Protection Law)
Current ：: Shared use of personal information (Except for "Personal number")
<2>Scope of joint users
Sony Financial Group Inc. and its consolidated subsidiaries and affiliates accounted for by the equity method, which have already made public notices pursuant to Article 27, Paragraph 5, Item 3 of the Protection Law (hereinafter referred to as the "Sony Financial Group")
Previous：: Shared use of personal information (Except for "Personal number")
<2>Scope of joint users
Sony Financial Group Inc. and its consolidated subsidiaries and affiliates accounted for by the equity method, which have already made public notices pursuant to Article 23, Paragraph 5, Item 3 of the Protection Law (hereinafter referred to as the "Sony Financial Group")
Current ：: Transfer to a foreign country
8. When we provide customers' personal information to third parties such as foreign entities, including subcontractors and joint users, we will only disclose such information with the consent of the customer, except in any of the following cases:

(1) When the third party is located in a foreign country or region that is stipulated by law as having a personal information protection system at a level equivalent to that of Japan.

(2) When the third party is located in a foreign country or region and has implemented security measures comparable to those required of business operators handling personal information.

When providing personal data to an entrusted entity (including sub-contractors, etc.) located outside of Japan, we ensure that necessary and appropriate measures are taken for the secure management of information.
In addition, upon request from the person in question, we will provide information on measures for safety management, etc., at contractors (including sub-contractors, etc.) located in the relevant foreign country and region.
If, at the time of obtaining consent, the third party to which personal information is to be provided cannot be identified or for some other reason cannot be provided, but the third party can be identified after the fact, information regarding the provision of personal information to the third party in a foreign country can be provided upon request from the person in question. For details, please contact English Help Desk in Section 13.
Previous：: Added
Current ：: Article 9 - Article 11　Article numbering has changed
Previous：: Article 8 - Article 10
Current ：: Request for Disclosure, etc. Procedures
11. Requests regarding notice of the Purpose of Utilization of the Company Retained Personal Data (in relation to Article 32, Paragraph 2 of the Protection law), disclosures (in relation to Article 33, Paragraph 1 of the Protection law), corrections, etc. (in relation to Article 34, Paragraph 1 of the Protection law), and suspension of use, etc. and suspension of provision to third parties (in relation to Article 35, Paragraphs 1 , 3 and 5 of the Protection law) (hereinafter referred to as "Request for Disclosure, etc."), please refer to this page (Japanese language only).
Previous：: Request for Disclosure, etc. Procedures
10. Requests regarding notice of the Purpose of Utilization of the Company Retained Personal Data (in relation to Article 27, Paragraph 2 of the Protection law), disclosures (in relation to Article 28, Paragraph 1 of the Protection law), corrections, etc. (in relation to Article 29, Paragraph 1 of the Protection law), and suspension of use, etc. and suspension of provision to third parties (in relation to Article 30, Paragraphs 1 and 3 of the Protection law) (hereinafter referred to as "Request for Disclosure, etc."), please refer to this page (Japanese language only).
Current ：: General safety control measures
12. We are taking strict security measures as follows to protect personal information that we obtain/keep.

・Setting a basic policy
In an aim to realize proper management of personal information, we are setting basic policies such as “Compliance to relevant regulations and guidelines”, or “Contact window for queries and complaints”.

・Disciplinary measures as to handling of personal information
We are setting disciplinary measures as to handling of personal information for every step as obtaining, making use of, keeping, letting others have, deleting, discarding. The measure includes relevant articles as to handling personal information, job assignment of person in charge and his/her supervisor.

・Organizational Safety Control Measures
In addition to appointing a person responsible for the handling of personal information, we have established a system to clarify the officers and employees who handle personal information and the scope of personal information handled by such officers and employees, and to report to the person responsible in the event that a violation of laws and regulations or handling rules is detected or any indication of such a violation is detected.

・Personal Safety Control Measures
We provide regular training to our officers and employees on matters to keep in mind regarding the handling of personal information.

・Physical Security Control Measures
In the areas where personal information is handled, we control the access of officers and employees, limit the equipment they may bring in, and take measures to prevent unauthorized persons from viewing personal information.

・Technical Security Control Measures
We implement access control to limit the scope of persons in charge and the personal information databases handled.

・Understanding the external environment
When we handle personal information in a foreign country, we implement safety control measures based on our understanding of the systems for the protection of personal information in that foreign country.
Previous：: Added
Current ：: Article 13 - Article 14　Article numbering has changed
Previous：: Article 11 - Article 12

Special Agreement On Visa Debit Transactions With Google Pay™ / Consent In Matters For Handling Personal Information, etc.

Date of revision : 2022/4/1
Division : Revision

Changes and details

Current ：: [For Non-Resident customers]
Within the scope of the purpose of use stipulated in each item of Article 1, paragraph 2, the Company may provide third parties such as Google, a service provider of Google Pay, and other subcontractors, etc. of the Company with the personal information, etc. of the Settlement Service Users, etc. Some third parties for which the Company provides the personal information, etc. of the Settlement Service Users are located in other countries (hereinafter referred to as "Outside The Region") than Japan and the country the Settlement Service Users, etc. resides (hereinafter referred to as ”Within The Region”) (the location of Google Asia is the Republic of Singapore). It is considered that the following conditions have also been accepted with the consent of the Settlement Service Users, etc. to this Special Agreement.
Previous：: [For Non-Resident customers]
Within the scope of the purpose of use stipulated in each item of Article 1, paragraph 2, the Company may provide third parties such as Google, a service provider of Google Pay, and other subcontractors, etc. of the Company with the personal information, etc. of the Settlement Service Users, etc. Some third parties for which the Company provides the personal information, etc. of the Settlement Service Users are located in other countries (hereinafter referred to as "Outside The Region") than Japan and the country the Settlement Service Users, etc. resides (hereinafter referred to as ”Within The Region”) (the location of Google Asia is Singapore). It is considered that the following conditions have also been accepted with the consent of the Settlement Service Users, etc. to this Special Agreement.
Current ：: Provision of information when obtaining consent as set forth in Article 28, Paragraph 2 of the Act on the Protection of Personal Information
Google LLC: 1. Name of the foreign country: United States
2. Information obtained in an appropriate and reasonable method regarding the foreign country's system for the protection of personal information.
(1) The presence of a system for protecting personal information
The California Consumer Privacy Act (CCPA) is a comprehensive statute.
(2) Information that can be used as an indicator of the system for protection of personal information
<1> No EU sufficiency accreditation.
<2> Participation in APEC's CBPR effective July 25, 2012.
(3) An obligation or a right to follow the eight principles of the OECD Privacy Guidelines
To a certain extent, the predictability of risks associated with the provision of personal data to third parties in foreign countries is considered to be guaranteed for private companies. Therefore, information concerning the subject does not necessarily need to be provided but shall be provided as required by CCPA.
<1> Collection Limitation Principle is set forth in CCPA.
<2> Data Quality Principle is set forth in CCPA.
<3> Purpose Specification Principle is set forth in CCPA.
<4> Use Limitation Principle is set forth in CCPA.
<5> Security Safeguards Principle is set forth in CCPA.
<6> Openness Principle is set forth in CCPA.
<7> Individual Participation Principle is set forth in CCPA.
<8> The principle relevant to Accountability is not applicable.
(4) Other systems which may have significant impact on the rights and the interests of an individual are not applicable.
For details, please refer to the website of the Personal Information Protection Commission.
(https://www.ppc.go.jp/index.html)
3. Information concerning the actions to be taken by the third party for the protection of personal information.
Google LLC protects personal data according to its own privacy policy.
For more information, please visit the Google LLC website.
(https://policies.google.com/privacy?hl=ja)
4. Third party to whom personal data is disclosed
Google LLC
5. The purpose of the usage by third parties to whom the information is disclosed
The provisions set forth in Article 1, paragraph 2 of “Consent in Matters for Handling Personal Information, etc.”
6. The items of personal data to be disclosed to a third party
The contents of this agreement are set forth in Article 1, Paragraph 1 of “Consent in Matters for Handling Personal Information, etc.”
Google Asia: 1. Name of the foreign country: The Republic of Singapore
2. Information obtained in an appropriate and reasonable method regarding the foreign country's system for the protection of personal information.
(1) The presence of a system for protecting personal information
The Personal Data Protection Act (No. 26 of 2012) is the Comprehensive Statute applicable to the private sector.
(2) Information that can be used as an indicator of the system for protection of personal information
<1> No EU sufficiency accreditation.
<2> Participation in APEC's CBPR effective February 2018.
(3) An obligation or a right to follow the eight principles of the OECD Privacy Guidelines
To a certain extent, in the case of economies participating in APEC's CBPR system, the predictability of risks associated with the provision of personal data to third parties in foreign countries is considered to be guaranteed for private companies.
3. Information concerning the actions to be taken by the third party for the protection of personal information.
Google Asia protects personal data according to the privacy policy set by Google LLC.
4. Third party to whom personal data is disclosed
Google Asia
5. Purpose of use by third parties to whom the information is disclosed
The provisions set forth in Article 1, paragraph 2 of “Consent in Matters for Handling Personal Information, etc.”
6. The items of personal data to be disclosed to a third party
The contents of this agreement are set forth in Article 1, Paragraph 1 of “Consent in Matters for Handling Personal Information, etc.”
Previous：: Addition of new provision

Privacy Policy

Date of revision : 2022/1/11
Division : Revision

Changes and details

Current ：: - Disclosure Items Pertaining to Personal Information and Specific Personal Information Handled by Sony Bank
Shared use of personal information (Except for "Personal number"): 2. As an exception to the sharing of personal information with third parties, when using personal data shared with a specific person, disclose in advance to the customer the fact that personal data will be used jointly, the items of the personal data to be used jointly, the scope of the persons to be used jointly, the purposes of use of the users, and the name of the person responsible for the control of the personal data in advance on the website, etc. and then the Company shall use the personal data jointly.
(1)Matters related to joint use with Sony Financial Group (related to Article 23, paragraph 5, item 3 of the Protection Law)
Sony Financial Group (hereinafter referred to as "the person set forth in <2>) shall share personal data as follows:
In the event of restrictions under the Financial Instruments and Exchange Law or other relevant laws other than the Personal Information Protection Law, such joint use shall be handled in accordance with such laws and regulations.
<1> Items of personal data to be used jointly
(a)Attribute information (e.g., address, name, date of birth, gender, place of work, position, contact information such as telephone number and e-mail address, information that can be used to identify or specify individuals such as personal identification code, and family member information)
(b)Financial data (e.g., revenues and expenditures, status of assets and liabilities, etc.)
(c)Transactional information (e.g., product and service types, transaction amounts, information on applications for contract dates, information on claims for insurance incidents, purpose of transaction, security number, management numbers such as branch numbers or account numbers, transaction histories, records and background, and information on decisions on whether or not transactions are acceptable)
(d)Information obtained through Sony Financial Group's applications, websites, or other documents (hereinafter referred to as the person specified in <2>) (e.g., application usage status, browsing history, location information, questionnaire response data, etc.)
<2>Scope of joint users
Sony Financial Group Inc. and its consolidated subsidiaries and affiliates accounted for by the equity method, which have already made public notices pursuant to Article 23, Paragraph 5, Item 3 of the Protection Law (hereinafter referred to as the "Sony Financial Group")
<3>Purpose of joint use
(a)For the planning and development of various financial products and services provided by Sony Financial Group
(b)To provide suggestions and information on Sony Financial Group's corporate information, financial products, services, and other related information, as well as to respond to comments and inquiries
(c)In order to carry out other operations incidental to a. b. above and the operations of Sony Financial Group smoothly
<4>The name of the person responsible for the management of personal data
Sony Financial Group companies that originally acquired the relevant personal data
Previous：: - Disclosure Items Pertaining to Personal Information and Specific Personal Information Handled by Sony Bank
Shared use of personal information (Except for "Personal number"): 2. As an exception to the sharing of personal information with third parties, when using personal data shared with a specific person, disclose in advance to the customer the fact that personal data will be used jointly, the items of the personal data to be used jointly, the scope of the persons to be used jointly, the purposes of use of the users, and the name of the person responsible for the control of the personal data in advance on the website, etc. and then the Company shall use the personal data jointly.

Establishment and Revision History

Terms And Conditions For Sony Bank Visa Debit Agreement

Changes and details

Privacy Policy Disclosure Items Pertaining to Personal Information and Specific Personal Information Handled by Sony Bank

Changes and details

Special Agreement On Visa Debit Transactions With Google Pay™ / Consent In Matters For Handling Personal Information, etc.

Changes and details

Privacy Policy

Changes and details

Privacy Policy
Disclosure Items Pertaining to Personal Information and Specific Personal Information Handled by Sony Bank