(TRANSLATION)
(FOR REFERENCE ONLY)
(JAPANESE VERSION PREVAILS)

Privacy Policy

About Privacy Policy

Sony Bank Incorporated (hereinafter “the Company”) aims to take full advantage of advanced information and communication technology to provide every customer with high-quality financial services. The Company collects minimum necessary personal information on each customer to securely and reliably achieve this goal. As a bank and Sony Group member, the Company places utmost priority on earning and maintaining customer trust. Regarding the protection of customers’ personal information, the Company carefully complies with related laws and ordinances, the guidelines of Japan’s Personal Information Protection Commission and other relevant authorities and business organizations, and the common corporate privacy policy of Sony Group Japan.

Keiji Minami
President and CEO, Representative Director
Sony Bank Incorporated

Operation Commencement Date: April 1, 2005
Amendment Date: April 1, 2024

Sony Group Japan – Common Corporate Privacy Policy *

Each company of the Sony Group (collectively, "Sony") is willing to build an environment in which the personal information of customers is safely stored, used and handled in line with the intention of customers, as well as gaining the trust of customers, and hopes to continue to provide numerous services, under this environment, which inspire and fulfil the curiosity of each customer.
Under this policy, and in accordance with Sony's philosophy of being honest and fair, Sony has prescribed the following policy on the handling of personal information, and is working to ensure the proper handling of personal information relating to its customers that it collects.

This Policy encompasses Sony Group Corporation and its subsidiaries within Japan.

Handling of Personal Information

  • Definition of Personal Information
    • "Personal information" in this Policy refers to information relating to an individual that includes a name, date of birth, or other description, etc., that could be used to identify a specific individual, or that includes a individual identification code*. All obtained information relating to customers that does not contain information in itself by which a specific individual could be identified, but which could be used to identify a specific individual by collating it with other information, shall be regarded as "personal information" within the scope that it can be handled in combination with other information.
    • The definition of the Individual Identification Code is based on the Amendment to the Cabinet Order to Enforce the Act on the Protection of Personal Information and, as of amendment date of this privacy policy, including the following: (i) Those character, letter, number, symbol or other codes produced by having converted any of the following bodily features thereinto so as to be provided for use in computers which conform to standards prescribed by rules of the Personal Information Protection Commission as sufficient to identify a specific individual. (a) base sequence constituting Deoxyribonucleic Acid (alias DNA) taken from a cell; (b) appearance decided by facial bone structure and skin color as well as the position and shape of eyes, nose, mouth or other facial elements; (c) a linear pattern formed by an iris’ surface undulation; (d) vocal cords’ vibration, glottis’ closing motion as well as the shape of vocal tract and its change when uttering; (e) bodily posture and both arms’ movements, step size and other physical appearance when walking; (f) intravenous shape decided by the junctions and endpoints of veins lying under the skin of the inner or outer surface of hands or fingers; (g) a finger or palm print. (ii) Number of passport, Basic pension number, Number of a driver’s license, Resident record code and Individual number (iii) Those character, letter, number, symbol or other codes prescribed by rules of the Personal Information Protection Commission which are stated on a certificate set forth in the following in a way to give each person who receives its issuance a different one. (a) A health insurance card (b) An insured person’s certificate (c) Any other character, letter, number, symbol or other codes prescribed by rules of the Personal Information Protection Commission as equivalent to each preceding item.
  • Compliance with Laws

    When handling personal information, Sony shall comply with the obligations set forth in the Act on the Protection of Personal Information, various other laws and regulations relating to the protection of personal information, guidelines published by the Personal Information Protection Commission and the competent authorities, as well as to this Policy.

  • Use within the Scope of Utilization Purpose

    Except where the prior consent of the individual has been obtained, or where it is permitted by law, Sony shall handle personal information only within the scope required to achieve the previously specified purpose of use, and shall take measures to achieve this.

  • Acquisition of Personal Information

    Sony shall endeavour to obtain personal information after expressing in advance the items, purpose of use, and contact point for inquiries, etc., of the personal information to be handled, and after obtaining the consent of the individual. In the event that special care-required personal information such as race and creed, etc., is included in the personal information, except where permitted by law, Sony shall not acquire such personal information without the consent of the individual. When obtaining personal information from a third party, if a legal obligation to check or create records arises when receiving provision from a third party, Sony shall comply with this.

  • Personal Information of Customers Under the Age of 15

    Sony shall endeavour to comply with all laws and regulations applicable to the collection, storage, and use of personal information relating to customers under the age of 15. In the event of a child having provided personal information to Sony without the consent of their parent or guardian, we ask that a parent or guardian contacts us at the address specified in this Policy.

  • Security Control Action

    Sony shall endeavour to keep the content of personal information accurate, complete, and up to date within the scope of the purpose of use, shall take the necessary and appropriate secure management measures in accordance with technological standards at that point in time in order to prevent unauthorised access, leakage, tampering, loss, or damage, etc., and shall make corrections as necessary.

  • Supervision of Subcontractor(s)

    Sony, within the scope required for the achievement of the purpose of use, may entrust the handling of personal information to another Sony Group company or a third party. In such a case, the appropriate secure management measures shall be taken under the Sony Group common information security policy. In addition, with regard to the contracting of business to a third party, efforts shall be made to ensure that secure management is performed as strictly as possible in relation to the handling of personal information, such as through the execution of a contract. If a third party in a foreign country is contracted to perform business, and a legal obligation to create records arises, Sony shall comply with this.

  • Third Party Provision

    Except where permitted by law, Sony shall not provide personal information to a third party without obtaining the consent of the individual. If personal information is provided to a third party, and a legal obligation to create records arises at the time of such third party provision, Sony shall comply with this.

  • Respond to a Demand etc. for Disclosure etc.

    Sony shall respond appropriately to requests for the disclosure, amendment, ceasing of use (for introducing products and services, etc.), and deletion of personal information, as well as other comments and inquiries regarding the handling of personal information, based on the provisions of laws and regulations. Please contact the address of the company to which you provided information for assistance.

  • Strengthening of Systems, Training, Etc.

    To ensure the appropriate handling of personal information, Sony shall endeavour to continually strengthen and improve internal systems, including reviewing this Policy, by appointing a manager for personal information, establishing internal regulations, training officers and employees, and implementing the appropriate internal audits, etc.