- Handling of Personal Information in Telecommunications Business Field
- Handling of Personal Information in Installment and Installment Agency Business Fields
In recognition of the importance of personal information, OKINAWA CELLULAR TELEPHONE COMPANY (hereinafter referred to as "OCTC") complies with the Telecommunications Business Law, Personal Information Protection Act, laws concerning the use of specific numbers for identifying individuals for government procedures, guidelines according to business fields as specified by a competent authority, including Guidelines Concerning Protection of Personal Information in Telecommunications Businesses, and other related laws and ordinances publicly in order to ensure the protection of personal information. In addition, OCTC handles personal information in the following manner:
1. Collection of Personal Information
We handle the information described in items 1 through 6 below, which is collected through legal and fair means. Personal Information of customers includes information on the Subscriber as well as personal information on all Users obtained through the user Registration System for au Telecommunications Services.
There may be cases where customer information is not considered personal information due to its content. We will, however, give due consideration to the handling that information.
- Information collected from written sources such as application forms filled in by customers, or a company website, or verbally collected in order for us to provide telecommunications services (including services associated with telecommunications services: see Attached Sheet 1) and other services. When answering a telephone call from a customer, we may record the call to verify the inquiry and improve our services.
- Information obtained as a result of the use of our services by a customer (access information obtained using technology such as cookies, web beacons, and IDFA (Identifier For Advertisement), including information automatically obtained by our systems)
- Information obtained from a residence certificate or the like by making inquiries at a public institution
- Information obtained from various sources open to the public, such as telephone directories and official government gazettes
- Information obtained from credit information reference centers
- Information lawfully obtained from a third party by referral of a customer
2. Acquisition and Use of Personal Numbers
OCTC collects and uses personal numbers and specific personal information in accordance with laws concerning the use of specific numbers for identifying individuals for government procedures only for the purpose of use as defined by those laws.
3. Use of Personal Information
Information possessed by OCTC may be mutually utilized beyond the extent necessary for fulfilling its intended purpose of use for each service and operation (see purpose of use by business field), except in the following cases. Also, OCTC may use the information when delivering service information of associated companies and other affiliations (see Attached Sheet 5).
- If a customer consents;
- If required by laws and ordinances;
- If such information is required for the protection of human life, body or property, and it is difficult to obtain a customer's consent;
- If such information is required especially for the improvement of public health or the promotion of sound nurturing of children, and it is difficult to obtain a customer's consent; or
- If it becomes necessary under applicable laws and ordinances to cooperate with a government agency, local public agency or parties authorized by them, and obtaining of consent from the customer is likely to hinder the execution of such duties.
4. Management of Personal Information
We take measures to control access to personal information, limit means for taking personal information outside the office, and prevent unauthorized external access. We also take measures to prevent personal information being leaked, lost or damaged and other necessary and appropriate measures for personal information security management (hereinafter referred to as "Security Management Measures").
When taking Security Management Measures, we properly implement technological and organizational protections as shown below by using the frameworks of the Info-Communications Safety and Reliability Standards (Ministry of Posts and Telecommunications Notice No. 73 of 1987) and Information Security Management System (ISMS).
(1) Technological Protection Measures
- We control access to personal information (limiting the number of employees authorized to access personal information regarding measures including the immediate cancellation of accounts of employees who are transferred or leave the company, the establishment of a system for monitoring access status such as long-term storage of access logs, the change of passwords at regular intervals, and room entry/exit supervision, etc.)
- We limit the means for taking personal information outside the office (prohibition of saving to external storage devices without due reasons and establishment of a monitoring system of e-mail between inside and outside the company in the company rules).
- We take measures to prevent unauthorized external access (installation of firewalls, etc.)
(2) Organizational Protection Measures
A) Supervision of employees (including temporary employees)
- As the designated person in charge of the management of personal information, we appoint a "Person in charge of information security" and define the responsibility and authority of an employee with respect to personal information security management.
- We establish internal rules and compile manuals concerning security management, instruct employees to comply with such rules and manuals, and perform appropriate audits on the status of compliance.
- We provide employees with training and education on personal information security management.
B) Supervision of contractors
We may contract all or part of our personal information handling operation. In such a case, we select a contractor who is expected to properly handle personal information, appropriately specify matters concerning handling of personal information such as Security Management Measures, confidentiality, terms and conditions of recontract, return of personal information upon expiration or termination of contract agreement, and perform necessary and appropriate supervision.
5. Discontinuation of Information by Direct Mail
If a customer does not wish to receive advertising material via direct mail, he/she may request us to cease delivery. However, delivery of information such as e-mail related to confirmation of an order for various services concerning telecommunication services that is necessary for operation of services is excluded from this opt-out provision. To request termination, contact us at the following locations:
"au Customer Service Center"
|Customer using au mobile phone||Customers using Internet Phone Service|
|From au phones:||Dial 157 with no area code (Toll free)||
0077-777 (Toll free)
|From general fixed-line phones:||
0077-7-111 (Toll free)
|Open:||9:00 - 20:00 (including Saturdays, Sundays and national holidays)
||9:00 - 20:00 (including Saturdays, Sundays and national holidays)
6. Disclosure of Personal Information
We will respond within a reasonable time period, upon request from a customer or her/his agent for disclosure of relevant personal information except in the following cases: Please note that a customer includes all users registered with the User Registration System for au Telecommunications Services, in addition to a subscriber.
- If there is a possibility of damaging life, body, property, or other rights or interests of the customer or any third party;
- If there is a possibility of significantly interfering with proper operation of our business; or.
- If it may violate laws or regulations.
For more details of procedures for personal information disclosure, refer to Attached Sheet 2.
7. Revision of Personal Information
If requested by a customer or her/his agent to revise, add or delete relevant personal information (hereinafter referred to as "Revisions, etc."), we will investigate within a reasonable time period and revise relevant personal information based on the results of the investigation within the limits necessary to fulfill the intended purpose of use.
8. Contact Point for Complaints about Handling of Personal Information
For complaints about our handling of personal information, including the use, provision, disclosure, and revision of such information, contact the following:
Please note that we do not accept complaints made by visiting our office.
|[OKINAWA CELLULAR TELEPHONE COMPANY Personal Information Disclosure Consultation Office]|
|1-2-1, Matsuyama Naha City, Okinawa 900-8540
Phone: 098-860-6778 (9:00 - 17:00 Every day except Saturdays, Sundays, and national holidays)