1. Introduction
As a company that is entrusted with the management of valuable assets by the clients, Nikko Asset Management Co., Ltd. (hereinafter referred to as the “Company”) believes that it is the Company’s mission to handle personal information, as well as personal numbers and specific personal information (hereinafter personal numbers and specific personal information are referred to as “Specific Personal Information”), carefully. In keeping with this mission, the Company hereby announces the Basic Policy for the protection of personal information (hereinafter referred to as the “Basic Policy”).
2. Compliance with Relevant Laws and Regulations
It is the Company’s deep conviction that the protection of personal information and Specific Personal Information, as well as the maintenance of confidentiality are its social responsibility. Recognizing this responsibility, the Company pledges that it will handle personal information and Specific Personal Information in an appropriate manner in compliance with the Act on the Protection of Personal Information, the Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure (hereinafter referred to as the “My Number Act”), and other relevant laws, as well as in conformity with this Basic Policy.
3. Objectives of Use
The Company will handle personal information only to the extent necessary for achieving the objectives of use in the following areas of business operations and will not use such information beyond the scope of these objectives. Moreover, the Company will not change the objectives of the use of personal information beyond the scope recognized as rational.
Moreover, the Company will only use Specific Personal Information to the extent defined by the law.
Areas of Business Operations
- Financial Instruments Business operations and other incidental operations.
- Other operations the Company is permitted to perform as well as other incidental operations (including those operations that the Company will be permitted to perform in the future)
Objectives of Use
- To solicit and sell the securities issued or the products provided by the Company, or publicize the securities, products and services issued or provided by the Company.
- To solicit, distribute, or introduce the services of the financial products offered by the Company, its affiliates, or business partners; or to introduce the Company’s affiliates.
- To accept the application for securities, products provided by the Company, or services including the opening of an account for transaction.
- To confirm the identity of a client or his or her proxy.
- To report the results of transactions, balance and other details to the client.
- To process the documents concerning the transactions with the clients.
- To conduct the research and development of products provided by the Company and services through market research, data analyses and questionnaire surveys.
- To carry out the appropriate processing of personal information in part or in whole the Company is entrusted with by other operators.
- To process the documents concerning an investment advisory contract or a discretionary investment management contract concluded with a client.
- To provided investment advisory service.
- To report the results of investment and the balance of assets under contract.
- To perform transactions with the client appropriately and smoothly.
- To make necessary contact with the client and respond to his or her needs appropriately and smoothly.
- To respond to the inquiry from the client about the handling of personal information.
- To implement the Company’s business management and internal control.
4. Limitations on the objectives of use where information is obtained through questionnaires, etc.
The Company will make every effort to limit the objectives of use depending on situation of acquiring personal information. For example, when answering various questionnaires, etc., the objectives of use will be clear to the person concerned by stipulating specifically that the information will be used for the sole purpose of gathering information for the questionnaire, etc.
5. Joint Use
The Company may use personal data jointly as follows:
- Items of personal data used jointly:
- Items on transaction information including names, addresses, dates of birth, occupations.
- Scope of the parties that will jointly use personal data
- The Company
- Sumitomo Mitsui Trust Holdings, Inc. and the consolidated subsidiaries and equity method affiliates listed in that company’s securities reports, as well as the consolidated subsidiaries and equity method affiliates listed in the disclosure material of Sumitomo Mitsui Trust Bank, Limited (in cases where the joint use of personal data is restricted by the Financial Instruments and Exchange Act or other related laws and regulations, the Company will ensure that personal data is handled in accordance with such laws).
- Objectives of the use of personal data
To recognize and manage various risks required for management of the Sumitomo Mitsui Trust Group. - The name of the entity responsible for the management of the jointly used personal data:
Sumitomo Mitsui Trust Holdings, Inc.
Moreover, the Company will not use Specific Personal Information jointly.
6. Sensitive Information
The Company will not obtain, use nor provide to a third party any sensitive information except in the following cases. If the Company obtains, uses or provides to a third party sensitive information for any of the reasons cited below, it will handle it with special care so that such information will not be obtained, used nor provided to a third party for the reasons not cited below, and it will respond appropriately in accordance with the Act on the Protection of Personal Information.
- Where sensitive information is required by laws and regulations.
- Where sensitive information is required to protect human lives, physical safety and property.
- Where sensitive information is specifically required to improve public health and nurture the healthy growth of the children.
- Where the Company is required to cooperate with a government agency, a regional public organization or an entity entrusted with by such agency or organization in the conduct of affairs stipulated by laws and regulations.
- Where sensitive information concerning those employees who belong to, or participate in a political or religious organization or labor union is obtained, used or provided to a third party to the extent necessary for processing the documents for the purpose of withholding taxes.
- Where sensitive information is obtained, used or provided to a third party to the extent necessary for the transfer of rights and obligations in inheritance procedures.
- Where sensitive information is obtained, used or provided to a third party with the consent of the person concerned to the extent necessary for ensuring the appropriate operations of financial instruments businesses and other business activities in the financial field.
- Where sensitive biological identification information is used to confirm the identity of the person concerned with his or her consent.
7. Rightful obtainment
The Company will obtain personal information and Specific Personal Information to the extent necessary to operate its business, and in the appropriate and lawful manner.
- The Company will not obtain personal information and Specific Personal Information by using a false pretext or illegal means.
- The Company will not infringe on the interest of the client when it obtains personal information from a third party. Moreover, the Company will not obtain personal information from a third party if it finds that the information in question has been leaked by an entity that is engaged in illegal collection of such information.
- The following sources provided below are examples of where the Company may obtain personal information.
- Where the customer directly provides information to the Company by filling out various questionnaires, etc. (this includes cases where the person concerned inputs data into a screen via a website, etc.).
- Where the customer directly provides information by filling out or submitting forms, etc., for the opening of trading accounts, etc., or for a new application form for the Company’s products or services (this includes cases where the person concerned inputs data into a screen via a website, etc.).
- Where the Company obtains personal information by receiving audio- and video- tapes and e-mail.
- Where the Company obtains personal information carried in official gazettes, newspapers, magazines and on the Internet.
- The Company may not be able to provide its services in part or in whole if a client has declined to provide personal information requested by the Company.
8. Notice, public announcement and disclosure of the objectives of use when personal information and Specific Personal Information is obtained
The Company will announce the objectives of use of personal information and Specific Personal Information on its website.
When the Company obtains personal information and Specific Personal Information, it will promptly notify the person concerned or announce the objectives of use except the case where the objectives of use of such information have been announced in advance.
When the Company obtains personal information and Specific Personal Information directly from the documents provided by the person concerned, it will disclose, as a rule, the objectives of use in advance.
9. Ensuring the Accuracy of Personal Data
The Company will endeavor to keep personal data accurate and up-to-data to the extent necessary for achieving the objectives of use.
The Company will specify the period in which personal data are kept in accordance with the objectives of use and will endeavor to delete such data after the elapse of the specified period except the case where the safekeeping period is specified by laws and regulations.
10. Measures Taken for Safekeeping
The Company will take appropriate and necessary measures for the safekeeping of personal data and Specific Personal Information in order to prevent leaks and losses of, and damage to such data by establishing the Basic Policy for safekeeping and the regulations of handling personal data and Specific Personal Information, as well as setting up a system under which safekeeping measures are implemented.
11. Disclosure to a Third Party
The Company will not disclose personal data to a third party except in cases that fall under any of the following situations:
- Where personal data is disclosed with the consent of the person concerned.
- Where the disclosure of personal data is required by the law.
- Where personal data is disclosed in response to an inquiry or investigation by the tax authorities, police, court of law or other external agency.
- Where the disclosure of personal data is required to protect human lives, physical safety and property and it is difficult to obtain the consent of the person concerned.
- Where the handling of personal data is entrusted with in part or in whole to the extent necessary for achieving the objectives of use.
- Where personal data are disclosed as a result of business succession due to merger or other transactions.
- Where personal data are used jointly in accordance with Article 5 of this Basic Policy.
- Where the disclosure of personal data is allowed by other relevant laws and regulations.
Moreover, excluding cases prescribed in the My Number Act, the Company will not disclose Specific Personal Information to a third party, whether the person provides their consent or not.
12. Disclosure to third parties in foreign countries
Except in cases that fall under any of the following situations, the Company will not disclose personal data to a third party in a foreign country (meaning a country or territory outside of Japan).
- Where personal data is disclosed with the consent of the person concerned.
- Where such third party is in a country that is stipulated in the Enforcement Rules for the Act on the Protection of Personal Information as being a country that has a personal information protection system recognized as having the same level as that of Japan.
- Where such third party has developed a system that conforms to the standards stipulated in the Enforcement Rules for the Act on the Protection of Personal Information as a system required to continuously take measures equivalent with those that must be taken by a business operator handling personal information.
- Where disclosure of personal data is required by the law.
- Where disclosure of personal data is required to protect human lives, physical safety and property, and it is difficult to obtain the consent of the person concerned.
- Where disclosure of personal data is specifically required to improve public health or nurture the healthy growth of the children, and it is difficult to obtain the consent of the person concerned.
- Where the Company is required to cooperate with a government agency, a regional public organization or an entity entrusted by such agency or organization in the conduct of affairs stipulated by laws and regulations, and obtaining the consent of the person concerned would risk impeding the conduct of such affairs.
13. Entrustment
The Company may entrust an external entity with the handling of personal data and Specific Personal Information in part or in whole to the extent necessary for achieving the objectives of use.
When entrusting an external entity with the handling of personal data and Specific Personal Information in part or in whole, the Company will carry out the appropriate and necessary supervision of the external entity with which the handling of personal data is entrusted (including sub-advisors and beyond) in order to ensure the safekeeping of such data.
14. Procedures for accepting claims, etc. for the disclosure of personal data
The Company will accept claims for the correction, addition, deletion, suspension of use, elimination and the cancellation of disclosure of personal data held by the Company to a third party (hereinafter referred collectively as a “claim for disclosure”) in accordance with the procedures specified by the Company. For further details, please see the “Procedures for Filing Request for the Disclosure of Personal Information.”
The outline of these procedures is as follows:
- Filing a claim for disclosure:
Your claim for disclosure and inquiry are accepted at the Company’s Information Desk. - Documents required:
Please fill in and submit the “Application for the Disclosure of Personal Information” specified by the Company. - Confirming the identity of the person who is claiming disclosure or his or her proxy:
Please submit the identification document specified by the Company. - Collection of fee:
A fee will be collected by the method specified by the Company when the objectives of use are filed or a claim for disclosure is made.
15. Information Desk responding to inquiries and receiving complaints
The Company appropriately responds to the inquiries about the handling of personal information and Specific Personal Information and complaints. Please direct your inquiries and complaints to:
Information Desk at Nikko Asset Management Co., Ltd.
Tel: +81 (0)3-6447-6000
16. Recognized Personal Information Protection Organization
The Company is a member of the following recognized personal information protection organizations.
Name of personal information protection organization and the customer inquiries window for complaint or consultation is as follows.
- The Investment Trusts Association, Japan
Investors' consultation department Tel: +81 (0)3-5614-8440 - Japan Investment Advisers Association
The Customer Inquiries for complaint or consultation Tel: +81 (0)3-3663-0505
17. Review and revision of the Basic Policy
The Company may, from time to time, review the contents of this Basic Policy and revise in response to the revision of relevant laws and regulations as well as changes in the information technology environment.
The Company will announce the revised Basic Policy by posting on our Web site or other method.
18. Definitions
As used in the Basic Policy, the following terms shall have the following meanings:
- “Personal Information” means information concerning the living individuals (including the Company’s clients, employees and all related companies) which can identify specific individuals (including information which can be easily collated with other information to identify specific individuals), and information that contains an individual identification code.
- “Individual Identification Code” means the characters, letters, numbers, symbols or other codes stipulated in Article 1 of the Order for Enforcement of the Act on the Protection of Personal Information as those that can identify specific individuals from such information alone (e.g., fingerprints, passport numbers, basic pension numbers, driver’s license numbers, resident identification numbers, and personal numbers).
- “Personal Number” means the 12-digit number that can be converted from a resident identification number in accordance with the My Number Act, which is assigned to identify persons on a certificate of residence that has the resident identification number listed on it.
- “Specific Personal Information” means personal information that has personal numbers included in it.
- “Personal Information Data Base” means a collection of information including personal information systematically structured so that personal information on specific individuals can be retrieved by computer.
- “Personal Data” means personal information which forms a personal information data base.
- “Personal Data Held by the Company” means the personal data to which the Company has the rights to disclose at the request of the Person Concerned or his or her proxy, correct, add, delete, suspend the use, eliminate and cancel disclosure to a third party except for the data which will harm public interest or other interest if its existence is known and the data which will be deleted (not including the data which will be renewed) within 6 months.
- “Person Concerned” means a specific individual who can be identified by personal information.
- “Employees” means persons who are engaged in the Company’s operations under direct or indirect supervision of the Company in its organization including not only those who are employed by the Company (executive officers, full-time employees, contract-based employees, temporary employees, part-time employees and casual workers) but also those who are not employed by the Company (directors, auditors and dispatched employees).
- “Special Care-Required Personal Information” means personal information that includes specific descriptions, etc. and requires special care so as not to cause unfair discrimination, prejudice or other disadvantages (e.g., race; criminal record; creed; medical history; physical disability; intellectual disability; psychological disability; medical diagnosis or other results; health guidance, medical care or prescriptions by a doctor, etc.; social status; or fact of having suffered damage as a result of a crime).
- “Sensitive Information” means special care-required personal information, and information concerning participation in labor unions, family origin, legal domicile, health and medical treatment, and sexual orientation (excluding those falling under special care-required personal information; excluding information that is disclosed by the person concerned, a government agency, a regional public organization, or a party set forth in the subparagraphs of Article 76.1 of the Act on the Protection of Personal Information or the subparagraphs of Article 6 of the Enforcement Rules for the Act on the Protection of Personal Information, or information that is apparent from external appearance and acquired by looking at or photographing the person concerned).