pafin Privacy Policy
Date of Enforcement: 22 Dec 2017
Last Updated: 25 Aug 2022
pafin Inc. (the “Company”) will observe the “Act on the Protection of Personal Information”, the “Guidelines for the Act on the Protection of Personal Information” and other relevant laws and guidelines in relation to the handling of personal information. In connection with this, the Company hereby prescribes this Privacy Policy (“this Policy”) as follows with regard to the handling of the user information including the personal information in the services (collectively, the “Service”) provided on the Company’s website. Please note that this English Privacy Policy is provided for reference purposes only and the Japanese original version shall supersede if there are any differences between the English and Japanese versions.
Article 1 (User Information)
- The user information collected by the Company in the Service includes the following information:
- information input by the customer upon registering the pafin Account (email address, user name and the like);
- information input, data uploaded and information acquired via API and the like (history data of the customer’s cryptocurrency transactions and the like) by the customer upon using the Service;
- Cookies, IP address, or information pertaining to the use of Google Analytics™; and
- in addition to each of the preceding items, information provided by the customer upon using the Service.
- The term “personal information” in the user information shall mean the personal information defined in Article 2, Paragraph 1 of the Personal Information Protection Act in Japan.
Article 2 (Purpose of Use of Personal Information)
The Company shall collect and use the user information for the following purposes:
- Service user information in investment support platforms of financial instruments and crypto-assets (cryptocurrency):
- to provide and develop services in investment support platforms of financial instruments and crypto-assets (cryptocurrency);
- to announce investment support platforms of financial instruments and crypto-assets (cryptocurrency) and various campaigns;
- to perform marketing, survey and analysis for improving or enhancing investment support platforms of financial instruments and crypto-assets (cryptocurrency) (In order to measure the effectiveness of advertisement of the Services, the Company may acquire information of ads clicked before visiting the Services (clicked date, ad-posting site, etc.) from a tool operated by a third party, and compare it with the registered information of customers.);
- to provide maintenance and support offered by the Company;
- to deal with acts in breach of the Company’s rules, policies and the like (collectively, the “Rules”) in relation to the Service of the Company;
- to notify amendments to the Rules in relation to the Service of the Company;
- to use information which is necessary to provide the Services to the user such as contents of inquiries, information regarding billing, and the service usage status, the user’s contact information and the like;
- to make communication in times of emergency; and
- any other purpose associated with the foregoing purposes of use.
- Personal information of shareholders:
- to exercise rights and perform obligations under laws;
- to provide various facilities to shareholders (shareholder special benefit plan, etc.);
- to perform various shareholder strategies (questionnaires, etc.); and
- to perform shareholder management required under laws (creation of shareholder data, etc.).
- Personal information of officers and employees of business partners and other companies:
- to make various communications and engage in negotiations required for business; and
- to manage business partner information, make payments and process revenues.
- Personal information entrusted from business partners:
- to perform service agreements.
- Personal information of job applicants, employees and retirees:
- to provide information to and contact job applicants (including interns) regarding their hiring status;
- to internally manage our recruitment activities;
- to internally engage in personnel management; and
- to provide information to and contact retirees.
Article 3 (Amendment to Purpose of Collection and Use of User Information)
The Company may amend to the purpose of use of the user information to the extent that is reasonably considered that the purpose of use after the change is duly related to that before the change, and in such case the Company would notify or publicly announce such amendment to the customer.
Article 4 (Restriction on Use of Personal Information)
Excluding the following cases, the Company may not handle the personal information beyond the scope required for achieving the purpose of use without obtaining the user’s consent in advance; save for cases that are permitted under the Personal Information Protection Act in Japan and other applicable laws:
- cases in which the handling of the personal information is based on laws and regulations;
- cases in which the handling of the personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person;
- cases in which the handling of the personal information is especially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person; and
- cases in which the handling of the personal information is necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and in which obtaining the consent of the person is likely to impede the execution of the affairs concerned.
Article 5 (Proper Acquisition of User Information)
The Company would acquire the user information through proper means, and would not acquire the user information through deceit or other wrongful means.
Article 6 (Safety Control of Personal Information)
The Company shall offer necessary and appropriate supervision to employees of the Company for the safety control of the personal information against risks such as loss, destruction, falsification or divulgence of the personal information. Moreover, if the Company subcontracts all or a part of the handling of the personal information to a subcontractor, the Company shall offer necessary and appropriate supervision so that the safety control of the personal information is ensured by the subcontractor.
Article 7 (Disclosure of Personal Information)
- In the event that the Company receives a request from the person to disclose his/her personal information or notify the purpose of using his/her personal information, the Company would promptly disclose the personal information to the person after the Company confirms that such request was made by the customer himself/herself or his/her agent or statutory agent (hereinafter referred to as the “Person, etc.” in this article, Article 8 and Article 9); save for cases where the Company is not obligated to disclose the personal information under the Personal Information Protection Act in Japan or other applicable laws; provided, however, that, upon corresponding to any of the following items as a result of disclosing the personal information or notifying the purpose of use of personal information, the Company may decide not to disclose all or a part of the personal information and, upon deciding not to disclose all or a part of the personal information, the Company would promptly notify the person to such effect:
- cases in which disclosure is likely to harm the life, body, property, or other rights or interests of the person or a third party;
- cases in which disclosure is likely to seriously impede the proper execution of the business of the Company; and
- cases in which disclosure violates other laws and regulations.
- Notwithstanding the provisions of the preceding paragraph, as a general rule, the Company would not disclose information other than the personal information such as history information and characteristic information.
Article 8 (Correction of Personal Information)
In the event that the Company is requested by the customer to correct, add, or delete (the “Correction”) the customer’s personal information pursuant to the provisions of the Personal Information Protection Act in Japan on grounds that the personal information is contrary to facts, the Company would promptly conduct necessary investigation after the Company confirms that the request was made by the Person, etc. to the extent required for achieving the purpose of use, and perform the Correction of the subject matter of the personal information based on the investigation results, and notify the customer to such effect (if the Company decides not to perform the Correction, the Company shall notify the customer to such effect); provided, however, that this shall exclude cases where the Company is not obligated to perform the Correction under the Personal Information Protection Act in Japan or other applicable laws.
Article 9 (Suspension of Use of Personal Information)
In the event that the Company is requested by the person to suspend the use or erase (the “Suspension of Use”) his/her personal information pursuant to the provisions of the Personal Information Protection Act in Japan on grounds that the personal information is being handled beyond the scope of purpose of use or was acquired by wrongful means, the Company would promptly conduct necessary investigation and perform the Suspension of Use of the personal information based on the investigation results after the Company confirms that such request was made by the Person, etc., and notify the Person, etc. to such effect; provided, however, that this shall exclude cases where the Company is not obligated to perform the Suspension of Use under the Personal Information Protection Act in Japan or other applicable laws.
Article 10 (Procedures for Requesting Disclosure, etc.)
Procedures for requesting the disclosure, etc. (notification of purpose of use, disclosure, correction, suspension of use, etc.) of personal data retained by the Company are as follows. Personal information provided by the customer in the procedures for requesting disclosure, etc. will be used only for responding to the customer’s request and for archival purposes.
- Persons who can take procedures for requesting disclosure, etc.
- Person himself/herself
- When the person is a minor or an adult ward, the person’s statutory agent
- Agent entrusted by the customer himself/herself to take procedures for requesting disclosure, etc.
- Documents required for requesting disclosure, etc.
When the person is to personally take procedures- The Company’s prescribed disclosure, etc. request form
- Identity verification document (one of the following documents: “passport, driver’s license, certificate of alien registration, special permanent resident certificate, student ID card, insurance card of health insurance, national health insurance or mariners insurance, company ID card or certificate of qualification with photo issued by a public institution”)
- The Company’s prescribed disclosure, etc. request form
- Identity verification document (for both the person and his/her agent)
- The Company’s prescribed power of attorney form
- Place of submission of request for disclosure, etc.
Inquiry counter indicated in Article 14 - Fee for disclosure, etc.
When the customer requests the disclosure of his/her personal information or the notification of purpose of use of the customer’s personal information, the Company will charge 1,000 yen (excluding tax) for each request. Please pay the fee by way of bank transfer, or enclosure of stamps or enclosure of postal money order via mail. - Method and timing of response to request for disclosure, etc.
Once the Company confirms that the information is the customer’s personal information, the Company will provide a written response to the customer within a reasonable period, excluding the following cases. If the Company is unable to provide a response, the Company will notify the customer to such effect upon specifying the reason:- cases in which the purpose of use of the retained personal data capable of identifying the individual is obvious;
- cases in which the disclosure, etc. of personal information may harm or impair the life, body, property or other rights and interests of a third party;
- cases in which the disclosure, etc. of personal information may infringe upon the rights or interests of the personal information handling business operator; or
- when performing the affairs prescribed under laws, cases in which the disclosure, etc. of personal information may hinder the performance of such affairs.
Article 11 (Provision of Personal Information to Third Party)
The Company would not provide the personal information in the user information to any third party without obtaining the customer’s prior consent excluding cases where disclosure is permitted under the Personal Information Protection Act in Japan or other applicable laws; provided, however, that the following cases do not apply to the foregoing provision of the personal information to a third party set forth in this Article10:
- Cases in which the Company entrusts the handling of the personal information in whole or in part within the scope necessary for the achievement of the purpose of use; or
- Cases in which the personal information is provided as a result of the succession of business in a merger or otherwise.
Article 12 (Use of Cookies and other Technologies)
The Service may use Cookies and similar technologies. These technologies are useful for the Company to comprehend the usage status of the Service and improve the quality of the Service. A user who wishes to invalidate Cookies may do so by changing the setting of the web browser; provided, however, that, when Cookies are invalidated, the user may be unable to use certain functions of the Service.
Article 13 (Continuous Improvement)
The Company shall review the operational status concerning the handling of the user information appropriately and endeavor to continuously improve the same, and may revise this Policy as necessary.
Article 14 (Inquiry Counter)
Please send inquiries concerning this Policy shall be made to the following inquiry counter.
pafin Inc.
Email address: soudan@cryptact.com