Star Asia Investment Corporation (SAR) shall comply with the Act on the Protection of Personal Information, the Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure (the “Number Act”) and other relevant laws and regulations, establish this Policy, and endeavor to protect personal information.
Company name, address, and name of the representative
・Star Asia Investment Corporation
・Atago Green Hills Mori Tower 18F, 2-5-1, Atago, Minato-ku, Tokyo 105-6218
・Executive Director Atsushi Kato
Policy
Recognizing the extreme importance of honoring individual privacy, SAR shall strive to properly handle and safely and reliably manage/use personal information in addition to ensuring using such for only predetermined purposes and appropriately handling complaints, etc. of such, by adhering to the Act on the Protection of Personal Information, the “Number Act” and other related laws and regulations as well as norms (including guidelines concerning the protection of personal information and other guidelines in the financial sector) and internal rules among others.
Collection of Personal Information
SAR shall collect personal information within the scope necessary for the achievement of the purposes of use described below, through legitimate and proper means.
Purposes of Use of Personal Information
Purposes of use of personal information collected by SAR are as follows.
(1) | To execute the rights and fulfill obligations, pursuant to the Act on Investment Trusts and Investment Corporations (the “Investment Trusts Act”) and other laws and regulations applicable to SAR. |
---|---|
(2) | To conduct tasks necessary for the unitholders of SAR as defined under the laws and regulations (the “Unitholders”) to exercise their rights; and to provide information and other services to the Unitholders. |
(3) | To prepare various reports pursuant to the Investment Trusts Act and other applicable laws and regulations and data concerning the Unitholders; and to manage the Unitholders using the data. |
(4) | To respond to inquiries, etc. from those considering the purchase of securities issued by SAR. |
(5) | To issue/offer investment corporation bonds/investment units by SAR; and to borrow funds |
(6) | To acquire, transfer and lease investment assets |
(7) | To implement various tasks in line with survey/research, collection/analyses of information and provision/notification of information that are necessary for the management of assets |
(8) | To properly and smoothly implement other operations of SAR in addition to (1) through (7) above. |
(9) | To disclose/provide personal information to third parties to the extent necessary to achieve the purposes of use set forth in (1) through (8) above. |
However, when, upon provision of personal information, a purpose of use other than the above is notified or clearly specified to the information provider (the individual), the purpose of use shall prevail over the above purposes of use. As for specific personal information (as defined in the Number Act; the same shall apply hereinafter) collected, used, stored pursuant to the Number Act, purposes of use for affairs related to the individual number (as defined in the Number Act) or other purposes of use permitted under laws and regulations shall prevail over the above purposes of use. No change to the purpose of use of personal information will be made beyond the scope reasonably recognized as having relevance to the purpose of use prior to such change.
Prohibition of Improper Use
SAR will not use personal information by methods which could possibly facilitate or induce illegal or unjust acts.
Disclosure/Provision to Third Parties
Required items of personal information collected by SAR, such as address, name, real estate information or contents of correspondence, may be provided to a third party through direct delivery, mail, phone, internet, e-mail, advertising medium, etc. in the following cases. Disclosure/provision will be halted if such request is made by the information provider (the individual). However, there may be requests that cannot be complied with
(1) | When consent has been obtained from the relevant individuals |
---|---|
(2) | When disclosure or provision is based on laws and regulations |
(3) | When it is necessary to do so for protecting people's lives, bodies or estates, in cases when it is difficult to obtain consent from the relevant individuals for disclosure/provision of the personal information. |
(4) | When it is necessary to do so particularly for improvement in public health or sound development of children, in cases when it is difficult to obtain consent from the relevant individuals |
(5) | When it is necessary to cooperate with national administrative agencies, local governments or parties entrusted by such entities in conducting administrative operations designated by laws and regulations, in cases when obtaining consent from relevant individuals for disclosure/provision of the personal information may cause problems in conducting such operations. |
(6) | When the information is disclosed/provided to a third party to the extent rationally necessary to achieve the purposes of use. |
(7) | When the information is disclosed/provided in non-personally identifiable form such as statistical data. |
(8) | In addition to (1) through (7) above, when disclosure/provision is approved by the Act on the Protection of Personal Information or other laws and regulations. |
Examples of third parties to which personal information may be disclosed/provided
・ | Star Asia Investment Management Co., Ltd. (Asset Manager), an asset management company of SAR |
---|---|
・ | Counterparties and potential counterparties of contracts regarding real estate transactions |
・ | Financial institutions and non-insurance companies (including insurance agents) involved in tasks contingent to transactions of real estate, etc. |
・ | Building lots and buildings business operators |
・ | Attorneys at law, judicial scriveners and real estate appraisers |
・ | General administrative agent and transfer agent |
However, specific personal information collected, used and stored pursuant to the Number Act shall not be provided to third parties regardless of consent from the information provider (the individual), except when such provision is pursuant to laws and regulations.
Matters concerning Security Control Measures
Concerning the management, including prevention of leakage, loss, or damage, of personal data held by SAR, SAR’s Asset Manager has taken necessary and appropriate security control measures. The main contents of security control measures for personal data taken by the Asset Manager are as follows.
【Main Contents related to Security Control Measures for Personal Data of SAR’s Asset Manager】
Establishment of Personal Information Protection Policy
・In order to secure proper handling of personal data, this Policy (Personal Information Protection Policy) has been established regarding “compliance with relevant laws and regulations and guidelines” and “contact information for inquiries and handling of complaints” etc.
Development of rules regarding the handling of personal data
・“Personal Information Handling Rules” have been established which prescribes handling methods, responsible persons and other persons in charge and their responsibilities, in accordance with each stage from acquisition, use, storage, provision, to deletion and abolishment etc.
Institutional security control measures
・In addition to appointing an information management supervisory manager regarding the handling of personal information, the scope of employees handling personal data and the scope of personal data to be handled by such employees have been clearly determined, and a whistle-blowing system has been developed for reporting to the information management supervisory manager for when the fact of violation of the Act on the Protection of Personal Information or the Personal Information Handling Rules, or an indication of such violation, is found.
・Regarding the handling status of personal data, in addition to conducting periodic voluntary inspections, audits are conducted by other departments or external parties.
Human security control measures
・Regarding points of concern regarding the handling of personal information, periodic training is conducted towards employees.
・The rules of employment stipulate matters related to confidentiality of personal data.
Physical security control measures
・In areas which handle personal data, measures have been taken to prevent the browsing of personal data by persons not authorized to do so.
・Measures have been taken to prevent the theft or loss etc. of equipment, electronic media and documents etc. which handles personal data. Furthermore, security control measures have been taken to prevent the leakage etc. of personal data when such equipment, electronic media, etc. is carried around, including moving within the business office, and when such equipment and electronic media, etc. handling personal data is disposed of.
Technological security control measures
・Access control is implemented, and the persons in charge as well as the scope of the personal information database etc. to be handled are limited.
・A system has been installed to protect information systems which handle personal data from unauthorized access from the outside or malicious software.
Understanding the external environment
・Security control measures are taken, after grasping the systems for protection of personal information in EU countries, the U.K. or U.S.A, where personal data is being stored or are planned to be stored.
Supervision of Entrusted Parties
SAR in certain cases may entrust third parties with the handling of personal data to the extent necessary for achieving the purpose of use. In such case, SAR conducts necessary and appropriate supervision of such entrusted party in order to safely manage such personal data.
Inquiries Relating to Personal Information
Questions concerning the general handling of personal information or questions regarding provided personal information; inquiries related to request for notice of the purpose of use, the disclosure, corrections, addition, deletion, or suspension of use, etc. of held personal data; or complaints on handling of personal information by SAR are accepted at the Financial Management Department of the Asset Manager (phone: +81-3-5425-1340). Inquiries on information included in unitholders' register and handling of such is accepted at Stock Transfer Agency Business Planning Department of Sumitomo Mitsui Trust Bank, Limited (phone: 0120-782-031 (main number; toll-free within Japan). Depending on the contents, there may be requests that cannot be complied with. Furthermore, upon sending notice of or disclosing the purpose of use of held personal data, or upon disclosing records provided by third parties, the requesting party may be asked to bear prescribed fees.
Established on April 19, 2016
Revised on April 1, 2022