Privacy Policy

Enacted: September 17, 2017
Revised: July 1, 2025
Aderans Co., Ltd.
Hiromasa Suzuki, Group CEO, Representative Director, President

Aderans Co., Ltd. ("the Company") recognizes its social responsibility to protect all personal information that it handles. The Company will protect the rights of individuals whose information it possesses, and will comply with all applicable laws and regulations concerning protection. To implement the principles outlined herein, the Company has established a personal information protection management system and declares its commitment to continuous improvement, taking into account evolving IT trends, societal expectations, and changes in the business environment.

1.
The Company acquires, uses and provides personal information only to the extent necessary to accomplish the Company's legitimate operations in the hair related business, as well as employment of employees and personnel management. We do not handle personal information beyond the scope required to achieve the specified purposes of use (non-purpose use). We also take measures to prevent non-purpose use.
2.
We comply with laws and regulations, guidelines determined by the Japanese government, and other norms regarding personal information protection.
3.
We will adopt reasonable safety measures in relation to risks such as leakage and loss of as well as damage to personal information, and will continuously improve the personal information security system by allocating management resources that are consistent with the actual business situation to prevent such occurrences. In addition, we will take corrective action promptly when we determine that there is a problem in terms of protection of personal information.
4.
We will respond swiftly, sincerely and appropriately in relation to complaints and consultation concerning the handling of personal information.
5.
We will review the personal information protection management system in a timely and appropriate manner and continually improve it in light of changes in the environment surrounding the Company.

This policy shall be distributed and made known to all employees, and shall be made available to anybody at any time by means of its publication on the Company's website, pamphlets and other types of media.

[Inquiries]

Inquiries regarding the Personal Information Protection Policy will be accepted at the point of contact below.

Customer Service Center:: Shinagawa Seaside Canal Tower 4-12-6, Higashi Shinagawa, Shinagawa-ku, Tokyo, 140-0002, Japan
Tel:: 0120-03-9696 (Domestic only)
Reception hours:: Monday-Friday: 10:00 am-6:30 pm
Saturday, Sunday and public holidays: 9:00 am-5:30 pm
(excluding December 30-January 4 at end of year/beginning of year)

(Public statement regarding personal information)

Chapter 1. Handling of personal information of residents in Japan

Handling of personal information

Purposes of use of personal information handled by the Company

a.
Purpose of use of personal information acquired by means of a written document directly from the individual concerned (including information based on a website or e-mail)
In advance of its acquisition, the purpose of use shall be specified in writing to the individual concerned.

Purpose of use of personal information acquired by a method other than that in the preceding paragraph

Classification	Purpose of Use
Customer information acquired verbally in counseling, acquired by means of images, etc.	For the provision of products and services For management of the customer's usage history For responding to an inquiry
Customer information acquired by telephone	For reservation procedures For responding to an inquiry
Personal information collected from customers in association with the entrustment of business or services	To appropriately accomplish the applicable business or services that have been entrusted
Supplier contact information	To confirm order contents (communication records, etc.)
Information on job seekers obtained from a recruitment agency or job advertising agency	For recruiting activities

Notification Regarding Retained Personal Data and Records of Third-Party Provision

The Company will respond to requests from the individuals concerned or their representatives regarding personal information it possesses (hereinafter referred to as "retained personal data") for notification of the purpose of use, disclosure, disclosure of records of third-party provision, correction, addition or deletion of content, suspension of use, erasure, and suspension of provision to third parties (hereinafter referred to as "requests for disclosure, etc.").

a.
Name of business operator
Aderans Co., Ltd.
b.
Personal Information Manager
Name of manager: Executive Officer, in charge of Administration Group
Contact information: See below "Personal information inquiries point-of-contact"

Purpose of use of all retained personal data

Classification	Purpose of Use
Personal customer information	For user support For management of the customer's usage history For the provision of products and services For providing information on products and services, For responding to an inquiry
Supplier contact information	To confirm order contents (communication records, etc.)
Information on the Company's employees	For personnel and labor management, work management, health management and security management of employees
Information on applicants seeking jobs at the Company	To contact employment applicants and manage our recruiting operations
Specific personal information	Procedures for social insurance and tax filing under the My Number Act

d.
Contact for complaints regarding handling of retained personal data

Aderans Co., Ltd. Personal information inquiries point-of-contact

Customer Service Center:

Shinagawa Seaside Canal Tower 4-12-6, Higashi Shinagawa, Shinagawa-ku, Tokyo, 140-0002, Japan

Tel:

0120-03-9696 (Domestic only)

Reception hours:

Monday-Friday: 10:00 am-6:30 pm
Saturday, Sunday and public holidays: 9:00 am-5:30 pm
(excluding December 30-January 4 at end of year/beginning of year)
e.
Name of the Certified Personal Information Protection Organization to which the company belongs, and contact point for complaint resolution.

* Only complaints related to the handling of personal information are accepted.

JIPDEC (Japan Institute for Promotion of Digital Economy and Community)
Certified Personal Information Protection Organization Office
Roppongi First Building, 9-9 Roppongi 1-chome, Minato-ku Tokyo, 106-0032, Japan
Tel: +81 (0)3-5860-7565 / Toll free (Domestic only) 0120-700-779
f.
Procedures corresponding to requests for disclosure, etc. of retained personal data
1. 1.
  Contact for requests for disclosure, etc.
  For requests for disclosure, etc., please contact the personal information inquiries point-of-contact above.
2. 2.
  Procedures related to requests for disclosure, etc.
  1. (i)
    After receiving your request, the Company will mail you the prescribed request form, "Request for Disclosure, etc. of retained Personal data " which you can use.
  2. (ii)
    Please mail us the filled-in request form, and in the case of a request by a representative, please send this to the above personal information inquiries point-of-contact together with a document that verifies that this is your representative and a postal money order for the fee (only in the case of a request for notification and disclosure of the purpose of use).
  3. (iii)
    After receiving the above request form, in order to confirm your identity, we will ask for approximately two items of information (e.g., your telephone number and date of birth) that can verify your identity among the personal information that you have registered with the Company.
  4. (iv)
    Responses will, in principle, be made in a written form (sealed mail) to the individual concerned.
3. 3.
  In the case of a request by a representative, documents to confirm the identity of the representative
  If the person who requests disclosure, etc. is a representative, please enclose a document to prove that this person is a representative and a document to prove the identity of the representative. Please fill in the legal domicile information included in each document as far as the prefecture and then mask or otherwise conceal the information thereafter. In addition, please send each document without including any personal numbers or mask or otherwise conceal all digits.
  1. (i)
    
    Documents to prove that someone is a representative
    
    <In the case of a representative that has been authorized by the individual concerned in regard to a request for disclosure, etc.>
    
    Power of attorney (original document) to act on behalf of the individual concerned
    
    <If the representative is the statutory agent of a minor> A photocopy of one of the following
    
    Family register
    Certificate of residence (showing the family relationship)
    Another public document that can verify the power of legal representation
    
    <If the representative is the statutory agent of an adult ward> A photocopy of one of the following
    
    A certificate of registered matters regarding guardianship registration, etc.
    Another public document that can verify the power of legal representation
  2. (ii)
    
    Documents to prove the identity of the representative
    
    Driver's license
    Passport
    Health insurance certificate
    Certificate of residence
4. 4.
  Fee for request for notification or disclosure of purpose of use
  1,000 yen per request
  (Please enclose a postal money order with the sent request form.)
g.
Measures Taken for the Secure Management of Retained Personal Data
1. 1.
  Formulation of Basic Policy
  A privacy policy has been established to ensure the proper handling of retained personal data, including compliance with relevant laws and guidelines and the establishment of a contact point for inquiries and complaints.
2. 2.
  Development of Rules Regarding the Handling of Retained Personal Data
  Rules for the protection of personal information have been formulated to define procedures, responsible persons, and their duties for each phase of data handling, including acquisition, use, storage, provision, deletion, and disposal.
3. 3.
  Organizational Security Measures
  1. (i)
    A person in charge of handling retained personal data has been designated, and the scope of data each employee is allowed to handle is clearly defined.
  2. (ii)
    Based on these measures, a reporting system is in place to notify the person in charge of any actual or suspected violations.
  3. (iii)
    Regular self-inspections are conducted, and audits by other departments or external parties are also implemented.
4. 4.
  Personnel Security Measures
  1. (i)
    Regular training is provided to employees regarding key considerations in the handling of retained personal data.
  2. (ii)
    All employees are required to submit a confidentiality agreement that includes provisions related to retained personal data.
5. 5.
  Physical Security Measures
  1. (i)
    Access to areas where retained personal data is handled is controlled, including the management of employee access and restrictions on devices brought into such areas. Measures are also taken to prevent unauthorized persons from accessing or viewing retained personal data.
  2. (ii)
    Measures are taken to prevent the theft or loss of devices, electronic media, and documents that handle retained personal data. When transporting such items, including within office premises, measures are implemented to prevent easy identification of the data.
6. 6.
  Technical Security Measures
  1. (i)
    Access control is implemented to limit the range of authorized personnel and the scope of databases containing personal information.
  2. (ii)
    Systems are in place to protect information systems handling retained personal data from unauthorized access and malicious software.

Chapter 2. Handling of personal information of EEA residents.

Handling of personal information

In addition to Chapter 1, Chapter 2 provides our policy to handle personal information of persons residing in the European Economic Area (hereinafter referred to as "EEA" ) based upon the REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive "95/46/EC" . In the event that any provisions of this chapter contradict those of Chapter 1, the provisions of this Chapter shall prevail.
However, please note that this chapter does not apply to those who live in Japan and are visiting/browsing this page from/within Japan.

a.
Customer under the age of 16
A guardian's consent or permission must be obtained in the event that a customer under the age of 16 uses the Company's service and consents to this Privacy Policy. The data subject's consent to this Privacy Policy must be obtained in the event that a person such as family member apply for the Company's service on behalf of the data subject.
b.
Request about handling of Personal Information
If the Company receives a request from an EEA resident, with regard to the customer's personal information stored in a database held by the Company, the request will be handled as follows, within a reasonable timeframe and scope, after confirming that the request was submitted by the customer themselves.
1. ①
  Request for disclosure
  After due review of the request, personal information will be disclosed by the customer's request.
2. ②
  Request for correction, deletion, addition
  After due review of the request, personal information will be corrected, deleted, or added, after verification of customer's request, within reasonable scope.
3. ③
  Requesting discontinuance of usage or erasure
  According to the contents of your request, the personal information specified will be suspended or deleted wherever possible and appropriate.
4. ④
  Request for withdrawal
  After reviewing the request, personal information will be deleted or suspended in accordance with the customer's request, wherever possible and appropriate.
5. ⑤
  Request for data portability
  After confirming the details of customer's request, the company will transfer or receive personal information requested, whenever possible and appropriate.
6. ⑥
  Request for objection
  After confirming the details of customer's objection, the company will stop using the personal information, whenever possible and appropriate.
7. ⑦
  Procedure for making the request
  If a customer wishes to make a request provided in this clause, please contact the data protection officer's e-mail address as indicated at the end of this clause. An adequate claim form among ① to ⑥ above will be sent by e-mail.
c.
Transfers to outside the EEA
The Company may provide the customers' personal data to third parties, such as its affiliates and its outside contractors (some of them are located outside the EEA) to implement the purposes of use, after obtaining a consent from customer. In the case that the country in which the third party is located is outside the EEA, such country may not have the same data protection laws as the EEA. As such, many of the rights provided in the EEA to the data subjects of the data will not necessarily be provided.
The Company has secured the right of customer with regard to personal information by entering into an agreement which provides SCC (Standard Contract Clauses) with those companies that receive the personal information.
d.
Change of purposes of use of personal data
In the case of a change to the purposes of use of personal data, the Company will announce the revised Privacy Policy in advance on the Company's website.(https://www.aderans.co.jp/corporate/)
e.
Lodging a complaint with an authority
Customers have the right to lodge a complaint on the processing of their personal data with the data protection authority having jurisdiction over their residence. Please use the following URL to contact the authority having jurisdiction over your residence:
(https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080)
f.
The contact information of data protection officer
You can contact Aderans Europe B. V.'s data protection officer at dpo@aderanseurope.com.