Protection of Personal Information

Seven & i Group Personal Information Protection Policy

Seven & i Holdings Co., Ltd. and its domestic subsidiaries (hereinafter referred to as “the Group", “we”, “us”, “our”) have a corporate creed to be a sincere company trusted by customers, business partners, shareholders, local communities, and employees.

In light of this, we consider that the proper handling of personal information we acquire during our business activities is one of the most significant social responsibilities not only in terms of complying with the law but also earning the trust of all concerned parties.

In order to fulfill this responsibility, we have established the "Seven & i Group Personal Information Protection Policy" for the entire group as follows and shall endeavor to enforce this policy to the entire Group through education and training for all managements and employees to ensure the appropriate handling of all personal information we acquire.

8-8 Nibancho, Chiyoda-ku, Tokyo
Seven & i Holdings Co., Ltd.
President and Representative Director
Ryuichi Isaka

  1. 1Compliance
    The Group shall comply with all domestic and foreign laws and regulations applicable to the Group regarding the protection of personal information, as well as guidelines established by the Personal Information Protection Commission and other domestic and foreign administrative agencies.
  2. 2Acquisition and utilization of personal information
    The Group shall acquire personal information by legal and fair means. The Group shall appropriately notify or disclose to the public the utilization purpose of personal information and shall handle personal information appropriately to the extent necessary to achieve the utilization purpose.
  3. 3Security Control Measures
    The Group shall, in order to properly manage the personal information, take appropriate organizational, personnel, physical and technical security control measures and shall work to prevent and correct the leakage, loss or damage of personal information.
    In addition, when outsourcing the handling of personal information to an external supplier, the Group shall select a supplier who meets the standards for the appropriate protection of personal information, stipulate in contracts and other agreements that the protection standards required by the Group shall be adhered by the supplier etc., monitor the status of personal information handling by the supplier in a timely manner and supervise the supplier appropriately. Furthermore, in the event that the Group or a supplier handles personal information outside of Japan, we shall take necessary and appropriate measures for security control after understanding the regulations concerning the protection of personal information in the country.
  4. 4Provision to or joint use with third parties
    The Group shall not, except as stipulated by laws and regulations, provide the acquired personal information to a third party without obtaining the consent of the principal. In addition, except as stipulated in laws and regulations, when the Group provides personal information to a third party, the Group shall prepare and maintain a record of the matters as specified by laws and regulations regarding the provision. Similarly, when the Group obtains personal information from a third party, the Group shall confirm that the legal requirements for personal information acquisition is satisfied and shall prepare and maintain the record.
    In the event that we share our customer's personal information with our group companies, etc., we shall notify the principal in advance or disclose to the public the purpose of sharing the principal’s information and other matters stipulated by laws and regulations.
  5. 5Disclosure, correction and Utilization Cease etc.
    The Group shall, in cases where a principal or its agent requests disclosure, correction, addition, deletion, cessation of the utilization or cessation of third-party provision with regard to the retained personal information, respond to any requests appropriately in accordance with laws and regulations.
  6. 6Handling of Individual Numbers and Specific Personal Information
    The Group shall, in compliance with the "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedure" and other related laws, regulations and guidelines, handle Individual Numbers (so-called “My Number”) and Specific Personal Information (personal information including Individual Numbers).
  7. 7Continuous improvement
    The Group shall review its management structure for the handling of personal information protection and make continuous efforts to improve the security control measures to meet the requirements for future changes in social conditions and the environment.

Released December 2, 2014
Revised October 1, 2020
Revised March 10, 2022

Seven & i Holdings Personal Information Protection Policy

 Seven & i Holdings Co., Ltd. (hereinafter referred to as "the Company", “we”, “us”, “our”) shall properly handle personal information we acquire from customers and others in accordance with the "Seven & i Group Personal Information Protection Policy".
 The matters to be disclosed to the public regarding the handling of personal information by the company are as follows.

8-8 Nibancho, Chiyoda-ku, Tokyo
Seven & i Holdings Co., Ltd.
President and Representative Director
Ryuichi Isaka

  1. 1Acquisition and Utilization Purpose of personal information
    The Company shall acquire personal information by legal and fair means. The utilization purposes are as follows.
    1. iPersonal information of customers

      We shall acquire and utilize 7iD member information as customer information. For the utilization purposes, please refer to "7iD会員情報の取扱いについて".

    2. iiPersonal information of business partners
      • To contact customers as necessary in the course of business, or to fulfill contracts, etc.
      • To manage the business partner information.
    3. iiiPersonal information of shareholders
      • To exercise rights and fulfill obligations under the Companies Act.
      • To provide various benefits to our shareholders from the Company.
      • To implement various measures to facilitate smooth relationship between the company and its shareholders from the perspective of the association and its members.
      • To manage shareholders, including compiling shareholder data based on prescribed standards in accordance with various laws and regulations.
    4. ivPersonal information of prospective candidates for employment
      • To contact or provide various information top prospective candidates for employment.
      • To facilitate the screening process.
      • To carry out employment procedures after the acceptance of hiring candidates.
      • To achieve other purposes incidental to the above.
    5. vOthers
  2. 2Provision of Personal Information
    We shall not provide personal information we acquire with third parties without obtaining the consent of the principal, except in the following cases.
    • Cases in which the provision of personal data is based on laws and regulations.
    • Cases in which there is a need to protect a human life, body, or property, and when it is difficult to obtain the consent of the principal.
    • Cases in which there is a special need to enhance public health or promote the sound growth of children, and when it is difficult to obtain a principal's consent.
    • Cases in which there is a need to cooperate with a central government organization, a local government, or a person outsourced by them performing affairs prescribed by laws and regulations, and when there is a possibility that obtaining the consent of the principal is likely to impede the performance of the said affairs.
    • Cases in which we outsource the handling of personal information within the scope necessary to achieve the utilization purpose.
    • Cases in which personal information is provided accompanying business succession caused by transactions such as merger, acquisition, or other reasons.
    • Cases in which personal information is provided to joint users for joint utilization specified in "3."
  3. 3Joint utilization with third parties
    The Company shall share 7iD member information with its group companies as stipulated in "7iD会員情報の取扱いについて".
  4. 4Security Control Measures
    The main contents of the security control measure that we take to prevent leakage, loss or damage of personal information are as follows.
    1. iEstablishment of various internal rules

      Formulation of rules regarding the handling of personal information at each stage of acquisition, utilization, storage, provision, deletion, disposal, etc.

    2. iiSystematic security control measures

      Establishment of a management department and a person in charge regarding the handling of personal information, and establishment of a reporting and communication system to the management department and the person in charge in the event that a violation of laws and regulations or signs of it are detected. In addition, the Company is operating a confirmation process to oversee the handling status of personal information.

    3. iiiHuman security control measures

      Incorporate precautions regarding the handling of personal information and matters regarding confidentiality into various regulations and provide regular education to officers and employees.

    4. ivPhysical security control measures

      Limitation of areas where personal information is handled and implementation of measures such as locking, monitoring, and restricting access.
      In addition, measures are implemented to prevent theft or loss when using devices, electronic media, documents, etc. which contains personal information.

    5. vTechnical security control measures

      Implementation of access control to personal information, limiting the range of officers and employees who can handle personal information. In addition, a mechanism is in operation to protect against unauthorized access to our information systems which handles personal information.

    6. viAdaptation to the external environment

      When handling personal information in a foreign country, the local legislations in the country concerned for handling personal information shall be examined, and the necessary security control measures shall be reviewed on a regular basis and when necessary to ensure that appropriate measures are in place to protect the customer’s personal information.

  5. 5Disclosure / correction / discontinuance of utilization / inquiries regarding retained personal information
    1. iWhen you request for disclosure, correction, addition, deletion, discontinuance of utilization, erasure, suspension of provision to third parties, and disclosure of records regarding provision to third parties based on Act on the Protection of Personal Information, after confirming that the request is from the principal and that the requirements stipulated in the law are satisfied, disclosure shall be made without delay, or corrections, etc. or discontinuance of utilization, etc. shall be made to the extent necessary. However, this shall not apply if the Company is not obligated to do so under the Act or other laws and regulations.
    2. iiIf you wish to make any of the above requests or inquire about the handling of personal information, please contact us through the following contact information.

      Regarding the disclosure of retained personal information and records regarding provision to third parties, a fee shall be charged according to the disclosure method.

      【The information desk】
      Seven & i Holdings Co., Ltd. (Representative)
      Phone number: 03-6238-3000
      Reception hours: Weekdays 9:00 to 17:30 (excluding weekends)

      <Inquiries regarding 7iD member information>
      Please refer to the help&inquiries page.

Released March 10, 2022