Handling of Personal Information
As an entity that handles personal information, ACE Insurance will, with
profound recognition of the importance of protecting personal information, practice
proper handling of personal information and review the measures relating to safety
control and the policies listed below on an ongoing basis to improve them as
the need arises, complying with the “Act on the Protection of Personal Information
(hereinafter referred to as the “Personal Information Protection Act”),” other
applicable laws and regulations, in addition to the “Guidelines on Personal Information
Protection in the Financial Industry” and other guidelines.
In addition, the Company will provide thorough education/training to its officers
and employees as well as the agents to make efforts to ensure proper handling
of personal information.
1. Acquisition of Personal Information
The Company will obtain personal information by legal and fair means to the
extent necessary for business purposes. In concrete terms, these means include
the insurance application forms, the statements of claim, and the information
entered on web browser screens. The Company may also use Cookie in order to identify
people who access the Company's website through the Internet.
For handling of personal information on the Internet, the Company uses the SSL
Protocol, an encrypted communication protocol to ensure secure transmission of
personal information.
2. Purpose of Using Personal Information
The Company will use the obtained personal information for the purposes listed
below only to the extent necessary.
The Company will publish those purposes of use on its Website in addition to
stating them on the documents containing important information. In addition,
should any purposes of use be changed, the Company will notify the details of
such change to the insured individual or make announcement on the Website and
other media.
When handling any personal information beyond the extent necessary to achieve those purposes of use, the Company will obtain an approval from the insured individual, except for the cases as described in the provisions of Article 16 Clause 3 of the Personal Information Protection Act.
3. Provision of Personal Data to Third Parties
The Company will not provide any personal information which constitutes the personal information database (hereinafter referred to as the “Personal Data”) to any third party without the consent of the insured individual, except in the cases:
- where such information is required by the law or regulation;
- where such information is provided to the Company's contractors including the
agents to the extent required for the Company's performance of business;
- where such information is jointly used by the Company's group companies/business
partners (for details, see “6. Joint Use with Group Companies/Business Partners”
below);
- where such information is jointly used with other nonlife insurance companies
(for details, see “7. Information Exchange System” below); or
- where such information is jointly used with the Ministry of Land, Infrastructure,
Transport and Tourism (MLITT) (same as above).
4. Handling of Credit Information
Pursuant to Article 53-9 of the Ordinance for Enforcement of the Insurance Business Act, the Company will not use information provided by credit information bureaus (those organizations which collect and provide the Company with information on the insured individual's debt paying ability) for any purpose other than investigation of the insured individual's debt paying ability.
5. Handling of Sensitive Information
Pursuant to Article 53-10 of the Ordinance for Enforcement of the Insurance Business Act and the Guidelines on Personal Information Protection in the Financial Industry, the Company will not obtain, use or provide to any third party any information which is closely related to the customer's personal privacy such as information on the medical history, health conditions and treatment status (hereinafter referred to as the “Sensitive Information”) unless deemed necessary for business or other reasons, for example in the cases where such information is obtained, used or provided to a third party to the extent necessary for performance of business based on consent of the insured individual.
6. Joint Use with Group Companies/Business Partners
The Company and its group companies/business partners will jointly use the Personal Data among them for the purposes of providing information on or providing the products/services offered, underwriting or amending the terms and conditions of insurance contracts or making decisions regarding insurance payment, subject to the following conditions:
(1) Personal Data items: the address, name, telephone number/e-mail address, gender, date of birth and other information provided in the application forms or other documents and information on insured events
(2) Administrator: ACE Insurance
*For the Company's group companies/business partners who will use information
jointly, see the list of companies provided at the end of this document.
7. Information Exchange System
(1) In order to eliminate fraudulent activities committed upon execution of
insurance contracts or insurance claims, the Company will jointly use Personal
Data with other parties including nonlife insurance companies. For more information,
visit the following website:
Website of the General Insurance Association
of Japan
(2) For proper monitoring of the Company's agents and hiring of officers and employees, the Company will jointly use the Personal Data relating to employees of the agents and other related parties with other nonlife insurance companies. The Company will also jointly use the Personal Data relating to the information on the passers of the examinations for nonlife insurance agents conducted by the General Insurance Association of Japan with other nonlife insurance companies for the purpose of contracting the business to the agents. For more information, visit the above website.
(3) The Company will jointly use Personal Data with the Non-Life Insurance
Rating Organization of Japan to ensure proper payment of compulsory automobile
liability insurance. For more information, visit the following website:
Website of the Non-Life Insurance
Rating Organization of Japan
(4) In order to eliminate motorized bicycles and light motorbikes which are
not covered by compulsory automobile insurance, the Company will jointly use
the Personal Data relating to the compulsory automobile liability insurance policies
for these types of vehicles with MLITT so that MLITT can send postcards to the
holders of policies for these types of vehicles whose compulsory automobile liability
insurance policies are deemed to have been expired in order to confirm conclusion
of the contracts. For more information, visit the following website:
Website of MLITT
8. Security Control for Personal Data
The Company will take and observe sufficient security measures to prevent leakage, loss or damage and to otherwise ensure safety of the Personal Data, including development of manuals and schemes for implementation of security control measures, while making efforts to improve such measures on an ongoing basis.
In addition, should the Company commission any third party to handle Personal
Data to the extent required for business purposes, the Company will set the selection
criteria for contractors and take necessary and proper actions to supervise the
contractor for example by checking their information management systems in advance.
For inquiries about the Company's security control, please contact the point
shown in “11. Contact Information” below.
9. Inquiries about Policies/Accidents
For any inquiries about the details of policies/accidents, please contact your agent, the branch office indicated on the insurance certificate or your nearest office or the accident assistance service. After confirming that the inquiry is from the insured, we will provide necessary assistance.
10. Notification, Disclosure, Correction, Discontinuation of Use of Items Related to Personal Data Held under Personal Information Protection Act
For inquiries about requests for notification, disclosure, correction, discontinuation
of use of the items related to the Personal Data held under the Personal Information
Protection Act, please contact the point shown in “11. Contact Information” below.
The Company will first confirm that the inquiry is from the insured and ask the
inquirer to fill in the form predetermined by the Company to take necessary procedures,
and then will send a reply to your inquiry in writing as a rule at a later date.
11. Contact Information
The Company will respond to and handle complaints/consultations about handling of personal information in an appropriate and prompt manner. Please contact the Company at the point of contact shown below for inquiries/consultations about handling of personal information and the Personal Data held.
1-8-1 Shimo-Meguro
Meguro-ku, Tokyo 153-0064
Furthermore, the Company is under control of the Foreign Non-Life Insurance Association of Japan which is an authorized personal information protection organization. The Association accepts complaints/consultations about handling of personal information of the entities under its control at the following point of contact:
3-20-4 Toranomon
Minato-ku, Tokyo 105-0001
Website: http://www.fnlia.gr.jp/english/
The Company's group companies (i.e., its subsidiaries/affiliated companies) and business partners mentioned in “6. Joint Use with Group Companies/Business Partners” are as follows (as of March 25, 2008):
Group Companies:
The group companies with which the Company actually uses Personal Data jointly
at the moment are as follows:
- ACE Claim Service
- ACE Chintai SSI
Business Partners:
At the moment, the Company does not jointly use any personal information with
any business partners.