Privacy Policy

Sumitomo Mitsui Finance and Leasing Co., Ltd.

Sumitomo Mitsui Finance and Leasing Co., Ltd. (hereinafter, the Company) has pledged to conform with the policy the Company has established for appropriate protection and use of personal information based on the "Act on the Protection of Personal Information" and "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures" (hereinafter, collectively, the "Act"). The Company has made public the following items regarding personal information.

1. Pledge Regarding Implementation Policy

With regard to the proper protection and use of personal information, the Company shall comply with the matters set forth in this Policy, in addition to the relevant laws and regulations, and shall endeavor to protect and use personal information of customers appropriately. In order to respond properly to the movement toward advancement of informatization, the Company will continue to improve its personal information protection management system and its efforts.

2. Purposes of Using Personal Information

The Company specifies the purposes for which personal information of the customer can be used, and, except in instances specified in the Acts, makes use of such information within the limitations of what is necessary to attain the specified purposes. The Company's purposes of using of personal information are listed on the Company's website and can be confirmed by contacting your local Sales Department / Retail Business Customer Support Sect.
In cases where the purposes of the use of specified personal information are limited by laws and regulations, the Company does not use such information for any purpose other than those it has specified.
If a person requests the suspension of using personal information for direct marketing, such as sending direct mail or telemarketing, the Company will immediately cease using personal information for that purpose.

3. Proper Acquisition of Personal Information

The Company will acquire personal information by proper and legal means, within the limits necessary to attain the purposes specified in item 2 above.

4. Providing Personal Information to Third Parties

Except when otherwise indicated by law, the Company will not provide customer’s personal data to third parties without prior consent of the customer. Nevertheless, we will not provide any specific personal information that includes the customer's Individual Number to any third party without legal reasons, regardless of whether the customer consents or not.
When we try to obtain the consent of a customer to provide customer's personal data to a third party in foreign country, and in case we cannot identify the country, we will explain to the customer the specific reason and acquire consent before providing such personal data.
In the event that the third party's country is identified afterwards, we will provide that information upon request of the customer.

5. Outsourcing

The Company may outsource work related to the handling of personal data to the extent necessary to achieve the purposes of the Company for which it is used. In the event of outsourcing of the work related to the handling of personal data, the Company will evaluate / select the outsourcing company in advance based on the standards set forth separately by the Company and audit the outsourcing company appropriately.

6. Measures for Safekeeping Information

To prevent loss, alteration, leakage, etc. of personal information, the Company will take proper measures to keep information safe and secure. The safekeeping measures that the Company will take include the following:

  • (1)Maintenance of regulations concerning the handling of personal data
    At each stage of the acquisition, use / processing, storage / maintenance, provision (transfer / transmission), deletion / disposal, etc. of personal data, we formulate regulations about handling methods, persons responsible / persons in charge and their duties, etc. and regulations are maintained such as by conducting regular reviews.
  • (2)Organizational safety management measures
    The Personal Information Protection Manager is the general manager of handling personal data at the Company. The Company maintains a system for reporting / contacting the department in charge promptly and the Personal Information Protection Manager if employees become aware of the leakage, etc.
  • (3)Human safety management measures
    In addition to providing training to employees on personal information protection and information security, we incorporate matters related to employee’s confidentiality into work regulations, etc. and conduct regular training internally on matters to be noted concerning the handling of personal data.
  • (4)Physical safety control measures
    We take measures to strictly control and prevent theft, loss, etc. of employee’s devices, storage media, documents, etc. that handle personal data, and entry and exit of employees. In addition, we conduct measures to prevent unauthorized persons from viewing and handling personal data.
  • (5)Technical safety management measures
    We implement access controls in order to limit the range of persons in charge and personal information databases handled. In addition, we take measures such as introducing mechanisms to protect them from unauthorized access from outside.
  • (6)Understanding the external environment
    When handling customer’s personal data in foreign countries, we will take the necessary and appropriate safety management measures based on the understanding of the personal information protection system of each country, etc. In addition, when outsourcing the work handling customer’s personal data in which third parties in foreign countries are involved, we will also take necessary and appropriate safety management measures based on the understanding of each country's personal information protection system.
    Please contact us if you wish to receive information about the country where the entrustee is located, or if you wish to receive information about the supervision status of the entrustee located in a foreign country.

7. Procedures regarding Requests for Disclosure

The Company will respond properly and without delay to procedures related to the disclosure of personal information that is required by law. Details of the procedure are listed on the website of the Company. You can also contact your local Sales Department / Retail Customer Support Office.

8. Inquiries

The Company will respond properly and without delay to opinions / requests related to the handling of personal information. If you have any comments / requests / inquiries regarding the handling of personal information and safety management measures of the Company, please contact the Sales Department / Retail Business Customer Support Sect. at 0120-917-034.
In addition, if you have any complaints about the handling of personal information, please contact the following.

Contact for inquiries
Retail Business Customer Support Sect.
Office hours:weekdays 9:00-16:00

9. Affiliated Authorized Personal Information Protection Organization

The Company is a member of the Japan Consumer Credit Association, which is an authorized personal information protection organization under the Act on the Protection of Personal Information.

Name: Japan Consumer Credit Association
Contact telephone number: 81-3-5645-3360

10. Language

This Privacy Policy is made in Japanese and translated into English under Japanese Law. The Japanese text is the original and the English text is for reference purposes. If there is any conflict or inconsistency between these two texts, the Japanese text shall prevail.