Personal Information Protection Policy

This document explains the personal information protection policy and handling of personal information of the Kirishima Holdings Group*.
*The Kirishima Holdings Group in this document refers to the following four companies, Kirishima Holdings Co., Ltd., Kirishima Shuzo Co., Ltd., Kirishima Green Village Co., Ltd., and Enatsu Co., Ltd. Please note that BTV Co., Ltd., which operates a cable broadcasting and telecommunications business, is also a member of the Kirishima Holdings Group, but it has its own "Personal Information Protection Policy" that is not included in this document.

Personal Information Protection Policy

The Kirishima Holdings Group (the "Group") has, since its founding, been a community-based company. Under our unchanging motto of "spurring passion from quality," we focus on creating value, inspiration and trust. Since our founding, we have endeavored to make the finest-tasting shochu in an effort to offer our customers the value of relaxation, and we will continue to pursue even greater quality as we work to create new value.

In the Group's business activities, we recognize that personal information, personal data, and specific personal information (Individual numbers and personal information containing individual numbers) (hereinafter collectively "Personal Information, etc.") received from customers and other individuals (hereinafter "Individual") are "the most important confidential information." The handling of such information is set forth in the "Personal Information Protection Policy" (hereinafter "Policy") as follows, and all officers and employees of the Group shall comply with this Policy and make every effort to protect Personal Information, etc.

(*) The Kirishima Holdings Group in this Policy refers to the following four companies, Kirishima Holdings Co., Ltd., Kirishima Shuzo Co., Ltd., Kirishima Green Village Co., Ltd., and Enatsu Co., Ltd.

1.
1. Legal Compliance

Legal Compliance

In handling Personal Information, etc., the Group will comply with the "Act on the Protection of Personal Information" (hereinafter "Personal Information Protection Act"), the "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures" (hereinafter "My Number Act") and other related laws, regulations, guidelines, and this Policy. Moreover, unless otherwise specified, the definitions of terms used in this Policy shall be in accordance with the provisions of the Personal Information Protection Act and other related laws and ordinances.

2.
2. Acquire and use Personal Information

Acquire and use Personal Information

The Group shall acquire and use Personal Information, etc. to the extent necessary to achieve the purpose of use, based on the consent of the Individual, and in a lawful and fair manner. Except for cases in which the handling of personal information is permitted as an exception by law, the Group shall clearly state or disclose the purpose of use to the Individual in advance, or notify or publicly announce the purpose of use promptly after obtaining the information.
*For details, please refer to the "2. Purpose of use of personal information"

3.
3. Joint use

Joint use

To the extent necessary to achieve the purpose of use, the Group may jointly use Personal Information, etc. by using such information within the Group.
*For details, please refer to the "3. Joint Use of Personal Information"

4.
4. Provision to Third Parties

Provision to Third Parties

Except for cases in which the handling of personal information is permitted as an exception by law, the Group shall not disclose or provide personal information or personal information-related details to any third parties without prior consent of the Individual. Specific personal information will not be provided to any third parties, except as permitted by law.
*For details, please refer to the "4. Provision to Third Parties"

5.
5. Responding to Requests for disclosure, correction or suspension of Personal Information

Responding to Requests for disclosure, correction or suspension of Personal Information

The Group shall respond appropriately in accordance with laws and regulations when the Individual or their agent requests to notify the purpose of use of Personal Information, etc., disclose the Personal Information, etc., disclose the records of provision to any third parties, disclose the records of provision by any third parties, correct, add, or delete the contents, suspend the utilization, erase, and cease the third-party provision (hereinafter "Disclosure, Correction, Suspension of Use, etc.") regarding the Individual's information which the Group obtained.
*For details, please refer to the "5. Responding to Requests for disclosure, correction or suspension"

6.
6. Appropriate management

Appropriate management

The Group shall implement appropriate preventive measures and corrective actions to prevent unauthorized access to, loss, destruction, falsification, and leakage of Personal Information obtained and held by the Group, and shall strive for safe and accurate management of information. In the event that operations including Personal Information, etc., are entrusted to a subcontractor, we will entrust such operations to a business entity that has an adequate level of management, and we will make every effort to provide necessary and appropriate supervision. For specific details of safety management measures, please contact the "Inquiry Desk".

7.
7. Continual Improvements

Continual Improvements

To properly manage and protect Personal Information, etc. obtained and held by the Group, the Group will review and continuously improve its information handling practices as appropriate.

8.
8. Changes to this Policy

Changes to this Policy

The Group may review and revise this Policy from time to time, in whole or in part. If the Group revises this Policy, it will be promptly disclosed on the Kirishima Shuzo website.

Force beginning: April 1, 2003.

Last revision: August 1, 2022.

Use of Personal Information

1.
1. Definition

Definition

Unless otherwise specified, the definitions of terms used in this document shall be in accordance with the provisions of the Personal Information Protection Act and other related laws and regulations, as well as the Group's "Personal Information Protection Policy."

Items of Personal Information, etc. to be obtained

(1) Personal Information
Name, address, telephone number, gender, date of birth, age, company name, e-mail address, member ID and password, SNS account information, etc.

(2) Personal Data
The Group collects personal data such as website browsing history, search history, purchase history, location information, cookies, etc., and uses it to develop and improve products and services as well as to advertise and/or propose new products and services. Furthermore, personal data is managed in conjunction with Personal Information, etc. held by the Group and may be used within the scope described in "2. Purpose of Use of Personal Information, etc."

(3) Specific Personal Information
Individual numbers and personal information containing individual numbers

2.
2. Purpose of use of Personal Information

Purpose of use of Personal Information

[1] Personal Information and Personal Data

(1) Purpose of use of Personal Information and Personal Data
The Group uses the personal information and personal data it collects for the following purposes, except in cases where exceptions are permitted by law. Furthermore, the purposes of use may be changed to the extent reasonably deemed relevant to the purposes of use. If the purpose of use is changed, the Company will notify or publicly disclose the changed purpose to the Individual.

  1. (i) For campaign and prize drawings (including verification of eligibility and investigation of duplicate winners), prize delivery and other communications to winners, and other appropriate and smooth responses to participants
  2. (ii) To evaluate competition entries and notify the winners of the results, as well as to publicize the winning entries and publish them in various media (including newspapers, magazines, pamphlets, posters, websites, etc. The same applies below.)
  3. (iii) To publish photographs or videos of the images of event participants in various media
  4. (iv) To provide information, reservations, and reports on contests, events, exhibitions, seminars, parties, restaurants, etc., and to respond accordingly to various matters related to their management and operation
  5. (v) To sell products (including age verification), ship, and provide the services that have been applied for, and to provide after-sales service for these products and services. (The content of your telephone call conversations will be recorded.)
  6. (vi) For payment settlement and incidental operations related to the sale of products or provision of services
  7. (vii) To respond to requests for use of the Group's facilities, such as factory tours, and to provide information on their use
  8. (viii) To make registration, delivery, and confirmation for services provided by the Group, to deliver specific information and content based on registration information, and to provide support regarding the services
  9. (ix) To authenticate when logging on to content using websites (including mobile sites, hereinafter the "Group's Websites") managed by the Group
  10. (x) To analyze acquired browsing history, purchase history, and other information to optimize the distribution of advertisements for new products and services that match interests and preferences in web media, social media, e-mail and other media
  11. (xi) To appropriately handle inquiries, consultations, etc., and to conduct investigations (The content of your telephone call conversations will be recorded.)
  12. (xii) To provide surveys and rewards for business activities and services of the Group companies
  13. (xiii) For product development and service improvement efforts
  14. (xiv) To communicate with, respond to, and manage (including credit management) business activities and transactions with business partners (including potential business partners. The same applies below.)
  15. (xv) To provide information and make proposals regarding products and services to business partners
  16. (xvi) To ensure security by recording with security cameras and other equipment within the Group's facilities
  17. (xvii) To manage and inform shareholders
  18. (xviii) To provide information on hiring, employment selection, and procedures for joining the company
  19. (xix) To carry out business activities such as human resources, labor, and general affairs for employees, and in the event of an emergency
  20. (xx) To respond to labor-related laws and regulations for retirees, and in the event of an emergency
  21. (xxi) To delete items of personal data that can identify or distinguish individuals, and to prepare statistical materials (including their publication) that compile items pertaining to common elements for each of the same categories

[Exceptional Reasons under Laws and Regulations Concerning Notification of Purpose of Use, etc.]

  1. (i) When notifying the Individual concerning the purpose of use or publicly disclosing the information may harm the life, body, property, other rights or interests of the individual or any third party
  2. (ii) When notifying the Individual concerning the purpose of use or publicly disclosing such information may harm the rights or legitimate interests of the Group
  3. (iii) When it is necessary to cooperate with national institutions or local public entities in the execution of their legally prescribed duties, and there is a risk that notifying the Individual of the purpose of use or publicly announcing it may impede the execution of those duties
  4. (iv) When it is recognized that the purpose of use is clear from the status of acquisition

(2) Individual Consent for Purposes of Use
For any purposes of use other than those listed above that have been individually agreed upon, we will use the information appropriately within the scope of those purposes of use.

[2] Specific Personal Information

(1) Purpose of use of Specific Personal Information
In accordance with the provisions of My Number Act, the Group collects and uses specific personal information for the following purposes.

  1. (i) To carry out administrative work related to statutory records, etc., including records of payment such as remuneration, fees, contracts, real estate transactions and rentals to business partners (sole proprietors)
  2. (ii) To carry out administrative work related to statutory records, etc. including records of payment of dividends, etc., to the Group's shareholders
  3. (iii) To carry out the following tasks related to the Group's employees (officers, employees, and dependents): health insurance and employee pension insurance reporting, unemployment insurance and workers' compensation insurance related tasks, preparation of withholding tax certificates, and preparation of documents related to year-end adjustments such as tax returns for tax exemption (changes) for dependents, etc.
  4. (iv) To carry out other individual number-related tasks related to taxation and social security
3.
3. Joint Use of Personal Information

Joint Use of Personal Information

The Group may jointly use Personal Information, etc. by using the following to the extent necessary to achieve the Purposes of Use.

(1) Items of Personal Information, etc. to be jointly used
Items falling under Personal Information, etc. described in "1. Definitions"

(2) Scope of persons who jointly use personal information
Kirishima Holdings Co., Ltd., Kirishima Shuzo Co., Ltd., Kirishima Green Village Co., Ltd., and Enatsu Co., Ltd.

(3) Purpose of use of the persons who jointly use personal information
The Company will jointly use personal information within the scope of the purposes of use described in [1] Personal Information and Personal Data (1) and (2) in "2. Purpose of Use of Personal Information."

(4) Name of the person responsible for the management of jointly used Personal Information, etc.
Kirishima Holdings Co., Ltd.
( 4-28-1 Shimokawahigashi, Miyakonojo, Miyazaki Prefecture, 885-8588, JAPAN
Yoriyuki Enatsu, Representative Director and President )

4.
4. Provision to Third Parties

Provision to Third Parties

The Group will not disclose or provide personal information or personal data to any third parties without the prior consent of the Individual, except in cases where exceptions are permitted by law. Furthermore, by law, subcontractors, joint users, and successors in business activities do not fall under the category of any third parties.

[Exception Reasons under Laws and Regulations Concerning Restrictions on Disclosure to Any Third Parties]

  1. (i) When disclosure is required by law
  2. (ii) When it is necessary for the protection of the life, body, or property of a person (including a corporation) and it is difficult to obtain the consent of the Individual
  3. (iii) When it is particularly necessary to improve public health or promote the healthy development of children and it is difficult to obtain the consent of the Individual
  4. (iv) When it is necessary to cooperate with national organizations, local governments, or persons entrusted by them to execute affairs prescribed by laws and regulations, and when obtaining consent from the Individual may impede the execution of such affairs.
  5. (v) When the relevant third party is an academic research institution, etc., and it is necessary for the third party to handle the relevant personal data for academic research purposes (including cases where part of the purpose of handling the relevant personal data is for academic research purposes, and excluding cases where there is a risk of improper infringement of the rights and interests of the individual.)
5.
5. Responding to Requests for disclosure, correction or suspension

Responding to Requests for disclosure, correction or suspension

Based on the provisions of Articles 33 through 36 of the Personal Information Protection Act, the Group shall respond in accordance with the following procedures, when the Individual (in principle, the Individual himself/herself) requests disclosure, correction, suspension of use, etc. of retained personal data (Personal data for which we have the authority to disclose, correct, suspend the utilization of, etc.). Please note that there may be cases in which we are unable to respond to the request. In that case, we will respond with a statement to that effect in the results of the request.

[Examples of reasons why we cannot respond to the request]

  1. (i) When identity or authority to act on behalf of the applicant cannot be verified
  2. (ii) When there are incomplete information in the documents
  3. (iii) When Personal Information, etc. has already been disposed of or erased
  4. (iv) When the requested Personal Information, etc. is not information that the Group has the authority to disclose, or when the subject of the disclosure request cannot be identified
  5. (v) When there is a risk of harm to the life, body, property, or other rights or interests of the Individual or any third parties
  6. (vi) When there is a risk of interfering with the proper conduct of the Group's business activities
  7. (vii) When it would violate laws and regulations other than the Personal Information Protection Act

(1) Items to prepare
For requests for disclosure, correction, suspension of use, etc., "Request Form for Disclosure, Correction, Suspension of Use, etc.," the form specified by the Group, as well as several documents that can verify the identity of the person requesting the personal data, are required. Please prepare the required documents listed below (i) through (iii).

  1. (i) The Form: "Request Form for Disclosure, Correction, Suspension of Use, etc."
    Please fill in all the necessary information on the "Request Form for Disclosure, Correction, Suspension of Use, etc." The form can be obtained by following the procedures below.
    Download from the website
    Please download the "Request Form for Disclosure, Correction, Suspension of Use, etc." from the Kirishima Shuzo website.
    (Click here to download)
    Request the form by e-mail
    Please request the "Request Form for Disclosure, Correction, Suspension of Use, etc." data be sent to you via the inquiry form on the Kirishima Shuzo website.
    (The inquiry form is here)
  2. (ii) Documents required for identification of the Individual (one copy of any of the following)
    - Copy of driver's license / driving history certificate (front and back)
    - Copy of passport (name, photo, and address section)
  3. (iii) (For agents) Documents necessary to verify the authority of representation
    [Agent designated by the person requesting personal data]
    - Documents necessary for identity verification of the agent (see (ii))
    - Power of Attorney (any format is acceptable, but please clearly state the details of the power of attorney. Anything signed and sealed by the Individual)
    [Legal agents]
    - Documents necessary for identity verification of the legal agent (see (ii))
    - Documents proving that the person is a legal agent

(2) Method for making a request
Please inform us of your intention to make a request regarding personal information using the inquiry form on the Kirishima Shuzo website. We will provide you with a designated e-mail address for sending documents. Next, please e-mail the (i) "Request Form for Disclosure, Correction, Suspension of Use, etc" prepared in (1) above, along with (ii) the documents required to confirm your identity or (iii) the agent's authority of representation. We are unable to respond to any correspondence other than by e-mail.

(3) Method of response
The method of response and disclosure shall, as a general rule, be through e-mail.

(4) Personal Information, etc. obtained through the request procedure
Personal Information, etc. concerning the Individual or agent obtained through the procedures for requesting Disclosure, Correction, Suspension of Use, etc. will be used only to respond to the respective requests. Furthermore, we will process the request forms and required documents in a proper manner after the completion of the process.

6.
6. Inquiries concerning Personal Information, etc.

Inquiries concerning Personal Information, etc.

The Group accepts inquiries regarding Personal Information, etc. at the following Inquiry Desk. In such cases, accordingly, in order to prevent unauthorized acquisition or alteration of Personal Information, etc. by any third parties, we may confirm that the request is made by the Individual.

[Inquiry Desk]

4-28-1 Shimokawahigashi, Miyakonojo, Miyazaki Prefecture, 885-8588, JAPAN
Kirishima Shuzo Co., Ltd. Customer Service Center
(For contact details, please refer to the Inquiry Form.)

7.
7. Handling of Personal Information and Personal Data on the Group's Websites

Handling of Personal Information and Personal Data on the Group's Websites

The Group's website is operated in accordance with the Group's "Personal Information Protection Policy," and personal information and personal data are handled appropriately as follows.

(1) Security
To ensure security and prevent unauthorized third party access, personal information provided via the Company's website is encoded using SSL (Secure Sockets Layer).

(2) Cookies
Cookies are small bits of information that a web server sends to your browser for the effective operation of the Internet. The Group may use cookies to customize the website to your individual needs and for the purpose of improving the content of the website and the services offered to you.
Through your browser settings, you can refuse to accept cookies or have a warning displayed when you receive cookies. In this case, there may be restrictions, such as the inability to use personalization functions, etc.

(3) Web Beacons
A web beacon (also known as "clear GIF") is a technology that works with cookies to determine the access from your computer and collect statistics on the usage rate of specific web pages. The Company's Group websites may use web beacons to obtain statistical information for the purpose of improvement, etc. of the website.
We do not collect or obtain any personal information or personal data about you through web beacons. Customers can reject web beacons through their browser settings by restricting the acceptance of cookies.

(4) Use of access log information, etc.
For the purpose of identifying the status of use of the Group's Websites, the Group's Websites record and use IP addresses and access log information of customers by utilizing tools such as the following. In this case, we will not collect any personal or personal data from you from the Group's Websites.

(i) Method of stopping the transmission of information and behavioral analysis tools on the main affiliated websites or software

Analysis tool name Privacy Policy Method of stopping the transmission of information
Google Analytics (Google LLC) https://policies.google.com/privacy https://tools.google.com/dlpage/gaoptout/
Audience One (D.A.Consortium) https://www.dac.co.jp/utility/rule/ https://www.dac.co.jp/index.php?p=utility/AudienceOne-data
PeopleDrivenDMP (DENTSU INC.) https://www.dentsu.co.jp/terms/privacy_policy.html https://www.dentsu.co.jp/terms/ddai_optout.html
SMART CHEETAH (PENCIL Co., Ltd.) https://www.pencil.co.jp/privacy/ https://www.pencil.co.jp/privacy/
juicer (LOGLY, Inc) https://juicer.cc/privacy/ https://juicer.cc/privacy/

(ii) Method of stopping the transmission of information and the main affiliated advertising distribution service providers

Company Name Privacy Policy Method of stopping the transmission of information
Google LLC https://policies.google.com/privacy https://support.google.com/ads/answer/2662922?hl=ja
Amazon.com, Inc. https://www.amazon.co.jp/gp/help/customer/display.html?nodeId=201909010 https://www.amazon.co.jp/adprefs
Meta Platforms, Inc. https://m.facebook.com/privacy/explanation https://m.facebook.com/help/1075880512458213
LINE Corporation https://line.me/ja/terms/policy/ https://terms.line.me/line_rules_optimize?lang=ja
SmartNews, Inc. https://www.smartnews.com/privacy/#jp http://www.smartnews-ads.com/optout/
SMN Corporation https://www.so-netmedia.jp/privacypolicy/ https://www.so-netmedia.jp/houtei_kaiji/
YRGLM Inc https://www.yrglm.co.jp/policy/ https://hotei.ebis.ne.jp/policy/optout.php

(5) Links
The Group's website includes links to several external sites, but these do not share personal information. Because the Group can take no responsibility whatsoever for personal information collected via websites we link to, users are encouraged to review the individual privacy policies of those websites.

Force beginning: July 20, 2021.

Last revision: August 1, 2022.