Privacy Policy for GDPR

This is the Privacy Policy (“GDPR Privacy Policy”) for the website which is run and provided by MN Inter-Fashion Ltd., 2-7, Moto Akasaka 1-chome, Minato-ku, Tokyo 107-0051, Japan (we, us and our).

We will only use the personal data gathered over the website operated and provided by us as set out in this GDPR Privacy Policy (“Privacy Policy”). Below you will find information etc. on how we use your personal data, for which purposes your personal data is used, with whom it is shared and what control and information rights you may have.

This Privacy Policy therefore intends to inform you about how we entities, acting as data controller, collect and process your personal data that you submit or disclose to us. We also act as data controller when we process your personal data received or obtained through third parties. We process this personal data in accordance with the applicable EU and Member State regulations on data protection including the General Data Protection Regulation No 2016/679 (the “GDPR”).

If you do not wish your personal data to be used by us in accordance with this Privacy Policy, please do not provide us with your personal data. Please note that in such a case, we may not be able to provide you with our services, you may not have access to and/or be able to use some features of the Website, and your customer experience may be impacted.

1. Purposes of Use of Personal Information

We will always process your personal data based on one of the legal basis provided for in the GDPR. Furthermore, we will always process your sensitive personal data, subjected to the special rules provided for in the GDPR.
According to Article 6 1 (f) of GDPR, we may collect and process your personal data for the purposes detailed below, which are required so that we can pursue our justifiable interests or providing you with adequate services and products:

  • to optimize our web site content for you;
  • to provide you with appropriate information on products and services;
  • to provide, improve, and develop our products, services, and advertisements;
  • to inform you about changes to our service(s);
  • to manage your account;
  • to notify you about our policies and terms;
  • to promote safety and security, such as by monitoring fraud and investigating suspicious or potentially illegal activity or violations of our terms or policies;
  • to analysis, audits;
  • to ensure business continuity.

Also, in case of obtaining your express prior consent, according to Article 6 1 (a) of GDPR, we may also collect and process your personal data for the following purposes:

  • to provide you with information which we feel may be of your interest;
  • to share your personal data with third-party partners who may send you marketing communications in relation to their products and services;
  • for making business analysis.

You can withdraw your consent at any time. However, regarding the legality of processing personal data based on the consent before withdrawal is not affected by the withdrawal of consent.
We will not process your data in a way that is incompatible with these purposes. If we intend to process personal data originally collected for the original purpose for another purposes, we will ensure that we definitely inform you of this. We will keep your personal data for as long as it is necessary for us to comply with our legal obligations, ensure the provision of appropriate services and maintain our business activities.

2. Items of Personal Data to be Acquired/ Used

For the purposes specified under this Privacy Policy, we may collect the following categories of personal data:

(1) Information about logging in and using the service

  • Name, Surname
  • Company Name/Title/Office Address
  • Post Code/Home Address
  • Identification number (e.g., customer number)
  • Location data
  • E-mail address (personal / professional)
  • Telephone number (personal / professional)
  • Employer
  • Online identifiers (IP address / cookie identifiers)
  • Recorded customer phone calls
  • Account ID and Password for service login
  • Gender and Date of Birth as account registration information
  • SNS account information provided by customers as information associated with accounts and other information about customers
  • Information on using points, coupons and other services
  • Information for the execution of transactions made by customers through the use of services and information regarding the contents of such transactions
  • Credit card information, bank account information, electronic money, cash on delivery, cash on delivery and other payment and method information (however, it is included other than what acquired by us)
  • Information regarding inquiries and communications from customers to us
  • Due to legal requirements, identity verification documents (driver’s license, health insurance card, copy of resident’s card, et.) and information contained in the documents

(2) Information about terminal used by the customer and information obtained using cookies, etc.

  • Information on device identification of information communication terminals
  • OS information of information communication terminal
  • Information about connecting to the Internet
  • Location information
  • Referrer information
  • IP address information
  • Timestamp information about the URL customers browsed and the date and time customers browsed
  • Information about using the service
  • Advertising identifier information assigned to each customer’s terminal

(3) Information obtained from a third party

  • Information of the above (1) and (2) that obtained from a third party with the consent of the customer
  • Information of the above (1) and (2) that acquired in accordance with laws and regulations
  • Information of the above (1) and (2) that acquired by being published

We can acquire such personal data either directly from you when you fill out the forms displayed on the Website or indirectly where such personal data is provided to us by your electronic communication terminal equipment or your Internet browser. We thoroughly ensure that the personal data processed serves the purpose.

3. Personal Data of Child

We only process information about children under the age of sixteen (16) in accordance with the provisions of Article 8-1 of the GDPR if and to the extent that consent is given or authorized by the holder of parental responsibility. In other cases, we do not knowingly collect and process it. As soon as we discover that we have directly collected and processed the personal information of children under the age of sixteen (16) or under the minimum age equivalent to the GDPR as required by EU Member State Law, we will take steps to erase the information. If you become aware of it, please contact with us immediately using the contact information provided in this Privacy Policy.

4. Cookies

Cookies are data files that are placed on a computer when it is used to visit a Website. These cookies may be used for many purposes, including without limitation, tracking user preferences or web pages visited while using the Website. Most web browsers are set to accept cookies by default. If you prefer, you can usually set your browser to remove or reject cookies, but note that doing so does not necessarily affect third party flash cookies used in connection with our Websites. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Websites. In addition, please be aware that if you choose to block cookies, some advertising preferences that are dependent on cookies may not be able to be respected.

5. Personal Information Sharing

We may share your personal data with third parties in accordance with the GDPR. If we share your personal data with a data processor, we properly transfer and process your personal data in accordance with the GDPR. In addition, if we share your personal data with organizations outside the EEA (European Economic Area), we will comply with the GDPR and, if necessary, we will transfer and processing with reference to the Standard Contract Clauses between controllers (2004/9 15/EC) and the Standard Contract Clauses between controllers and processors (2010/87/EU).

  • Reorganization

    In the event that we undergo a reorganization or are sold to a third party, any personal information we hold about you may be transferred to that reorganized entity or third party in compliance with applicable law.

  • Internet Service Providers

    We may share your personal data with companies which provide services for us, such as hosting, maintenance, support services, email services, marketing, auditing, fulfilling your orders, processing payments, data analytics, providing customer service, and conducting customer research and satisfaction surveys.

  • Business Partners

    Subject to your prior agreement, your personal data may be transferred to, stored, and further processed by business partners that work with us to provide our products and services or help us market to customers. Our sharing your personal data with the partners will be limited to provide or improve our products, services and advertising.

  • Data disclosure based on laws and regulations

    We may disclose your personal data if we legally have the right or are required to do so (e.g., if required by law or a court order).

    In addition, we may also disclose your personal data in the following cases.

    • Protection of our rights
    • Request for remedies
    • Enforcement of our Terms of Service
    • Fraud investigation
    • When we judge that disclosure of information is reasonably necessary to protect our business or you

  • Data Transfers

    Such the above disclosures may involve transferring your personal data out of the European Union to the other countries including Japan. These countries may change due to changes in the business environment
    Such transfer may take place for the purpose of contacting with business partners. For each of the transfer, we make sure that we provide an adequate level of protection to the data transferred.

6. Processing Record of Personal Data

Whether we are as a data controller or as a data processor, we record personal data processing records in accordance with the GDPR regulations and record the information necessary to cooperate with regulatory authorities.

7. Security Measures

We will take appropriate security measures to protect your personal data and prevent unauthorized use, loss or alteration of your personal data.
However, you should be kept in mind that provision of information through the internet is not entirely secure at all. Please note that we cannot guarantee the security of information you submit via our websites whilst it is in transit through the internet and any such submission is at your own risk.
Unless it is permitted in a law, we will only retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, and if applicable, to the extent required by statutory retention requirements is required or permitted by law.

8. Your Rights

You have some or all of the following rights to the personal data we collect and process by us.

  • You have the right to obtain from us the necessary information regarding our data processing activities that concern you.
  • You have the right to confirm with us as to whether or not personal data concerning you are being processed, and, where that is the case, and obtain from us the copy of your personal data or access to the personal data and certain related information.
  • You have the right to obtain from us the correction of inaccurate personal data concerning you without delay, and to complete any incomplete personal data. You may also have the right to obtain from us the erasure of personal data concerning you without delay, in the event that it meets the GDPR requirement.
  • You may have the right to obtain from us the limiting to processing of personal data, in the event that it meets the GDPR requirement.
  • You may have the right to put up opposition, on grounds relating to your particular situation, at any time to processing of personal data concerning you, in the event that it meets the GDPR requirement. At any time object, on grounds relating to your particular situation, that your personal data shall be subject to a processing. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you , we will either stop processing your personal data or present you our compelling justifiable grounds for an ongoing processing; and/or take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators.
  • You may have the right to receive your personal data in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without our hindrance, in the event that it meets the GDPR requirement.
  • You may have the right not to be subject to automated decision-making based on the processing of your personal data, including profiling that has a legal or equivalent effect on you or has significant impact, in the event that it meets the GDPR requirement.

If you intend to exercise such rights, please refer to the contact section.

If you are not satisfied with the way in which we have proceeded with any request, or if you have any complaint regarding the way in which we process your personal data, you may lodge a complaint with a Data Protection Supervisory Authority.

9. Notification to the Competent Supervisory Authorities

In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you.

10. Links to Other Sites

We may provide hypertext links from the website on which this Privacy Policy is posted to third-party websites or other sources of information on the internet. However, we do not handle or manage the protection of personal data of third parties, we cannot be held responsible them. Therefore, please make sure the policy regarding the protection of personal data of the third party and confirm the collection method, processing method, etc. of your personal data.

11. Amendments to this Privacy Policy

We reserve the right to change this Privacy Policy from time to time by updating our websites . Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy. If we make changes which we believe are significant, we will inform you through the Website to the extent possible and seek your consent where applicable.12. Contacting Us.

12. Contacting Us

Please submit any questions, concerns or comments you have about this Privacy Policy or any requests concerning your personal data to us:

2-7, Moto Akasaka 1-chome, Minato-ku, Tokyo 107-0061, Japan
MN Inter-Fashion Ltd., Representative Office for Personal Information Protection
Tel: +81-3-6771-9760
Contact us at:
MNIF-GDPR-TKZFA@mn-interfashion.com

The Information you provide when contacting us will be processed to handle your request and will be erased when your request has been answered. Alternatively, we will restrict the processing of the respective Information in accordance with statutory retention requirements.

The Date of Establishment : January 1, 2022