Personal Information Protection Policy

Personal Information Protection Policy

MUFG Morgan Stanley Credit Solutions Co., Ltd. recognizes that it has a social responsibility to handle customers' personal information appropriately under MUFG Way, which provides guidelines for all group activities. By establishing the following policies to protect the customer's personal information and ensuring that all officers and employees comply with these policies, we will make every effort to protect the customer's personal information.

For more information, please refer to
Handling of Personal Information.

  • We will comply with all applicable laws and regulations regarding the proper handling of customers' personal information.

  • We will obtain customers' personal information in a proper and appropriate manner. Except as otherwise provided by laws and regulations, we will notify or publicly announce the purpose of use of the customers' personal information and use it within the scope of that purpose.

  • We will educate all officers and employees to understand the importance of protecting personal information and to handle customers' personal information properly.

  • We shall endeavor to prevent unauthorized access, leakage, loss, or damage of customers' personal information and implement appropriate security management measures with regard to such information.

  • Except as otherwise provided by laws and regulations, we shall not provide customers' personal information to any third party without the prior consent of the customer.

  • When outsourcing the handling of customers' personal information to others, we will appropriately supervise them in view of the security of such information.

  • When a customer requests the disclosure or correction of customers' personal information, please contact the department at our company mentioned in “Inquiries” below. Our information management officer will confirm your identity and respond promptly and appropriately.

  • We are committed to the continuous improvement of our management system and initiatives for the protection of customers' personal information.

  • Requests for notification of the purpose of use of retained personal data, as well as requests for disclosure, correction, addition, deletion, suspension of use, erasure, or suspension of provision to third parties, and disclosure of records of provision to a third party should be directed to the following contact:

    • Inquiries
      E-mail :contact@cs.sc.mufg.jp
      MUFG Morgan Stanley Credit Solutions, Inc.
      Risk Management Gr, Corporate Management Department
      〒100-8127
      9-2 Otemachi 1-chome, Chiyoda-ku, Tokyo

  • Our company does not belong to any authorized personal information protection organization.

Handling of Personal Information

MUFG Morgan Stanley Credit Solutions Co., Ltd. (please refer to the "Corporate Data" on our website for our company address and the name of our representative) pays close attention to the handling of customers' personal information in accordance with our Personal Information Protection Policy so that customers can use our services with peace of mind.

The proper meaning of each term is as follows:

“Personal information” means information concerning a living individual, and information including his/her name, date of birth, and any other description from which it would be possible to identify a specific individual (including those which can be readily collated with other information and thereby identify a specific individual), or information that includes an individual identification code; and

“Individual Identification Code(s)” refers to any of the following items, each of which is specified separately in the relevant government ordinances:

  • (1)data on characteristics of a part of a body that has been converted into a computer-processable format:

    〈Example〉Data for use in recognition of faces, veins, voiceprints, fingerprints; or

  • (2)official numbers assigned and distributed to users by national and local governments:

    〈Example〉Driver’s license numbers, passport numbers.

We hereby publicly announce our handling of personal information as below.

Purpose of Use of Personal Information

When obtaining customers' personal information directly from customers in writing, etc., we will clearly indicate the purpose of use in advance. When obtaining customers' personal information directly from customers orally or by any other means, or when obtaining personal information is made indirectly from individuals other than the customer or from public information, we will notify or make public the purpose of use of such information.

We will handle customers' personal information within the scope necessary to achieve the purposes of use listed in [2] below in the businesses listed in [1] below and will not use such information beyond the scope necessary to achieve the purposes of use, except in cases permitted by laws and regulations (including ordinances; the same applies hereinafter).

In addition, we will specify our purposes of use in a manner that is clear to customers and will endeavor to limit it according to the context of acquisition. For example, when collecting the responses to a variety of questionnaires from customers, we will use them solely for the purpose of compiling survey results.

【1】Our Business Activities

  • (1) Lending money and acting as an intermediary, guaranteeing debts, and purchasing and selling monetary claims and acting as an intermediary.
  • (2) Activities incidental to the above business activities.

【2】Purposes of Use

  • (1) To provide information on solicitation and selling our products, and other services in accordance with the Money Lending Business Act including money lending and its intermediary services, debt guarantees, and the purchase and sale of monetary claims and their intermediary services.
  • (2) To provide products and services related to money lending and its intermediary services, debt guarantees, and the purchase and sale of monetary claims and their intermediary services that are suitable for customers.
  • (3) To confirm the identity of a customer or a customers' agent, in compliance with laws and regulations such as the Act on Prevention of Transfer of Criminal Proceeds and the Act on the Protection of Personal Information, and other relevant laws and regulations.
  • (4) To deliver documents and reports related to transactions to customers.
  • (5) To perform administrative tasks related to the settlement of transactions with customers.
  • (6) To conduct market research, data analysis, and surveys, and to research and develop our systems, products, and services related to the lending money and its intermediary, the guarantee of debts, and the sale of monetary claims and its intermediary.
  • (7) To exercise our rights and fulfil our obligations under contracts, or laws and regulations.

We will not use or provide to any third party information on race, creed, family origin, registered domicile, healthcare, or criminal record, or any other special non-public information concerning customers obtained in the course of business for any purpose other than ensuring appropriate business operations or for any other purpose accepted as necessary.

In addition, we may record telephone conversations with customers for the purpose of accurately understanding the details of customers' transactions and inquiries. We appreciate your understanding in advance.

Proper and Appropriate Acquisition of Personal Information

We will properly and appropriately obtain customers' personal information. We may obtain personal information from sources such as the following:

<Examples of sources of personal information we may acquire>

  • Information provided directly by customers through documents related to transactions and questionnaires.
  • Information contained in commercially available books, newspapers, or on the Internet.
  • Information received from customers through the provision of products and services.
  • Information obtained by voice recording, image recording, and receipt of e-mail.
  • Information obtained from third parties such as database service providers.

Provision of Personal Information to Third Parties

We will not provide personal information to any third party without the consent of the customers, unless permitted by laws and regulations, such as when required by laws and regulations or when the handling of personal information is outsourced within the scope required for the achievement of the purpose of use,

Please note that we do not plan to obtain personal identification numbers from our customers.

Implementation of Security Management Measures

We will properly manage customers' personal information by implementing the necessary and appropriate organizational, human, technical and physical security management measures to prevent unauthorized access to and leakage, loss, or damage of personal information.

The security management measures we take are as follows:

【Establishment of Basic Policy】

Establish basic policies regarding, amongst others, “Compliance with Relevant Laws and Regulations as well as Guidelines” and “Inquiry and Complaint Handling Desk”.

【Establishment of Rules for Handling Personal Data】

Establish rules regarding the procedures for handling personal data, responsible persons, persons in charge, and their duties at each stage of acquisition, use, storage, provision, deletion, and disposal.

【Organizational Security Management Measures】

Appoint a person responsible for the handling of personal data, clarify the scope of personal data to be handled by officers and employees handling personal data, and establish a reporting and communication system to the person responsible in the event of any violation of the Act on the Protection of Personal Information or our internal rules and policies on handling personal data.
Conduct regular self-inspections on how personal data is handled and carry out interdepartmental audits.

【Human Security Management Measures】

Regular trainings for executives and employees on points of concern regarding the handling of personal data.
Prescribe the confidentiality of personal data in the employment rules.

【Physical Security Control Measures】

In areas where personal data is handled, implement measures to prevent unauthorized persons from accessing personal data by controlling the access of officers and employees to the areas and restricting the equipment they may bring into there.
Take measures to prevent theft or loss of equipment, electronic media, and documents containing personal data, and also implement safeguards to ensure that personal data is not easily accessible when such equipment or electronic media or documents are carried, including within the office.

【Technological Security Control Measures】

Implement access control to limit the persons in charge and the scope of the personal information database to be handled by such persons.
Implement mechanisms to protect our information systems that handle personal data from unauthorized external access or unauthorized software.

【Understanding of External Environment】

When handling personal data in a foreign country, implement security management measures based on the understanding of its laws and regulations for protecting personal information.

Outsourcing of Personal Information Handling

When outsourcing all or part of the handling of personal information to service providers as part of outsourced business operations, we will select appropriate providers in accordance with our internal standards. We will exercise the necessary and appropriate supervision over them based on a contract for handling personal information with them in order to ensure that security management measures equivalent to those prescribed in our “Personal Information Protection Policy” and other internal rules will be taken by the service providers.

Our company outsources the handling of personal data in the following cases, for example:

<Examples of outsourced tasks>

  • Printing or mailing of documents to customers
  • Operation and maintenance of information system
  • Storage of business-related books and documents

Revision

This policy has been in effect since 19 May 2025.

We may revise our “Personal Information Protection Policy” and “Handling of Personal Information” in order to further protect customers' personal information and in line with changes in laws and regulations. Significant changes will be posted on our website and at the sales office. Please make sure to check them regularly.