Privacy Policy

UBS Securities Japan Co., Ltd.

UBS Securities Japan Co., Ltd. (“UBSSJ”) complies with the laws related to the protection of personal information etc., Guidelines for Financial Insititutions and Authorized personal information protection organization, and this Privacy Policy in order to acquire Personal Information as well as My Number (Personal Information etc.) appropriately, handle such information properly, and take all possible measures to implement security measures. UBSSJ will neither obtain by unjust means nor utilize any such inappropriately obtained Personal Information etc. The basic policies of Personal Information protection described in this document will be continuously reviewed.

1. Scope

This Privacy Policy applies to Personal Information etc. of customers and external outsourced parties (Customers etc), which UBSSJ acquires, collects, uses, etc.

2. Business UBSSJ uses Personal Information etc.

UBSSJ will use Personal Information etc for the following businesses.

  • Securities trading business
  • Securities brokerage business
  • Securities underwriting business
  • Securities safe custody business and other securities-related businesses
  • Other businesses that UBSSJ may be involved in and related business (including all businesses that may be permitted henceforth)

3. Purpose of Use of Personal Information excluding My Number

UBSSJ will use Personal Information for the following purposes. Except for the cases recognized by the PIPL, UBSSJ will not make use of such information beyond the necessary scope, without the prior consent of the principal individual. Moreover, in case the objective in using specific Personal Information is restricted by law etc., such information will not be used in excess of the original limitations of usage. Therefore, UBSSJ will not use or offer to any third party information concerning race, creed, social status, lineage, locality where family registers are kept, health treatment (including medical history),crime history, fact of having suffered damage by a crime or any other special non-public information for purposes other than to properly manage its business or for any other purposes deemed necessary.

  • For identification of an individual under the Law for Prevention of Transfer of Criminal Proceeds, the representative or agent of an entity or anyone responsible for a transaction in his capacity etc., and for identification of qualifications etc. to use financial products and/or services;
  • For identification of the representative or agent of an entity or anyone responsible for a transaction in his capacity as designees of a principal;
  • For contacts and references regarding transactions with UBSSJ;
  • For determining the appropriateness of products and services offered, based on principle of suitability, etc.;
  • For monitoring the appropriateness of the terms of transactions and risks (including checking to prevent insider transactions);
  • For reporting results of transactions and balance to customers;
  • For carrying out operations related to transactions with customers;
  • For carrying out obligations and rights based on contracts with clients or laws;
  • For sales and promotion of securities and financial product and services under the Financial Instruments and Exchange Act;
  • For promotion of financial product and services of UBSSJ, UBSSJ-related companies and affiliates;
  • For introduction of UBSSJ-related companies (including the responsible employee-in-charge);
  • For research and development of financial product and services;
  • For credit assessment and monitoring in margin trading, when-issued transaction and other transactions involving credit extension;
  • For external and internal inspections;
  • For tax payment;
  • For use in claims processing, mediation and lawsuits;
  • For statistical purposes
  • For appropriate management of outsourced operations, where personal information processing has been entrusted to UBSSJ by other enterprises in full or in part;
  • For other matters necessary to carry out transactions smoothly and adequately with customers.

In case of modifying any of the above-mentioned purposes, UBSSJ will not change beyond the scope recognized reasonably relevant to the original purpose.

4. Purpose of Use of My Number

UBSSJ will use My Number of Customers, etc. only for the following purposes which are set out by the law (My Number related administration) unless recognized by the Act on the Use of Numbers to Identify a Specific Individual in the Administration Procedure" (My Number Act).

  • Account opening and reporting for financial product transactions
  • Creation and submission of legal documents related to financial product transactions
  • Providing information related to financial product transactions to Securities Depository Centers, etc.
  • Creation of payment record related to the fees/charges for an outsourced party as individual
  • Creation of payment record for real estate rent fees

UBSSJ will obtain My Number only for the above purposes which are necessary to perform My Number related administrations.

5. Provision of Retained Personal Data to a Third Party

Except for the cases1 recognized by the PIPL, UBSSJ will not provide any Retained Personal Data (excluding My Number) to a third party without the prior consent of the individual. For My Number, UBSSJ will provide such information to a third party only when it is required to process My Number related administration for the Customers, etc. (when submitting the payment record including My Number to the Tax Office Head, submitting the holder information to the Securities Depository Centers, etc.)
UBSSJ may provide Retained Personal Data (excluding My Number) to third parties located in foreign countries. In this case, except for the cases recognized by the PIPL, the consent of the individual will be obtained in advance after providing necessary information in accordance with the provisions of laws and regulations to allow the provision to a third party in a foreign country. In addition, if the third party and foreign country where such third party is located cannot be identified at the time of obtaining consent, information such as the name of the foreign country and the system for the protection of personal information in the foreign country in question can be requested after the fact. (However, if there is a risk of causing a significant hindrance to the proper execution of the business, UBSSJ may not provide information on all or part of such information.) Please refer to section 17 below for UBSSJ contact details in case you would like to request the information mentioned above.

1In the following cases, retained personal data may be provided to a third party in accordance with the PI PL: 

① Where the provision is in accordance with the law;
② Where the provision is required to protect the life, person, or property of an individual and it is difficult to obtain the consent of the principal;
③ Where the provision is particularly necessary to improve public health and sanitation or to promote the sound upbringing of children and it is difficult to obtain the consent of the principal;
④ Where a business is required to cooperate with a government organization, local authority, or a person commissioned by the one of them, for the purpose of accomplishing official business as set forth by law and where obtaining the consent of the principal carries the risk of hindering the accomplishment of such official business.
⑤ When the third party is an academic research institution, etc., and such third party needs to handle the customer's personal information for academic research purposes (including cases where a part of the purpose for handling the customer's personal information is for academic research purposes, and excluding cases where there is a risk of unfairly infringing on the rights and interests of individuals)

6. Joint use of Personal Data excluding My Number

UBSSJ will jointly use Retained Personal Data with the following UBS group companies, to the extent allowed by Firewall Regulations, for the purposes given below. Management of this data will be the responsibility of UBSSJ, which will serve as the contact point for complaint processing etc. Please click here for the address and the name of representative of UBSSJ.

Companies that will use Retained Personal Data jointly:

  • UBS AG (Head office, Tokyo branch and other branch offices)
  • UBS SuMi TRUST Wealth Management Co., Ltd.
  • UBS Asset Management (Japan) Ltd.
  • UBS Japan Advisors Inc.
  • Credit Suisse AG
  • Credit Suisse Securities (Japan) Limited
  • Other subsidiaries and affiliates mentioned in the Annual Report of UBS Group AG and UBS AG (The Annual Report is available from UBSSJ or on the website of UBS Group.)

Purpose of Joint Use of Retained Personal Data:

  • To offer full-service as UBS Group (including cases of acting as intermediary for transactions between UBS Group companies and our customers, and vice versa Group companies acting as intermediary for transactions between UBSSJ and customers)
  • For risk management, operations and business management as a Group

Items of Retained Personal Data to Be Jointly Used:

  • Customer’s name and address
  • Phone number and fax number
  • E-mail address
  • Customer’s account number
  • Customer’s financial information
  • Information about customer’s occupation (employer and job title, etc.)
  • Any data items as necessary to achieve the above-mentioned purposes.

My Number will not be jointly used with the group companies to be in line with my Number Act.

7. Outsourcing Retained Personal Data Handling

In case of outsource Retained Personal Data handling to a third party, UBSSJ will select appropriate agents and supervise them with necessary and appropriate attention in order to assure that customers’ Retained Personal Data are handled safety. In case of outsourcing (including sub-contracting) of My Number handling to a third party, UBSSJ will ensure that the same level of security measures as UBSSJ are implemented by such an outsourced party.
UBSSJ may outsource the handling of Retained Personal Data to third parties in foreign countries.
In such a case, in addition to the above, UBSSJ will take necessary and appropriate measures for the safe management of the Retained Personal Data after grasping the system for the protection of personal information in the foreign country in question, and periodically confirm the implementation status of the necessary measures taken by the third party.
In addition, customers can request information on necessary measures, etc. implemented by the third party.
(However, if there is a risk of causing a significant hindrance to the proper execution of the business, UBSSJ may not provide information on all or part of such information.) Please refer to section 17 below for UBSSJ contact details in case you would like to request the information mentioned above.
 

8. Measures taken to ensure the safety of Retained Personal Data

UBSSJ will strive to keep the customers’ personal data accurate and up-to-date within the scope of the purpose of use. Also, in order to prevent the leakage, loss, or damage, etc. (“leakage, etc.”) of customers' personal information, UBSSJ has established the basic policy to ensure the appropriate handling of personal data, and take the following measures. In addition, in the unlikely event that a situation arises such as leakage, etc. of customer's personal information, UBSSJ will respond appropriately, such as reporting to a supervisory authority or notifying the person in question in accordance with the provisions of laws and regulations.

(Establishment of disciplines related to the handling of customers' personal information)

Formulated rules for the handling of customers' personal information related to handling methods, persons in charge, personnel, and their duties at each stage of acquisition, input, use and processing, storage, transfer and transmission, erasure and disposal.

(Organizational Safety Management Measures)

・ In addition to appointing a person responsible for the handling of customers' personal information, clarifying the scope of personal data handled by employees who handle personal data and those employees, and establishing a system to escalate to such a responsible person when the facts or signs that violate laws and internal rules established above.

・Conduct regular self-inspections of the status of the handling of customers' personal information, and conduct audits by other departments and external parties.

(Human Safety Management Measures)

・ Conduct regular training for employees on matters to be noted regarding the handling of customers' personal information

・ Matters related to confidentiality of customers' personal information are described in the rules of employment.

(Physical Safety Management Measures)

・ In areas that handle customers' personal information, UBSSJ manages the entry and exit of employees and implement measures to prevent unauthorized persons from viewing customers’ personal information.

・Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle customers' personal information, and take measures to prevent the identification of personal information easily when carrying such equipment, electronic media, etc., including movement within the office

(Technical Safety Management Measures)

・ Limited the scope of personal information databases, etc. and employees by implementing access control

・ Introduced a mechanism to protect information systems that handle customers' personal information from external unauthorized access or software

(Understanding the external environment)

・When handling customers' personal information in a foreign country, implement safety management measures after grasping the system for the protection of personal information in the foreign country concerned

Please contact us for the system for the protection of personal information for those foreign countries, etc. where Retained Personal Data is handled. (Please refer to section 17 below for UBSSJ contact details.)

9. Matters concerning Retained Personal Data

Notification of objectives of using Retained Personal Data

UBSSJ will be notifying individuals about its objectives of using Retained Personal Data upon inquiry. However, in the following cases, notification may not be made. In such case, the individual will be given the reason for the decision not to notify. In some cases, UBSSJ may charge the cost of notification. In such cases, the amount will be informed in advance.

① If notification to the individual may result in risking his/her/a third party’s life, property, or other rights/benefits
② If notification to the individual may result in risking rights / benefits of UBSSJ
③ If cooperating with a legal task undertaken by a national institution/local authority is necessary and notification to the individual may result in the obstruction of use carrying out the task.
④ When objective of use is evident.

10. Disclosing Retained Personal Data

UBSSJ will disclose Retained Personal Data, log for personal data provision in an agreed-upon method, when inquired by the individual (including confirmation that the retained personal data does not exist). However, in the following cases, disclosure may be refused. In such case, the individual will be given the reason for such decision. In some cases, UBSSJ may charge the individual for costs incurred in disclosing such information. In such cases, the amount will be informed in advance.

① If disclosing data may result in risking his/her/a third party’s life, property, or other rights and benefits;
② If disclosure may result in conspicuous obstruction of UBSSJ’ ability to carry out business appropriately;
③ If disclosing data may result in violation of law.

In case of inquiry for disclosing the retention of My Number, UBSSJ will provide the response on whether or not we retain the My Number.

11. Revisions etc. of Retained Personal Data

In case UBSSJ receives a request from an individual to correct, add or delete (“Revision etc.”) the contents of Retained Personal Data for the reason that they are not correct based on the fact, then for within the range necessary for achieving the usage objective, UBSSJ shall carry out an investigation without delay to determine the facts; and, if it is determined that the request is justified, all necessary Revisions etc. shall be carried out. The individual shall be notified of whether a Revision etc. has been carried out or not and the reason behind the decision.

12. Suspension of use of Retained Personal Data

Appropriate investigation shall be made when an individual requests suspension or deletion (“Suspension etc”.) of the Personal Data retained by UBSSJ which he/she suspects is being used in a manner different from the usage purpose that has been publicly announced or notified or which was obtained by illegal means, is being used in an improper manner, or when it is no longer necessary to use, when a major incident occurred, or when there is a risk that the rights or legitimate interests of the customers may be harmed. If the request turns out to be well justified, then either Suspension etc. of data shall be carried out to correct the violation (reported) or alternative measures will be taken to protect the individual’s rights. The individual shall be notified of whether suspension etc. was carried out or not and the reason for it.

13. Suspension of Provision of Retained Personal Data to Third Party

Appropriate investigation shall be made when an individual requests suspension of provision to a third party (including foreign country) of the Personal Data retained by UBSSJ which he/she suspects is being provided to a third party without either being within the confines recognized by the PIPL or without obtaining the individual’s prior consent, or when it is no longer necessary to use, when a major incident occurred, or when there is a risk that the rights or legitimate interests of the customers may be harmed. If the request turns out to be well justified, then either the provision of such data to a third party will be suspended or other alternative measures shall be taken to protect the individual’s rights. The individual shall be notified of whether suspension etc. was carried out or not and the reason for it.

14. Procedures for Requests

The Personal Data Manager in the relevant sales division or Compliance will receive all requests stipulated in section 9 through 13 given above. An individual may be asked to fill out UBSSJ forms when making a request. In general, our Compliance shall reply to all requests by a method requested by the customers; however, explanations about the replies may be made orally in some cases. Identity of the individual is generally confirmed by his/her registered seal (impression) or signature already provided to UBSSJ, if a requester shall be made directly by the individual. If the requestor is a corporation or the executive of another organization, or an attorney for the customer, UBSSJ shall confirm the relationship between the requester and the customer by asking for personal identification documents of the requester (as stated in the Law for Prevention of transfer of Criminal Proceeds) and documents to prove the relationship between the requester and the customer (power of attorney etc).

15. Inquiries/Complaints Processing

UBSSJ will make an effort to handle rapidly and sincerely when we receive any inquiries and/or comments regarding personal information from customers, etc.. Inquiries and/or complaints regarding security measures for handling of Personal Information may be made through the Personal Data Manager in the respective Sales divisions or also through the UBSSJ Compliance.

16. UBSSJ participation in Recognized Personal Information Protection Organization

UBSSJ is a member of the following Associations, which are recognized as a Personal Information Protection Organization by Personal Information Protection Commission. Each association’s Customer Inquiries window for Personal Information shall handle complaints and inquiries in relation to handling of Personal Information by its members.

[Complaints, Inquiries window]
Japan Securities Dealers Association: http://www.jsda.or.jp
Customer Inquiries window for Personal Information: 03-6665-6784

The Financial Futures Association of Japan: http://www.ffaj.or.jp
Customer Inquiries window for Personal Information: 03-5280-0881

Japan Investment Advisors Association: http://www.jiaa.or.jp/
Secretariat Customer Inquiries window (Personal Information): 03-3663-0505

Major outsourcing processes and the major method in which UBSSJ obtains Personal Information are as follows:

[Major method of obtaining Personal Information (excluding specific personal information etc.)]

  • Information provided by customers directly such as an application document for account opening, KYC documents, customer’s responses to a questionnaire prepared by UBSSJ, RSVPs for a seminar organized by UBSSJ etc
  • Information obtained in the course of provisions of our products or services.
  • Publicly available information through company quarterly journals, commercial books, news papers or internet etc.
  • Personal Information will come into UBS’s possession including through recording of telephone conversation.

[Major outsourcing processes]

UBSSJ outsources part of processes handling of Personal Information which are as follows:

  • Printing or dispatching documents which need to be sent to our customers
  • Legal or accounting advisory
  • Maintenance and management of IT systems
  • Safekeeping of Documents
  • Securities Intermediary Business

17. Contact

Inquiries about Retained Personal Data at UBSSJ will be handled by Compliance Department.
UBS Securities Japan Co., Ltd.
Email address : OL-JPN-Data-Protection@ubs.com
Our address and the name of the representative: click here.