Privacy Policy

Sompo Holdings, Inc.

Recognizing its social responsibility to handle personal information properly, Sompo Holdings, Inc. shall handle personal information in compliance with the Act on the Protection of Personal Information (“Personal Information Protection Act” hereinafter), the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures (“Numbers Act” hereinafter), and other applicable laws and regulations. This Privacy Policy describes Sompo Holdings’ policies on the protection of personal information, under which we strive to protect such information. Sompo Holdings also shall train and guide its employees thoroughly to ensure that they handle personal information properly.
Sompo Holdings also shall review and strive to improve its management approaches to protection of personal information on a continual basis.

Handling of Personal Information

Sompo Holdings shall handle personal information as outlined below.

Note: The “personal information” and “personal data” referred to in this section do not include individual numbers and specific personal information. “Handling of Specific Personal Information” below applies to the handling of individual numbers and specific personal information.

  1. Acquisition of personal information
    Sompo Holdings shall acquire personal information within the scope required for its business operations, through fair and lawful means. We shall retain personal information thus acquired for the period required to accomplish its purposes of use or the period required or authorized under laws and regulations.

  2. Purposes of use of personal information
    Sompo Holdings shall provide notices of or announces publicly the purposes of use of personal information and handle such information within the scope of such purposes of use, except as prescribed otherwise in laws or regulations. We shall also use personal information on our shareholders for purposes of exercise of rights, performance of obligations, related management tasks and various measures pursuant to laws and regulations.

  3. Providing of personal data to and collecting it from third parties

    (1)Except as provided for under laws and regulations, Sompo Holdings shall not provide personal data to third parties without the consent of the individual concerned.

    (2)Except as provided for under laws and regulations, when Sompo Holdings has provided personal data to a third party, it records matters related to such providing (e.g., when, and to whom, the personal data were provided, and the type of data provided), and when it has acquired personal data from a third party, it confirms and records matters related to such acquisition of data (e.g., when and from whom the personal data were acquired, the type of data acquired and how the third-party provider acquired the data).


  4. Joint use of personal data

    Sompo Holdings may use personal data jointly as outlined below with member companies of the Sompo Holdings Group, for purposes of each company’s business administration.

    (1)Personal data on shareholders of member companies of the Sompo Holdings Group

    A.Items of personal data

    Name, address, number of shares, etc.

    B.Scope of Group member companies involved in joint use

    Sompo Holdings and Group member companies
    See the link below for the scope of Group member companies.

    C.Party responsible for management of personal data

    Sompo Holdings, Inc.
    (2)Personal data held by Sompo Holdings and Group member companies in connection with transactions with customers

    A.Items of personal data

    Name, address, telephone number, email address, gender, date of birth, and other transaction-related information such as the content of contracts shown on application forms or other documents and the content of insured incidents

    B.Scope of Group member companies involved in joint use

    Sompo Holdings and Group member companies
    See the link below for the scope of Group member companies.

    C.Party responsible for management of personal data

    Sompo Holdings, Inc.
    (3)Personal data held by Sompo Holdings and Group member companies other than that are related to transactions with customers

    A.Items of personal data

    • Name, address, telephone number, email address, gender, date of birth, inquiry content, content of use of apps and other services, location information, business-card information (information readable from a business card, including company name, section name, and title), information provided to the Sompo Holdings Group other than transaction-related information, other information collected by the Sompo Holdings Group in person, by telephone, through the Web, email, or apps, through provision by third parties, or through other means
    • Name, address, telephone number, email address, gender, date of birth, inquiry content, and other information unrelated to transactions provided by the customer to the Sompo Holdings Group through obtaining an estimate on the Web, placing an inquiry to a call center, or other means

    B.Scope of Group member companies involved in joint use

    Sompo Holdings and Group member companies
    See the link below for the scope of Group member companies.

    C.Party responsible for management of personal data

    Sompo Holdings, Inc.
    (4)Personal data on employees of agents, etc.

    A.Items of personal data

    Name, address, date of birth, matters related to the agent, etc., or registration applications and notices of the employee, and other information for purposes of management of agents, etc. and the employees

    B.Scope of Group member companies involved in joint use

    Sompo Holdings and Group member companies
    See the link below for the scope of Group member companies.

    C.Party responsible for management of personal data

    The insurance company that originally acquired the personal data
    (5)Personal data held by Sompo Holdings and Group member companies in connection with services related to long-term care

    A.Items of personal data

    • Customer (e.g., user, family members, guarantor) name, address, telephone number, email address, gender, date of birth, content of contracts shown on application forms, contracts, or other documents, content and records of services used, and other information acquired in connection with provision of or requests for services related to long-term care
    • Information related to hiring of employees and labor management

    B.Scope of Group member companies involved in joint use

    Sompo Holdings, Sompo Care, Inc., and the latter’s Group member companies (the scope of Group member companies consists of those indicated under https://www.sompocare.com/company/group/) and Sompo Care Next Inc.

    C.Party responsible for management of personal data

    The company that originally acquired the personal data
  5. Handling of Sensitive Information

    Sompo Holdings shall not acquire, use, or provide to third parties sensitive information such as health conditions or medical history except as prescribed in the Personal Information Protection Act and other laws, regulations and guidelines.

    Note: Sensitive Information refers to the following personal information (not including information disclosed by the individual concerned, a national agency, a local public body, or a party as stipulated in any of the subparagraphs to Article 76, Paragraph 1, of the Personal Information Protection Act or in any of the paragraphs of Article 6 of the Enforcement Regulations thereof, or information clearly visible when viewing the individual or an image of him or her): personal information requiring special consideration such as race, creed, social status, medical history, criminal history and criminal victimhood status as well as information related to labor union membership, family lineage, legal domicile, health or medical treatment and sex life (not including information that qualifies as personal information requiring special consideration).


  6. Handling of anonymized information

    (1)Preparation of anonymized information
    Sompo Holdings employs the following handling procedures when preparing anonymized information (i.e., personal information on individuals that has been processed, through means stipulated in laws and regulations, so that it is not possible to identify the individuals concerned or to restore such personal information):

    • We process such information properly in accordance with standards stipulated in laws and regulations
    • We implement security measures to prevent leakage of information concerning the information that has been deleted and methods of processing used, in accordance with standards stipulated in laws and regulations
    • We disclose the items of information contained in such anonymized information
    • We do not act in ways that would identify the individuals concerned by the personal information on which such anonymized information is based

    (2)Providing of anonymized information
    When providing anonymized information to third parties, Sompo Holdings discloses the items of information concerning individuals contained in such anonymized information to be provided and the methods of provision, and it clearly informs the third party of the fact that the information to be provided has been anonymized.


  7. Notification, disclosure, revision, suspension of use, etc. of retained personal data under the Personal Information Protection Act and other applicable laws and regulations
    Sompo Holdings will respond appropriately to requests such as those for notification, disclosure, revision, and suspension of use of retained personal data under the Personal Information Protection Act and other applicable laws and regulations. Please direct such requests to the contact point identified below. After confirming that the requesting party is the individual concerned by the information, we will ask him or her to complete Sompo Holdings’ prescribed request form and then we will process the request. In principle, we also will reply to the request in writing at a later date. Sompo Holdings’ designated fees will apply to requests for notification and disclosure of purposes of use.

  8. Management of personal data
    Sompo Holdings shall implement appropriate security measures for purposes such as preventing leakage of, loss of, and damage to personal data. When subcontracting the handling of personal data to an outside party, we will employ necessary and appropriate supervision, including checking on the subcontractor’s approach to information controls.

  9. Handling of personal information of non-residents of Japan
    Personal information of non-residents of Japan is handled in accordance with the applicable laws and regulations of each country concerned.
    When transferring personal information on residents of the European Economic Area (EEA) from inside the EEA to outside the EEA, the Sompo Holdings Group employs strict information controls and thorough security measures. In some cases, data are transferred from Sompo Holdings to third-party service providers, subcontractors, and partners in joint use of personal information, and then such data are stored on servers in Japan or in other countries outside the EEA. While such countries may be ones for which the European Commission has not determined that data security measures are adequate, the personal data that we provide are managed appropriately under sufficient security management measures.

  10. Contact point
    Sompo Holdings will respond swiftly and appropriately to any complaints or concerns regarding the handling of personal information. Please contact the contact point below with any inquiries regarding Sompo Holdings’ handling of personal information and anonymized information and the personal data that we hold.

    Contact point:
    Sompo Holdings, Inc.
    26-1, Nishi-Shinjuku 1-chome, Shinjuku-ku, Tokyo 160-8338, Japan
    E-mail: personal_information@sompo-hd.com
    URL  https://www.sompo-hd.com/en/

Handling of Specific Personal Information

Sompo Holdings handles individual numbers and specific personal information as described below.

  1. Proper acquisition of individual numbers and specific personal information
    Sompo Holdings shall acquire individual numbers and specific personal information through lawful and fair means. We shall never request the provision of individual numbers and specific personal information except as provided for in laws and regulations.

  2. Handling and scope of use of individual numbers and specific personal information
    Sompo Holdings shall handle the individual numbers and specific personal information that it has acquired only within the scope of use restricted by laws and regulations. The scope of use by Sompo Holdings is shown below. We shall never acquire, use, or provide to third parties individual numbers and specific personal information beyond this scope.
    (1)

    Individual numbers and specific personal information may be used in the following administrative tasks related to individual numbers as stipulated in laws and regulations:

    (i)Administration of preparation of payment records related to distribution of dividends and surplus, interest on funds, and exercise of stock options

    (ii)Administration of preparation of payment records for compensation, charges, etc., rent on real estate, and prices of purchases of real estate and other property

    (iii)Administration of preparation of tax withholding certificates for income of executives and employees (including their dependents), and administration of various notices and other documents related to employment insurance, workers’ compensation insurance, health insurance, employee pension plans and the National Pension System

    (iv)Other administration related to individual numbers as stipulated in laws and regulations

    (2)

    Pursuant to laws and regulations, we may use individual numbers and specific personal information for the following purposes:

    (i)To make monetary payments in cases such as devastating disasters

    (ii)When necessary to protect human life, health, or property and either the individual concerned has consented to such use or it would be difficult to obtain his or her consent

  3. Requests for notification, disclosure, revision, suspension of use, etc. of individual numbers and specific personal information
    Sompo Holdings will respond to requests such as those for notification, disclosure, revision, and suspension of use of individual numbers and specific personal information in the manner described under Part 7 of “Handling of Personal Information,” above.

  4. Security measures
    Sompo Holdings shall implement appropriate security measures for purposes such as preventing leakage of, loss of, and damage to individual numbers and specific personal information, such as establishment of rules on handling them and maintaining structures for implementation of security controls. When subcontracting administration related to individual numbers to an outside party, we will employ necessary and appropriate supervision, including checking on the subcontractor’s approach to information controls.

  5. Contact point for inquiries
    Sompo Holdings, Inc.
    26-1, Nishi-Shinjuku 1-chome, Shinjuku-ku, Tokyo 160-8338, Japan
    E-mail: personal_information@sompo-hd.com
    URL  https://www.sompo-hd.com/en/