In view of the importance of protecting personal information, and in order to further improve customer trust in the insurance industry, our company complies with the Act on the Protection of Personal Information (Personal Information Protection Act) and the regulations governing the identification of specific individuals in administrative procedures. We comply with the Act on the Use of Numbers, etc. (Number Act) and other related laws and regulations, guidelines from related government agencies, guidelines on the appropriate handling of specific personal information, etc., handle personal information strictly and appropriately, and appropriately manage security. We will take appropriate measures.
In order to ensure that personal information is handled appropriately, we will thoroughly educate and guide our employees and work to ensure that personal information is handled appropriately.In addition, we will promptly respond to complaints and consultations regarding the handling of personal information, and review and improve appropriate measures regarding our handling of personal information and security management as appropriate.
XNUMX.Acquisition and use of personal information
Our company acquires and uses personal information (for personal numbers and specific personal information, please refer to XNUMX. below) within the scope necessary for business and by lawful and fair means.
2.Purpose of use of personal information
Our company uses the personal information acquired by insurance companies when entrusted with insurance recruitment operations (for personal numbers and specific personal information, please refer to XNUMX. below) to the extent necessary to carry out the said operations. Masu.
We do business with multiple insurance companies, and we may use the personal information we obtain to recommend the products and services of the insurance companies we do business with.
The specific purposes for which personal information is used by our company are as follows, and it will not be used for any other purpose.
Provision of non-life insurance, life insurance, and incidental/related services handled by our company
Changes to the above purpose of use will be made to the extent that it is reasonably recognized as having considerable relevance, and when changes are made, the details will be communicated to the person in principle in writing (including electromagnetic records). (hereinafter the same shall apply), or publicly announced on our website (https://www.riviera.co.jp/hoken/).
The purpose of use of insurance companies that outsource insurance operations to us is stated on the insurance company's homepage (below).
- Secom General Insurance Co., Ltd. (https://www.secom-sonpo.co.jp)
- Tokio Marine & Nichido Fire Insurance Co., Ltd. (https://www.tokiomarine-nichido.co.jp)
- Mitsui Sumitomo Insurance Co., Ltd. (https://www.ms-ins.com)
- Aioi Nissay Dowa Insurance Co., Ltd. (https://aioinissaydowa.co.jp)
- Tokio Marine & Nichido Anshin Life Insurance Co., Ltd. (https://www.tmn-anshin.co.jp)
3．Security management measures for personal data
In order to prevent the leakage, loss, or damage of the personal data we handle (including the personal number and specific personal information listed in 7. below), and to safely manage other personal data, we develop and implement handling regulations regarding safety management. In addition to taking sufficient security measures such as establishing a system, we will also take appropriate measures to ensure the accuracy and up-to-dateness necessary to achieve the purpose of use, and in the unlikely event that a problem occurs, we will promptly respond. We will take appropriate corrective measures.
Our company has separately established internal regulations regarding security management measures for personal data, the specific details of which are mainly as follows.For questions regarding safety management measures, please refer to section 10 below.Please contact our inquiry desk.
Establishment of basic policy
In order to ensure the proper handling of personal data, we have formulated this basic policy regarding "compliance with relevant laws and guidelines," "matters related to safety management measures," "desktops for questions and complaints," etc. I'm reviewing it.
Establishment of handling regulations regarding safe management of personal data
For each stage of acquisition, use, storage, provision, deletion/disposal, etc., we have established regulations regarding handling methods, persons in charge and their duties, and review them as necessary.
Systematic security control measures
・Establishment of a person responsible for managing personal data
・Establishment of safety management measures in work regulations, etc.
・Operation in accordance with the handling regulations regarding the safe management of personal data
・Development of means to confirm the handling status of personal data
・Inspection of the handling status of personal data and development and implementation of an audit system
・Establishment of a system to respond to incidents such as leaks
Personnel security control measures
・Conclusion of personal data non-disclosure agreements, etc. with employees
・Clarification of roles and responsibilities of employees
- Thoroughly informing employees of safety management measures, education and training
・Confirmation of employee compliance with personal data management procedures
physical security measures
・Management of areas where personal data is handled, etc.
・Preventing theft of equipment, electronic media, etc.
・Preventing leaks when carrying electronic media, etc.
・Deletion of personal data and disposal of equipment, electronic media, etc.
Technical safety control measures
・Identification and authentication of users of personal data
・Setting of management categories and access control of personal data
・Management of access privileges to personal data
・Measures to prevent leakage and damage of personal data
・Recording and analyzing access to personal data
・Recording and analyzing the operating status of information systems that handle personal data
・Monitoring and auditing of information systems that handle personal data
When outsourcing the handling of personal data, we select a party that handles personal data appropriately, and in order to ensure the implementation of safety management measures at the outsourcing company, we develop handling regulations related to outsourcing and periodically I'm reviewing it.
Understanding the external environment
・We implement safety management measures after understanding the systems regarding protection of personal information in the countries where personal data is handled.
Four.Provision of personal data to third parties and acquisition from third parties
Our company will not provide personal data (for personal numbers and specific personal information, please refer to XNUMX. below) to third parties without the prior consent of the individual, except in the following cases.
① When required by law
②When it is necessary to protect a person's life, body, or property, and it is difficult to obtain the consent of the person.
③ When it is particularly necessary to improve public health or promote the healthy upbringing of children, and it is difficult to obtain the consent of the individual.
④ In cases where it is necessary to cooperate with a national organization, local government, or a person entrusted by them in carrying out the affairs prescribed by law, and obtaining the consent of the person will interfere with the execution of the affairs. When there is a risk of harm.
⑤ When the third party is an academic research institution, etc., and the third party needs to handle the personal data for academic research purposes (part of the purpose of handling the personal data is for academic research purposes) (Excluding cases where there is a risk of unfairly infringing on the rights and interests of individuals, including certain cases.)
When personal data is provided to a third party or acquired from a third party (including when personal information is acquired as personal data), we will confirm the circumstances surrounding the provision and acquisition, and confirm the details of the recipient and Information stipulated by law, such as the name of the provider, will be recorded and stored.
Five.Provision of personal information to third parties
Except as stipulated by law, when it is assumed that a third party will acquire personal information as personal data, the company will collect the information from the person in question at the third party. We will not provide such information without first confirming that we have obtained your consent to acknowledge this.
Unless stipulated by law, if we provide personal information to a third party based on the confirmation set forth in the preceding paragraph, we will provide information regarding the provision (when, to what destination, what personal information is provided, etc.). We will confirm and record whether the personal information was provided, how the third party obtained the consent of the person, etc.).
6.Handling of sensitive information
When based on laws and regulations, etc.
When it is necessary for the protection of human life, body or property
When it is particularly necessary to improve public health or promote the healthy development of children.
When it is necessary to cooperate with a national organization, local government, or a person entrusted by them in carrying out affairs stipulated by laws and regulations.
When acquiring, using, or providing to a third party sensitive information about employees, etc. regarding affiliation or membership in political, religious, etc. organizations or labor unions to the extent necessary for carrying out insurance premium collection operations, etc.
When sensitive information is acquired, used, or provided to a third party to the extent necessary for carrying out insurance payment operations, etc. associated with inheritance procedures.
In cases where sensitive information is acquired, used, or provided to a third party to the extent necessary for business operations based on the consent of the person concerned, in order to ensure appropriate business operations in the insurance industry.
7.Handling of personal numbers and specific personal information
Our company will not acquire or use individual numbers and specific personal information for purposes other than those specified by law.In addition, we will not provide personal numbers and specific personal information to third parties, except in cases specified by the Number Act.
8. Acquisition, use, and provision of information linked to identifiers such as cookies
You can also opt out of Google Analytics using an opt-out browser add-on.
■ Google Analytics
Information collection and handling of information using cookies in services provided by Google
Opting out of Google Analytics
9.Disclosure, correction, suspension of use, etc. of retained personal data based on the Personal Information Protection Act
Regarding requests for disclosure (including confirmation and disclosure of records), correction, or suspension of use of retained personal data (including personal numbers and specific personal information as described in XNUMX. above) based on the Personal Information Protection Act, please We will contact the insurance company that owns the policy.
Please use the contact information below to contact us.For inquiries regarding insured accidents, in addition to the inquiry desk below, you can also contact the accident consultation desk of the insurance company listed on your insurance policy.
Please note that we will respond only after confirming the identity of the person making the inquiry.
<Agency name> Riviera Life Support Co., Ltd.
<Address> 5-23-9 Kotsubo, Zushi City, Kanagawa Prefecture
<Representative Name> Representative Director Noboru Watanabe
<Phoneephone number> 0120-535-536
<Reception hours> 10:00-17:00
<E-mail> Contact | Riviera Life Support (https://select-type.com/e/?id=rEr-vPEDWdg)
*If you do not wish to receive information about new products and services via e-mail or direct mail from our company, please contact us at the contact information above.