Privacy

Privacy

Last Updated: March 1, 2023

Introduction

KPMG Japan, as a group of member firms of KPMG International in Japan, provides audit, tax and advisory services to clients.

(KPMG Japan represents the member firms of KPMG International (see “5. (2) Scope of sharing users” of Personal Information Protection Policy below) in Japan, and refers to each of the professional firms providing audit, tax and advisory services. KPMG Japan includes KPMG AZSA LLC, KPMG Tax Corporation, KPMG Consulting, KPMG FAS, KPMG AZSA Sustainability, KPMG Healthcare Japan, KPMG Social Insurance and Labor Advisors Corporation, KPMG Ignition Tokyo, KPMG Management, AZSA Office Mate, and KPMG Advisory Lighthouse.)

KPMG Japan firms, recognizing the importance of protecting personal information, comply with the Act on the Protection of Personal Information (“Personal Information Protection Act”) and other laws and regulations, guidelines, and norms applicable to the protection of personal information, and make efforts to protect personal information pursuant to the Personal Information Protection Policy and Specific Personal Information Protection Policy set forth below.

KPMG International has formulated the Privacy Statement to ensure the appropriate handling of personal information collected online. In addition to the Personal Information Protection Policy and Specific Personal Information Protection Policy, in relation to personal information collected online, KPMG Japan firms also comply with the Privacy Statement. In the case of any contradiction or discrepancy between the Personal Information Protection Policy or Specific Personal Information Protection Policy and the Privacy Statement, in relation to personal information collected online, to the extent permitted under the Personal Information Protection Act etc., the Privacy Statement shall prevail.

In addition to this Personal Information Protection Policy, KPMG Japan firms may establish, and publish or notify their own personal information protection policies and purposes of use.


Personal Information Protection Policy

1. Acquisition of Personal Information
KPMG Japan firms obtain personal information by lawful and appropriate means. Personal information subject to acquisition includes the following.

  • Personal information (e.g., name, title/position, employer, affiliation, address, date of birth, contact information (phone number/email address), nationality, information set forth in submitted resumes/CVs and other submitted documents, qualification/license information, employee number, face photo, information relating to work management, work duties, taxes, pay, or welfare, Individual Number and specific personal information) relating to users of the services of KPMG Japan firms (e.g., audit/assurance, consulting, tax and advisory services) and members of KPMG Japan firms (including officers, partners, employees, dispatched employees, part-time employees, service providers, seconded employees, advisors, and contract employees), and personal information that KPMG Japan firms obtain in connection with services or operations.
  • Online identifiers such as IP addresses and cookies obtained when users visit websites published by KPMG Japan firms (limited to those that can be easily collated with other information to identify a specific individual).

2. Purposes of Use of Personal Information
KPMG Japan firms use personal information for the following purposes. Except where permitted in accordance with the Personal Information Protection Act and other laws and regulations, without the consent of a principal, personal information is not used beyond this scope.

  • To provide the services of KPMG Japan firms (e.g., audit/assurance, consulting, tax and advisory services) and contact you regarding consultation and confirmation etc. with respect to services.
  • To confirm independence and carry out conflict checks in conjunction with the provision of services by KPMG Japan firms.
  • To distribute and send newsletters, email newsletters, and seminar information etc. issued by KPMG Japan firms.
  • To distribute and send information on KPMG Japan firm seminars and events etc., and make contact for information-sharing and regarding questionnaires etc. after participation.
  • To provide information about services of KPMG Japan firms, and distribute and send books and greeting cards etc.
  • If a user has registered his or her personal information on a specific KPMG Japan website (for example, including, but not limited to, our seminar registration forms), personal information is used to link the user's browsing history on such website to his or her personal information to grasp and analyze such information.
  • To conduct behavioral analysis for the purpose of service improvement, advertising, promotion, and sales etc. for persons who browse KPMG Japan firm websites etc.
  • To respond to and handle inquiries and requests received by KPMG Japan firms.
  • To retain personal information as evidence when necessary for the operations of KPMG Japan firms.
  • Personal information is used to make contact in conjunction with recruitment selection and recruitment activities for officers and employees etc., and conduct post-recruitment human resources management/work management (including cases where necessary for a business assignment, the execution of business, or the promotion/facilitation of the relevant entity's communications), and for tax, pay, welfare, education and training, safety and sanitation, health management, and for securing emergency contact information in case of emergency, among other things.
  • Individual Numbers and specific personal information are used for tax, labor insurance and social security-related purposes.
  • Personal information is also used for purposes ancillary to the purposes of use set forth above.

3. Provision of Personal Data to Third Parties
KPMG Japan firms may provide third parties with personal data to the extent necessary to attain the purposes of use set forth in “2. Purposes of Use of Personal Information” above. KPMG Japan firms comply with the Personal Information Protection Act and other laws and regulations with respect to provision of personal data to third parties.

4. Personal Information Security Management

  1. In order to appropriately protect and manage personal information, KPMG Japan firms stipulate and comply with basic matters relating to the acquisition, use, retention, provision, and deletion (destruction) of personal information, and make efforts to maintain personal information as accurate and up-to-date.
  2. KPMG Japan firms expressly specify responsibilities and roles relating to the handling of personal information, and handle personal information appropriately.
  3. KPMG Japan firms regularly implement voluntary inspections to confirm that operations involving the handling of personal information are performed appropriately and that measures to prevent unauthorized access, or leakage or loss etc. of information have been taken with respect to information systems.
  4. KPMG Japan firms regularly conduct training for their members etc. relating to the personal information protection and management protocols etc.
  5. KPMG Japan firms carry out necessary and appropriate supervision of their members etc. for secure management of personal information.
  6. For the secure management of personal information, including preventing leakage of, loss of, or damage to personal information, KPMG Japan firms put in place systems to protect information systems etc. from unauthorized access by external parties and from unauthorized software, and take necessary and appropriate measures to provide protection against unauthorized software.
  7. When outsourcing all or part of the handling of personal information, KPMG Japan firms carry out necessary and appropriate supervision of service providers to ensure secure management of personal information.
  8. KPMG Japan firms establish personal information protection management systems and continuously review and improve them.
  9. In cases where acquired personal information is stored in or transferred etc. to another country, KPMG Japan firms understand the systems relating to the protection of personal information in the relevant country, address laws and regulations, and take security management measures in compliance with laws and regulations.
  10. KPMG Japan firms manage entry and exit of buildings and floors where personal information is handled, takes measures to prevent theft etc. of devices, digital media, or documents etc. dealing with personal information, use locks and encryption when such items are taken out or transferred etc., and take appropriate measures when destroying or deleting the same.

5. Sharing of personal data
KPMG Japan firms may share personal data with other firms belonging to the KPMG network (see “(2) Scope of sharing users” below for details).
(1) Shared personal data
Name, title/position, employer, affiliation, address, date of birth, contact information (phone number/email address), nationality, information set forth in submitted resumes/CVs and other submitted documents, qualification/license information, employee number, face photo, information relating to work management, work duties, taxes, pay, or welfare, Individual Number and specific personal information, and cookie information, etc.
(2) Scope of sharing users
1. KPMG Japan firms
*KPMG Japan refers to the member firms of KPMG International in Japan. KPMG International is a global network that provides audit, tax and advisory services internationally.
Currently, the member firms of KPMG Japan consist of the following entities, but their names, scope, and organizational structures are subject to change.

  • KPMG AZSA LLC
  • KPMG Tax Corporation
  • KPMG Consulting Co., Ltd.
  • KPMG FAS Co., Ltd.
  • KPMG AZSA Sustainability Co., Ltd.
  • KPMG Healthcare Japan Co., Ltd.
  • KPMG Social Insurance and Labor Advisors Corporation
  • KPMG Ignition Tokyo, Inc
  • KPMG Management Co., Ltd.
  • AZSA Office Mate Co., Ltd.
  • KPMG Advisory Lighthouse, Inc.

2. KPMG International(detailed explanation here ) and KMPG member firms in different countries that are members of KPMG International (list here)
(3) Purpose of use of sharing users
Personal data is used for the same purposes of use set forth in “2. Purposes of Use of Personal Information” above to the extent necessary within the scope set forth in “(2) Scope of sharing users” above.
(4) Persons responsible for management of shared personal data

  • KPMG AZSA LLC
    Azsa Center Building
    1-2 Tsukudo-cho, Shinjuku-ku
    Tokyo 162-8551
    CEO: Hiroyuki Yamada
  • KPMG Tax Corporation
    Izumi Garden Tower
    1-6-1 Roppongi, Minato-ku
    Tokyo 106-6012
    Representative: Yuichi Miyahara

*Please refer to the contact information of each firm below.

6. Matters Relating to Retained Personal Data
(1) Names, addresses, and representatives of business operators handling personal information

  • KPMG AZSA LLC
    Azsa Center Building
    1-2 Tsukudo-cho, Shinjuku-ku
    Tokyo 162-8551
    CEO: Hiroyuki Yamada
  • KPMG Tax Corporation
    Izumi Garden Tower
    1-6-1 Roppongi, Minato-ku
    Tokyo 106-6012
    Representative: Yuichi Miyahara
  • KPMG Consulting Co., Ltd.
    OTEMACHI FINANCIAL CITY South Tower
    1-9-7 Otemachi, Chiyoda-ku
    Tokyo 100-0004
    Representative Director, President & CEO: Masahiro Miyahara
  • KPMG FAS Co., Ltd.
    OTEMACHI FINANCIAL CITY North Tower
    1-9-5 Otemachi, Chiyoda-ku
    Tokyo 100-0004
    Representative Directors: Masahiko Chino; Osamu Matsushita; Hikaru Okada
  • KPMG AZSA Sustainability Co., Ltd.
    OTEMACHI FINANCIAL CITY South Tower
    1-9-7 Otemachi, Chiyoda-ku
    Tokyo 100-0004
    Representative Directors: Junichi Adachi; Kazuhiko Saito
  • KPMG Healthcare Japan Co., Ltd.
    OTEMACHI FINANCIAL CITY North Tower
    1-9-5 Otemachi, Chiyoda-ku
    Tokyo 100-0004
    Representative Directors: Keiichi Owari; Jun Matsuda
  • KPMG Social Insurance and Labor Advisors Corporation
    Izumi Garden Tower
    1-6-1 Roppongi, Minato-ku
    Tokyo 106-6012
    Representative: Wataru Koshida
  • KPMG Ignition Tokyo, Inc
    Otemachi Building 7F
    1-6-1 Otemachi, Chiyoda-ku
    Tokyo 100-0004
    Representative Director and Chairman: Masahiko Chino
  • KPMG Management Co., Ltd.
    Azsa Center Building
    1-2 Tsukudo-cho, Shinjuku-ku
    Tokyo 162-8551
    Representative: Daisuke Harada
  • AZSA Office Mate Co., Ltd.
    Azsa Center Building
    1-2 Tsukudo-cho, Shinjuku-ku
    Tokyo 162-0821
    Representative: Michitaka Shishido
  • KPMG Advisory Lighthouse, Inc.
    Otemachi Building 7F
    1-6-1 Otemachi, Chiyoda-ku
    Tokyo 100-0004
    Representative Partner: Hotta Tomoyuki

(2) Purpose of use of retained personal data
The same as the purposes of use set forth in “2. Purposes of Use of Personal Information” above.
(3) Retention period for retained personal data
When the retention period stipulated in laws and regulations etc. ends or its use ceases to be necessary through the attainment of the purposes of use set forth in “(2) Purpose of use of retained personal data” above, retained personal data will be destroyed or deleted without delay.
(4) Procedures for requesting disclosure etc. of retained personal data and where to lodge a complaint etc.
With respect to disclosure, etc. of retained personal data of KPMG Japan firms (request for notice of purpose of use of retained personal data; disclosure of retained personal data; correction, addition, or deletion of information; suspension of use or erasure; or suspension of provision to third parties) and disclosure etc. of records of provision of personal information to third parties, if the principal makes a request by email to the contact, we will confirm the particulars and contact you regarding how the request will be handled.

For comments, questions, complaints, and other inquiries regarding the protection of personal information by KPMG Japan firms, please send an email to the following contacts.


Specific Personal Information Protection Policy

Regarding the handling of Individual Numbers and specific personal information, KPMG Japan firms comply with the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures and related laws, regulations and guidelines, and operate pursuant to the following purposes of use and policies.
(1) Purposes of use

  • Administrative work relating to tax withholding for employment income and retirement income
  • Administrative work relating to local inhabitant tax
  • Administrative work relating to employment insurance filing and application and related administrative work
  • Administrative work relating to application for employment-related subsidy and related administrative work
  • Administrative work relating to health insurance and welfare pension insurance filings and applications, and related administrative work
  • Administrative work relating to notifications of National Pension Category 3 insured person
  • Administrative work relating to defined benefit pensions
  • Administrative work relating to workers’ accident compensation insurance benefits

(2) Matters relating to security management measures
In order to prevent leakage, loss or damage to specific personal information, and otherwise appropriately manage specific personal information, KPMG Japan firms also establish and comply with the provisions of the Specific Personal Information Protection Rules and the like.
(3) Contact point for questions and complaints etc.
For comments, questions, complaints, and other inquiries regarding the protection of specific personal information by KPMG Japan firms, please send an email to the following contacts

The Specific Personal Information Protection Policy for KPMG Tax Corporation and KPMG Social Insurance and Labor Advisors Corporation is available here (PDF).


Privacy Statement
KPMG1 is dedicated to protecting the confidentiality and privacy of information entrusted to it. As part of this fundamental obligation, KPMG is committed to the appropriate protection and use of personal information that has been collected online.

Generally, our intent is to collect only the personal information that is provided voluntarily by online visitors to our web sites (“users”), for example so that we can offer information and/or services to those individuals (if they register with our marketing or customer management systems, or for inquiries with other contacts), or offer information about employment opportunities (if they register recruitment web sites). “We,” “us,” or “our” herein refers to each entity of KPMG Japan: KPMG AZSA LLC, KPMG Tax Corporation, KPMG Consulting Co., Ltd., KPMG FAS Co., Ltd., KPMG AZSA Sustainability Co., Ltd., KPMG Healthcare Japan Co., Ltd., KPMG Social Insurance and Labor Advisors Corporation, KPMG Ignition Tokyo, Inc., KPMG Management Co., Ltd., AZSA Office Mate Co., Ltd. and KPMG Advisory Lighthouse, Inc.. Please review this privacy statement (this "Privacy Statement") to learn more about how we collect, use, share and protect the personal information that we have obtained.
 

1. Collection and use of personal information
1.1 What information we collect
We obtain your personal information if you provide us with the information online — for example, if you enter your personal information in a prescribed form for a contact described on our web sites and send it to us, if you make an inquiry about employment opportunities or apply for employment with us through our recruitment web sites, or if you enter your personal information for the purpose of registration to certain services which we provide. In some cases, you will have previously provided your personal information to us (if, for example, you are a former employee). If you choose to register or login to our web sites using a third party single sign-in service that authenticates your identity and connects your social media login information (for example, LinkedIn, Google, or Twitter) with us, we will collect any information or content needed for the registration or log-in that you have permitted the social media provider to share with us, such as your name and email address. Other information we collect will depend on the privacy settings you have set with your social media provider, so please review the privacy statement or policy of the applicable service.

When you register or submit personal information to us, we will use this information in the manner outlined in this Privacy Statement. Your personal information is not used for any other purposes than those specified, unless we obtain your permission, or unless otherwise required or permitted by law. For example, if you register to our web sites and provide information about your preferences we will use this information to personalize your user experience. Where you register or login using a third party single  sign-in we may also recognize you as the same user across any different devices you use and personalize your user experience across our other sites you visit. If you send us a resume or curriculum vitae (CV) to apply online for a position with us, we will use the information that you provide to match you with available our job opportunities. If you provide us with your personal information to join our seminars and events, we may analyze and process the information to contact you regarding the seminars and events, analyze user behavior, improve our services, or advertise, promote, and market our services.

In some cases where you have registered for certain services we will store your email address temporarily until we receive confirmation of the information you provided via an email (i.e. where we send an email to the email address provided as part of your registration to confirm a subscription request).

1.2 The legal grounds we have to use your personal information
We generally collect only the personal information necessary to fulfill your request. Where additional, optional information is sought, you will be notified of this at the point of collection.

When we process your personal information, we will rely on one of the following processing conditions:

  • Performance of a contract: this is when the processing of your personal information is necessary in order to perform our obligations under a contract;
  • Legal obligation: this is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency;
  • Legitimate interests: we will process information about you where it is in our legitimate interest in running a lawful business to do so in order to further that business, so long as it doesn’t outweigh your interests; or
  • Your consent: in some cases, we will ask you for specific permission to process some of your personal information, and we will only process your personal information in this way if you agree to us doing so. You may withdraw your consent at any time by sending an email to following contacts.

Examples of the ”legitimate interests” referred to above are:

  • To offer information and/or services to individuals who visit our web site or offer information about employment opportunities.
  • To prevent fraud or criminal activity and to safeguard our IT systems.
  • To customize individual’s online experience and improve the performance usability and effectiveness of our online presence.
  • To conduct, and to analyze, our marketing activities.
  • To meet our corporate and social responsibility obligations.
  • To exercise our fundamental rights in the EU under Articles 16 and 17 of the Charter of Fundamental Rights, including our freedom to conduct a business and right to property.

We will not collect the personal data including special categories of data, such as diversity related information (including data about racial and ethnic origin, political opinions, religious beliefs and other beliefs of a similar nature, trade union membership and data about sexual life and sexual orientation), genetic data, biological data, or health data and data about alleged or proven criminal offences except as expressly permitted by law (which means Japanese and foreign laws regarding personal information protection applied).

1.3 Automatic collection of personal information
In some instances, we and its service providers use cookies, web beacons and other technologies to automatically collect certain types of information when you visit us online, as well as through emails that we may exchange. The collection of this information allows us to customize your online experience, improve the performance, user behavior analysis, usability and effectiveness of our online presence, and to measure the effectiveness of our marketing activities.

1.3.1 IP addresses
An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognize and communicate with one another. IP addresses from which visitors appear to originate will be recorded for IT security and system diagnostic purposes. This information will also typically be used in aggregate form to conduct web site trend and performance analysis.

1.3.2 Cookies
Cookies will typically be placed on your computer or internet-enabled device whenever you visit us online. This allows the site to remember your computer or device and serves a number of purposes.

On some of our web sites, a notification banner will appear requiring your consent to collect cookies. If you do not provide consent, your computer or internet-enabled device will not be tracked for marketing-related activities. A secondary type of cookie referred to as "user-input" cookies may still be required for necessary functionality. Such cookies will not be blocked through the use of this notification banner. Your selection will be saved in a cookie and is valid for a period of 90 days. If you wish to revoke your selection, you may do so by clearing your browser's cookies.

Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser's settings (often found in your browser's Tools or Preferences menu). You may also delete cookies from your device at any time. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of our web sites' features.

Further information about managing cookies can be found in your browser's help file or through sites such as www.allaboutcookies.org.

Below is a list of the types of main cookies used on our web sites:


Other third party tools and widgets will be used on our individual web pages from time to time to provide additional functionality. Use of these tools or widgets will typically place a cookie on your device to make their service easier to use, and ensure your interaction is displayed on our webpages properly.

Purpose Descreiption Type & Expiry

Performance (i.e., User's Browser)

Our web sites are built using common internet platforms. These have built-in cookies which help compatibility issues (e.g., to identify your browser type) and improve performance (e.g., quicker loading of content). Session
Deleted upon closing the browser
Security (e.g., Asp .NET) Cookies If you register for access to a restricted area, our cookies ensure that your device is logged for the duration of your visit. You will need your username and password to access the restricted areas. Session
Deleted upon closing the browser
Site Preferences Our cookies may also remember your site preferences (e.g., language) or seek to enhance your experience (e.g., by personalizing a greeting or content). This will apply to areas where you have registered specifically for access or create an account. Session
Deleted upon closing the browser
Analytical  We use several third party analytics tools to help us understand how site visitors use our web site. This allows us to improve the quality and content on home.kpmg for our visitors. The aggregated statistical data cover items such as total visits or page views, and referrers to our web sites. For further details on our use of Google Analytics, see “1.3.3 Google Analytics” below. Persistent, but will be deleted automatically after two years if you no longer visit home.kpmg
Site visitor feedback We use a third party survey tool to invite a percentage of visitors to provide their feedback. Cookies are used to prevent visitors from being invited multiple times.
The first cookie (1) is set if the visitor is not invited to participate in the survey, and is used to ensure visitors are not invited after their first page view.
The second cookie (2) is set if the visitor is invited to participate in the survey, and is used to ensure the visitor is not invited again to participate for a period of 90 days.
  1. Session
    Deleted upon closing the browser
  2. Persistent, but will deleted automatically after 90 days or presenting survey invite
Social sharing We use third party social media widgets or buttons to provide you with additional functionality to share content from our web pages to social media web sites and email. Use of these widgets or buttons may place a cookie on your device to make their service easier to use, ensure your interaction is displayed on our webpages (e.g., the social share count cache is updated) and log information about your activities across the Internet and on our web sites. We encourage you to review each provider's privacy information before using any such service. For further details on our use of social media widgets and applications, see “1.4 Social media widgets and applications” below. Persistent, but will be deleted automatically after two years if you no longer visit home.kpmg

When you register your personal information on our web site, including but not limited to application forms for our seminars, we may link your browsing history on the web site and your personal information to understand and analyze them for the purpose of improvement of user services, advertisement, sales promotion and activities, and other activities.

BY NAVIGATING ON OUR WEB SITES OR ENTERING YOUR LOGIN DETAILS TO ACCESS AREAS RESERVED FOR REGISTERED USERS, YOU AGREE THAT WE CAN PLACE THESE COOKIES ON YOUR COMPUTER OR INTERNET ENABLED DEVICE.

1.3.3 Google Analytics
We use Google Analytics. More information about how Google Analytics is used by us can be found here: https://marketingplatform.google.com/about/analytics/terms/us/

To provide web site visitors with more choice on how their data is collected by Google Analytics, Google have developed the Google Analytics Opt-out Browser Add-on. The add-on communicates with the Google Analytics JavaScript (ga.js) to indicate that information about the web site visit should not be sent to Google Analytics. The Google Analytics Opt-out Browser Add-on does not prevent information from being sent to the web site itself or to other web analytics services.

1.3.4 Web beacons
A web beacon is a small image file on a web page that can be used to collect certain information from your computer, such as an IP address, the time the content was viewed, a browser type, and the existence of cookies previously set by the same server. We only use web beacons in accordance with applicable laws.

We or our service providers will use web beacons to track the effectiveness of third party web sites that provide us with recruiting or marketing services or to gather aggregate visitor statistics and manage cookies.

You have the option to render some web beacons unusable by rejecting their associated cookies. The web beacon may still record an anonymous visit from your IP address but cookie information will not be recorded.

In some of our newsletters and other communications, we will monitor recipient actions such as email open rates through embedded links within the messages. We collect this information to gauge user interest and to enhance future user experiences.

1.3.5 Location-based tools
We will collect and use the geographical location of your computer or mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.

1.4 Social media widgets and applications
Our web sites will typically include functionality to enable sharing via third party social media applications, such as the Facebook Like button and Twitter widget. These social media applications will collect and use information regarding your use of our web sites (see details on ”Social Sharing” cookies above). Any personal information that you provide via such social media applications will often be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. We do not have control over, or responsibility for, those companies or their use of your information.

In addition, our web sites may host blogs, forums, crowd-sourcing and other applications or services (collectively "Social Media Features"). The purpose of Social Media Features is to facilitate the sharing of knowledge and content. Any personal information that you provide on any of our social media feature will typically be shared with other users of that social media feature (unless otherwise stated at the point of collection), over whom we often have limited or no control.

2. Sharing and transfer of personal information
2.1 Transfer within the network of KPMG firms
We share information about you with other member firms of the KPMG network as part of international engagements, and with KPMG International and other member firms by establishing appropriate safeguards, such as concluding standard contracts for information protection or applying supplementary rules where required or desirable to meet our legal and regulatory obligations around the world. Other parts of the KPMG network are also used to provide services to us and you, for example hosting and supporting IT applications, provision of certain forms of insurance for member firms and its clients, performing client conflicts checks and Anti-Money Laundering checks, assisting with client engagement services and otherwise as required in order to continue to run KPMG’s business.

2.2 Transfers to third parties
We do not share personal information with third parties, except as necessary for our legitimate professional and business needs, to carry out your requests, and/or as required or permitted by law or professional standards. For more information on such third parties, please see this link . In addition, we will transfer certain personal information outside of the EEA to outside companies working with us or on our behalf for the purposes described in this Privacy Statement. We will also typically store personal information outside of the EEA. We typically send personal information to the following countries. If we do this your personal information will continue to be protected by means of contracts we have in place with those organizations outside the EEA, containing standard data protection clauses which are in a form approved by the European Commission.

We will not transfer the personal information you provide to any third parties for their own direct marketing use.

3. Choices
In general, you are not required to submit any personal information to us, but we will require you to provide certain personal information in order for you to receive additional information about our services and events. We will also ask for your permission for certain uses of your personal information, and you can agree to or decline those uses. If you opt-in for particular services or communications, such as an newsletter, you will be able to unsubscribe at any time by following the instructions included in each communication. If you decide to unsubscribe from a service or communication, we will try to remove your information promptly, although we may require additional information before we can process your request.

As described in "Cookies" above, if you wish to prevent cookies from tracking you as you navigate our sites, you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Note that some portions of our sites may not work properly if you elect to refuse cookies.

4. Your rights
If we process personal information about you, you have the following rights:
(1) Access: you have the right to know what kind of personal information has been collected about you and how such information has been used.
(2) Correction: you have the right to correct any inaccuracies in the personal information that we hold about you.
(3) Erasure (“Right to be forgotten”): you have the right to withdraw your consent and obtain the erasure of personal information.
(4) Restriction of Processing: you have the right to restrict the processing of personal information.
(5) Data Portability: you have the right to receive your personal information we collect in a machine-readable format and to reuse it for your own purposes.
(6) Object to processing: you have the right to object to us processing your personal information.
(7) Automated Decisions: you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
(8) Complaint with a supervisory authority: you have the right to lodge a complaint with a supervisory authority, particularly in the member state of the European Union of your habitual residence, place of work, and/or place of the alleged infringement of an applicable law.

You can make a request or exercise these rights by sending an email to following contacts and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.

5. Data security and integrity
We have reasonable security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite our best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information.

We also make reasonable efforts to retain personal information only for so long i) as the information is necessary to comply with an individual's request, ii) as necessary to comply with legal, regulatory, internal business or policy requirements, or iii) until that person asks that the information be deleted. The period for which data is retained will depend on the specific nature and circumstances under which the information was collected.

6. Links to other sites
Please be aware that our web sites will typically contain links to other sites, including sites maintained by our other member firms that are not governed by this Privacy Statement but by a specific privacy policies that will often differ somewhat. We request you to review the privacy policy of each Web site visited before disclosing any personal information.

7. Changes to this statement
We may modify this Privacy Statement from time to time to reflect our current privacy practices. When we make changes to this statement, we will revise the "updated" date at the bottom of this page. Any changes to the processing of personal data as described in this Privacy Statement affecting you will be communicated to you through an appropriate channel, depending on how we normally communicate with you.

8. Policy questions and enforcement
We are committed to protecting the online privacy of your personal information. If you have questions or comments about our administration of your personal information, please send an email to following contacts. You may also use this address to communicate any concerns you may have regarding compliance with this Privacy Statement.

If you are not satisfied with the response you receive, you may escalate your concern to the KPMG Japan Privacy Officer by sending an email to following contacts. We will acknowledge your email within 14 days and seek to resolve your concern within one month of receipt. Where the concern is complex or we have a large volume of concerns, we will notify you that the concern will take longer than one month to resolve, and we will seek to resolve your concern within three months of the concern being first raised. We may accept your concern (and in that case implement one of the measures set out in the “4. Your Rights” above), or we may reject your concern on legitimate grounds.

9. Additional Information on the processing of personal data pursuant to the General Data Protection Regulation (GDPR)
GDPR applies when you locate in the EEA or the UK may provide us with personal data through certain channels online. The following as well as the above mentioned are additionally applied if we obtain the personal data under such circumstances.

9.1 Lawfulness of personal data processing
We will process your personal data based on any one of the following conditions:

  • GDPR Article 6 (1) (a): You have given us consent for the processing of their personal data;
  • GDPR Article 6 (1) (b): The processing is required for the performance of contracts, or the processing is performed as a preliminary measure to the execution of a contract;
  • GDPR Article 6 (1) (c): The processing is required to comply with our legal duties;
  • GDPR Article 6 (1) (d): The processing is necessary in order to protect the vital interests of the data subject or of another natural person; or
  • GDPR Article 6 (1) (f): The processing is necessary for the purpose of certain legitimate interests.

9.2 Indication of personal data retention period
We will only retain personal data that we have obtained for a period of time reasonably deemed necessary to achieve the purpose of obtaining and processing personal data set forth in this Privacy Statement. Specific retention periods will be determined on an individual basis in accordance with the requirements of applicable laws and regulations and the necessity of retaining personal data for business purposes.

9.3 Representative and Data Protection Officer (DPO)
Below is a list of contacts of representatives we established in the EEA and the UK:


If you are a data subject residing in the EEA:

To: BIRD & BIRD GDPR Representative Service SRL
Address: Avenue Louse 235
1050 Bruxelles
Belgium
E-mail: EUrepresentative.KPMGJapan@twobirds.com


If you are a data subject residing in the United Kingdom:

To: BIRD & BIRD GDPR Representative UK
Address: 12 New Fetter Lane
London EC4A 1JP
United Kingdom
E-mail: UKrepresentative.KPMGJapan@twobirds.com


We have data protection officers (DPOs). Their contacts are as follows:

For KPMG AZSA LLC, KPMG Consulting Co., Ltd., KPMG FAS Co., Ltd., KPMG AZSA Sustainability, KPMG Healthcare Japan, Co., Ltd., KPMG Ignition Tokyo, Inc. and KPMG Advisory Lighthouse, Inc..
To: Data Protection Officer (DPO) of KPMG AZSA LLC
Address: AZSA Center Building, 1-2 Tsukudo-cho, Shinjuku-ku, Tokyo 162-8551
E-mail: kj-dpo@jp.kpmg.com
(Business hours: 9:15 – 17:15 (excluding weekends, holidays, year-end and new-year holidays, and foundation days))


For KPMG Tax Corporation
To: Data Protection Officer (DPO) of KPMG Tax Corporation
Address: Izumi Garden Tower, 1-6-1 Roppongi, Minato-ku, Tokyo 106-6012, Japan
E-mail: tax-dpo@jp.kpmg.com
(Operation hours: 9:00 – 17:00 (excluding weekends, holidays, year-end and new-year holidays, and foundation days))


For KPMG Social Insurance and Labor Advisors Corporation
To: Data Protection Officer (DPO) of KPMG Social Insurance and Labor Advisors Corporation
Address: Izumi Garden Tower, 1-6-1 Roppongi, Minato-ku, Tokyo 106-6012, Japan
E-mail: tax-dpo@jp.kpmg.com
(Operation hours: 9:00 – 17:00 (excluding weekends, holidays, year-end and new-year holidays, and foundation days))

1 "KPMG," refers to KPMG International Limited, and its other global organizations, KPMG International Services Limited and KPMG International Cooperative, and their successor bodies ("KPMG International"), and/or to any one or more of the member firms of the KPMG network of independent firms affiliated with KPMG International. KPMG International provides no client services.

10. Additional information on the processing of personal data pursuant to the Personal Information Protection Law of the People's Republic of China
The Personal Information Protection Law of the People's Republic of China applies when you locate in the People's Republic of China (excluding Hong Kong, Macau and Taiwan for the purpose of this Privacy Statement; the same applies hereinafter) may provide us with personal data through certain channels online. The following measures will be preferentially applied to the personal data that we obtain in these circumstances; unless otherwise provided below, the measures in Section 8 above apply.

10.1 Lawfulness of personal data processing
We will process your personal data based on any one of the following conditions:

  • You have given us consent for the processing of their personal data; 
  • The processing is required for the performance of contracts, or the processing is performed as a preliminary measure to the execution of a contract;
  • The processing is required to comply with our legal duties;
  • The processing is required for the purpose of public health, or in emergency situations for the protection of the life, health or assets of natural persons;
  • Personal information is processed within a reasonable scope in the performance of actions required by the public interest;
  • You have voluntarily published personal information or your personal information has otherwise been legally published, and the processing is within a reasonable scope as set forth in the Personal Information Protection Law of the People’s Republic of China; or
  • The processing is performed in accordance with applicable laws and regulations and administrative rules or other grounds.

10.2 Indication of personal data retention period
We will only retain personal data that we have obtained for a period of time reasonably deemed necessary to achieve the purpose of obtaining and processing personal data set forth in this Privacy Statement. Specific retention periods will be determined on an individual basis in accordance with the requirements of applicable laws and regulations and the necessity of retaining personal data for business purposes.

10.3 Your rights
When we use your personal information, you have the following rights with respect to their own personal information:
(1) Right to know, right to decide: The rights to know and decide on the processing of one's own personal information.
(2) Right to restrict and decline: The rights to restrict or decline the processing of one's own personal information.
(3) Right to view and copy: The rights to view and copy the personal information that you have entrusted to us.
(4) Right to amend and supplement: The rights to amend and supplement inaccurate and incomplete information regarding oneself.
(5) Right to delete: The right to seek deletion of personal information when any of the following apply:

  • The purpose of use have been achieved, have become impossible to achieve, or have become unnecessary to achieve; 
  • The services that we provide have terminated;
  • You have withdrawn consent;
  • We have violated applicable laws and regulations or administrative rules, or have breached agreements with you in the processing of personal information; or
  • Other reasons set forth in applicable laws and regulations and administrative rules.

(6) Right to seek explanation of the rules on the processing of your personal information: The right to seek an explanation of the rules on the processing of your own personal information.
(7) Right to receive explanation of automated decisions: The right to seek an explanation of decisions that we make on the basis of automated processing and that have a material impact on your interests.
(8) Right to reject decisions based solely on automated processing: The right to reject decisions that we have made based solely on automated processing and that have a material impact on your interests.

You can make a request or exercise these rights by sending an email to following contacts and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.

10.4 Sharing and transfer of personal information
We may, with the consent of you, share and transfer your personal information to the KPMG member firms noted in "2. Sharing and transfer of personal information" and to third parties within the scope of the purpose of use published in this Privacy Statement. In these circumstances, we will execute personal information processing contracts and require that personal information be processed in accordance with our instructions, this Privacy Statement, and relevant personal information protection and security measures. The parties with which personal information is shared or to which personal information is transferred will use and retain personal information within a scope reasonably required for performance of the purpose of use published in this Privacy Statement.

10.5 International transfers of personal information
We may, with the consent of you, transfer your personal information to KPMG member firms and third parties in countries other than the People's Republic of China as noted in "2. Sharing and transfer of personal information." In some cases, these countries may not have applicable personal information protection laws equivalent to the People's Republic of China, or may not have relevant laws and regulations at all. In these circumstances, we will continue to protect your personal information through contracts that we execute with organizations outside the People's Republic of China.

 

How to contact us
If you have a query in relation to this Personal Information Protection Policy or Privacy Statement or you would like to make a complaint about KPMG’s handling of your personal information, please contact KPMG as follows:

KPMG AZSA LLC
AZSA Center Building
1-2 Tsukudo-cho, Shinjuku-ku
Tokyo 162-8551
Email: kojinjoho@jp.kpmg.com

KPMG Tax Corporation
Izumi Garden Tower
1-6-1 Roppongi, Minato-ku
Tokyo 106-6012
Email: personal-info@jp.kpmg.com

KPMG Consulting Co., Ltd.
OTEMACHI FINANCIAL CITY South Tower
1-9-7 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: KC-Privacy@jp.kpmg.com

KPMG FAS Co., Ltd.
OTEMACHI FINANCIAL CITY North Tower
1-9-5 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: fasprivacy@jp.kpmg.com

KPMG AZSA Sustainability Co., Ltd.
OTEMACHI FINANCIAL CITY South Tower
1-9-7 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: sustainability@jp.kpmg.com

KPMG Healthcare Japan Co., Ltd.
OTEMACHI FINANCIAL CITY North Tower
1-9-5 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: jp-fmhcinfo@jp.kpmg.com

KPMG Social Insurance and Labor Advisors Corporation
Izumi Garden Tower
1-6-1 Roppongi, Minato-ku
Tokyo 106-6012
Email: personal-info@jp.kpmg.com

KPMG Ignition Tokyo, Inc.
Privacy Office
Otemachi Building 7F
1-6-1 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: JP-FMKIT_privacy@jp.kpmg.com

My number Office
Otemachi Building 7F
1-6-1 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: KIT_MyNumber@jp.kpmg.com

KPMG Management Co., Ltd.
(Contact point: KPMG AZSA LLC)
AZSA Center Building
1-2 Tsukudo-cho, Shinjuku-ku
Tokyo 162-8551
Email: kojinjoho@jp.kpmg.com

AZSA Office Mate Co., Ltd.
(Contact point: KPMG AZSA LLC)
AZSA Center Building
1-2 Tsukudo-cho, Shinjuku-ku
Tokyo 162-8551
Email: kojinjoho@jp.kpmg.com

KPMG Advisory Lighthouse, Inc.
Privacy and My number Office
Otemachi Building 7F
1-6-1 Otemachi, Chiyoda-ku
Tokyo 100-0004
Email: jp-fmalh-privacy@jp.kpmg.com