Privacy Policy | 株式会社ミンカブ・ジ・インフォノイド

The MINKABU Group (hereinafter referred to as “the Company Group”), which includes MINKABU THE INFONOID, Inc. (hereinafter referred to as “the Company”) and its consolidated subsidiaries and equity method affiliates, recognizes the protection of personal information as a serious issue in its business operations and considers the appropriate management of personal information to be a social responsibility. This Privacy Policy (hereinafter referred to as “this Policy”) sets forth the handling of personal information common to the various services provided by the Company Group.

1. Basic Policy on Personal Information Protection

The Company Group recognizes the importance of personal information and considers the thorough protection of such information to be its highest responsibility in operating its businesses. Based on this principle, this Policy has been established to ensure the appropriate handling of personal information. Specifically, all officers and employees of the Company Group will comply with laws, national guidelines, and other norms regarding the handling of personal information. The Company Group will also take reasonable safety, preventive, and corrective measures, such as establishing internal regulations to address risks like unauthorized access to personal information, leakage, loss, or destruction of personal information.

Furthermore, these measures will be thoroughly communicated to all officers and employees of the Company Group, and the company’s information protection management system will be reviewed as needed and continuously improved and strengthened in light of the management environment.

2. Scope of Application

This Policy applies when customers use the services provided by the Company Group (including related incidental services, applications, tools, etc., hereinafter collectively referred to as “the Company’s Services”) and the corporate websites operated by each company of the Company Group. The Company Group may, in addition to or separate from this Policy, establish specific rules regarding the handling of personal information depending on the content of the services. Please note that in the event of a conflict between such specific rules and the content of this Policy, the specific rules shall prevail.

Please read this Policy carefully along with the terms of use for the Company’s Services and use the services after agreeing to them. If a customer begins to use the Company’s Services, the Company Group will deem that the customer has understood the contents of this Policy, which explains the acquisition, use, provision, and retention of the customer’s personal information.

Examples of the Company’s primary services include MINKABU, Kabutan, and various services provided by Livedoor Co., Ltd., such as Livedoor News, Livedoor Blog, Kstyle, Peachy, and SOCCERKING.

The Company Group refers to the Company and the following companies:
Livedoor Co., Ltd.

3. Personal Information to be Acquired

The personal information collected by the Company Group is as follows. Such information is obtained through lawful and fair means. Personal data refers to personal information included in a systematically organized set of personal information that can be searched for a specific individual.

3-1.　 Personal Information Provided by Customers

Name, date of birth, gender, address, email address, telephone number, company name, information regarding payment for paid content, etc., entered when using the Company’s services.
User ID, password, and similar credentials
Responses to questionnaires.
Identification documents submitted for identity verification.

3-2.　 Personal Information Provided to the Company Group by Third Parties

Name, date of birth, gender, address, email address, telephone number, school, nationality, educational background, employment history, and other related information

3-3.　 Personal Information and Personal Data Automatically Collected by the Company Group when Customers Accesses the Company’s Services

Access logs, Web beacons (also known as pixels), Cookies, and similar technologies.

*These data may remain on your computer, and data collection may continue. For details, please see our Cookie Policy.

4. Collection of Personal Information

The Company Group collects personal information by lawful and fair methods and does not obtain it by fraudulent methods against the customer’s will. Even when collecting personal information from a third party, the Company Group will confirm that it has been properly obtained by the information provider.

5. Purposes of Use of Personal Information

The Company Group will use the collected personal information within the scope of the following purposes and will take necessary measures to prevent its use for other purposes.

To provide the Company‘s services.
To verify the identity of the customer or their agent.
To contact customers and provide various information for free via email.
To customize information, services, and ad delivery on the Company’s services according to the customer’s age, occupation, gender, hobbies, etc..
To be used for marketing (surveys, questionnaires, etc.), data analysis, and the research and development of the services.
To provide information on products, services, events, and seminars of the Company and its affiliated companies, including the Company Group, via mail, phone, fax, email, etc..
To analyze data for the purpose of the above guidance and for the operation management, improvement, enhancement, and development of new services of the Company and its domestic group companies.
For the exercise of rights and fulfillment of obligations based on contracts with customers and laws and regulations.
To prevent unfair trading, such as insider trading.
To perform recruitment-related duties for job applicants.
To perform personnel, labor, and other appropriate duties for employees, etc..
In addition, to properly and smoothly fulfill transactions with customers and business partners.

6. Provision of Personal Data to Third Parties

The Company Group will not disclose or provide customers’ personal data to third parties without the customer’s consent. However, personal data may be disclosed or provided without the customer’s consent in the following cases:

When required by law.
When it is necessary for the protection of a person’s life, body, or property, and it is difficult to obtain the customer’s consent.
When it is particularly necessary for the improvement of public health or the promotion of the sound growth of children, and it is difficult to obtain the customer’s consent.
When it is necessary to cooperate with a national or local government body, or a person entrusted by such a body, in carrying out its legally mandated duties, and obtaining the customer’s consent could interfere with the performance of those duties.
When handling of personal data is entrusted to a business outsourcing company that has a confidentiality agreement with the Company, under the supervision of the Company, for the purpose of making contact by phone, direct mail, email, or other means on behalf of the Company.
When handling of personal data is entrusted to a payment processing company, credit card company, or financial institution that has a confidentiality agreement with the Company, for the purpose of billing customers who use the paid content of the services.

7. Supervision of Subcontractors

When the handling of collected personal data is entrustedto an external subcontractor, the Company will conduct a thorough review and exercise necessary and appropriate supervisionto ensure confidentiality of the data.

8. Joint Use

The Company Group may share and jointly use personal data collected from customers among its group companies in accordance with this Policy

(1) Items of Personal Data to be Jointly Used:　Personal data described in “3. Personal Information to be Acquired”
(2) Scope of Joint Users: The Company and its domestic group companies.
The Company’s group companies are Livedoor Co., Ltd..
(3) Purposes of Use of Jointly Used Personal Information: The purposes of use described in “5. Purposes of Use of Personal Information”.
(4) Responsible Party for Personal Data Management: MINKABU THE INFONOID, Inc.

9. Disclosure, Correction, Suspension of Use, Deletion of Retained Personal Data, and Handling to Complaints

The Customer may disclose or correct their personal data at any time by themselves after logging in to the service. If the customer wishes to delete their personal data, please withdraw from the membership at the withdrawal page for each service they are using. Their personal data will be deleted once the customer has completed the withdrawal procedures.

If a customer requests the disclosure, correction, addition deletion, suspension of use, or suspension of provision to a third party (collectively referred to as “Disclosure, etc.”) of personal information not categorized as retained personal data retained personal data, the Company will promptly review the request and provide the necessary documents (request form). The Company will respond to the request once the applicant has filled out the form and submitted documents verifying their identity. In addition, if a complaint or inquiry regarding personal information is received, the content will be promptly investigated, and an appropriate response will be implemented.

However, in some cases, all or part of the information may not be disclosed if it falls under any of the following:

If there is a risk of harming the life, body, property, or other rights and interests of the customer or a third party.
If there is a significant risk of hindering the proper execution of the Company’s business.
If it would violate other laws and regulations.

10. Contact Information

For questions regarding this Policy or inquiries about personal information, please contact the following consulting desk.
MINKABU THE INFONOID, Inc.　
Personal Information Consultation Desk
Tokyo Shiodome Building, 6^th Floor, 1-9-1 Higashi-Shinbashi, Minato-ku, Tokyo
privacy@minkabu.co.jp

11. Continuous Improvemnt

The Company Group will inspect the status of its personal information protection management system, conduct regular audits, maintain it, and continuously improve it to enhance the level of personal information protection.

12. Revisions to this Privacy Policy

The Company Group may revise this Policy to protect customers’ personal information and to comply with changes in laws and other norms.

However, “5. Purposes of Use of Personal Information” is an exception. In the event of a revision, a notification will be posted within the Company’s Services.

Established on October 30, 2007
Revised June 10, 2008
Revised March 25, 2019
Revised February 8, 2021
Revised March 1, 2021
Revised July 5, 2021
Revised October 27, 2021
Revised June 1, 2022
Revised June 16, 2023
Revised December 11, 2023
Revised June 25,2024
Revised September 13,2024
Revised October 1, 2024
Revised April 1, 2025
Revised October 1, 2025

MINKABU THE INFONOID, Inc.
Masayuki Ban, Representative Director and President
Protection of Personal Information Management

About protection of personal information of shareholders

MINKABU THE INFONOID, Inc. (hereinafter referred to as “the Company”) uses personal information (name, address, number of shares held, etc.) of shareholders for the exercise of shareholders’ rights under the Companies Act, and to fulfill the obligations of the Company under the Companies Act and other related laws and regulations, and to carry out our business smoothly.

The Company handles the personal information of shareholders appropriately in compliance with the Personal Information Protection Law, the Companies Act, and other related laws and regulations.

Purpose of use of personal information of shareholders

The Company uses the personal information of shareholders collected directly or indirectly through the Administrator of Shareholders’ Register, for the following purposes.

① For exercising rights and fulfilling obligations based on the Companies Act.
② To provide various benefits from our company regarding status as a shareholder.
③ To implement various measures to facilitate the relationship between shareholders and the Company.
④ For shareholder management, such as creating shareholder data based on prescribed standards based on various laws and regulations.

Inquiries regarding shareholder information

Mitsubishi UFJ Trust and Banking, the Administrator of Shareholders’ Register of the Company, accepts inquiries regarding general stock affairs, such as the contents of the shareholder registry.

4-5 Marunouchi 1-chome, Chiyoda-ku, Tokyo
Securities Agency Department, Mitsubishi UFJ Trust and Banking Corporation
Telephone　0120-232-711 (toll-free number)

FOR Residents of the EEA or the United Kingdom

This policy supplements our Privacy Policy to comply with the EU General Data Protection Regulation (“EU GDPR”) and the UK national law that applies the same content as the EU GDPR with necessary modifications (“UK GDPR”). It applies to residents of the EEA or the United Kingdom. In this GDPR Policy, “personal data” refers to personal data as defined in the EU GDPR and UK GDPR.

1. Legal Basis for Processing Personal Data

The Company processes personal data based on the following legal bases, to the extent that they do not conflict with applicable laws:

Contract: When necessary for the conclusion or performance of a contract with the Company.
Legal Obligation: When necessary to comply with a legal obligation (limited to obligations under EU law or the laws of an EEA member state if the customer resides in the EEA, and under UK law if the customer resides in the UK).
Legitimate Interests: When necessary for the realization of legitimate interests pursued by the Company or a third party, and where the interests or fundamental rights of the individual do not override them.
Consent: When there is consent for the processing of personal data (although personal data may be processed based on other legal bases even with consent). Withdrawal of consent does not affect the legality of processing performed based on consent before its withdrawal.

The legal basis for each personal data processing purpose is as follows in the provided table.

Categories of personal data	Purpose of process	Lawfulness
Name, Date of birth, Gender, Address, Email address, Telephone number, Company name, Information regarding payment for paid content, ID, Password, Answers to questionnaires, Identification documents submitted for identity verification.	Processing and management of accounts and payments related to the Company’s Services requested or used by the customer, as well as handling customer complaints. This includes managing the relationship between the customer and the Company, processing orders placed by the customer, and collecting payments from the customer. It also includes making payments to subcontractors in relation to the Company’s Services requested or used by the customer.	・For the performance of a contract to which the customer is a party ・Our legitimate interests in reviewing and responding to communications and inquiries submitted by the customer, and in providing the customer with information relating to the services requested
Name, Date of birth, Gender, Address, Identification number (specifically, copies of documents such as driver’s licenses or passports)	To verify the identity of the customer or their authorized representative.	・To comply with a legal obligation to which we are subject ・Our legitimate interests in conducting identity verification and other necessary measures to comply with applicable regulations on information distribution platforms
Personally identifiable information, details of qualifications and academic background, resumes (CVs), application documents, letters of recommendation, candidate evaluations (including interview notes and video recordings), right-to-work information, and information regarding skills, experience, and education	To respond to recruitment and hiring inquiries, and to improve our recruitment processes and activities.	・To manage our contractual relationship with the customer, or to consider the conclusion of an employment contract with the customer ・Our legitimate interests in maintaining our global reputation as a major employer, and in complying with certain labor and social security law obligations in specific countries (including Japan), such as the performance of right-to-work checks ・To comply with a legal obligation to which we are subject
Name, email address, age, occupation, gender, hobbies	To customize the information on the Company’s Services, the Service itself, and advertising delivery according to the customer’s attributes	・For the performance of a contract to which the customer is a party ・Our legitimate interests in customizing the information provided on the service, the service itself, and the delivery of advertising ・Consent of the data subject
Name, email address, phone number, fax number, company name	To use for marketing activities (including conducting surveys and questionnaires), data analytics, and the research and development of the Company’s Services	・Our legitimate interests in marketing, data analytics, and the research and development of the Company’s Services
Name, date of birth, gender, address, email address, phone number, fac number, company name	To send communications regarding products, services, events, and seminars offered by our company, our group companies, and affiliated partners through postal mail, telephone, fax, email, and other communication channels	・The legitimate interests of our company or third parties in delivering product information and related communications ・Consent of the data subject
Information related to access to our services, IP address, browser software used, top-level domain name used, pages visited on the website (i.e., URLs visited), the address of the website visited prior to accessing our services (including search terms used), clickstream data showing visitor traffic through the website, and the date and time of website access	Our legitimate interests in improving the convenience of the Company’s Services by measuring the effectiveness of our promotions and understanding customer usage patterns. This includes: (i) data analysis and analytics aimed at validating, managing, and improving the website; (ii) use by our company and our domestic group companies for operating, managing, improving, and enhancing services, as well as developing new services; (iii) monitoring metrics such as total visitor counts and traffic data; and (iv) ensuring that website content is presented in the most effective way for customers, thereby enhancing the usability of the website.	・Our legitimate interests in delivering and sustaining the Company’s Services by utilizing essential cookies ・The data subject’s consent to the processing of cookies that are not essential, including those related to performance, functionality, and targeting/advertising ※Important: Users of the Company’s Services are requested to read our Cookie Policy.
The personal information described in “3. Personal Information to be Acquired”.	For the purposes of mergers, sales, transfers of our assets, investments, acquisitions, bankruptcy, or similar corporate transactions, and as necessary to manage shareholders or to provide related notices required by applicable laws and regulations	Our legitimate interests in safeguarding and expanding our business
The personal information described in “3. Personal Information to be Acquired”.	To perform financial accounting functions, including tax reporting, in order to comply with applicable laws and accounting standards adhered to by our company	・Compliance with relevant legal obligations, including but not limited to tax reporting requirements ・Our legitimate interests in ensuring compliance with applicable laws and regulations in specific countries, including Japan
The personal information described in “3. Personal Information to be Acquired”.	To protect the rights of our customers	・Compliance with relevant legal obligations, including applicable data protection and privacy laws ・Our legitimate interests in acting to advance and safeguard our business interests

2. Recipients of Personal Data

Recipients to whom the Company may disclose personal data include the following:

(1) Employees: Employees of the Company who have the authority and need to access personal data.
(2) Group Companies: The Company’s group companies.
(3) Service Providers: The Company may disclose personal data to providers of specific services, such as IT service providers (data server and cloud service providers) and legal advisors.
(4) Legal Proceedings and Security: The Company may disclose personal data to government regulatory authorities in compliance with applicable laws. The Company may also disclose personal data to third parties, such as courts or other public bodies, when required by applicable laws (e.g., laws related to claims, disputes, and legal proceedings), when such disclosure is necessary to protect the health and safety of the customer or others, or when necessary to exercise the Company’s legal rights or enforce the customer’s contractual obligations.
(5) Business Transfer: Personal data may be disclosed in connection with corporate transactions such as mergers, acquisitions, company splits, business transfers, joint ventures, financing, or the sale of company assets, or in preparation for such transactions, and may be transferred to a third party as one of the business assets in these transactions. Personal data may also be disclosed in cases of bankruptcy, insolvency, or receivership.

3．Retention of Personal Data

Unless otherwise specified by applicable laws, personal data held by the Company will be retained only for the period necessary for the processing of that personal data.

4. Your Rights

Customers can exercise the following rights regarding their personal data held by the Company. These rights may not be absolute and may depend on the reason for processing personal data in specific situations.

The right to obtain information regarding the processing of personal data and the personal data held by the Company.
The rights to request the correction of inaccurate or incomplete personal data.
The right to request the erasure of personal data under the following circumstances:
1. When the personal data is no longer necessary for the purpose for which it was collected.
2. When the processing of personal data was based solely on consent, and that consent has been withdrawn.
3. When the customer objects to the processing of personal data based on legitimate interests, and the individual’s rights and interests or freedoms override those legitimate interests.
4. When the personal data has been processed unlawfully.
5. When the personal data must be erased to comply with a legal obligation (limited to obligations under EU law or the laws of an EEA member state if the customer resides in the EEA, and under UK law if the customer resides in the UK).
The right to request the restriction of processing of personal data under the following circumstances:
1. hen the accuracy of the personal data is contested (only for the period necessary for the Company to verify its accuracy).
2. When the personal data has been processed unlawfully, and the customer objects to the erasure of the personal data and requests the restriction of its use instead.
3. When the personal data is no longer needed for purposes other than the establishment, exercise, or defense of legal claims.
4. When the customer has objected to the processing of personal data based on legitimate interests (only for the period necessary to determine whether the customer’s rights and interests or freedoms override those legitimate interests).
The right to object to the Company’s processing of personal data.
The right to receive personal data processed by the Company based on consent or a contract in a structured, commonly used, and machine-readable format, and to request that the Company transfer the personal data to another person if technically feasible (both rights are limited to personal data related to the individual that has been provided to the Company).
The right to withdraw consent for the processing of personal data at any time (however, personal data may be processed based on legal grounds other than consent).

These rights can be exercised by contacting the Company through the personal information consultation desk described in section 10 of this Policy.

Furthermore, if you believe that your rights as an individual have been violated by the Company, you can file a complaint with the supervisory authority for personal data protection.

However, the Company would appreciate the opportunity to address your concerns before you file a complaint with the supervisory authority in your area. Therefore, we would be grateful if you would contact our personal information consultation desk first.

5. Cross-border Transfers Outside the EEA and the UK

The Company may transfer personal data to third parties in countries outside the EEA and the UK. Specifically, personal data may be transferred to third parties located in countries, including Japan, that have been determined by the European Commission to ensure an adequate level of data protection. In addition, when transferring personal data to third parties located in other countries, the Company will conclude Standard Contractual Clauses with the transferee in accordance with the provisions of the EU GDPR or UK GDPR before transferring the personal data. For more detailed information or information on the measures that can be taken, please contact the Company’s personal information consultation desk.