Terms & Policies
JapanPrivacy Policy (Japan Addendum)
Last updated: 24 February 2025 (日本語版は、以下のPDFをダウンロードしてください)
Jurisdiction specific
Some jurisdictions’ laws contain additional terms for users of the Services, which are set out in this section. If you are a customer of Airwallex entity located in one of the jurisdictions below, the terms set out below under the name of your jurisdiction apply to you in addition to the terms set out in our Policy above.
Hereunder, we refer to our Users as “you”, “Users” or “Merchants”.
1. About Us:
Airwallex Japan K.K. (hereinafter referred to as "the Company", “we” or “us”).
2. Definitions:
The term "personal information" in this policy is defined in section 3, "Types of Personal Data We Use." It includes personal information, personal identification codes, and personal-related information, and may, in some cases, include sensitive information and specific personal information.
3. Handling of Sensitive Information and Specific Personal Information:
Acquisition and Use: We will not acquire, use, or provide to third parties sensitive (sensory) information, as defined in Article 5, Paragraph 1 of the Guidelines for Personal Information Protection in the Financial Field, except in the following cases:
Based on laws and regulations
When disclosure of information is necessary for the investigation of service misuse or criminal investigations, to credit card companies, financial institutions, and settlement agencies affiliated with the Company
When necessary for the protection of life, body, or property of individuals
When specifically required for the improvement of public health or the promotion of the healthy development of children
When cooperation is necessary for government agencies, local public bodies, or those commissioned by them to perform duties specified by law
When acquiring, using, or providing sensitive information of employees related to membership or affiliation with organizations such as political or religious groups or labor unions, to the extent necessary for the performance of withholding tax affairs, etc.
When acquiring, using, or providing sensitive information in the necessary scope for the execution of rights and obligations transfer procedures, such as inheritance proceedings
When using biometric information corresponding to sensitive (sensory) information with the consent of the individual, based on the individual's confirmation
Specific Personal Information: We will not acquire, use, or provide specific personal information for purposes other than obtaining and using it for customer identification under the Act on Submission of Records concerning Overseas Remittances, etc., for the proper taxation of domestic taxes.
4. Providing Personal Information to Third Parties:
Refer to "5. Transfer and Storage – Sharing and Disclosure of Information" regarding the provision of personal information to third parties. Except as provided below, we will not provide personal information to third parties without obtaining prior consent. Additionally, under the Personal Information Protection Law, providing to delegated parties, business successors, or joint users within the scope of the purpose of use does not constitute third-party provision.
Exceptions include:
Based on laws and regulations
When necessary for the protection of life, body, or property of individuals
When specifically necessary for the improvement of public health or the promotion of the healthy development of children
When it is necessary to cooperate with government agencies or local public bodies or those commissioned by them to perform duties specified by law
When the third party is an academic research institution, and it is necessary for the third party to handle the personal data for academic research purposes (excluding cases where handling some of the personal data for academic research purposes may unduly infringe on the rights and interests of individuals).
5. Joint Use:
We will jointly use customer's personal information with Airwallex's group companies listed as "2. Data Managers" for the purposes specified in "4. Purpose of Use of Customer's Personal Information" outlined in this policy.
The person in charge of management is the representative of the Company. Refer to "I. About Us" for details.
6. Cross-Border Transfer
In accordance with this policy, we may transfer your information overseas to joint users, delegated parties, or overseas third parties based on your consent. For the names of Airwallex's delegated or sub-delegated entities or third-party providers and their respective countries of location, please refer to this link.
we provides customer's personal information to third parties in the following countries. Information regarding the protection of personal information in these foreign countries is as follows:
Provide details about the protection of personal information in the specified foreign countries.
GDPR (General Data Protection Regulation) Covered Countries and the United Kingdom The GDPR (General Data Protection Regulation) is applicable to countries within the European Union (EU) and the United Kingdom. Japan is designated as a country with a system for the protection of personal information that is recognized by the Personal Information Protection Commission as having an equivalent level of protection to that of Japan. This designation is based on the system for protecting personal information, as specified in the notifications No. 1 and No. 5 of the Personal Information Protection Commission in the 31st year of Heisei (Reference: Heisei 31 Personal Information Protection Commission Notification No. 1). UK Belgium Netherlands Iceland |
Countries and Regions Certified for Adequacy under Article 45 of the GDPR Countries and regions that have obtained certification for adequacy under Article 45 of the GDPR (General Data Protection Regulation) refer to those recognized by the European Commission as having a sufficient level of data protection based on the GDPR. (Reference: Personal Information Protection Commission) |
EU Adequacy (Reference: European Comission Adequacy decision) |
APEC CBPR System member countries/regions (Having laws in compliance with the APEC Privacy Framework) The APEC CBPR System member countries/regions adhere to laws in compliance with the APEC Privacy Framework. As a prerequisite for participating in the APEC CBPR System, it is required that these countries/regions have laws in compliance with the APEC Privacy Framework. The framework also stipulates that the enforcement authority has the power to investigate and rectify complaints or issues that cannot be resolved by businesses certified under the CBPR or by Accountability Agents. Therefore, in economies participating in the APEC CBPR System, including our country, it is reasonable to assume that they have laws aligned with the APEC Privacy Framework and an enforcement authority to implement these laws. Consequently, a generally equivalent level of protection for personal information can be expected as in our country. |
Businesses Subject to the OECD Privacy Guidelines Eight Principles Businesses or entities adhering to the eight principles of the OECD Privacy Guidelines have specific obligations or rights of individuals established. It should be noted that each operator located in the countries or regions below, as service providers, handles personal information within the scope of the tasks entrusted to them by our company. They comply with applicable local laws and have implemented all measures in accordance with the eight principles of the OECD Privacy Guidelines. |
7. Request Procedure for Information on Cross-Border Transfers
In cases where we provide personal data to entities that have established a system in compliance with the standards set forth in the Personal Information Protection Commission regulations, we will take necessary measures to ensure the continuous implementation of measures equivalent to those required by the handling of personal data by personal information handling businesses ("equivalent measures"). Customers can request information from us regarding the necessary measures implemented.
8. Regarding the Storage Period
The period for which we retain your personal data in Japan will be a minimum of 10 years.
9. Procedures for Disclosure, Correction, and Suspension of Personal Information Usage, etc.
Correction, Addition, Deletion:
In the event that the information held by weregarding a customer's personal information is found to be inaccurate, we will, upon confirmation that the request is made by the individual concerned, promptly conduct the necessary investigation within the scope required to achieve the purpose of use. Based on the results, corrections, additions, or deletions (hereinafter referred to as "corrections, etc.") to the content of personal information will be made.
Usage Suspension:
If weis requested to suspend or delete the use of personal information (hereinafter referred to as "usage suspension, etc.") due to reasons such as exceeding the scope of the initially disclosed purpose of use, acquisition through fraudulent means, inappropriate use, no longer necessary for our company's use, significant leakage requiring reporting to the Personal Information Protection Commission, or any other reason where the rights or legitimate interests of the individual may be harmed by the handling of personally identifiable information, we will promptly conduct the necessary investigation based on the results, and implement the suspension or deletion of personal information usage or the suspension of provision (hereinafter referred to as "provision suspension").
Request Procedures:
If you wish to make a request for the disclosure, correction, addition, deletion, usage suspension, deletion, or suspension of third-party provision of personal information as described above, please follow the procedures outlined in Procedure for Requesting Disclosure, Correction, Suspension of Use, etc. of Personal Information section. Please note that in cases where weis not obligated by the Personal Information Protection Law or other applicable laws to perform corrections, usage suspension, or provision suspension, we may not be obliged to fulfill requests from customers, and we ask for your understanding in advance.
10. Joint Use of Merchant Information
Merchant Information Exchange System
The Japan Credit Association (hereinafter referred to as the "Association") has obtained certification from the Minister of Economy, Trade, and Industry based on the provisions of Article 35-18 of the Installment Sales Act. As part of its certified activities, the Association collects, organizes, and provides necessary information to protect the interests of users (credit users), conducted at the JDM Center (hereinafter referred to as the "JDM Center").
Reporting and Use of Collected Information by Member Companies
Members of the Merchant Information Exchange System (hereinafter referred to as "JDM Members"), operating under the Installment Sales Act, collect and use the information specified in "3. (2) Contents of Shared Information" for purposes such as evaluating merchant applications, conducting merchant surveys after contract formation, taking measures related to merchants, and assessing ongoing transactions. This information is reported to the JDM Center and is jointly used by JDM Members.
Purpose of Joint Use
The joint use of merchant information aims to enhance the accuracy of merchant contract evaluations and ongoing reviews for JDM Members by reporting information related to acts lacking in the protection of users by merchants (including suspected acts and acts where determining their applicability is difficult). Additionally, it aims to facilitate the appropriate management of credit card numbers and prevent unauthorized use, contributing to the sound development of credit transactions and consumer protection.
Content of Shared Information
Facts and reasons for investigations necessary for processing complaints related to individual credit purchase solicitation transactions by the respective merchants.
Facts and reasons for the cancellation of individual credit purchase solicitation contracts due to acts lacking in the protection of users in the course of business by JDM Members.
Facts and reasons for investigations necessary for ensuring the appropriate management of credit card numbers by merchants in credit card number handling contracts.
Facts and reasons for measures taken by JDM Members against merchants, which do not comply or may not comply with the standards set by the Installment Sales Act, concerning the appropriate management of credit card numbers in credit card number handling contracts (including contract cancellations).
Objective information regarding acts that lack protection for users, including acts suspected or unable to be determined as such, which may cause undue damage to JDM Members and users.
Information about acts by merchants that hinder the proper management of credit card numbers.
Information collected by the JDM Center regarding facts and content published by administrative agencies (information related to violations or potential violations of laws such as the Specific Commercial Transactions Act).
Other information related to acts that lack protection for users.
The following information is excluded from the above:
Name, address, phone number, and date of birth of the respective merchant concerning the above point 6. However, for information where determining whether the act has occurred is difficult, excluding the name and date of birth (or the representative's name and date of birth for corporations).
Retention Period
The information mentioned in (2) above will be retained for a period not exceeding five years from the registration date (or completion of measures corresponding to (4) and registration date of contract cancellation).
Scope of Joint Users of Merchant Information
Members of the Association who are also JDM Members, inclusive credit purchase solicitation businesses, individual credit purchase solicitation businesses, credit card number handling contract signing businesses, and the JDM Center.
Inquiries and Disclosure Procedures
For inquiries and disclosure procedures related to the Merchant Information Exchange System, please contact the JDM Center at the following address:
Operating Officer
Japan Credit Association, Merchant Information Exchange Center (JDM Center)
Address: 14-1 Nihonbashi Koami-cho, Chuo-ku, Tokyo, Jussei Nihonbashi Koami-cho Building
Representative Director: Tetsuo Matsui
Phone Number: 03-5643-0011 (Main)
Procedure for Requesting Disclosure, Correction, Suspension of Use, etc. of Personal Information
For requests related to the personal information we have collected from you, such as:
Request for notification of purpose of use
Request for disclosure or inquisition of the information
Request for correction, addition, or deletion (in case of inaccurate personal information)
Request for suspension of use or third-party provision (in cases of unauthorized use, inappropriate use, or acquisition through fraudulent means, etc.) (hereinafter collectively referred to as "requests"),
Please follow the procedure below:
Documents to be submitted to the Company
Personal Information Disclosure, Correction, Suspension of Use, etc. Request Form
Personal identification documents (copy of any one of the following):
Driver's license (both front and back)
My Number Card
Health insurance certificate (both front and back)
Passport and resident registration original copy
Pension book
Residence card or Special Permanent Resident Certificate (Foreign Resident Registration Certificate)
Submission Method
Please send the documents mentioned in the previous section (1) and (2) to the following our contact via email or postal mail:
ourContact
Airwallex Japan Co., Ltd.
Personal Information Consultation Desk
E-mail: [email protected]
Address: 2-14-4 the ARGYLE aoyama 6F (WeWork), Kita-Aoyama, Minato-ku, Tokyo
If a Representative is Making the Request
If a representative is making the request on behalf of the data subject, in addition to the documents mentioned in (1) and (2) above, please include the following documents related to the representative:
Representative's personal identification document (copy of any one of the listed documents)
Power of attorney and seal certificate for optional representatives
Documents proving the representative's status, such as a family register copy or health insurance certificate for legal representatives (parents, etc.), in the case of a legal representative
Copies of documents such as a certificate of registered matters and a copy of a family court judgment for representatives of adult wardens
Fees for Disclosure and Notification of Purpose of Use
For requests for disclosure and notification of the purpose of use of personal information, a fee of 1,000 yen per request will be charged. Please transfer the fee to the bank account that we will inform you of separately. The transfer fee is the responsibility of the requester. If the fee is insufficient, we will notify you, and if payment is not made within the specified period, we will consider the request for disclosure and notification of the purpose of use as not received.
Company's Response Method
We will generally respond via email, but if the requester has a different preference, we will respond by postal mail.
Use Purposes of Personal Information Obtained for Disclosure, etc. Requests
Personal information obtained for disclosure requests will be handled within the necessary scope, and after the response to the request is completed, it will be appropriately managed and disposed of. The submitted documents will not be returned.
Reasons for Non-Disclosure of Personal Information
We cannot respond to requests for disclosure, etc., in the following cases. If non-disclosure is determined, we will inform you of the decision and the reasons. Fees will be charged for non-disclosure and non-notification of the purpose of use.
There is a risk of harming the life, body, property, or other rights and interests of the individual or a third party.
There is a significant risk of significantly hindering the proper implementation of the personal information handling business of the personal information processor (the company).
It would violate other laws.
The prescribed request form is incomplete.
The required documents are insufficient.
The fee is insufficient.
Contact for Complaints Regarding the Handling of Held Personal Data by the Company
Airwallex Japan Co., Ltd.
Personal Information Consultation Desk
E-mail: [email protected]
Address: 2-14-4 the ARGYLE aoyama 6F (WeWork), Kita-Aoyama, Minato-ku, Tokyo