Privacy Policy

  1. Introduction

This Privacy Policy (hereinafter referred to as “this Policy”) has been established by Interbank HD Co., Ltd. (hereinafter referred to as “the Company”), the owner and operator of this website (hereinafter referred to as “this Website”), in accordance with Japanese data protection laws and regulations, including the Act on the Protection of Personal Information (Act No. 57 of 2003; hereinafter referred to as the “APPI”).

This Policy applies when you browse this Website or use the Company’s services. Please read this Policy carefully and ensure that you agree to its terms before using our services.

The Company recognises the importance of protecting your personal information (as defined under the APPI). This Policy sets out the basis on which the Company collects, retains, and uses your information, and reflects the Company’s commitment to protecting your personal information.

  1. Collection of Personal Information

The Company may collect your personal information in the following circumstances.

Circumstances of Collection

  • When you enter information into an online form on this Website
  • When you use our foreign currency exchange services at one of our physical stores
  • When you use our services online
  • When you make an enquiry or seek consultation with us
  • When you contact our customer service team by telephone, email, chat, or social media
  • When you participate in campaigns, surveys, or similar activities conducted by the Company
  • When you register to receive marketing communications from the Company

Automatic Collection of Information

The Company collects certain information about you by automated means:

  • Information collected via Cookies: Where you have opted to accept cookies, we collect information when you visit our website
  • Access Information: IP address, browser type, date and time of access, pages visited, etc.
  • Usage Data: Service usage history, transaction history, etc.

Information collected automatically is used for the following purposes:

  • Operation and management of the website, and troubleshooting
  • To deliver website content effectively
  • To maintain the security of our information and website
  • To improve our services and develop new services
  • To suggest information and services relevant to you

Collection of Information via Security Cameras

When you visit one of our physical stores, we may record footage of you via security cameras for the purposes of crime prevention and detection, and to maintain safety.

Legal Commentary:

Several important compliance points arise from this section:

  • Cookie consent: The policy states information is collected “where you have opted to accept cookies.” This opt-in framing is consistent with best practice under PPC guidance. However, the website should implement a compliant cookie consent banner that allows granular choice — particularly relevant if any third-party analytics or advertising cookies are deployed.
  • Automated processing: The collection of IP addresses, browsing behaviour, and transaction history constitutes personal information under the APPI where it can identify an individual. The Company should ensure these data types are captured in its Personal Information Protection Rules (個人情報保護規程).
  • Security camera footage: This is specifically addressed in PPC guidelines on the handling of personal information obtained through surveillance equipment. The Company should display appropriate signage at store entrances notifying visitors of CCTV recording, as required under APPI and PPC guidance. Retention periods for footage should also be defined in internal policy.
  • Foreign currency exchange context: Given the Company operates currency exchange services, transaction history and customer identity data will also be subject to AML/CFT obligations under the Act on Prevention of Transfer of Criminal Proceeds — this intersects significantly with the personal information collected at the store level.
  1. Types of Personal Information Collected

The personal information that the Company collects and handles includes the following:

  • Basic Information: Full name, nationality
  • Contact Information: Address, telephone number, email address
  • Identity Verification Information: Type and number of identity document, copy of identity document
  • Transaction Information: Bank account information, transaction details, transaction amounts, date and time of transactions
  • Other: Any other information required by law for the provision of foreign currency exchange services
  1. Sensitive Information

Except where permitted under applicable guidelines, the Company will not collect, use, or provide to third parties any sensitive information (being special care-required personal information, as well as information relating to trade union membership, family origin, registered domicile (honseki), health and medical information, and sexual life (excluding those items that fall within the category of special care-required personal information)).

The Company will handle sensitive information with particular care so as to ensure that it is not collected, used, or provided to third parties in an unauthorised manner.

  1. Purposes of Use of Personal Information

The Company uses your personal information for the following purposes.

Use Related to Service Provision

  • Provision of foreign currency exchange services and ancillary operations
  • Processing of your orders and provision of products and services
  • Identity verification and confirmation of transaction details
  • Responding to enquiries and consultations
  • Provision of customer support
  • Sending important notices relating to our services

Use Related to Performance of Contracts

  • Exercise of rights and fulfilment of obligations under contracts with you
  • Management and recovery of receivables owed by you

Use Related to Legal Compliance

  • Compliance with the Company’s legal and regulatory obligations
  • Crime prevention, anti-money laundering, and sanctions compliance
  • Identity verification and confirmation of the legitimacy of transactions
  • Cooperation with requests made by national or local government authorities pursuant to applicable laws and regulations

Use Related to Business Improvement

  • Enhancement of service quality and development of new services
  • Market research, data analysis, and statistical analysis
  • Understanding customer needs and providing optimal services

Use Related to Marketing (subject to your consent)

  • Provision of information regarding the Company’s services, products, campaigns, etc.
  • Distribution of newsletters and email magazines
  • Requests to participate in surveys and monitor studies
  • Suggestions of information and services tailored to your interests

Other Uses

  • Protection of the rights, property, and safety of the Company, customers, or third parties
  • Administration, operation, and improvement of this Website
  • Maintenance of security and prevention of unauthorised use
  1. Provision of Personal Information to Third Parties

The Company will not provide your personal information to third parties except in the following circumstances.

Provision Based on Legal Requirements

  • Where required by laws or regulations
  • Where necessary to protect the life, body, or property of a person, and where it is difficult to obtain your consent
  • Where particularly necessary for the improvement of public health or the promotion of the sound development of children, and where it is difficult to obtain your consent
  • Where it is necessary to cooperate with a national or local government authority, or a party entrusted by such authority, in the execution of duties prescribed by laws or regulations, and where obtaining your consent is likely to impede the execution of such duties

Where You Have Given Your Consent

Where we have received your explicit consent.

Provision in Connection with Outsourcing of Operations

When outsourcing the following operations, the Company may provide your personal information to the relevant contractors:

  • Payment processing service providers
  • Identity verification service providers
  • Anti-money laundering service providers
  • IT systems operation and maintenance providers
  • Customer support outsourcing providers
  • Delivery companies
  • Data analytics providers

The Company will enter into appropriate agreements with these contractors and will exercise necessary and appropriate supervision to ensure the secure management of personal information.

Provision in Connection with Business Succession

In the event that the Company’s business is succeeded as a result of a merger, company split, business transfer, or other such event, the Company may provide your personal information to the succeeding entity.

Other Provision

  • Where there is a legally valid disclosure request from law enforcement agencies, courts, or similar authorities
  • Where it is necessary to provide information to your authorised representative (such as a lawyer, judicial scrivener, or tax accountant)
  • Where, in considering the sale or purchase of the Company’s business assets, it is necessary to provide information to the prospective counterparty

Important: The Company will never sell your personal information.

  1. Provision to Third Parties in Foreign Countries

In order to provide our services, the Company may provide your personal information to third parties located in foreign countries. In such cases, the Company will take the following measures in accordance with the APPI:

  • Confirmation of the personal information protection framework in the relevant foreign country
  • Conclusion of agreements to ensure the appropriate handling of personal information by the recipient
  • Regular audits and oversight

For specific information regarding recipients located in foreign countries and details of the measures taken, please contact us using the contact details provided at the end of this Policy.

  1. Your Rights

Under the APPI, you have the following rights.

Right to Know the Purpose of Use

You may request disclosure of the purposes for which the Company uses your personal information that it holds.

Right to Receive Disclosure

You may request disclosure of your personal information held by the Company. However, disclosure may not be possible in the following circumstances:

  • Where there is a risk of harm to the life, body, property, or other rights and interests of you or a third party
  • Where there is a risk of significant impediment to the proper conduct of the Company’s business operations
  • Where disclosure would constitute a violation of laws or regulations

Right to Seek Correction, Addition, or Deletion

Where the content of your personal information held by the Company is inaccurate, you may request that it be corrected, supplemented, or deleted.

Right to Seek Suspension of Use

You may request the suspension of use, erasure, or cessation of third-party provision of your personal information in the following circumstances:

  • Where it is being handled beyond the scope of the stated purposes of use
  • Where it was obtained by improper means
  • Where it is being provided to third parties without your consent

Right to Withdraw Consent

Where the Company handles your personal information on the basis of your consent, you may withdraw that consent at any time. However, withdrawal of consent will not affect the lawfulness of any handling carried out prior to such withdrawal.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the details provided in the “Contact Us” section at the end of this Policy. The Company will verify your identity and respond appropriately.

Please note that a prescribed fee may be charged in connection with requests for disclosure or similar requests.

  1. Security Management Measures for Personal Information

The Company takes the following security management measures to appropriately manage your personal information and to prevent loss, destruction, falsification, leakage, and similar incidents.

Organisational Security Management Measures

  • Appointment of a Personal Information Protection Manager
  • Establishment of regulations governing the handling of personal information
  • Regular employee education and training on personal information protection
  • Regular inspection and auditing of the status of personal information handling

Human Resource Security Management Measures

  • Conclusion of confidentiality agreements with employees
  • Regular training on the handling of personal information
  • Management of access rights to personal information

Physical Security Management Measures

  • Access control to areas where personal information is handled
  • Locked storage management of documents, recording media, and similar items containing personal information
  • Prevention of theft and loss of equipment and recording media containing personal information

Technical Security Management Measures

  • Access controls for personal information (ID and password management)
  • Encryption of personal information
  • Installation of firewalls
  • Implementation of antivirus software
  • Monitoring for unauthorised access
  • Use of SSL/TLS encrypted communications

Please note that complete security cannot be guaranteed when transmitting information over the internet. We encourage you to take your own security precautions, such as managing your own ID and password carefully.

  1. Cookies

What are Cookies?

Cookies are small text files stored on your computer by a website. Cookies enable a website to recognise your browser and remember your visit history and preferences.

Purposes for Which the Company Uses Cookies

  • To improve your convenience (such as maintaining your logged-in status)
  • To analyse website usage
  • To improve website content and functionality
  • To provide information tailored to your interests
  • To measure the effectiveness of advertising

Managing Cookies

Most browsers are configured by default to automatically accept cookies; however, you can configure your browser to refuse cookies or to notify you when cookies are being sent. Please note that disabling cookies may cause some features of this Website to not function correctly.

Third-Party Cookies

This Website may use cookies provided by third parties (such as Google Analytics) for the purposes of access analysis and delivery of advertisements. With respect to the use of cookies by such third parties, please refer to the privacy policy of the relevant provider.

  1. Opting Out of Marketing Communications

You may opt out of receiving marketing communications from the Company (including by email, post, telephone, etc.).

If you do not wish to receive such communications, you may opt out using any of the following methods:

  • Clicking the unsubscribe link included in any email communication
  • Contacting us using the contact details provided below
  • Changing your settings via the My Page section of the Website

Please note that even if you opt out of receiving marketing communications, we may continue to send you important notices necessary for the provision of our services (such as transaction confirmations and notifications of changes to our terms and conditions).

  1. Retention Period for Personal Information

The Company will retain your personal information for the period necessary to achieve the purposes of use, and for any period during which retention is required by laws or regulations.

Factors Determining the Retention Period

  • Whether a contractual relationship exists and its duration
  • Statutory retention obligations (for example, the obligation to retain transaction records under the Act on Prevention of Transfer of Criminal Proceeds)
  • The nature and frequency of transactions with you
  • The need to respond to disputes
  • Other legitimate business necessity

Upon expiry of the applicable retention period, personal information will be promptly erased or anonymised.

  1. Contact Us

For any questions regarding this Policy, requests for disclosure of personal information, or any other enquiries, please contact us at:

Interbank HD Co., Ltd. — Personal Information Protection Manager

  • Address: 1-2-12 Nishi-Shinjuku, Shinjuku-ku, Tokyo 163-0690
  • Telephone: 03-5201-3970 (Reception hours: Weekdays, 9:00 AM – 6:00 PM)
  • Email: info@interbank.co.jp

We will verify your identity before responding appropriately to any enquiry received from you. In connection with requests for disclosure or similar requests, you may be required to submit a prescribed form.

  1. Changes to this Privacy Policy

The Company may amend this Policy from time to time in response to changes in laws or regulations, changes in the Company’s business operations, or other circumstances as necessary.

Any amended Privacy Policy will take effect from the time it is published on this Website. Where there are material changes, notice will be provided on this Website.

We recommend that you review this Policy periodically.

Established: 1 April 2024 Last revised: 14 November 2025

Interbank HD Co., Ltd. Representative Director: Go Sato