The Company will treat the personal information in providing services related to secondhand articles business in accordance with this Treatment of Personal Information in Secondhand Articles Business.

1. （1）Purposes of Use of Personal Information
2. 1. Customer support such as responses to inquiries from customers, introduction of procedures, and provision of information related to secondhand articles businesses
3. 2. To determine whether secondhand articles transactions are acceptable and to manage transaction statuses after conclusion of the relevant contract
4. 3. To assess secondhand articles and to confirm customers’ identities
5. 4. To prevent illegal transactions
6. 5. Advertisements, promotion
7. 6. Marketing research and analysis
8. 7. To prepare statistics for business analysis and to use results of analysis
9. 8. Improvement, research, and development of services
10. 9. Other operations required for secondhand articles business, including responses in accordance with laws and regulations

When the Company intends to use any personal information for the purposes other than above, the Company will identify the purposes of use thereof and obtain the relevant customer’s prior consent each time.

The Company will not change any purpose of use beyond the scope that is reasonably deemed to have considerable relation with the existing purpose of use.

1. （2）Personal information used in secondhand articles businesses
2. The Company will collect and use the following personal information for the purposes stipulated in (1) Purposes of use of personal information.
3. Personal information of applicants and others
4. Name, birthdate, gender, address, occupation, relationship, contact point, telephone number, electronic mail address, and other information required to conduct secondhand articles transactions or provide various services

The Company may share any personal data as follows:

1. a. The parties who share personal information with the Company
2. SoftBank Corp.
   Group companies of the Company
3. b. Personal data to be shared
4. Name, e-mail address, basic information of an enterprise (address, telephone number, facsimile number, etc.), and all other personal data acquired through the services related to the secondhand articles business
5. c. Purposes of shared use
6. Marketing research and analysis, and other purposes stated in 1 “Purposes of Use of Personal Information” above
7. d. Protection Manager of shared personal information
8. Chief Information Security Officer of the Company

1. （1）The Company may provide a customer’s personal data to a client, sales partner, or other business partners (hereinafter “Business Partner”) within the scope required for the purposes of customer support and of giving notices, planning, development, and provision of products, services, campaigns, events, seminars, and/or questionnaires by Business Partners.
2. （2）The Company may provide a customer’s personal data to a partner company within the scope required for the purposes of planning, development, and provision of services partnered with such partner company.
3. （3）The Company may provide a customer’s personal data to an ad platform provider within the scope required for the purposes of giving notices to customers of and/or analysis of products, services, campaigns, events, seminars, and/or questionnaires of the Company or other companies.
4. （4）The Company may provide personal information treated by the Company to a third party in accordance with the provisions of the Act on Protection of Personal Information, Secondhand Article Business Act (Act No. 108 of 1949), and other laws and regulations. The Company may also provide personal information of the customer who wishes to conduct a secondhand articles transaction (name, address, birthdate, telephone number, etc.) to the police agency if the Company suspects that the secondhand article it treats is stolen property.

1. The Company has implemented the following measures for security management of personal data.
2. （1）Establishment of basic policies
   The Company has established the Action Guide for Protection of Personal Information and the Information Security Policy as the basic policies to secure appropriate treatment of personal data. The Company will continuously review and improve these basic policies and each of the following actions:
3. （2）Preparation of the regulations pertaining to treatment of personal data
   Based on the basic policies, the Company has prepared the internal regulations that stipulates definitive measures pertaining to treatment and management systems for the collection, use, processing, storage, provision, deletion, and correction of personal data and has made them clear inside the Company.
4. （3）Organizational security control measures
   The Company has clearly defined a person responsible for treatment of personal data and the roles, responsibilities, and authorities. The Company is also continuously and systematically implementing reviews, supervision and audits of management, and external audits pertaining to treatment status of personal data.
5. （4）Human security control measures
   The Company has prepared learning materials pertaining to the protection of personal information, has distributed the same to all employees, and is executing training at least once a year for all employees who treat personal information. In concluding outsourcing contracts, the Company is sufficiently checking the eligibility of contractors, and is including in such contracts the terms and conditions necessary for ensuring the security control systems similar to that of the Company. The Company is also working for appropriate supervision, including monitoring, review of contractors, and enhancement of outsourcing contracts.
6. （5）Physical and technical security control measures
   The Company is implementing the necessary and appropriate measures to control the safety of personal data, including work in a security area, control and restriction of access to personal data, restriction of taking out of personal data, and measures to prevent wrong access from the outside.
7. （6）Understanding of external environment
   When the Company uses, stores, or provides personal data in a foreign country, the Company publishes or provides information in appropriate ways understanding the systems pertaining to the protection of personal information in the relevant foreign country.

1. （1）In the event that the Company is requested by a customer to notify the purposes of use of, or disclose, correct, or suspend the use of the personal data (hereinafter “Disclosure of Personal Information”) that the Company received from such customer, the Company will promptly respond to such request in accordance with the relevant laws and regulations. Provided, however, the Company may claim the charge within a reasonable extent taking the actual cost into account in responding to such request.
2. （2）With regard to any inquiry concerning Disclosure of Personal Information, which the Company received from the customer and complaint about treatment of the said personal information, please present the same to the following contact point.

Personal Information Inquiries

・This Treatment of Personal Information in Secondhand Articles Business is in force as of August 1, 2014.

・Revised as of April 1, 2022.