Legal Terms

Privacy Policy

Putting your trust first, MCM Fashion Group Japan K.K. (hereinafter “MCM Japan”) takes the following approach for handling your personal information and personal data (hereinafter collectively “Personal Information”). Please carefully read this Privacy Policy of MCM Japan to handle your information (hereinafter this “Policy”) so that you can understand this Policy and how MCM Japan applies this Policy and handles your information in accordance with this Policy. If you cannot consent to this Policy or application thereof, you cannot use this website. By accessing and using this website, you are deemed to consent to this Policy (subject to amendment from time to time). Further, by continuously using this website after this Policy is amended by MCM Japan, you are deemed to accept the amendment. Therefore, please confirm this Policy on a regular basis for any update.

1. Name, Address and Representative Name of MCM Japan

MCM Fashion Group Japan K.K.
8th Fl., Ginza Kyokai-do Building, 4-2-1 Ginza, Chuo-ku, Tokyo, Japan, 104-0061
Representative Director, Kim Moo Hyun

2. Appropriate Handling of Personal Information

In accordance with laws and regulations, guidelines and any other norms and internal rules applicable to handling of Personal Information, MCM Japan obtains, uses, provides and otherwise handles Personal Information to the extent appropriate and in an appropriate manner, makes efforts to protect Personal Information by establishing an appropriate security management system, and reviews its approach for the protection on a continuous basis to improve the same.

When obtaining Personal Information, MCM Japan announces or notifies the purposes to use the Personal Information (including by announcement through this Policy). Furthermore, when obtaining, using, providing or otherwise handling Personal Information, MCM Japan limits purposes thereof and does not handle the information for any other purpose.

3. Purpose to Use Personal Information

MCM Japan may use your Personal Information obtained for the purpose to dispatch products, introduce product information, lifestyle information, after-sales services and various preferential treatments, etc. (including sending information on products and promotional campaigns, etc. of other companies that MCM Japan carefully selects), identify you, respond to, record and manage consultations/inquiries from you, conduct survey by questionnaire for improving services, conduct marketing activities for planning and development of products and businesses (including delivery of e-mail newsletters and conducting of advertisement, campaign, event and sale, etc.), improve services offered on this website, analyze your use of this website and services provided by MCM Japan, develop new services, provide better services, conduct market research/analysis and a set of marketing research activities to achieve higher customer satisfaction level, process payment by credit card, and control selling products, etc.

4. Matters related to Security Management Measures

MCM Japan appropriately manages Personal Information and takes security management measures necessary to prevent Personal Information from being divulged, lost or falsified, etc. Internally educating its officers and employees for protection and appropriate handling of Personal Information, MCM Japan also specifies a period to hold Personal Information, etc. based on its purpose of use and destroys the information by an appropriate method upon the purpose is achieved.

5. Provision of Personal Information to Third Parties

MCM Japan provides no Personal Information to third parties other than the following cases; provided, however, that if MCM Japan provides a third party with Personal Information for joint use or outsourcing services, the provision shall not be deemed as disclosure or provision to a third party:
   1. when MCM Japan obtains your prior approval;
   2. when the provision is required by laws and regulations;
   3. when MCM Japan decides that your life, body or property is likely to be damaged;
   4. when the provision is requested by national government organs or local public agencies such as court and law enforcement; and
   5. when the provision to a provider of services for handing Personal Information who has executed a non-disclosure agreement with MCM Japan is necessary to achieve the above-mentioned purpose of use.

6. Joint Use of Personal Information

MCM Japan may use all items of Personal Information obtained from you (including name, address, phone number and e-mail address, etc.) to the extent of the purpose of use set forth in Section 3 jointly with MCM Japan’s affiliate companies. In such case, MCM Japan is fully responsible for management of Personal Information to be jointly used. Please refer to the following list for the affiliate companies:

Affiliate companies	Country or region where the affiliate company is located
MCM Fashion Group Ltd	Hong Kong
MCM Fashion Group Ltd. Taiwan Branch	Taiwan
MCM China Inc.	China
MCM Singapore Pte. Ltd.	Singapore
MCM Products AG	Switzerland
MCM Products AG. France Branch	France
MCM Products UK Ltd	United Kingdom
MCM Lederwaren & Accessoires GmbH	Germany
MCM Products USA Inc.	United State of America.
MCM Products Canada Inc.	Canada
MCM Korea	Republic of Korea

 

7. Outsourcing Services for Handling of Personal Information

When outsourcing services to process Personal Information held by MCM Japan, MCM Japan selects service providers in accordance with its internal rules on protection of Personal Information and ensures protection of the Personal Information by executing agreements on security management of the information with the service providers, and manages and oversees the service providers as necessary and appropriate.

8. Transfer to Outside Japan

MCM Japan may use Personal Information obtained from you jointly with MCM Japan’s affiliate companies located outside Japan as set forth in Section 6 or MCM Japan or any of the affiliate companies may outsource processing of your Personal Information in part to service providers located outside Japan. In such case, your Personal Information is to be transferred to third-party countries outside a country in which you reside. For the purpose to protect your Personal Information without fail, MCM Japan and the affiliate companies take appropriate security management measures and ensure protection of your Personal Information at the processing service providers and manage and oversee the providers as appropriate, in accordance with the applicable laws and regulations. All of the third parties (including affiliate companies) who receive personal information handle the information in compliance with GDPR. Please acknowledge the transfer of your Personal Information before using the services. Among the third-party countries to which your Personal Information may be transferred, the countries designated in Article 28 of the Act on the Protection of Personal Information as the “third parties located outside Japan” and details of their schemes are as follows:

・Commission to Proximity Insight LLC., Acquia Inc., and Wunderkind Corporation.

(1) United States of America
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has no comprehensive law or regulation for the scheme but as major laws specific to respective fields, it has the Electronic Communications Privacy Act, the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act and so on.
(ii) The country is a member country of CBPR scheme of APEC.
(iii) The country has no scheme likely to have a material effect on the rights and interests of a data subject.

・Commission to SAP Korea Ltd
(1) Republic of Korea
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Personal Information Protection Act as a comprehensive law for protection of personal information.
(ii) The country is a member country of CBPR scheme of APEC.
(iii) The country has no scheme likely to have a material effect on any rights and interests of a data subject.

・Commission to Salesforce.com Singapore Pte Ltd.
(1) Singapore
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Personal Data Protection Act as a comprehensive law for protection of personal information.
(ii) The country is a member country of CBPR Scheme of APEC.
(iii) The country has the Code of Criminal Procedure as a scheme likely to have a material effect on the rights and interest of a data subject in the following respects.
- If a police officer who has a position at or higher than a certain level deems it necessary to investigate, interrogate, try or execute procedures under the Code of Criminal Procedure, the police officer is entitled to issue a “written order” requiring provision of information or access to such information.
- With respect to access to personal information held by a business operator under the said Act, for instance, there are no provisions for (i) approval from an independent agency for making the access, (ii) restrictions on handling/security management of information obtained, (iii) ensuring transparency on making the access, or (iv) restrictions on schemes of overseeing, inspection or screening in order to secure legal compliance in making the access.

・Joint Use among MCM Japan’s Group Companies
・(Hong Kong)

(1) Hong Kong
(2) The information appropriately and reasonably obtained about the region’s scheme to protect personal information is as follows:
(i) The region has the Personal Data (Privacy) Ordinance as a comprehensive law for protection of personal information.
(ii) The obligations of business operators, etc. or the rights of a data subject in response to the OECD Privacy Guideline Eight Principles are set forth in the ordinance listed in the above (i).
(iii) The region has the Hong Kong National Security Law as a scheme likely to have a material effect on the rights and interest of a data subject in the following respects.
- When the national security department of the Hong Kong Special Administrative Region Police Force processes a criminal offense case which disturbed the national security, answers to questions and disclosure of information materials may be required.
- With respect to access to personal information held by a private business operator under the said Law, for instance, there are no provisions for (i) restrictions on handling/security management of information obtained, (ii) ensuring transparency on making the access or (iii) remedy for rights, etc. violated by illegal access.

・Taiwan
(1) Taiwan
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows. The country has the Personal Data Protection Act as a comprehensive law for protection of personal information.
(i) The country is a member country of CBPR Scheme of APEC.
(ii) The country has no scheme likely to have a material effect on the rights and interests of a data subject.

・China
(1) People’s Republic of China
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Personal Information Protection Law of People’s Republic of China as a comprehensive law for protection of personal information.
(ii) The obligations of business operators, etc. or the rights of a data subject in response to the OECD Privacy Guideline Eight Principles are set forth in the law listed in the above (i).
(iii) The scheme likely to have a material effect on the rights and interests of a data subject is as follows:
The Personal Information Protection Law, the Cyber Security Law of People’s Republic of China (hereinafter the “Cyber Security Law”) and the Data Security Law of People’s Republic of China (hereinafter the “Data Security Law”) set forth schemes for obligations to retain personal information intraregionally (including schemes to substantially impose obligations to retain personal information intraregionally by restricting transfer of personal information extraregionally).
- Since passing security inspections conducted by authorities may be required by these laws when transferring personal information extraregionally, there is a risk that a business operator cannot respond to a data subject’s demand for disclosure sufficiently. However, the obligations to retain personal information intraregionally under these laws may not be applied to personal information obtained through transfer from a business operator located outside the country.
- There are schemes under which business operators are required to cooperate with the government in its information gathering activities and the rights and interests of a data subject are likely to be materially affected as follows:

(i) Cyber Security Law
- The law requires network operators to provide technical support and cooperation to public security agencies and national security agencies in their activities for maintenance and protection of national safety and criminal investigation.
- With respect to access to personal information held by private business operators under the law, for instance, there are no provisions for the followings:
Restrictions on and procedures for making the access;
Making the access to the extent necessary to achieve the purposes specified by laws and regulations (or legitimate purposes not inconsistent with the above purposes);
Approval from independent agencies for making the access;
Restrictions on handling/security management of information obtained; and
Ensuring transparency on making the access

(ii) Data Security Law
- The law requires relevant organizations and individual persons to provide cooperation to public security agencies and national security agencies in their duties to inspect data as necessary for maintenance and protection of national safety and criminal investigation.
- With respect to access to personal information held by business operators under the law, for instance, there are no provisions for the followings:
Restrictions on making the access;
Making the access to the extent necessary to achieve the purposes specified by laws and regulations (or legitimate purposes not inconsistent with the above purposes); and
Ensuring transparency on making the access

(iii) National Intelligence Law of People’s Republic of China
- The law requires relevant institutions, organizations and citizens to provide support, assistance and cooperation to intelligence departments of public security agencies, national security agencies and military in their national intelligence activities as necessary.
- With respect to access to personal information held by business operators under the law, for instance, there are no provisions for the followings:
Restrictions on and procedures for making the access;
Making the access to the extent necessary to achieve the purposes specified by laws and regulations (or legitimate purposes not inconsistent with the above purposes);
Approval from independent agencies for making the access;
Restrictions on handling/security management of information obtained; and
Ensuring transparency on making the access

・Singapore
(1) Singapore
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Personal Data Protection Act as a comprehensive law for protection of personal information.
(ii) The country is a member country of CBPR Scheme of APEC.
(iii) The country has the Code of Criminal Procedure as a scheme likely to have a material effect on the rights and interest of a data subject in the following respects.
- If a police officer who has a position at or higher than a certain level deems it necessary to investigate, interrogate, try or execute procedures under the Code of Criminal Procedure, the police officer is entitled to issue a “written order” requiring provision of information or access to such information.
- With respect to access to personal information held by a business operator under the said Act, for instance, there are no provisions for (i) approval from an independent agency for making the access, (ii) restrictions on handling/security management of information obtained, (iii) ensuring transparency on making the access, or (iv) restrictions on schemes of overseeing, inspection or screening in order to secure legal compliance in making the access.

・Switzerland
(1) Swiss Confederation
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Federal Data Protection Act and the Regulations under Federal Data Protection Act as comprehensive laws and regulations.
(ii) The country is certified to achieve the adequate level of protection by EU.
(iii) The country has no scheme likely to have a material effect on the rights and interests of a data subject.

・United States of America
(1) United States of America
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has no comprehensive law or regulation for the scheme but as major laws specific to respective fields, it has the Electronic Communications Privacy Act, the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act and so on.
(ii) The country is a member country of CBPR scheme of APEC.
(iii) The country has no scheme likely to have a material effect on the rights and interests of a data subject.

・Canada
(1) Canada
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Personal Information Protection and Electronic Documents Act and the Privacy Act as comprehensive laws.
(ii) The country’s private sectors are certified to achieve the adequate level of protection by EU and the country is a member of CBPR Scheme of APEC.
(iii) The country has no scheme likely to have a material effect on the rights and interests of a data subject.

・Republic of Korea
(1) Republic of Korea
(2) The information appropriately and reasonably obtained about the country’s scheme to protect personal information is as follows:
(i) The country has the Personal Information Protection Act as a comprehensive law for protection of personal information.
(ii) The country is a member country of CBPR scheme of APEC.
(iii) The country has no scheme likely to have a material effect on any rights and interests of a data subject.

9. Information to be Obtained Offline

(1) MCM Japan may collect your Personal Information (including name, address, phone number, date of birth, nationality and e-mail address) by requesting you to fill out a customer card or any other document at a shop operated by MCM Japan. MCM Japan uses your Personal Information obtained as stated above solely for the purpose of use set forth in the above Section 3 in the manner which you approved in the customer card, etc. (e.g., giving notice by post or e-mail, etc. each time when MCM Japan uses your Personal Information).

(2) MCM Japan uses all of your Personal Information obtained as stated in (1) above (including name, address, phone number and e-mail address, etc.) jointly with department stores and shopping malls in which MCM Japan’s shops are located (hereinafter “Department Store, Etc.”). The purposes of such joint use are the purpose of use set forth in Section 3 and the one set forth by Department Store, Etc. In the case of joint use with Department Store, Etc., MCM Japan or Department Store, Etc. (please inquire at Department Store, Etc. for details) is responsible for management of your Personal Information to be jointly used (MCM Japan’s representative’s name is stated in the above Section 1). Department Store, Etc. which may use your Personal Information with MCM Japan is as follows:

• Hankyu Hanshin Department Stores, Inc.
• Mitsukoshi Isetan Co.,Ltd.
• Takashimaya Co.,Ltd.
• Mitsui Fudosan Retail Management Co., Ltd.

10. Personal Information of Minors

Even if you are under the age of 18, MCM Japan handles your Personal Information based on the appropriate security management measures taken by MCM for other customers. If you are under the age of 18, please make sure to obtain approval from your parent or guardian before providing your Personal Information to MCM Japan.

11. Amendment to Privacy Policy

MCM Japan may amend this Policy. In such case, as MCM Japan posts this Policy amended on this website, you are recommended to confirm this Policy posted on this website from time to time (especially each time when you use this website). If any important amendment is made to this Policy, MCM Japan notifies you of such amendment on its home page or at its shop in an easy-to-understand way.

12. Cookie

MCM Japan may use Cookie* on this website so that you can use conveniently the services customized for each of you. Cookie is set when you access or log in the page customized for you. MCM Japan also may use Cookie to collect information on tendency as a whole or pattern, etc. of viewing behavior of visitors of this website contained in Cookie or post advertisements. The information collected is used in order for MCM Japan or service-providing companies to which MCM Japan outsources research and analysis work or advertisement delivery to analyze access tendency and provide better services to you. Neither MCM Japan provides any information by which an individual person can be identified such as name to the service-providing companies nor the service-providing companies use the information collected for any purpose other than the research and analysis work or advertisement delivery.
*Cookie is a small text file to be sent to a user’s computer hard drive by a website in order to keep records. By using Cookie, for instance, when you visit this website again, you can use this website more usefully. As use of Cookie has become industry-standard, many websites use Cookie for the purpose to provide useful functions to users. Cookie is not a tool to violate your privacy or adversely affect your computer.
By using Cookie, the computer used by a user is identified but no personal information of the user is identified. If you prefer not to have any information about tendency as a whole or pattern, etc. of your viewing behavior on this website contained in Cookie collected, you can refuse to receive Cookie by setting so on a browser (Internet browser).

13. Request for Disclosure, Etc. of Personal Information

When receiving a request based on laws and regulations from you for notice of purpose of use of or for disclosure, correction, discontinuation of use or deletion, etc. of your Personal Information held by MCM Japan, MCM Japan responds to the request in accordance with the laws and regulations promptly after verifying your identity by the prescribed procedures; provided, however, that if the life, health or property, etc. of you or any third party is likely to be damaged, if MCM Japan’s business operation is materially interfered with or if any of the laws and regulations results in being violated, MCM Japan may not respond to the request in whole or in part. If you have any question about this Policy or exercise your right hereunder, please contact the customer service specified in the following Section 14.

14. Contact Information

MCM Japan receives inquiries about Personal Information at the following point of contact:

Ginza Kyokai-do Building 8th Fl., 4-2-1 Ginza, Chuo-ku, Tokyo, 104-0061, Japan
MCM Japan Online Store Customer Service
email：[email protected]
Hours for receiving inquiries: 09:00 to 18:00 on Monday through Friday (excluding national holidays and year-end and new-year holidays)
Generally, MCM Japan responds to each inquiry within 24 hours after receiving the same.