The FANCL Group (“FANCL Group,” “FANCL,” “the Company,” “we,” “our,” or “us”) is committed to ensuring that all personal information of individuals concerned is handled by our officers and employees under strict management, in compliance with the Act on the Protection of Personal Information and other relevant laws, regulations, and norms, with necessary security measures in place, in order to ensure that you can use our products and services with confidence. We will also work to maintain the secure management of personal information while striving for continual improvement.

The FANCL Group collects personal information through lawful and fair means. Apart from the automatically received information mentioned below (*), we generally do not collect personal information other than that provided directly from you. For individuals under the age of 16, we may request parental or guardian consent as necessary. In addition, we may collect information that falls under the category of “sensitive personal information” with your consent.
The FANCL Group collects personal information in the following circumstances:

1. Customers’ Personal Information
   • When customers purchase our products or services, register for FANCL ONLINE or other services, request information materials, make inquiries or consult with us, or otherwise use the services provided by the FANCL Group. (Please note that we record phone calls from customers to improve the quality of our call handling and to deliver products or services that impress customers.)
   • When customers participate in our monitoring programs, surveys, interviews, etc.
   • When customers apply for or participate in various projects, events, or campaigns organized by the FANCL Group.
2. Personal Information of Job Applicants and Former Employees
   • When applicants apply for our job openings or other recruitment opportunities.
   • When employees of the FANCL Group leave the Company.
3. Personal Information of Business Partners
   • When necessary for business negotiations, transactions, etc., with our business partners.

Basic Policy on Handling of Individual Numbers and Specific Personal Information

Automatically Received Information
FANCL receives and stores certain types of information each time you use the services on our website. For example, when you access our website, we receive certain information through Cookies, access logs, and other similar technologies.
We may store and reference our Cookies through the websites of agencies that we engage to serve advertisements on our behalf. Information collected through each service is not personally identifiable on its own, and will be managed in accordance with the privacy policies of the Company and such agencies.

・What are access logs?
Information on visitors to this website is recorded in the form of access logs.
Access logs include information related to Internet connections, such as information related to the use of our services, the URLs of the accessed pages, the time and date of the access, and information that identifies the browsers, but do not include personally identifiable information.

・What are Cookies?
Cookies are data files consisting of letters and numbers that are written to your computer through your web browser when you visit our website.
The information in the Cookies is encrypted using SSL. In addition, your personal information will not be written to the Cookies. Please rest assured that we will not in any way infringe upon your privacy.
If Cookies are disabled, you may not be able to fully utilize the functions of this website. Therefore, we kindly request that you enable Cookies when visiting our website.

The purposes of use and recipients of Cookies and access logs are as follows:
Purpose of use:Performing marketing analysis
Delivering advertisements
Improving the usability of our website
Enhancing the quality of our services (not limited to this website)
Displaying information deemed beneficial to each customer
Recipients:Adobe KK
Google Japan G.K.

FANCL uses personal information for the following purposes:

1. Customers’ Personal Information
   • Placing and receiving orders, shipping products, billing, and communicating with or responding to customers regarding transactions (including detecting fraudulent transactions, etc., and determining acceptance of customer orders and shipping feasibility)
   • Responding to inquiries and providing after-sales services
   • Drawing lots for, shipping products to, and contacting applicants for campaigns or other events
   • Providing FANCL services, including FANCL ONLINE and other individual services
   • Sending information on products, services, businesses, campaigns, events, and other relevant matters of the FANCL Group and the Kirin Group, including information magazines, brochures, direct mail, sample products, surveys, and other related materials
   • Providing information on products, advertisements, articles, and other relevant content tailored to the interests and preferences of each customer, based on the results of analysis of collected information including purchase history and behavioral history
   • Planning, developing, and improving the provision of products, services, and information, etc., of FANCL CORPORATION, the FANCL Group, and the Kirin Group
   • Improving the usability of the FANCL website
2. Personal Information of Job Applicants and Employees
   • Job applicants
     Considering and deciding on hiring.
     Managing prospective employees.
     Providing information on, or notifying applicants of, job information or other relevant matters.
     Considering recruitment activities.
   • Former employees
     Communicating with and responding to various inquiries from former employees after they have left the Company.
     Maintaining various records of former employees, including information about their duties, salary, and health during employment, creating personnel data, and managing other relevant information of former employees.
     Providing information and contacting former employees regarding alumni events.
3. Personal Information of Business Partners
   • Communicating with our business partners regarding business negotiations or transactions
   • Performing transactions with, providing services to, and fulfilling agreements with our business partners

Your personal information collected through proper means will be managed centrally and shared within the FANCL Group (including FANCL CORPORATION and ATTENIR CORPORATION) and the Kirin Group. If you make any changes to your registered information, your personal information across all relevant companies and businesses within the FANCL Group will be updated accordingly.
In addition, for customers who have registered as members at our stores, we may jointly provide services, etc., with the business operators managing those stores.
We prioritize preventive action against leakage, loss, destruction, falsification, unauthorized access, and other risks to personal information, and will continuously implement appropriate security measures while striving for operational improvements.

1. Items of Personal information Subject to Shared Use
   Name, address, telephone number, fax number, email address, date of birth, gender, purchase history, contents of surveys and inquiries, etc.
2. Scope of Shared Users
   FANCL CORPORATION, ATTENIR CORPORATION, and other domestic companies comprising the FANCL GROUP (including Kirin Holdings Company, Limited and other companies within the Kirin Group).
3. Purpose of Use
   As described in 3. above.

Chief administrator of shared use
FANCL CORPORATION, 89-1 Yamashita-cho, Naka-ku, Yokohama
Hideki Mitsuhashi, President & Representative Director

The FANCL Group will not disclose or provide your personal information to any third party without your consent, except in the following cases:

• Your prior consent has been obtained
• When requested by the police or other public authorities
• When in compliance with or permitted by applicable laws and regulations

In order to provide better services, we may outsource the handling of personal information to external service providers. The outsourced services include, but are not limited to, order processing, product delivery, billing, email delivery, and customer service. When outsourcing the handling of personal information, we shall enter into confidentiality agreements with the service providers to which we outsource such services, and instruct and supervise such service providers to exercise due care in the management of personal information to prevent any leakage.

Upon receipt of your request for disclosure, correction, or deletion of, or other actions related to your personal information, we will respond accordingly within a reasonable scope. However, this does not apply if we determine that responding to your request would harm the life, body, property, or other interests of a third party, or otherwise cause significant hindrance to the FANCL Group.
For inquiries regarding the handling of personal information, please contact our Help Desk at 0120-34-2222.

1. Establishment of Discipline for Handling Personal Data
   The Company has formulated the regulations on the handling of personal data, which specify the handling methods, responsible persons or persons in charge, their respective duties, and other relevant matters according to each step of personal data handling, including acquisition, use, storage, provision, deletion, disposal, and other actions related to personal data.
2. Organizational Security Management Measures
   In addition to assigning persons responsible for handling personal data, the Company has clearly defined the employees who have access to personal data and the scope of handling by such employees. The Company has in place a system for reporting to or contacting such responsible persons in the event that a violation or suspected violation of applicable laws or internal regulations has been identified.
3. Personnel Security Management Measures
   The Company conducts regular training for employees on matters to be considered when handling personal data.
4. Physical Security Management Measures
   In areas where information assets are handled, the Company implements measures to control access, including entry and exit of employees, to prevent any access by unauthorized persons.
5. Technical Security Management Measures
   The Company has introduced mechanisms to protect information systems that handle personal data from unauthorized external access and unauthorized software. In addition, access control is implemented as a measure to limit the persons in charge of handling personal data and the scope of the personal information database, etc., handled by them.

FANCL CORPORATION
Hideki Mitsuhashi, President & Representative Director