Privacy policy

Established April 1, 2016
Latest revision: January 1, 2025

Personal Information Protection Policies

MEDIROM Healthcare Technologies Inc. (hereinafter "we", “our” or “us”) is engaged in the franchise business, the health-tech business, and the device business. We understand that the protection of personal information of customers, business partners, employees, and other parties, as well as personal identification numbers and specific personal information, is of great importance and our responsibility. Accordingly, based on our philosophy of the personal information protection and the Code of Conduct that we have established, we fully acknowledge our social mission and comply with laws and regulations concerning personal information and the protection of the rights of individuals.
In addition, we hereby declare that we will establish a management system for the personal information protection to embody the policies described below, and we keep an eye on the latest IT trends, changes in social demands, and changes in the business environment, and take continuous actions for improvements on a companywide.

1. We are to properly acquire, use, and provide personal information, and not to handle personal information beyond the scope necessary to achieve the specified purpose of use. Also, we will also take measures to this end.
2. We are to comply with laws and regulations concerning the handling of personal information, guidelines established by the national government authority, and other standards.
3. We are to allocate resources aligned with circumstances surrounding the business in order to take reasonable safety measures to prevent risks such as leakage, loss, and damage of personal information, and continuously improve the personal information security structure. In the event of an emergency, we are to immediately take corrective measures.
4. We are to respond to complaints and inquiries concerning the handling of personal information in a prompt manner and good faith.
5. We are to timely review and properly evaluate the management system for the personal information protection and to continuously improve it, in accordance with changes in the circumstances surrounding us and the actual situation.

Established: April 1, 2016
Last revised: As of January 1, 2025

Kouji Eguchi
Representative Director and CEO
MEDIROM Healthcare Technologies Inc.

Contact information for inquiry regarding our personal information protection policy and complaint regarding your personal information
Tradepia Odaiba 16th Floor,
2-3-1 Daiba, Minato-ku, Tokyo, 135-0091 JAPAN
MEDIROM Healthcare Technologies Inc.
E-mail address: privacy@medirom.co.jp

Public Disclosure of Purpose of Use of Personal Information

MEDIROM Healthcare Technologies Inc. (hereinafter referred to as "we", “our” or “us”) shall publicly disclose the use of personal information within the scope of the following purpose of use in accordance with Article 18, Paragraph 1 of the Act on the Protection of Personal Information (or, the Personal Information Protection Act).

Purpose of Use of Personal Information

(1) The followings indicate the purposes of use in cases we directly obtain personal information described in a document, etc. (including website and e-mail, etc.; hereinafter referred to as "Written Instrument") from you.
- Purpose of Use of Customer Information
- ・To provide information on services and products handled by us and our group
- ・To provide information on services and related products provided by us and our subsidiaries’ alliance partners
- ・To provide services, sell products and deliver products of us and our group
- ・To charge for the use of our and our group’s services and the sales of products
- ・To conduct questionnaires to improve the quality of the services handled by us and our group
- ・To verify the identity of users and identify individuals, such as login to services for members provided by us and our group, if required
- ・To conduct analysis based on our product development, marketing, sales activities and statistical materials, and data analysis for medical research purposes
- ・To provide or contact regarding ancillary and related services the above
- ・To respond to customers’ inquiries, requests, etc.
- Purpose of Use of Other Personal Information
- ・To answer inquiries about personal information about us and our group's businesses
- ・To conduct business contracted between us/our group and our clients
- ・To communicate for business matters
- ・To deliver and receive information or products
- ・To refer business partners to us and our group's business partners (third parties)
- ・To carry out recruitment, in case of the information provided by a person who directly applied for a job offered by us and our group
- ・To contact, provide various information and maintain shareholders and related or ancillary thereto, in case of the personal information of shareholders of us and our group
- ・To maintain H&R management, operation management, health management, security management, etc., in case of the personal information of employees of us and our group
- ・For purposes specified by the laws, in case of the individual numbers of employees of us and our group and their dependents
- ・Collection based on other justifiable grounds such as laws and regulations

(2) The followings describe the purposes of use in cases where we obtain personal information acquired in a method other than direct Written Instruments
- ・For us and our group to conduct seminars, H&R affairs, and other services supplied by each our group and various services provided by us with respect to the products we develop
- ・To carry out recruitment, in case of the information provided by a person who applied for a job offered through Hello Work and other job search website maintained by private service providers.

Announcement of Matters Concerning Retained Personal Data

MEDIROM Healthcare Technologies Inc. (hereinafter referred to as "we", “our”, or “us”) hereby publicly announces the following matters related to requests for disclosure, etc. (which includes notice of the purpose of use, disclosure, correction, addition or deletion of information, suspension of use, deletion, and suspension of provision to a third party):

1.Personal Information Protection Managers

- Title: Director and CFO
- Contact: Email Address privacy@medirom.co.jp

2.Purpose of Use of The Retained Personal Data

- Purpose of Use of Personal Information
- ・To provide information on services and products handled by us and our group
- ・To provide information on services and related products provided by us and our group partners
- ・To provide services, sell products and deliver products of us and our group
- ・To charge for the use of our and our group's services and sales of products
- ・To conduct questionnaires to improve the quality of the services handled by us and our group
- ・To verify the identity of users and identify individuals, such as login to services for members provided by us and our group, if required
- ・To conduct analysis based on our product development, marketing, sales activities and statistical materials, and data analysis for medical research purposes
- ・To provide or contact regarding ancillary and related services the above
- ・To respond to customers’ inquiries, requests, etc.
- Purpose of Use of Other Personal Information
- ・To answer inquiries about personal information about us and our group's businesses
- ・To conduct business contracted between us/our group and our clients
- ・To communicate for business matters
- ・To deliver and receive information or products
- ・To refer business partners to us and our group's business partners (third parties)
- ・To carry out recruitment, in case of the information provided by a person who directly applied for a job offered by us and our group
- ・To contact, provide various information and maintain shareholders and related or ancillary thereto, in case of the personal information of shareholders of us and our group
- ・To maintain H&R management, operation management, health management, security management, etc., in case of the personal information of employees of us and our group
- ・For purposes specified by the laws, in case of the individual numbers of employees of us and our group and their dependents
- ・Collection based on other justifiable grounds such as laws and regulations
- ・To conduct seminars for other companies commissioned by us and our group, personnel and labor affairs, specific health advice services, and various services we provide in connection with the apps we develop
- ・To carry out recruitment, in case of the information provided by a person who applied for a job offered through Hello Work and other job search website maintained by private service providers

3. Where to Contact for Complaints Concerning Handling of Retained Personal Data

For inquiries about retained personal data, please reach out to us at the contact information provided below.
- Tradepia Odaiba 16th Floor, 2-3-1 Daiba Minato-ku, Tokyo,135-0091 JAPAN
- Attn: Division of Personal Information at MEDIROM Healthcare Technologies Inc.
- E-mail address: privacy@medirom.co.jp

4. Matters Regarding Participating Certified Organization for Personal Information Protection

We are not a member of any certified personal information protection organizations.

5. Process of Disclosure, etc.

Please see the "Procedures for Disclosure of Retained Personal Data" below for our process of disclosure, etc.

Procedures for Disclosure of Retained Personal Data

Regarding retained personal data, you may request us for notification of the purpose of use, disclosure, correction, addition or deletion of the information, suspension of use, deletion, or suspension of provision to a third party ( “Disclosure, etc.”).
We will respond to your request for the Disclosure, etc. by following steps described below.

1.Personal Information Protection Managers

(1) Please reach out to us at the contact information provided below.
We will send a "prescribed form" by mail or in digital data to the e-mail address you designated. Upon your receipt, after agreeing to our policy of “Handling of Personal Information”, please mail, transmit or hand in at our office such form attaching necessary materials to the following address or e-mail address.
- Tradepia Odaiba16th Floor, 2-3-1 Daiba Minato-ku, Tokyo,135-0091 JAPAN
- Attn: Division of Personal Information at MEDIROM Healthcare Technologies Inc.
- E-mail address: privacy@medirom.co.jp

(2) Our process to verify the identity of the person or agent of such person who is requesting for the Disclosure, etc.
- 1）Our staff in charge of customer complaints confirms the identity of the person requesting for the Disclosure, etc. by reviewing an identity verification document listed below.
- 2）In case of an agent requesting for the Disclosure, etc., in addition to the documents prepared for the principal’s personal identification, our staff in charge of customer complaints reviews a document evidencing the authority of such agent to represent the requesting person and an identity verification document of such agent, depending on which your authority is, attorney-in-fact, statutory agent (i.e., guardian of a minor, guardian of an adult, or parental authority).
- 3）For us to confirm the identity of the person and agent, a copy of certificate with face picture issued by a public authority, examples of which are indicated below, will be required:
  - a）Driver's license
  - b）Passport
  - c）“My Number” card (front page)
  - d）Residence card or special permanent resident certificate
- 4）Documents evidencing the relationship between the principal and representative are as follows:
  - a）Power of attorney, which states that "I authorize the power to receive the results of the Disclosure, etc.", in the event of attorney-in-fact;
  - b）a certified copy of the family register or a certificate of registered matters (both of which need to be issued within six months), in the event of guardian of a minor;
  - c）a certificate of registered matters (issued within the past six months), in the event of guardian of an adult; and
  - d） a certified copy of the family register or a certificate of residence (issued within the past six months, for both), in the event of parental authority.

(3) If you request for notification of the purpose of use or disclosure of the retained personal data, you can choose the method of notification or disclosure from either of the followings: in writing or electromagnetic records (i.e., pdf format) via e-mail. We will use effort to notify or disclose in the method you chose as much as possible, but please note that we may contact you in a manner different from the method you chose if we turned it out difficult for us to respond. If there is no indication of a method you prefer, we will provide an electromagnetic record by e-mail.

2.Fees for "Request for Disclosure, etc." and Method of Fee Collection

We will charge the following amount (including mailing expense separately invoiced) for a single request, only if your request is a notification of the purpose of use. Please enclose money order covering the following amount when you send a set of requesting documents by mail.

- ・Fee amount: 1,000 yen

3.Notice of Review Results

We will inform you of the results of our review without delay in the following method, provided, however, that the method for the notification of the purpose of use or disclosure of retained personal data will be as described in Section 1 (3) above.

- ・Mail, hand delivery, or e-mail of documents

We will choose one of the following methods as appropriate and send documents by it:

- ・Mail the response documents to the address of the principal or statutory agent recorded in our system.
- ・Email the response documents to the e-mail address of the principal or statutory agent recorded in our system.

Joint Use of Personal Information

MEDIROM Healthcare Technologies Inc. (hereinafter referred to as "we", “our”, or “us”) will jointly use certain personal information of customers within the scope of the purpose of use.

1. Categories of The Jointly Used Personal Information

Name, address, date of birth, sex, telephone number, and other details of contracts and other personal information necessary for the achievement of the following purposes of use that are retained by us.

2. Method of Obtainment of Personal Information Subject to Joint Use

We obtained personal information to be used jointly in writing directly or by other means (including electronic media, etc.) from customer inquiries or information provided in application for our service.

3. Scope of Parties of Joint Use

The scope of parties who jointly use personal information is the following our subsidiaries and franchisees who have a franchise agreement with our subsidiaries.

(As of January 1, 2025)
- ・MEDIROM MOTHER Labs Inc. (https://medirom-mother-labs.co.jp/)
- ・MEDIROM Wellness Co. (https://medirom-wellness.co.jp/)
- ・MEDIROM Shared Services Inc. (https://medirom-shared-services.co.jp/)
- ・SAWAN CO. LTD. (https://www.sawan-rr.co.jp/)
- ・Kabushiki Kaisha ZACC (https://www.zacc.co.jp/)
- ・MEDIROM Rehab Solutions Inc. (https://medirom-rehab-solutions.co.jp/)
- ・Franchisees that have a franchise agreement with us or our subsidiaries

4. Purpose of Joint Use

・To provide comprehensive services through us, our group and franchisees
・To conduct business management, various risk management, and related operations
・To commence, maintain and manage various transactions

5. Responsible Party for Management of Personal Data Subject to Joint Use

・Company name: MEDIROM Healthcare Technologies Inc.
・Address: Tradepia Odaiba 16th Floor, 2-3-1 Daiba Minato-ku, Tokyo
・Representative: Kouji Eguchi, Representative Director and CEO
・E-mail address: privacy@medirom.co.jp