Application Privacy Policy

NTT DOCOMO, INC. (“DOCOMO”) sets forth this Application Privacy Policy and will endeavor to protect user information. This Application Privacy Policy aims to give you information on how DOCOMO collects and processes your user information through your use of “d POINT CLUB” (the “App”) and service on the App (the “Service”)

(1) The user information that DOCOMO will collect in the App (the “User Information”) is as follows. Please kindly note that depending on the User Information, the App may automatically transmit the User Information to DOCOMO.

■User Information
  1. (i) d POINT Club Member Number
  2. (ii) d POINT CARD Number

Purpose of use of the User Information

DOCOMO will use the User Information to display MOBILE d POINT CARD in the App.

How DOCOMO collects the User Information

The APP will automatically transmit the User Information,

■User Information
d ACCOUNT(d ACCOUNT ID and password)

Purpose of use of the User Information

DOCOMO will use the User Information to identify and authenticate for Services in the App.

How DOCOMO collects the User Information

The App will require you to enter the User Information when you log in the App,

■User Information
The App's notification token (an authentication key required for implementing push notifications. This key is obtained by the customer's device from Apple Inc. or Google Inc.)

Purpose of use of the User Information
DOCOMO will use the User Information:

To provide push notifications

To deliver content (including sponsor’s store information, coupons, etc.; the same definition applies herein), products, services, sales campaigns, event information, and other information

How DOCOMO collects the User Information

The APP will automatically transmit the User Information,

■User Information
Location data of the customer’s device (GPS location data, Wi-Fi location data, and Bluetooth location data to an accuracy of a few meters)

Purpose of use of the User Information
DOCOMO will use the User Information:

To provide push notifications

To deliver content (including sponsor’s store information, coupons, etc.; the same definition applies herein), products, services, sales campaigns, event information, and other information

To analyze and evaluate how the customer use the APP for the purpose of improving the service quality

How DOCOMO collects the User Information

The APP will automatically transmit the User Information that linked to d POINT Club Member Number, provided that it will be transmitted to DOCOMO only if “Location Access” in your device is turned ON.

■User Information
Identifier for advertisers implemented by OS provider(s)

Purpose of use of the User Information
DOCOMO will use the User Information:

To run advertising campaigns including targeted adds

To analyze and evaluate how the customer use the APP for the purpose of improving the service quality

To display targeted ads served by third parties: targeted ads served based on customer attribute data or movement history data collected independently by ad providers below. If you do not want to receive targeted ads served by ad providers, follow the procedure on the applicable ad provider website to stop ads being served.

Facebook, Inc.

Google LLC

Twitter, Inc.

Oath Inc.

How DOCOMO collects the User Information

The APP will automatically transmit the User Information,

■User Information
The customer’s device information (model, OS, etc.) and tracking information in the App

Purpose of use of the User Information

DOCOMO will use the User Information to analyze and evaluate how the customer use the APP for the purpose of improving the service quality.

How DOCOMO collects the User Information

The APP will automatically transmit the User Information,

(2) The purpose of use of the User Information on the App and Service are as defined above. If defined by DOCOMO separately in “NTT DOCOMO Privacy Policy,” “d ACCOUNT Terms and Conditions,” “d POINT Club Membership Rules,” “d POINT Club Special Terms and Conditions,” “MOBILE d POINT CARD Special Terms and Conditions,” “Handling of Customer Information Related to d POINT CARD,” “Terms of Use on d Wi-Fi,” “Third party provision to partners of d Wi-Fi/DOCOMO,” and other contracts entered into between DOCOMO and the customer, DOCOMO may use the User Information within the use purpose scope stated in these documents.

(3) DOCOMO may use other customer’s personal information that is properly collected and in possession of DOCOMO for the purpose of provision of App and/or the Service. In addition, DOCOMO may use the User Information by combining with the above personal information to the extent necessary for the purposes set forth in this Article

DOCOMO collects the User Information set out in the preceding Article via an analytical module incorporated into the App. The analytical module is a program provided by a third party and has the function for collecting and analyzing the User Information. Furthermore, DOCOMO may combine the User Information collected through the analytical module with other DOCOMO ID and use such User Information by combining with the customer’s attribute information and other information connected to the DOCOMO ID.

■Module name: Google Analytics for Firebase / Google Analytics

Module provider: Google, LLC and its wholly owned subsidiaries
User Information collected by the module:

  1. (i) The customer’s device information (model, a type of OS, etc.)
  2. (ii) Tracking information in the App (including dates/times and number)
  3. (iii) Identifier for advertisers implemented by OS provider(s)

Others: The User Information will be stored in the server system controlled by Google. Furthermore, Google will use such User Information to the extent of the purposes of use set forth by Google. Please refer to <https://www.google.com/privacy.html>for the details of Google Analytics for Firebase / Google Analytics and the purposes of use set forth by Google.

■Module name: Adjust

Module provider: Adjust GmbH
User Information collected by the module:

  1. (i) The customer’s device information (model, a type of OS, etc.)
  2. (ii) Tracking information in the App (including dates/times and number)
  3. (iii) Identifier for advertisers implemented by OS provider(s)

Others: The User Information will be stored in the server system controlled by Adjust. Furthermore, Adjust will use such User Information to the extent of the purposes of use set forth by Adjust. Please refer to <https://www.adjust.com/terms/privacy-policy/> for the details of Adjust and the purposes of use set forth by Adjust.

■Module name: Facebook SDK

Module provider: Facebook, Inc.
User Information collected by the module:

  1. (i) The customer’s device information (model, a type of OS, etc.)
  2. (ii) Tracking information in the App (including dates/times and number)
  3. (iii) Identifier for advertisers implemented by OS provider(s)

Others: The User Information will be stored in the server system controlled by Facebook. Furthermore, Facebook will use such User Information to the extent of the purposes of use set forth by Facebook. Please refer to <https://www.facebook.com/policy.php> for the details of Facebook SDK and the purposes of use set forth by Facebook.

Except as set forth in the previous clause and below, the User Information will never be transmitted or provided to a third party:

  1. (i) When module providers collects the User Information as set forth in Article 2;
  2. (ii) When explicit consent is obtained in an agreement with DOCOMO such as the “d POINT Club Membership Rules”, “d POINT Club Special Terms and Conditions”, “Third party provision to partners of d Wi-Fi/DOCOMO” and elsewhere; and
  3. (iii) When permitted under the Personal Information Protection Act.

When the customer installs the App, the customer will be given the opportunity to confirm the contents of the Application Privacy Policy and grant consent. Please use the App and the Service after confirming the Application Privacy Policy and understanding the contents. In addition, the Application Privacy Policy will be available on the App’s menu screen.

(1) The customer can opt out of our collection, processing and transfer to third parties the following User Information in accordance with the methods below.

Location data of the customer’s device: Turn off the location data in the settings menu on the device or the App.

The App's notification token: Turn off the push notifications in the settings menu on the device or the App.

Identifier for advertisers implemented by OS provider(s): Turn off the tracking data in the settings menu on the device or the App.

(2) Except as set forth in the preceding clause, DOCOMO provides no means to opt out of collection of the User Information. Please uninstall the App if you would like to opt out of them. DOCOMO may continue to use the User Information that has already been collected even after the uninstall of the APP.

If you have opinions or requests regarding the collection and/or processing User Information in the App and the Service, please contact customer service below:

Customer service name: d POINT CLUB Online Inquiry

How to contact customer service: https://dpoint.jp/global/m/faq/index_en.html:

DOCOMO may amend the Application Privacy Policy in relation to the App’s upgrade. Please refer to the latest version of Application Privacy Policy when using the APP.

Supplementary provisions (August 11, 2020)

The Application Privacy Policy shall be effective as of August 11, 2020.

Exhibit A: ADDITIONAL INFORMATION FOR EU CITIZENS

In the following, DOCOMO provides you with the additional information as required in accordance with the General Data Protection Regulation (“GDPR”). This Exhibit A supplements the information provided in the main body of this Application Privacy Policy to the extent required under GDPR.

In the following, DOCOMO informs you about the legal bases, on which we process the User Information. The User Information processed as well as the purposes for such processing and the details how we collect the User Information are set out in Section 1 and 2 of the main body of this Application Privacy Policy.

Type of User Information Purpose Lawful basis for processing
d POINT Club Member Number To display MOBILE d POINT CARD in the App Contract performance
d POINT CARD Number To display MOBILE d POINT CARD in the App Contract performance
d ACCOUNT(d ACCOUNT ID and password) To identify and authenticate for Services in the App. Contract performance
The App's notification token

To provide push notifications・To deliver content (including sponsor’s store information, coupons, etc.; the same definition applies herein), sales campaigns, event information, and other information

 Consent
Location data of the customer’s device

To provide push notifications

To deliver content (including sponsor’s store information, coupons, etc.;the same definition applies herein), products, services, sales campaigns, event information, and other information

To analyze and evaluate how the customer use the APP for the purpose of improving the service quality

 Consent
Identifier for advertisers implemented by OS provider(s)

To run advertising campaigns

To analyze and evaluate how the customer use the APP for the purpose of improving the service quality

 Legitimate interests (for running our business, and to analyse how customers use our products/ App Services);
The customer’s device information (model, OS , etc.) and tracking information in the App To analyze and evaluate how the customer use the APP for the purpose of improving the service quality Legitimate interests (for running our business, provision of administration and IT services, network security/to keep records updated and to analyse how customers use our products/ App Services);

DOCOMO is established and headquartered in Tokyo, Japan, and the business partners to whom we may disclose the User Information, as controllers and/or as processors, are also based in Japan or elsewhere outside the European Economic Area (“EEA”).

The User Information will therefore be collected, transferred, stored and processed outside the EEA. Japan has been recognised by the European Commission as being a country which offers adequacy protection for the purposes of GDPR. Accordingly, it is lawful for the User Information to be collected, transferred, stored and processed by DOCOMO in Japan provided that DOCOMO complies with its obligations as a controller under GDPR and as a Personal Information Handling Business Operator under the amended Act on the Protection of Personal Information.

We have put in place appropriate robust security measures to prevent the User Information from being accidentally lost, used or accessed in an unauthorised way, damaged or destroyed, altered or disclosed. We have adopted these measures to ensure the ongoing confidentiality, integrity, availability and resilience of systems and services which process the User Information and to ensure that we can restore availability and access to the User Information in a timely manner in the event of a physical or technical incident. These measures are regularly tested, assessed and, where appropriate, updated to ensure they remain effective, and they will typically include:

• Technical security measures:

  • multiple location, physically secure data centres designed to prevent single points of failure;
  • secure system firewalls and authentication controls;
  • back-ups and data recovery systems;
  • secure encryption technologies; and
  • state-of-the-art antivirus and intrusion protection.

• Organisational security measures:

  • data system access controls, password controls and privilege management;
  • data centre physical access controls;
  • security and compliance training for personnel:
  • robust data security breach reporting procedures;
  • robust DRBC (disaster recovery and business continuity) procedures;
  • contractual confidentiality obligations for personnel; and
  • background checks for personnel (where appropriate and permitted / required by law).

We have put in place reporting procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority of a breach when we are legally required to do so.

Whenever we engage third party service providers to store and process the User Information, we always ensure that those providers also implement appropriate technical and organisational security measures to keep the User Information safe and require those providers to adhere to strict contractual requirements for this purpose, as required by GDPR.

We will only retain the User Information for as long as is necessary for the specific purposes it was collected for or, where relevant, for related compatible purposes such as complying with applicable legal, accounting, or record-keeping requirements.

For example, we often have to retain basic information about our customers for a mandatory period of time after they cease being customers in order to comply with our tax law obligations.

Where there is no specific legal period for retaining the User Information then we will determine the appropriate retention period by considering the amount, nature, and sensitivity of the personal data, the potential risk of harm from its unauthorised use or disclosure, the purposes for which we process the User Information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete the User Information: see Section 5 below for further information.

We may also anonymise the User Information (so that you are no longer identifiable from it) for research or statistical purposes. If so then we may use this information indefinitely without further notice to you.

Where the User Information contains personal data, you have certain rights under GDPR, some of which only apply in certain circumstances. These rights are:

  • Right to access your personal data:This gives you the right to receive a copy of the personal data we hold about you subject to certain exemptions.
  • Right to request correction of your personal data: This gives you the right to have any incomplete or inaccurate personal data we hold about you corrected.
  • Right to request erasure of your personal data: This allows you to request us to delete or remove personal data. You also have the right to request us to delete or remove your personal data where you have exercised your right to object to processing (see below). In certain circumstances this right may not apply, such as where we have a good, lawful reason to continue using the information in question, and if so we shall inform you of such reasons at the relevant time.
  • Right to object to processing of your personal data: You can object to us processing your personal data for legitimate interests purposes or for direct marketing. We must then stop processing your personal data unless we have a strong reason to continue which overrides your objection. If your objection is to direct marketing, we must always stop.
  • Right to restrict how your personal data is used: You can limit how we use your personal data in certain circumstances. Where this applies, any processing of your personal data (other than storing it) will only be lawful with your consent or where required for legal claims, protecting certain rights or important public interest reasons.
  • Right to have a portable copy or to transfer your personal data: You can request us to provide you, or (where technically feasible) a third party, with a copy of your personal data in a structured, commonly used, machine-readable format. Note this only applies to personal data which we obtain from you and, using automated means, process on the basis of your consent or in order to perform a contract.
  • Right to withdraw consent: If we are relying on consent to process your personal data then you have the right to withdraw that consent at any time.

If you want to exercise any of the rights described above then please contact us as explained in Section 6 below. We try to respond to all personal data requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. Please also bear in mind that there are exceptions to the rights above and some situations where they do not apply.

We may need to request additional information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you to clarify your request.

You will not normally have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

NTT DOCOMO, INC. is the controller and is responsible for your personal data and other information we collect from you in connection with your use of the App and the App Services.

We have appointed a Data Protection Representative in the European Union to support you with any data protection or privacy related queries which you may have. If you have any questions about this App Privacy Policy, or if you wish to exercise your legal rights (as explained in Section 5 above) please contact us or our EU Data Protection Representative using the following details:

Company name: NTT DOCOMO, INC.

Website for Inquiry: https://dpoint.jp/global/m/faq/index_en.html

Postal address: Sanno Park Tower, 2-11-1 Nagata-cho, Chiyoda-ku, Tokyo 100-6150, Japan

• EU Data Protection Representative: DOCOMO Europe Limited

Email address: docomo-gdpr-privacy@docomo-europe.com

Postal address: 1 King William Street, London, EC4N 7AR

Telephone number: +4-20-7481-6301