HOME > Privacy Policy


Yellow Hat Ltd., Yellow Hat subsidiaries (stated on this website at https://www.Yellow Hat.jp/corp/about/group.html), and the Yellow Hat Group companies that operate Yellow Hat stores, etc. (hereinafter, “Yellow Hat Group”) have established the following basic policy concerning personal information protection to guarantee peace of mind for our customers by ensuring that personal information provided by customers when applying for servicing, having quotations prepared, and applying for card membership is used with the utmost care.

Basic Policy concerning Personal Information Protection

In light of the importance of personal information protection, and to further enhance the group’s trustworthiness, Yellow Hat Group handles personal information in a proper manner and implements appropriate safety management measures in compliance with the Personal Information Law and other related laws, guidelines, etc.
Yellow Hat Group thoroughly educates and guides its employees in how to properly handle personal information and takes other measures to guarantee proper handling. Moreover, while promptly responding to complaints and inquiries related to the handling of personal information, Yellow Hat Group reviews and improves appropriate measures pertaining to personal information handling and safety management in a timely manner.

1.Acquisition and use of personal information

Personal information refers to personal information as stipulated in the Personal Information Protection Law (Law No. 5 of 2003) Article 2 paragraph 1. Yellow Hat Group acquires and uses personal information by legal and fair means and to the extent required for work purposes upon first taking adequate safety management measures.
The information that Yellow Hat Group acquires to achieve the objectives stated in “3. Purpose of use of personal information” includes the following (hereinafter, “acquired information”).

  • (1) Name, date of birth, gender, occupation, and other information that can identify specific individuals
  • (2) Information such as address, telephone number, account information (referring to mail address, password, etc.) that is used in connection with specific personal information
  • (3) Age and other individual attribute information that is integrated with personal information
  • (4) Customer’s personal identification information

2.Methods for collecting personal information

Yellow Hat Group acquires personal information by the methods described below.

  • (1) Direct writing by customers themselves in Yellow Hat Group stores
  • (2) Direct input by customers themselves on the Yellow Hat Group website

3.Purpose of use of personal information

Within Yellow Hat Group, out of the personal information that is provided by customers, customers’ names, addresses, telephone numbers, dates of birth, genders, product purchase and work histories, etc. undergo computer processing and are jointly used as a database within the group. Also, to the extent required to achieve the purpose of use, personal data may be provided to subcontractors.
Yellow Hat Group also uses personal information to the extent required for executing its businesses of retail and wholesale selling of auto parts, auto servicing, car rental, and car selling. However, it does not use it for purposes other than these.
Specific objectives of using personal information in Yellow Hat Group are as follows.

  • (1)Making communications to follow-up on purchased products and works, etc.
  • (2) Sending prizes, etc. related to purchased products and entered competitions
  • (3) Giving information on campaigns, events, new ventures, etc. that Yellow Hat Group hosts or sponsors
  • (4) Making urgent communications in cases where there is a risk of damages being imparted to the life, health, or property of customers or other persons due to defects in sold products or faulty fitting of products, servicing, etc.
  • (5) Exchanging personal information for confirming the authenticity of account numbers or validity of credit cards with financial institutions, etc. when settling charges for products and charged services
  • (6) Conducting measures based on notifications and guidance from judicial branches and public agencies
  • (7) Cases where Yellow Hat Group consigns questionnaires for the purpose of surveying improvements in store operations, trends in product purchasing, etc., edits information so that individuals cannot be identified, and prepares statistical materials, etc. based on those results (statistical materials may be publicly disclose in some cases)

Yellow Hat Group will only change the above purposes of use to the extent that is reasonably recognized to be considerably relevant, and will disclose any changes on the Yellow Hat Group website (http://www.Yellow Hat.jp/), etc.

4.Personal information safety management measures

Yellow Hat Group takes ample security measures, including establishment of safety management handling regulations, etc. and an implementation setup, etc., for the prevention of individual data leakages, loss or damage, and it also takes appropriate measures to ensure that measures are sufficiently accurate and up to date to achieve the purpose of use.The main safety management measures are as follows.

  • (1)Organizational safety management measures
    ・Appointment of responsible persons, etc. in charge of personal data management
    ・Stipulation of safety management measures in the employment regulations, etc.
    ・Operation in accordance with the handling regulations concerning personal data safety management
    ・Establishment of means for confirming conditions regarding handling of personal data
    ・Inspection of conditions regarding handling of personal data and establishment and implementation of an audit system
    ・Establishment of a system for addressing leaks and other incidents
  • (2) Personal safety management measures
    ・Conclusion of personal data nondisclosure agreements, etc. with employees
    ・Clarification of roles, responsibilities, etc. of employees
    ・Dissemination, education and training on safety management measures for employees
    ・Checking of compliance with personal data management procedures among employees
  • (3)Physical safety management measures
    ・Management of personal data handling areas, etc.
    ・Prevention of theft, etc. of devices, electronic media, etc.
    ・Prevention of leaks, etc. when carrying electronic media, etc.
    ・Deletion of personal data and disposal of devices, electronic media, etc.
  • (4) Technical safety management measures
    ・Identification and authentication of personal data users
    ・Setting of personal data management divisions and access control
    ・Management of personal data access restrictions
    ・Measures for prevention of personal data leakage, damage, etc.
    ・Recording and analysis of access to personal data
    ・Monitoring and audit of information systems that handle personal data
    ・Recording and analysis of operating conditions of information systems that handle personal data
  • (5) Determining the external environment
    Safety management measures are implemented upon determining systems related to personal information protection in countries that handle personal data.

Moreover, when consigning the handling of personal data, to ensure the appointment of persons who appropriately handle personal data and that safety management measures are implemented in subcontractors, we have established and periodically review handling regulations, etc. for subcontracting.

5.Provision and acquisition of personal information to and from third parties

Yellow Hat Group will not provide personal data to a third party without the customer’s consent, except in the following cases.

  • (1) When the customer’s consent has been given
  • (2) Cases based on legislation
  • (3) When it is necessary for protecting human life, health or property but it is difficult to secure the person’s consent
  • (4) When it is particularly necessary for improving public health and promoting the sound development of children but it is difficult to secure the person’s consent
  • (5) When it is necessary to cooperate with national agencies, public authorities or their consignees in executing business prescribed by legislation, but there is a risk that obtaining the person’s consent may hinder execution of the said business
  • (6) When the third party concerned is an academic research institute, etc. that needs to handle the said personal data for academic research purposes (including cases where part of the objective for using the said personal data is for academic research, but not including cases where there is risk that the individual’s rights and interests will be unfairly violated)
  • (7) When Yellow Hat Group deems it necessary in the provision of services, etc.

Moreover, when personal data has been provided to or acquired from third parties (including cases where personal information is acquired as personal data), the said data will be stored upon confirming and recording the background of provision or acquisition and items stipulated by law, including name, etc. of the provider.

6.Handling of personal numbers and specific personal information

Yellow Hat Group will not acquire or use personal numbers and specific personal information for purposes other than restrictively specified in legislation. Except when restrictively specified in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures, personal numbers and specific personal information will not be provided to third parties.

7.Joint use of acquired personal information

Yellow Hat Group will jointly use personal information with other companies in the Group to the extent required for achieving the objectives stated in “3. Purpose of use of personal information”.

  • (1) Jointly used information
    Personal information as stated in “1. Acquisition and use of personal information”
  • (2) Scope of persons who use it jointly
    Yellow Hat Group as stipulated in the foreword of the Privacy Policy
  • (3) Purpose of use of joint users
    For achievement of “3. Purpose of use of personal information”
  • (4) Responsible manager for joint use
    Yellow Hat Ltd.
    See the following concerning information on the address and representative of Yellow Hat Ltd.

8.Disclosure, correction, suspension of use, etc. of held personal data based on the Personal Information Protection Law

Requests concerning the disclosure, correction, suspension of use, etc. of held personal data based on the Personal Information Protection Law will be appropriately addressed upon confirming the identity of the person making the request.
Moreover, we will charge the specified fees for the procedures for the above disclosure, etc. Please contact the following address if you wish to apply for such a procedure.

Concerning Website Use

This website (hereinafter, “the website”) is operated and managed by Yellow Hat Ltd. (hereinafter, “the Company”), and personal information belonging to customers who access the website is managed based on the Privacy Policy established by the Company, Yellow Hat subsidiaries, and the Yellow Hat Group companies that operate Yellow Hat stores, etc. (hereinafter, “Yellow Hat Group”). Before using the website, please understand the following.

1.Copyright, etc.

Logos, images, illustrations, text, audio, video, programs, etc. (hereinafter, “content”) placed on the website are protected by copyrights held by the Company and third parties. Except in cases where personal use, etc. is recognized under the Copyright Law, reproduction, revision of contents, copying, and other actions without obtaining the Company’s prior consent are prohibited.

2.Protection of personal information

Please see the Privacy Policy for the basic policy concerning personal information protection on the website.

Moreover, the website acquires information that is not classed as personal information, for example, cookie information, other information related to use such as behavior history and access logs, information about the terminal being used, OS information, positional information, IP addresses, browser information, and other information related to the customer’s communications from the customer and third parties.

3.About the use of cookies

Cookies are used to make it easier for customers to revisit the website. Cookies do not violate the privacy of customers, nor do they impart any negative impact on customers’ computers.
Cookies are used for the following purposes.
①To determine the terminal being used by the customer and the pages, etc. that the customer has visited
②To improve the website content and online services for the customer’s further satisfaction and to customize the website according to each customer’s individual use
③To improve the convenience of the website and optimize the distribution of advertisements to the customer

④To statistically process information that is obtained through the use of cookies and use it as data

The customer can change his/her browser settings to refuse automatic reception of cookies. However, please understand that the content of some services may be limited or it may not be possible to use some services without cookies.

4.About SSL

When acquiring the customer’s personal information through the website, we strive to secure safety by conducting encryption based on SSL (Secure Socket Layer).
By using a web browser equipped with security features, since personal information such as names, addresses or telephone numbers input by the customer is automatically encrypted for sending and receiving, even if the sent data is intercepted by a third party, there is no risk of the content being read. If using a non-SSL browser, it may not be possible to access the website or input information.

5. Google Analytics

The website uses Google Analytics, provided by Google Inc., to survey and analyze conditions of use, etc. Please see the Google website for the Google Analytics terms of use and Google’s privacy policy.

Google Analytics terms of use:
Google policies and terms:

Google Analytics determines conditions of use, etc. of customers by using cookies, etc. If you do not want your data to be used by Google Analytics, please use the Google Analytics opt-out add-on provided by Google Inc.

Google Analytics opt-out add-on:

6.Other matters

The Company bears no responsibility whatsoever concerning the content and information of websites (operated by third parties) that are linked to the website.
Moreover, although links to other websites are included on the website, Yellow Hat Group bears no responsibility whatsoever concerning personal information collection that is conducted on such websites. Please refer to the privacy policy, etc. of each website.
We strive to place the most up-to-date information on the website, however, we cannot bear any responsibility or offer any guarantees concerning the accuracy, integrity or propriety of information. Moreover, content on the website may be changed, deleted, suspended or interrupted without notice.

Revised March 1, 2023
1-7-4 Iwamotocho, Chiyoda-ku, Tokyo
Yellow Hat Ltd.
Yasuo Horie
President & CEO

【Inquiries Desk】

Yellow Hat Ltd., Personnel and General Affairs Department
1-7-4 Iwamotocho, Chiyoda-ku, Tokyo 101-0032
TEL:03-6866-1680(weekdays 10:00-17:00, excluding Saturdays, Sundays, national holidays, and year-end and New Year holidays)