Binding Corporate Rules

Rakuten adheres to a set of global privacy protection standards referred to as Binding Corporate Rules. These guidelines ensure privacy protection throughout the Rakuten Group and have been approved by the European Union data protection authorities. The rules establish that even if personal data is transferred to a country that operates on a more lenient data protection regime, Rakuten will still apply its high global standards.

Why are the rules important?

Some countries have only limited or fragmented privacy rules or may lack a general privacy code to follow. Therefore, Rakuten uses its own privacy code for its operations worldwide. Because privacy is the core value of trust for our users and stakeholders, Rakuten is very serious about maintaining global compliance at a high standard.

What is the content of the rules?

The rules comprise the main privacy principles such as purpose limitation and data quality, as well as, right to information, rectification and erasure. Rakuten’s global privacy manager will be responsible for mediating claims and assuring internal compliance. Most importantly, the rules bind all of Rakuten’s worldwide entities so that each company adheres to the same rules in all their actions taken.

Depending on the user’s residence, they may enjoy additional rights. For example, citizens of the European Union have the right to bring actions against Rakuten if they believe their rights have been infringed by Rakuten’s entities abroad. In such cases, Rakuten would be liable in the same way it would if the infringement had taken place in the European Union.

Why are global transfers necessary?

The fast-moving digital sector requires global players to make their services available all over the world. Rakuten is based in Japan, therefore many processing activities take place in Japan. These corporate rules assure a level of protection in Japan similar to that required in the European Union so that data can be transferred safely.

List of Rakuten Group Entities Part of the BCR Intra-group Agreement

EEA Entities
Jurisdiction Entity
Estonia OU Massi Miliano
France Rakuten France S.A.S.
France Aquafadas S.A.S.U.
Germany Rakuten Deutschland GmbH
Luxembourg Rakuten Europe S.a.r.l.
Luxembourg Rakuten Europe Bank S.A.
Luxembourg Viber Media S.a.r.l.
Spain Rakuten TV Europe, S.L.U.
Non EEA Entities
Jurisdiction Entity
Canada Rakuten Kobo Inc.
China Rakuten China Development Center Co., Ltd.
India InnoEye Software Technologies Private Ltd
India Rakuten India Enterprise Private Limited
Japan Amrit DC, Inc.
Japan Executive Golf, Inc.
Japan Keiba Mall, Inc.
Japan Rakuten Bic, Inc.
Japan Rakuten Books Network Co., Ltd.
Japan Rakuten Car, Inc.
Japan Rakuten Communications Corp.
Japan Rakuten Distribution, Inc.
Japan Rakuten Group, Inc.
Japan Rakuten H Collective Studio, Inc.
Japan Rakuten Insight Global, Inc.
Japan Rakuten Insight, Inc.
Japan Rakuten Mobile, Inc.
Japan Rakuten Seiyu Netsuper, Inc.
Japan Rakuten Socio Business, Inc.
Japan Rakuten SQREEM, Inc.
Japan Rakuten Wallet, Inc.
Singapore Rakuten Asia Pte. Ltd.
Singapore Rakuten LIFULL STAY Pte. Ltd.
Taiwan Taiwan Rakuten Ichiba, Inc.
U.S.A Ebates Inc. dba Rakuten
U.S.A Innoeye LLC
U.S.A Rakuten Marketing LLC
U.S.A Rakuten USA, Inc.
U.S.A Rakuten Intelligence, Inc.
U.S.A Viki, Inc.

Contact Us

If you have any questions for “Rakuten Group, Inc. Privacy Policy” and “Privacy Center”, Please contact us from here.

List of FAQ and inquiries (Japanese)

Page Top