top of page
A17B7D88-3694-4BA1-8075-9BD62393C817.jpg

PRIVACY POLICY

Regarding the handling of acquired personal information, this website complies with the Act on the Protection of Personal Information, guidelines such as guidelines on the protection of personal information, and other related laws and regulations regarding the protection of personal information.

3-1, Basic policy regarding handling of personal information
We recognize the importance of personal information as a company and state our company's basic policy for handling personal information, including compliance with laws and regulations.

 

3-2, Definition
Here are the definitions of terms used in the privacy policy.

For example, include the definition of "personal information" or "personal data."

"Personal data" refers to personal information that is managed in a searchable manner (for example, listed in Excel or managed in a alphabetical list). Article 2, Paragraph 6 of the Information Protection Act).

"Personal data" is one level higher than "personal information" as it is considered to be the most important type of personal information, and is legally prohibited from providing it to a third party without the consent of the individual. regulations apply.

 

3-3, Business name, address, name of corporate representative
With the revision of the Personal Information Protection Act in 2020 (enforced in April 2020), the following items have been added as matters that a business handling personal information must make available to the individual. Article 27, Paragraph 1, Item 1 of the Information Protection Act).

 

If the business handling personal information is an individual, its name and address
If the personal information handling business is a corporation, the corporation name, address, and representative name

 

If these items are not included in your privacy policy, please add them.

 

3-4, How to obtain personal information
The Personal Information Protection Act states that companies "must not obtain personal information through falsehood or other illegal means" (Article 17, Paragraph 1 of the Personal Information Protection Act).

Based on this, we also state that our company will comply with laws and regulations and acquire personal information lawfully.

 

3-5, Purpose of use
When a company acquires personal information, it is obligated to announce the purpose of use of the personal information or notify the person concerned (Article 18 of the Personal Information Protection Act).

Therefore, please be sure to state the purpose of use of personal information in your privacy policy.

As mentioned above, each type of personal information has a different purpose of use, so it is appropriate to describe each type separately. In addition, as a general rule, it cannot be used for purposes other than those stated in the privacy policy.

For example, if you obtain personal information from a customer for the purpose of "product delivery or after-sales service," you cannot use that personal information to send direct mail about your company's products.

Therefore, please be sure to comprehensively describe the purpose of use, assuming that all personal information will be used within the company.

 

3-6. Details of measures taken to safely manage personal data
Companies are obligated to take measures to safely manage the personal data they handle to prevent problems such as leaks or loss (Article 20 of the Personal Information Protection Act).

According to the 2020 revision of the Personal Information Protection Act (enforced in April 2020), the contents of this "measures taken for the safe management of retained personal data" must be made known to the individual. It is necessary to add this point to the privacy policy (Article 8, Paragraph 1 of the Order for Enforcement of the Act on the Protection of Personal Information).

For example, details of each company's initiatives such as implementation of employee training for the safe management of retained personal data, regular inspection of the management status, formulation of handling regulations, introduction of mechanisms to protect against unauthorized access, etc. are described. I will do it.

Regarding this point, it is necessary to refer to the Personal Information Protection Commission's "Guidelines for the Act on the Protection of Personal Information (General Rules)" and consider the description based on the actual circumstances of each company.

*Please refer to the following for the Personal Information Protection Commission's "Guidelines for the Act on the Protection of Personal Information (General Rules)".

 

▶Reference information: Laws, guidelines, etc. “Guidelines for the Act on the Protection of Personal Information (General Rules)”
 

3-7, About joint use of personal data
When sharing and using personal data with group companies or business partners, it is legally required to notify the person or publicly announce the following items regarding the joint use of personal data (Article 23 of the Personal Information Protection Act). Article 5, item 3).

 

Joint use of personal data
Items of personal data used jointly
Scope of businesses that will be used jointly
Name of person in charge

 

Therefore, if personal data is to be shared and used with group companies or business partners, these items will be described in the privacy policy.

Please note that if there are no plans to share personal information, there is no need to fill in this item.

 

3-8, Regarding provision of personal data to third parties
If you plan to provide personal data to a third party without the consent of the person, you are legally required to notify the person or make public the following information (Article 23 of the Personal Information Protection Act). Section 2).

 

Providing personal data to third parties
Items of personal data provided to third parties
Method of provision to third parties
To stop providing information to a third party if requested by the person in question.
How to accept a request from the person to stop providing information to a third party

 

However, please note that due to the revision of the Personal Information Protection Act in September 2015, notification to the Personal Information Protection Commission is required when providing personal data to a third party without the consent of the individual. please.

Please refer to the article below for a detailed explanation of the impact of the September 2015 amendments to the Personal Information Protection Act on our privacy policy.

bottom of page