Date of enactment: 1 June 2014
Date of final revision: 20 December 2018
Uzabase, Inc. (hereinafter “the Company”) provides information infrastructure supporting decision-making in business activities. The Company is aware of its social responsibility in protecting personal information that it handles, protects individual rights and interests, and observes rules and regulations concerning personal information. In order to realize the principles noted below, the Company shall build a personal information protection management system. The Company also hereby declares that the entire company will endeavour to continuously improve the system with constant awareness of the latest IT trends and changes in social requirements and business environment.
See here for the Company’s Information Security Policy :
Principle 1
The Company shall endeavour to specify the purpose for which personal information will be utilized. It will not handle personal information that is beyond the necessary scope to fulfill that purpose. The Company shall also take appropriate measures to achieve this.
Principle 2
The Company shall observe laws, ordinances, state policies, and other rules and regulations concerning personal information management.
Principle 3
The Company shall stipulate internal regulations concerning complaints and consultation requests regarding personal information management. The Company shall respond to such complaints and consultation requests swiftly and in good faith.
Principle 4
The Company shall endeavour to take necessary and appropriate measures to ensure the security of personal information, including the prevention and correction of instances of personal information leakage, loss, and damage.
Principle 5
The Company shall stipulate internal regulations concerning personal information protection and make appropriate revisions in a timely manner to promote constant improvements.
01Definition of Personal Information
The term “personal information” as used in the Privacy Policy (hereinafter referred to as “the Policy”) shall mean any information about a living individual, including name, date of birth, address, family structure, e-mail address, etc. that one can be identified with (including information which cannot be used on its own to identify an individual, but which, in combination with other information, can be used to identify an individual).
Nevertheless, in the event that Act No. 57 of the May 30 2003 Act on Protection of Personal Information (hereinafter referred to as “the Act”) and any of its relevant laws and ordinances are revised, the definition shall follow such revision(s).
02Purpose of Personal Information Utilisation
The Company uses personal information for the purposes listed below. In cases where changes in the purpose of utilisation are necessary, the Company will issue a notification or make a public announcement regarding such changes in a timely manner.
Personal information contained in employment contracts will only be used for the purpose of employment contract management.
Personal information of employees will only be used for the purpose of employment and human resource management.
Personal information of job applicants that is submitted to the Company will only be used for the purpose of applicant assessment. It should be noted that in the course of recruitment, the Company may receive job applicants’ personal information (e.g. past work experience) from employment agencies, however such personal information shall only be used for the purpose of recruitment and assessment, and will not be used for any other purposes.
Personal information of clients will be used for the purpose of business contact and business development and progress.
Personal information of subscribers to services that the Company operates and provides will be used for specified purposes in accordance with the terms and conditions of each service’s privacy policies.
03Provision of Personal Information to a Third Party
The Company systematically aggregates, organises, and classifies certain personal information that the Company acquires (hereinafter referred to as “Personal Data”) by adding lists and markers to enable the simplified search of Personal Data on computing machines. The Company does not provide Personal Data to any third parties except in the following cases:
In cases where prior consent on such action has been obtained;
In cases where such action is conducted in accordance with the Act and other laws and ordinances;
In cases where such action is necessary in order to protect individuals from life threats, physical injuries, and property damage, and where there is difficulty in obtaining the Subject’s consent;
In cases where personal information management is outsourced partially or wholly (including server storage) to an external enterprise in accordance with a business outsourcing contract, the Company will sign an agreement with the third party concerning personal information management and/or appropriately supervise the third party regarding security management of personal information;
In cases where business succession as a result of a merger or acquisition, company split, business transfer, etc. has taken place.
04Acquisition and Use of Personally Identifiable Information and Access History
In order to provide a better user experience and serve more relevant advertisements, including the distribution of advertisements from the Company’s group companies, the Company may acquire and use information for which specific identity cannot be determined, such as cookies, accessed URLs, and access history. There are also cases where the Company shares such information with advertisers, information suppliers, and service providers for the same purpose.
See here for examples of the main third-party services that are used by the Company’s services:
05Joint Utilisation of Personal Information
In order to provide better services, the Company will share and jointly utilise personal information with its affiliates as listed below under strict management and with appropriate security measures.
Commonly Used Personal Data
Personal Data that the Company acquires, such as name, e-mail address, company, and job title. Shared Users The Company and its group companies listed at the below link:
https://www.uzabase.com/en/company/Purpose for Shared Use
The Company and its group companies utilise Personal Data for the same purpose as stipulated in Section 2 above.
Responsible Party for Shared Usage of Personal Data
Uzabase, Inc. is the responsible party for managing Personal Data.
06Procedures for Consultation and Disclosure Requests Concerning Personal Information Management
If an individual has complaints and/or requests for disclosure, correction, and termination of use of their personal information, they should contact the Company, and the Company will respond to such requests when the individual’s identity has been confirmed.
07Procedures for Disclosure Requests
The following Personal Data can be disclosed by the Company upon request (hereinafter referred to as “Personal Data for Disclosure”):
Personal Data of users acquired by any of the Company’s business units (excluding Personal Data received from information providers or consignors for business operations outsourced to the Company);
Personal Data for use in customer/business partner registration;
Personal Data pertaining to employee management for all of the Company’s personnel;
Personal Data pertaining to those who apply for employment at the Company; however, Personal Data acquired from staffing agencies, such as the resumes of applicants, is not included in Personal Data for Disclosure and cannot be requested;
Personal Data pertaining to users who have made enquiries to the Company.
To request Personal Data for Disclosure, please contact the Company, after which you will be prompted to fill out and submit a form specified by the Company.
The Company must confirm the identity of the person requesting the Personal Data for Disclosure and there may be cases where a copy of an official identification document must be mailed to the Company for confirmation.
08Major Changes and Notifications
In case of major changes and notifications regarding personal information protection, the Company will make public announcements through its website and/or via other channels.
09Revisions of the Principles
In order to constantly improve its personal information management, the Company may change and revise the Principles, under which circumstances the Company shall release the revised Policy on the company website that it operates.
When such revision requires customers’ consent under relevant laws and ordinances, the Company shall obtain such consent in a manner designated by the Company.
10Personal Information Protection Supervisor
Contact for inquiries, complaints or requests for consultation regarding personal information: Uzabase, Inc. Executive Officer in Charge of Administration
On the Web:
By mail: Mitsubishi Building, 2-5-2 Marunouchi, Chiyoda-ku Tokyo, 100-0005, Japan