Under the principle that it is in a position to model appropriate handling of personal information as a company that contributes to society, Otsumo Co., Ltd. (“the Company”) recognizes the importance of handling personal information appropriately. It has established a privacy policy, which executive officers and employees will unite to observe, and will exert its utmost efforts to protect the personal information and the rights and interests of individuals.
- In the acquisition of personal information, the Company will specify as far as possible the purposes of use of the information and obtain personal information to the extend necessary for the achievement of those purposes.
- If personal information is obtained directly in writing (including by electromagnetic record) from the owner of the information (“Owner”), the Company will advise the name of the Company, Privacy Officer and contact details, purposes of use, and other details before obtaining the personal information within the necessary scope.
- The Company will use personal information for purposes of use within the scope consented to by the Owner. It will establish and implement procedures for taking the countermeasures needed to ensure that personal information is not used outside the purposes of use.
- The Company will manage the personal information it holds with appropriate methods and, except in cases pursuant to laws and ordinances, it will not disclose or provide the information to any third parties without the consent of the Owner.
- The Company will manage the personal information held to keep it accurate and up to date within the scope required for achieving the purpose of use and will employ reasonable security measures to prevent leaks, loss, and damage, etc. (“Leaks, etc.) of personal information in response to risks of such Leaks, etc. In addition, in the event of a Leak, etc., the Company will take immediate corrective action.
- If the Company outsources operations pertaining to the handling of personal information, it will make it compulsory for subcontractors to conclude a contract stating that it will not leak the information, provide it to a third party, etc. The Company will also conduct the necessary and appropriate management of subcontractors by checking the status of their security measures.
- The Company will establish an inquiries desk for complaints and consultations concerning personal information held and respond appropriately.
- The Company will comply with laws and ordinances concerning personal information and guidelines and other standards set forth by the national government.
- The Company will establish a privacy management system, which it will review periodically and improve on a continuous basis.
Established: July 7, 2018
Revised: February 21, 2022
Otsumo Co., Ltd.
Rei Matsunuma,
Representative Director
Inquiries about Privacy Policy
Otsumo Co., Ltd. Personal Information Reception Desk
3-22-1 Nakameguro, Meguro-ku, Tokyo, 153-0061
Tel: 03-6712-2511
Inquiry form: https://humanmade.jp/pages/contact/
The Company will obtain personal information by fair and lawful means and use such information within the scope of the “Purposes of Use” shown in the table below.
In the event that a purpose of use not included in the scope of the “Purposes of Use” arises, if the information has been obtained directly in writing, we will obtain the consent of the owner of the personal information (“Owner”) regarding the new purpose of use, and if the information has been obtained by other means, publicize the new purpose of use before using the information for that purpose.
Subject Information |
Purpose of Use |
Personal Information Held |
---|
Personal information submitted by the customer in the EC site business |
|
○ |
Personal information submitted by the customer concerning inquiries about services |
|
○ |
Personal information regarding business partners |
|
○ |
Personal information regarding current and former employees |
|
○ |
Personal information of recruitment applicants |
|
○ |
Personal information regarding complaints and consultations |
|
○ |
We will not provide personal information to any third party without the customer’s permission, except in cases where such information is provided in accordance with laws and regulations, etc.
In order to protect personal information, we take the following strict security measures for the management of personal information obtained by us. These measures include security control measures to prevent unauthorized access, disclosure, unauthorized use, alteration, or destruction, etc. of personal information.
- Formulation of Basic Policy
In order to ensure the proper handling of personal information, we have established and announced a “Personal Information Protection Policy” regarding compliance with relevant laws, regulations and guidelines, as well as a contact point for handling questions and complaints. - Establishment of Discipline on the Handling of Personal Information
For each stage of acquisition, use, storage, provision, deletion, disposal, etc., internal regulations, etc. have been formulated with respect to handling methods, responsible persons/persons in charge, and their duties, etc. - Organizational Safety Control Measures
In addition to appointing a personal information protection manager for the handling of personal information, we have clarified the employees who handle personal information and the scope of personal information handled by such employees and have established a system for reporting to the personal information protection manager in the event of the fact or indication of a violation of the Personal Information Protection Law, internal regulations, etc. We conduct periodic self-inspections of the status of personal information handling, as well as audits by other departments and outside parties. - Personal Safety Control Measures
We believe that our employees need to be aware of the laws and regulations, etc. in terms of personal information protection before they can perform their duties, and we provide training and other opportunities for our employees to improve the level of information security. In addition, matters concerning the confidentiality of personal information are stated in our internal regulations, etc. - 5. Physical Safety Control Measures
In the areas where personal information is handled, we control the entry and exit of employees, put restrictions on the devices they bring in, and take measures to prevent unauthorized persons from accessing personal information. We take measures to prevent theft or loss, etc. of equipment, electronic media and documents, etc. that handle personal information, as well as measures to ensure that personal information is not easily revealed when such equipment, electronic media, etc. are carried, including when they are moved within the business site. - 6. Technical Safety Control Measures
Access control is implemented to limit the scope of persons in charge and the databases, etc. which contain personal information to be handled. We have introduced a system to protect information systems that handle personal information from unauthorized access from outside or from unauthorized software. When accessing the system, physical and logical access restrictions are implemented to limit who can access the system. In addition, access logs are kept so that we can know who accessed where and when. - 7. Understanding of External Environment
We may provide personal data to foreign countries (including through outsourcing) in accordance with laws and regulations, and related rules. When providing personal data to foreign countries (including through outsourcing), we will confirm the status of the safety control measures of the recipient countries (Singapore, Canada and the United States of America) and give corrective instructions, etc. as necessary, based on our understanding of their systems for the protection of personal information.
<Legal System in Each Country>
https://www.ppc.go.jp/files/pdf/singapore_report.pdf
https://www.ppc.go.jp/files/pdf/canada_report.pdf
https://www.ppc.go.jp/files/pdf/USA_report.pdf
- If the Company receives a request from an Owner for the disclosure, amendment, addition, or deletion of the Owner’s personal information, the suspension or cancellation of its use, suspension of provision to a third party or notification of purpose of use (“Disclosure, etc.”), we will conduct an internal investigation and respond to such request without delay.
* However, depending on the nature of the request, we may not be able to comply with the Disclosure, etc. In such cases, we will respond with the reasons for that inability to comply. - Anyone wishing to request Disclosure, etc., is asked to follow the steps below and send the request by post. We may not be able to accept the request if the information in the request is deficient or insufficient. For requests for the disclosure or notification of use of personal information, we will ask you to pay an administration fee of 1,000 yen per request in the form of postage stamps.
- Any personal information received with the Request for Disclosure, etc. of Personal Information will be used to respond to the inquiry and will not be used for any other purpose.
Request by Owner |
To request disclosure, etc., please prepare the following documentation and send it by delivery-recorded post.
|
---|
Request by representative |
If the request for Disclosure, etc. is made by a statutory representative or a representative authorized by the Owner, please enclose the following documentation in addition to the documents stated above. For statutory representatives
For representatives authorized by Owner
|
---|
* If you have any questions about the details of Disclosure, etc., please inquire at the contact desk for Disclosure, etc. requests.
Name |
Otsumo Co., Ltd. |
---|
Address |
4-27-25 Yoyogi,Shibuya-ku, Tokyo-to 151-0053,Japan |
---|
Privacy Officer |
Director and CFO |
---|
Contact details |
Tel: 03-6712-2511 |
---|