Privacy Policy

1. Basic Policy of Personal Information Protection for UNIADEX

Formulation: February 1, 2005
Latest revision: April 1, 2016

UNIADEX, Ltd. (hereinafter referred to as "the Company") will contribute creating high productive and valuable society through support clients' business with ICT total support services.
 
The Company recognizes the significance of appropriate handling and protection of personal information. Recognizing a company's social responsibility, we stipulate the basic policy of personal information protection below, we will have executives and regular employees of our group companies fully understand and adhere to it, and we will promote corporate activities by emphasizing compliance with laws and regulations.

  • 1We respect laws/ordinances, guidelines and other regulations enacted by the Japanese government about the handling of personal information. Also, we will appoint a "Chief Privacy Officer", in order to manage the appropriate handling of personal information.
  • 2We will acquire the limited personal information that is necessary for our business by lawful and fair means. We will do so after providing an explicit explanation of the purpose of how we will use it and a contact for the persons.
  • 3We will utilize the acquired personal information within the scope of specified purposes of utilization. The acquired personal information will not be utilized for purposes other than those specified, nor provided or disclosed to a third party without the person's consent, except where legally required. We will take measures accordingly. Also, in a case where we provide or disclose personal information to a third party by obtaining consent from the person concerned, we will take measures to ensure that the third party will appropriately manage it.
  • 4We will take necessary and appropriate security measures in order to prevent leakage, loss or damage of the personal information that we hold. In the case of any of these issues arising, we will identify the causes and take corrective measures without delay.
  • 5In a case where we entrust any third parties to handle personal information for our business, we will conclude an appropriate contract with the trustees and perform guidance and management to ensure that they will take reasonable security measures.
  • 6We will establish, implement and maintain a management system about personal information protection. Also, we will continue to review and enhance it.
  • 7We have established a section that deals with requests, inquiries, complaints or applications for consultation from the persons about the disclosure, correction, or deletion of their own personal information. Responses will be made appropriately and promptly.

UNIADEX, Ltd.
Representative Director, President & CEO
Ken Tanaka

2. Personal Information Handling

UNIADEX, Ltd.
Chief Privacy Officer
Senior Corporate Officer Kumiko Shirai

(1) Purposes of Acquiring and Utilizing Personal Information

Personal information is acquired and utilized by appropriate means pursuant to the Act on the Protection of Personal Information, among others. The Company utilizes the personal information that we acquire and retain for the below purposes. In a case where there is a need for utilizing personal information other than that which has been notified in advance, except for a case where the utilization is recognized as an exception pursuant to the Act on the Protection of Personal Information among others, we will obtain consent of the person again to utilize such information. Also, in a case where a person under 16 years of age or unable to understand right from wrong provides his/her personal information to us, his/her statutory representative, among others, needs to provide consent.

[1] In a case where we acquire such personal information concerning a person in the form of a written document directly from the person, the Company utilizes the personal information for the purposes below.

We explicitly show to the person fixed items such as the purpose of utilization by written documents (including a record made by an electronic method and a magnetic method) each time in advance, except for the cases below.

  • 1Cases in which the acquisition of personal information is urgently required for the protection of the life, body, or property of an individual. Or, cases in which it is required and in which it is difficult to obtain the consent of the person
  • 2Cases in which the life, body, property, or other rights or interests of the person or a third party are likely to be harmed
  • 3Cases in which the rights or legitimate interests of the Company are likely to be harmed
  • 4Cases in which it is necessary to cooperate with a state organ or a local government in executing the affairs prescribed by laws and regulations and in which notifying the person of the purpose of utilization or publicly announcing it, or obtaining the consent of the person are likely to impede the execution of the affairs
  • 5Cases in which it is considered that the purpose of utilization is clear in consideration of the circumstances of the acquisition
  • 6Cases in which the acquisition of personal information is based on laws and regulations
  • 7Cases in which the acquisition of personal information is specially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person

[2] In a case where we acquire personal information directly from the person by means other than written document, and in a case where we instead indirectly acquire it in the public domain or from a third party, the Company utilizes and keeps the personal information for the purposes below.

  • 1.Personal information of customer
    • Propose, sell, and provide products, services and supports
    • Introduce products and services dealt in by the Company
    • Introduce events among others (various kinds of seminar and exhibition) held (hosted, co-hosted, or co-sponsored) by the Company
    • Registration of the utilization of services provided by the Company
    • Deliver Web magazine
    • Communicate, negotiate business, hold meeting, and implement contract with customer
    • Respond to inquiry or request from customer
    • Management of implementation of training
    • Conduct various kinds of questionnaires
  • 2.Personal information of business partner
    • Communicate, negotiate business, hold meeting, and implement contract with business partner
    • Respond to inquiry or request from business partner
  • 3.Personal information of employee applicants / former employees of the Company
    • Provision of information to, communication with and notification of applicants
    • Acceptance procedure
    • Personnel management for former employees pursuant to internal regulations as stipulated by law (including employee welfare matters)
    • Provision of Company information, provision and/or distribution of information regarding social activities if necessary and other such kinds of management for former employees
  • 4.Others
    • Personal information that is acquired in public domain (gazette, websites, commercially available books and name lists among others) and from a third party
    • Personal information that the Company was entrusted to handle when implementing a project
    • In order to execute a contract with an entrusting party concerning system development, consultation and support services
    • Telephone-record information
    • In order to ensure the accuracy of telephone conversation and appropriately address to it
    • Logs and images recorded when entering and exiting the facilities of the Company
    • In order to manage security for preventing crime and disaster among others
    • Use purposes that were announced to the person and agreed to by him/her in advance

(2) Summary of Security Management Measures

Please find below the summary of security management measures that we have taken in order to protect personal information.

[1] Establishment of the Basic Policy

The Company established the Basic Policy about “compliance with relevant laws/ordinances, guidelines, etc.,” and "contact information for handling inquiries and complaints” in order to ensure the proper handling of personal data.

[2] Development of disciplines on the handling of personal data

The Company established rules on handling personal data to regulate the handling methods, responsible persons in charge (hereinafter also referred to as responsible officials) and handling person in charge (hereinafter also referred to as operators), their duties, etc. for each stage such as acquisition, use, storage, provision, deletion and disposal.

[3] Organizational security management measures

The Company appointed a responsible person in charge of handling personal data, appointed employees handling personal data, and clarified the scope of personal data handled by the employees, and developed a system for reporting to and informing the responsible person in charge in an event where a fact or signs of violating relevant laws as well as handling rules and regulations are known.
The Company has regularly implemented self-inspections about the situations of handling personal data by each department or division. Furthermore, the Company has implemented internal audits and taken JIPDEC examinations for renewing the Privacy Mark certificate.

[4] Human security management measures

The Company regularly provides employees with training on matters to be considered in handling personal data.
The Company stipulated matters about confidentiality of personal data in the employment rules.

[5] Physical security management measures

The Company has taken measures to manage the entrance and exit of employees, limit devices, etc. to be brought in, and prevent any unauthorized persons from viewing personal data, in areas where personal data is handled.
The Company has taken measures to prevent theft or loss of devices, electronic media, documents, etc. used for handling personal data. Furthermore, the Company has taken measures not to let personal data easily identified in a case of carrying around the devices, electronic media, etc. including a displacement within a business office.

[6] Technical security management measures

The Company has implemented access controls in order to limit persons in charge of handling personal data and the scope of personal information databases, etc. that they handle.
The Company has implemented mechanisms to protect information systems where personal data is handled from external irregular access or unauthorized software.

[7] Understanding of External Environments

Please see the descriptions below about the Company’s handling of personal data outside Japan.

(3) Handling of Personal Data in Foreign Countries

If it handles personal data in a foreign country, the Company takes necessary and appropriate measures in order to ensure security management of personal data. The measures are exemplified by its stipulating appropriate access controls in contracts pertaining to handling of personal data, based upon its understanding of a personal information protection system in the foreign country.
If it transfers personal data to a third party located in a foreign country (excluding foreign countries that have established a personal information protection system which has equivalent standards to that in Japan), the Company will obtain an identifiable person’s consent only after providing the person with information as it needs to provide pursuant to the Act on the Protection of Personal Information.
The Company will perform as aforementioned if it entrusts a third party that establishes a system as necessary for continuously taking measures equivalent to those that a business handling personal information must take.
If it does not obtain the identifiable person’s consent, the Company will take measures necessary to ensure that the third party continuously implements the equivalent measures, and it will also provide with the identifiable person information that needs to be provided pursuant to the Act on the Protection of Personal Information at the request of the person.
Please see the “Contact for Inquiry and Complaint Concerning Personal Information” below in order to receive the said information.

(4) Entrustment of Handling and Joint Utilization of Personal Information

[1] Entrustment of handling

When the Company entrusts all or part of business to a trustee, we may entrust the handling of personal information to the trustee within the necessary scope for achieving the purpose of utilization. In this case, we select and assign the trustee that meets the standards stipulated by us, and ensure secure management of personal information by concluding an agreement concerning the handling of the personal information and appropriately managing and supervising the trustee.

[2] Joint utilization

We may share with our group companies personal information of customers among others (name of person, name of company, name of department, telephone number, fax number, and e-mail address among others) that is needed when jointly performing business activities with our group companies. In this case, we advise the persons of the purpose of utilization in advance. Also, we appropriately manage the personal information pursuant to a treaty concerning the joint utilization of personal information concluded between us and our group companies in order to securely manage the personal information.

(5) Provision and Disclosure of Personal Information to a Third Party

As a rule, the Company does not provide, nor disclose to a third party the personal information that we have acquired, without obtaining consent of the person, except the below cases. In a case where we provide or disclose it to a third party by obtaining consent of the person, we take appropriate measures that the third party, which we provide or disclose the personal information to should protect the personal information.

  • 1Cases in which the provision and disclosure of personal information is based on laws and regulations
  • 2Cases in which the provision and disclosure of personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person
  • 3Cases in which the provision and disclosure of personal information is specially necessary for improving public health or promoting the sound growth of children, and in which it is difficult to obtain the consent of the person
  • 4Cases in which it is necessary to cooperate with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and in which obtaining the consent of the person might impede the execution of the affairs.
  • 5Cases in which the Company acquired the personal information of a person by obtaining the consent from the person to our forwarding the information
  • 6Cases in which the Company has made prior notifications to our executives and shareholders concerning fixed items including a transfer of their open personal information to a third party

(6) Procedure to Request Disclosure, etc.

Please refer to the above "Web Inquiry Form" when the person or his or her representative requests "notification of the purpose of utilization, disclosure, correction, addition or deletion, utilization discontinuation or erasure or discontinuation of provision to a third party (hereinafter referred to as 'disclosure, etc.')", concerning the "personal information subject for disclosure" that we hold. We will respond within a reasonable period of time and scope after confirming their identity.

(7) Contact for Inquiry and Complaint Concerning Personal Information

Please notify each contact section for solutions and services which the complaint, or consultation concerning the handling of personal information. If the contact section is not known, advise the below. The Company will respond after confirming the content.
 
Personal Information Inquiry Counter of UNIADEX, Ltd.
Web Inquiry Form (Japanese)

(8) "Authorized Personal Information Protection Organization" which the Company Belongs to and Contact Organization for Complaint Resolution

Name: Japan Institute for Promotion of Digital Economy and Community: JIPDEC

FAO: Personal Information Protection Consultation Service Office
Address: 12F Roppongi First Building, 1-9-9, Roppongi, Minato-ku, Tokyo 106-0032, Japan
Tel: 03-5860-7565 Toll Free: 0120-700-779

[Please note that this is not the contact information for inquiries related to the Company's products/services.]

3. Protection of Personal Information on the Website of the Company

As a rule, any persons can access the website of the Company without disclosing their personal information at all. However, they are kindly requested to understand in advance that if they do not provide their personal information, there are some contents and services that are not available to them.

(1) Secure Socket Layer, SSL for Preventing Tapping during Transmission

The personal information that is provided when making inquiries and applications is encrypted and protected by Secure Socket Layer SSL. If a browser that does not respond to SSL is utilized, the access to the website of the Company or the entry of information may not be possible.

(2) Cookies and Web Beacons as well as Access Logs

Cookies and web beacons are utilized and access logs are recorded in some pages of the company's website.

These functions are used for the purposes listed below:

  • Understanding behaviors of users of the website and measuring effects of advertisements; and
  • Solving issues that may occur in the website.
  • Cookie:

Function that can save the trouble of re-entry or display optimum contents for the sake of our users by storing their information in a browser. Our users can set their browsers in order to reject cookies or receive an alert when receiving cookies. However, in that case, they are kindly requested to note that they may not be able to use all or part of services of website pages.

  • Web beacon:

Technology that enables collecting statistics concerning the use rate of specific website page by understanding access status by visitors from their PC (often referred to as "Clear GIF")

  • Access log:

Access logs mean sets of records that indicate visitors' accesses such as URLs, IP addresses and domain names as captured through the use of cookies and web beacons.
There are cases where the company confirms access logs that represent histories of behaviors of users who click URLs described in promotional e-mails. Furthermore, the company refers the access logs to personal information of customers that it keeps. Any information obtained as a result of this operation will be used for the purposes described previously.

(3) Google Analytics

 Some pages on this website use Google Analytics to gather data on site usage. Google Analytics uses cookies to collect user information. However, the information collected by Google Analytics does not contain information which allows the identification of individuals. Google Analytics does not collect information which allows the identification of individuals without the user's consent. Please see here for the Google Analytics Terms of Service.

User information collected by Google Analytics is managed under Google's Privacy Policy. Please see here for Google's Privacy Policy. The Company shall not be liable for any damages arising from using the Google Analytics service.

(4) Link to Other Websites

The Company is not involved in contents of any other websites that are linked to our own. Please note that we are not in a position to take responsibility for handling and ensuring security of personal information in those websites.