Article 1 (Acquisition of Personal Information)
- In this Policy, “Personal Information” means personal information as stipulated in Article 2(1)of the Act on the Protection of Personal Information (Act No. 57 of 2003, which will be referred to as “APPI”). The Company will clearly determine in advance its purposes of acquiring Personal Information within the scope of its legitimate business and acquire and use Personal Information in a lawful and fair manner to the extent necessary for achieving such purposes.
Article 2 (Personal Information to be Acquired)
(2) Account information (including e-mail address and password)
(3) Telephone number and contact information
(4) Other relevant information including a User’s payment status with the Services
(1) Contents, dates & times, and numbers of times concerning the use of the Services by a User, a User’s online behavior during such use, information related to a User’s use or browsing of the Services (including Cookie information, information of usage situations such as access log, login situations of a User’s account, a User’s movement situations, speaking hours, numbers of speaking times, and numbers of sending messages in the Services, numbers of recording times, the information of a terminal in use, OS information, positional information, IP address, browsing information, a User’s communication information such as browsing languages, but excluding contents spoken by a User, contents of messages sent or received by a User and movies distributed by a User), other information provided or input by a Subscriber or a User, information acquired through the use of the Services by a Subscriber or a User, and other data
- Unless expressly agreed by the User concerned or permitted by laws and regulations, the Company will not, in principle, acquire Personal Information containing the following contents.
(1) Matters concerning a thought, creed, or religion
(2) Matters which can be a cause of social discrimination, including those of races, ethnic groups, family origins, domiciles of origins (excluding information concerning a prefecture where a person is located), physical or mental disabilities, or criminal histories
(3) Matters concerning workers’ right to organize themselves, or their bargaining or actingcollectively
(4) Matters concerning the participation in a demonstration, or the exercise of the right to petitionor of any political rights(5) Matters concerning health or medical issues or sexual life
Article 3 (Purposes of Using Personal Information)
- The Company will use Personal Information which the Company acquires from a User in theServices as stipulated in the preceding Article for the following purposes.
(1) For providing and maintaining the Services including receiving applications for registration to the Services, verifying identities of users, and customer management
(2) For researching and analyzing relevant matters such as usage situations concerning the Services of the Company, or refining or improving the Services, for the purpose of theServices’ better convenience.
(3) For deliberating or providing relevant matters such as new projects concerning the Services, or developing new Services or new products of the Company
(4) For sending or providing relevant information including e-mail magazines concerning the Services of the Company, as part of marketing activities by the Company (including providing information concerning new Services or products provided by the Company, new Services or products of other companies recommended by the Company, sales campaigns on theseServices and products, and the Company’s seminars, lectures, and other events)
(5) For aggregating statistically processed pieces of acquired Personal Information, and using such statistically processed information for providing functions of the Services, improving the Services’ levels and R&D purposes.
(6) For conducting relevant operations such as of questionnaires concerning the current Services or new Services or products planned to be provided
(7) For delivering or indicating advertisements of the Company or a third party
(8) For delivering or indicating information of the Company’s products or Services to services provided by the Company or a third party
(10)For responding to enquiries or otherwise making contacts, and verifying identities (including responding to enquiries from or otherwise making contacts with a Subscriber or a User,making notifications of information on the Services, or communicating any other information necessary or useful for using the Services)
(11)For exercising rights or implementing obligations in accordance with relevant rules including laws, regulations, and agreements.
(12)For providing Personal Information to the third parties as stipulated in Article 5(2) in connection with the usage purposes as stipulated therein.
(13)For any other purpose incidental to the foregoing
Article 4 (Change of Purposes)
- The Company may change the purposes of using Personal Information as stipulated in the preceding Article; provided, that it is reasonably considered that new purposes after such change are relevant to those before such change.
- If the Company is to use such Personal Information beyond such purposes as stipulated in the preceding Article, the Company will obtain the consent of such User in advance.
- If such purposes in the preceding Article are changed, the Company shall inform Users of new purposes after such change by means prescribed by the Company or by publicizing on its website.
Article 5 (Third Party Provision of Personal Data)
- In principle, the Company will not provide personal data to third parties without the prior consent of the User concerned, except for the following cases.
(1) If the third-party provision is in accordance with laws and regulations.
(2) If the third-party provision is necessary for protecting human lives, properties, or assets and it is difficult to obtain the consent of the User concerned.
(3) If the third-party provision is especially necessary for improving public hygiene or promoting sound growth of children and it is difficult to obtain the consent of the User concerned.
(4) If the relevant business operator handling Personal Information is an academic or equivalent organization and it is necessary to provide the relevant personal data for the purpose of academic research (this type of provision includes cases where a part of the purpose to provide such personal data is for academic research and does not include cases where such provision might unjustly damage personal rights or interests; provided, that such relevant business operator handling Personal Information and the relevant third party jointly conduct academic research.).
(2) If the relevant Subscriber is a legal entity and such entity asks for information of contact persons of its related company including its parent company, group company or subsidiary, which is also a Subscriber.
(3) If the relevant User’s personal data is provided to third parties, such as payment agents or outsources, for purposes including payment of usage fees, responding to or contacting for inquiries from the relevant Subscriber or such User, or providing relevant post-sale services.
(4) If, for the purpose of resolving any dispute with a third party or protecting rights or interestsof the relevant User or a third party, information necessary for such purpose is disclosed.
(5) If the Company outsources its Services including research and analysis of matters such as usage situations of the Services.
(6) If the relevant User’s personal data is provided for delivering or indicating advertisements of the Company or a third party.
(7) If the relevant User’s personal data is provided for delivering or indicating information of theCompany’s products or Services to services provided by the Company or a third party
(8) For detecting or preventing unjust use.
(9) If the relevant User’s personal data is provided to an academic institution for academic research for the purpose including operating businesses or developing products, to the extent necessary.
Article 6 (Third-Party Service Providers)
- The Company may grant access to any User’s accounts and service data to the extent necessary for achieving the purposes as stipulated in Article 3. The Company will evaluate the potential risks of using a third-party service provider (“Subprocessor”) which has access to service data and conduct necessary and appropriate supervision.
- The Company’s Subprocessors and affiliated subsidiaries shall be provided in the “Subprocess or Terms and Conditions” which will be updated from time to time.
Article 7 (Personal Data Provision to Third Parties in Foreign Countries)
- When Users use the Services, the personal data of the Users are processed by the Company inJapan, where the Company’s primary processing facilities are located. The personal data of theUsers acquired at the time of the Users’ registration may directly be processed by the Company in Japan or transferred to the Company in Japan in order to provide the Services. In each case, theCompany takes care to use appropriate safeguards to ensure the Users’ personal data remain protected in compliance with data protection and privacy laws in the relevant jurisdictions.
- In some cases, a third party or Subprocessor (“Third Parties”) as stipulated in Articles 5 and the preceding Article is located in a foreign country. In such cases, the Company will obtain the relevant User’s consent by, in principle, providing such User with the name of such foreign country, such foreign country’s system for protecting Personal Information acquired through appropriate and reasonable means, and information on Third Parties’ measures for protectingPersonal Information, except for the following cases.
(1) If the relevant Third Parties are located in a country which the Personal Information ProtectionCommittee designates as a foreign country with a system for protection Personal Information at the same level as the equivalent system in Japan (such foreign country includes the U.K.and countries as stipulated in European Economic Area (EEA) agreement.).
(2) If the relevant Third Parties in a foreign country establish and maintain a system conforming to the standard required by the APPI (this includes cases where a CBPR certification of APECis obtained. In such cases, the Company will take measures necessary and appropriate to continuously maintain such system conforming to the standard and will provide the relevantUser with information on such necessary measures.).
- The Company provides Users’ personal data to Third Parties in foreign countries and takes measures necessary to secure continuous implementation of reasonable measures by such ThirdParties in accordance with Article 28(3) of APPI and Article 18(1) of the Enforcement Rules forAPPI. In order to find out about such necessary measures please contact the Company’s customer desk as stipulated in Article 18.
Article 8 (Cookie)
Article 9 (Notification of Personal Data Usage Purpose and Application for Disclosure, Correction, and Cessation of Use)
- If the Company receives an application for (i) notification or disclosure of usage purpose, (ii)correction, addition, or deletion of personal data, (iii) cessation of use or erasure of personal data,(vi) cessation of provision to third parties or disclosure of third party provision records in accordance with APPI concerning a User’s personal data retained by the Company, then theCompany will verify whether such applicant is such User and will make an appropriate response in accordance with the relevant laws and regulations including APPI.
- If a User wishes to make an application as stipulated in the preceding paragraph, please contact the customer desk as stipulated in Article 18.
- If an application does not meet the requirements of APPI or if any relevant laws and regulations allows the refusal of application including for disclosure and a ground for such refusal exists, then the Company may refuse such application. As for notification or disclosure of usage purpose, or disclosure of third-party provision records, the Company will charge such applicant for JPY 1,000(excluding tax) per application.
Article 10 (Security Management Measures)
- In order to prevent any personal data related problems such as leakage, loss, or damage, theCompany will take necessary and appropriate measures and manage personal data appropriately.Also, for safely managing personal data, the Company will conduct necessary and appropriate supervision over its employees and in cases of entrusting its handling of personal data, will conduct necessary and appropriate supervision so that such entrustee will safely manage such personal data.
- In handling personal data in foreign countries, the Company will regularly collect and understand information on systems and other relevant relieves for protecting Personal Information in such countries and take safety management measures and upon the relevant User’s request, will disclose information on such safety management measures to the extent not causing any problem.
- For providing the Services, the Company codifies information by using secure sockets layer (SSL). With SSL, input data will be codified in terminals, including devices, at use and then will flow through networks to registered computers.
Article 11 (Storage Term of Personal Information)
- The Company will store Personal Information acquired by the Company to the extent necessary to achieve the usage purpose or in accordance with laws and regulations. After the achievement of such usage purpose or the passage of statutory storage term, the Company will appropriately handle such Personal Information, including by deleting it or destroying relevant equipment and electronic media.
Article 12 (Handling of Minor’s Personal Information)
- . Notwithstanding the preceding paragraph, if it is found that the Company is in possession ofPersonal Information of a User under 18 years of age without the consent of a person who has parental authority of such User or is such User’s legal representative, then the Company will again request such User to obtain such person’s consent or take necessary measures such as usage cessation or erasure of Personal Information. Even if such User under 18 years of age cannot use the Services as a result, the Company will not be responsible
- This Policy will not be applicable to any websites or webpages represented by links on websites operated by the Company’s business alliance partners, outsources, or the Company. The Company will not be responsible for any problems on such websites or webpages. Users are required to check the handling of Personal Information on such websites or webpages by themselves.
Article 15 (Compliance)
- The Company will comply with laws and regulations including the laws and regulations of Japan applicable to Personal Information retained by the Company, provisions concerning the secrecy of communications in the Telecommunications Business Act, and other relevant laws and regulations as well as other norms including guidelines concerning the protection of PersonalInformation in telecommunications business.
Article 16 (Company Address and Representative’s Name)
- Address : “E”-bu 113-B, Motofuchu-machi, Nanao-shi, Ishikawa
- Representative’s name : Sae Hyung Jung
Article 17 (Customer Desk)
- Regarding inquiries, including questions and complaints, on the Company’s handling of Personal Information, please contact the customer desk below.
[Customer Desk on Personal Information]
[Effective on October 1, 2020.]
[Revised on November 15, 2021.]
[Revised on April 1, 2022.]
[Revised on June 9, 2022.]
[Revised on March 31, 2023.]
[Revised on June 14, 2023]
[Revised on September 1, 2023]