-
Basic Policy on the Protection of Personal Information
This website is intended to be used in Japan. For the content, the Terms of Use and the Privacy Policy of this website, those stated in the Japanese language only are effective and valid, and their translations are provided for reference. The translations shall not be used as the representations of compliance with laws and regulations of any country other than Japan.
Innophys Co., Ltd. (hereinafter referred to as "we," "our" or "us") will handle personal information obtained on this Website in accordance with this Policy when collecting, managing or using such information in the course of carrying out our business.
- I. Compliance with Laws and Regulations
- We shall faithfully comply with the Act on the Protection of Personal Information and other relevant laws and regulations as well as this Policy and appropriately handle personal information collected, managed or used in the course of business activities.
- II. Personal Information Handled by Us
-
1.We will handle the following types of personal information:
-
(1)Personal information related to business activities
We will properly obtain and strictly manage personal information in accordance with the Act on the Protection of Personal Information and other relevant laws and regulations as well as this Policy, and we will not use such information for any purpose other than the purpose of use stipulated in this Policy, in principle. -
(2) Personal information collected for the sake of our management and security
In order for us to carry out our business smoothly, as well as for the security of our business and staff, we may collect, store and use information, such as that sent by email or that related to requests for repair and other inquiries. Such information will be properly obtained and strictly managed in accordance with the Act on the Protection of Personal Information and other relevant laws and regulations as well as this Policy, and it will not be used for any purpose other than the purpose of use stipulated in this Policy, in principle.
2.Personal information collected shall be retained for a period specified by us and then disposed of in regular order. Records, such as resumes of persons who are not employed through our recruitment activities, will be immediately disposed of, and we will not retain this information.
Employee information will be stored for the period we are obliged to store it under the relevant laws and regulations and disposed of in regular order after the period. -
(1)Personal information related to business activities
- III. Purpose of Use of Personal Information
-
1.We will use the personal information obtained by us within the following scope of business activities and through the following means according to the classifications of personal information listed in the items of paragraph 1 of this Article:
-
(1)Personal information related to business activities
-
a. Scope of business activities for which information is used
Development, design, manufacturing and sale of long-term care and welfare devices
Development, design, manufacturing and sale of special industrial devices
Discovery of device development technology seeds and commercialization consulting
Acquisition, maintenance and management of intellectual property rights in and to device development technology seeds
Acquisition, maintenance and management of product authorization
To the extent necessary for our management, sales activities and technologies incidental to the above -
b. Means of using information
(i) To respond to inquiries and requests
(ii) To inform customers of our business
(iii) To provide reports of our business activities, communication and information on our business activities
(iv) To conduct a questionnaire survey for reasons such as to improve the services provided by us and to provide staff education
(v) To facilitate our business
(vi) To carry out other business in connection with the preceding items (i) through (v)
-
a. Scope of business activities for which information is used
-
(2)Personal information collected for the sake of our management and security
-
a. Scope of business activities for which information is used
Sales activities for and sale and repair of our products
Quality control and quality improvement for our products -
b. Means of using information
(i) To send catalogs, e-mail newsletters, direct mail, etc.
(ii) To respond to inquiries
(iii) To refer to the content of past inquiries
(iv) To respond to requests for trying on clothes or placement of orders
(v) To carry out after-sales services, repairs, etc.
(vi) To plan measures to improve customer satisfaction
(vii) To respond to issues accurately at the contact desk and to improve the quality of our responses
(viii) To request cooperation with questionnaire surveys
(ix) To send alerts
(x) To provide information on events
(xi) To provide information on benefits and to send benefits
(xii) For distributors to carry out sales activities
-
a. Scope of business activities for which information is used
2.If personal information is handled beyond the scope necessary to achieve the purpose of use specified under the provisions of the preceding paragraph, we shall obtain the prior consent of the person whose information is to be handled.
3.Notwithstanding the provisions of the preceding two paragraphs, we may use personal information beyond the scope necessary to achieve the specified purpose of use in any of the following cases:
- (1)When the use is based on laws and regulations;
- (2)When the use is necessary to protect the life, body or property of any person and it is difficult to obtain the consent of the person whose information is to be used;
- (3)When the use is particularly necessary to improve public health or promote the sound upbringing of children and it is difficult to obtain the consent of the person whose information is to be used; or
- (4)When the use is necessary to cooperate with a state agency, a local government or any person entrusted by the agency or government with administrative affairs, in performing the administrative affairs provided by laws and regulations, and the performance of such administrative affairs is likely to be hindered if we obtain the consent of the person whose information is to be used.
4.We may change the purpose of use of personal information to the extent reasonably deemed relevant to the original purpose of use. When we change the purpose of use, we will make public the purpose so changed in this Policy, except as otherwise provided for in laws and regulations.
-
(1)Personal information related to business activities
- IV. Proper Obtaining and Minimal Principles
-
1.We will legally and properly obtain personal information and not obtain any such information by fraudulent or other wrongful means.
2.Personal information obtained via this Website will be encrypted using SSL and sent to a server.
3.Except as otherwise provided for in laws and regulations, we shall not obtain personal information requiring special care without the prior consent of the person whose information is to be obtained.
4.We will obtain personal information only to the minimum extent necessary to achieve our purpose of use. We will also collect personal information through means such as questionnaires only to the extent necessary to obtain the results to be collected.
5.Notwithstanding the provisions of the preceding Chapter III, when we enter into an agreement with a person and on that occasion, obtain the person's personal information stated in the agreement or other documents (including electromagnetic records; hereinafter the same shall apply in this paragraph), or otherwise when we obtain a person's personal information stated in writing directly from the person, we will clearly explain to such person the purpose of use of the information in advance. However, if it is urgently necessary to protect the life, body or property of any person or if it is provided for in laws and regulations, we may not clearly explain the purpose of use.
- V. Ensuring Accuracy, etc. of Content of Personal Data
- We will make efforts to keep personal data accurate and up to date to the extent necessary to achieve the purpose of use, and when it becomes no longer necessary to use such data, we will erase it without delay.
- VI. Security Control Measures
- We will take preventive measures for personal data handled by us against unauthorized access, loss, falsification, leak or other misuse, as well as necessary and appropriate security control measures. We shall establish and enforce the necessary in-house rules for the security control measures.
- VII. Supervision of Employees
- When we have employees (meaning officers, company employees, contract employees, dispatched employees and all other persons who are engaged in our business in our offices, regardless of whether or not they have entered into employment agreements; hereinafter the same shall apply in this Policy) handle personal data, we shall exercise necessary and appropriate supervision over those employees to ensure the security control of the personal data. We will regularly provide all employees with education and training to have them thoroughly protect personal information.
- VIII. Selection and Supervision of Outsourcer
-
1.We may outsource to external business operators any services such as procedural, research or public relations services in the course of our business activities. When we outsource to an external business operator all or part of services handling personal data, we will establish the criteria for selecting an outsourcer from among business operators that are deemed to be able to properly and securely handle such data, and then we will select according to the criteria and enter into an appropriate outsourcing agreement with the outsourcer.
2.When we outsource all or part of services handling personal data, we will exercise necessary and appropriate supervision over the outsourcer to ensure the security control of the personal data for which the handling has been outsourced.
- IX. Provision to a Third Party
-
We will not provide any third party with personal data retained by us, in principle, except as consented to by the data subject. However, we may provide a third party with such data in any of the following cases:
- (1)When the provision is based on laws and regulations;
- (2)When the provision is necessary to protect the life, body or property of any person and it is difficult to obtain the consent of the data subject;
- (3)When the provision is particularly necessary to improve public health or promote the sound upbringing of children and it is difficult to obtain the consent of the data subject; or
- (4)When the provision is necessary to cooperate with a state agency, a local government or any person entrusted by the agency or government with administrative affairs, in performing the administrative affairs provided by laws and regulations, and the performance of such administrative affairs is likely to be hindered if we obtain the consent of the data subject.
- (1)When the provision is based on laws and regulations;
- X. Personal Information Protection Manager
- We shall appoint a personal information protection manager and establish a system to realize the protection of personal information for the management of such information.
- XI. Point of Contact for Complaints and Consultation
-
To complain or consult about the handling of personal information by us, please contact the following:
<Point of contact for complaints and consultation>
6th Floor, GRAN FIRST Kanda-Kon'yacho, 15 Kanda-kon'yacho, Chiyoda-ku, Tokyo, 101-0035, Japan
Innophys Co., Ltd.
Or please use the contact form on this Website.
- XII. Representation of Retained Personal Data
-
1.The following personal data shall be retained by us:
- (1)Customer list file;
- (2)File of emails received and sent;
- (3)Contact information file (personal data of persons who have contacted us and exchanged business cards with us); and
- (4)Purchase history file.
2.The business operator retaining such data shall be Innophys Co., Ltd.
3.Purpose of use of retained personal data
The provisions of the preceding Chapter III shall apply mutatis mutandis. - (1)Customer list file;
- XIII. Requests for Disclosure, etc. of Retained Personal Data
-
When a request is made using a given form, and we verify the identification of the requester through a copy of the resident card presented and determine that disclosure is appropriate according to the following classifications, then we shall disclose or otherwise deal with retained personal data:
1. Disclosure of retained personal data to the data subject
A data subject may request the disclosure of the data subject's personal data retained by us. However, we may not disclose retained personal data in whole or in part in any of the following cases:- (1)When the disclosure is likely to damage the life, body, property or other rights or interests of the data subject or a third party;
- (2)When the disclosure is likely to significantly hinder the proper conduct of our business; or
- (3)When the disclosure results in a violation of other laws and regulations.
2.Correction, etc., of retained personal data
If a data subject considers that the content of the data subject's personal data retained by us is not true, the data subject may make a request for correction, addition or deletion (hereinafter referred to as the "Correction, etc.") of such retained personal data. However, as a result of the necessary investigation conducted by us without delay, if the content of the data is not incorrect or we determine that the Correction, etc., is not necessary for the achievement of the purpose of use, we may not make the Correction, etc.3.Suspension of use, etc. of retained personal data
If a data subject's personal data retained by us is handled beyond the scope necessary to achieve the purpose of use, obtained by fraudulent or other wrongful means, or provided to third parties without the consent of the data subject or other justifiable grounds, the data subject may make a request for suspension of use or erasure (hereinafter referred to as the "Suspension of Use, etc.") of such retained personal data. However, if a large amount of expenses are required for the Suspension of Use, etc., or it is difficult to carry out the Suspension of Use, etc., we may not carry out the Suspension of Use, etc., and take alternative measures.4.Procedures for disclosure, etc.
A data subject who requests the disclosure, Correction, etc., or Suspension of Use, etc., of retained personal data shall make the request to the following point of contact for requesting disclosure, etc., using the form provided by us. At that time, please also present any document by which the data subject can be identified.5.We are making public the purpose of use of retained personal data, and accordingly, we will not individually deal with a request for disclosure.
<Point of contact to request disclosure, etc.>
6th Floor, GRAN FIRST Kanda-Kon'yacho, 15 Kanda-kon'yacho, Chiyoda-ku, Tokyo, 101-0035, Japan
Innophys Co., Ltd.
<Procedures for disclosure, etc.>
List of documents to be submitted-
(1)Request form for disclosure, etc., of the retained personal data
Matters required to be stated
(i) Name of the data subject and seal identical to such name affixed
(ii) Address of the data subject
(iii) Classification of the identity verification document
(iv) Requested matter
(v) Reasons for the request: In cases of a request for disclosure, state information on the data subject who is requesting disclosure and specify the time of provision to us (as far as possible); in cases of a request for the Correction, etc., state accurate information on the Correction, etc.; and in cases of a request for the Suspension of Use, etc., the reasons for the request
(vi) Name of the agent and seal identical to such name affixed
(vii) Address of the agent The above items (vi) and (vii) are not required in cases of a request by the data subject.
- (2)Identity verification document (an original copy of the data subject's resident card, or a copy of the data subject's driver's license, passport or certificate of the insured person of health insurance)
- (3)Return envelope (with the address that is stated on the identity verification document, such as the data subject's resident card)
- (4)In cases of a request by an agent, a document certifying proxy (a certified copy of the family register in cases of a statutory agent, or a power of attorney in cases of any agent)
- (1)When the disclosure is likely to damage the life, body, property or other rights or interests of the data subject or a third party;
- XIV. Continuous Improvement
-
1. We will continuously examine, review and improve the handling of personal information by us to put the above clauses into practice.
2. We will review this Policy from time to time to properly handle personal information, and on modifying this Policy, we will promptly make the modified Policy public.