PRIVACY POLICY

Personal Information Protection Policy

We recognize that the protection and appropriate management of personal information are important social responsibilities in the development of each of our businesses. Tasuki Holdings Inc. (the “Company”) has established the following personal information protection policy (the “Policy”), which the Company implements and maintains.

1. Basic policy

The Company respects and complies with the laws, regulations, and social norms regarding the protection of personal information and strives to handle and protect personal information appropriately.

2. Collection of Personal Information

(1) Customers’ personal information
  1. a. Information provided by customers in connection with various transactions, such as names, e-mail addresses, and other information customers input in entry forms specified by the Company.
  2. b. Information provided by customers through questionnaires conducted by the Company, inquiries to the Company, and other similar methods.
  3. c. Personal information, including cookies, access logs, and device information collected by the Company when customers use the Company’s services.
(2) Shareholders’ personal information
Information provided by shareholders directly or through the shareholder registry administrator such as names, addresses, number of shares held, and other related information.
(3) Employees’ personal information
Information collected from employees, including names, addresses, ages, dates of birth, gender, telephone numbers, annual income, monthly income, bonus, retirement benefits, family structures, dependents, health status, etc.
(4) Job applicants’ personal information
Information disclosed or provided to the Company or the Company’s contractors by job applicants upon hiring, including names, addresses, ages, dates of birth, gender, telephone numbers, e-mail addresses, occupations, relationships, etc.

3. Use of Personal Information

The Company may use the collected personal information for the following purposes:

(1) Customers’ personal information
  1. a. Plan, develop, and provide services, including maintenance, monitoring, and improvement of services.
  2. b. Identity verification and authentication services.
  3. c. Communicate necessary information such as important notices regarding services.
  4. d. Respond to inquiries and requests.
  5. e. Improve Company services and develop new services, including creating and analyzing statistical information processed into non-identifiable information and surveys for marketing needs.
  6. f. Send information on Company products, services, campaigns, and events, via phone calls, e-mails, direct mail, etc.
  7. g. Conduct questionnaire surveys to improve services.
  8. h. Send e-mail newsletters.
  9. i. Determine whether the customer is associated with antisocial forces.
  10. j. Analyze information on service usage and access logs, and provide information or display advertisements regarding products and services that match the customer’s interests and preferences.
  11. k. Fulfill other purposes incidental to the above.
(2) Shareholders’ personal information
  1. a. Exercise rights and perform obligations under the Companies Act and other laws and regulations.
  2. b. Provide various benefits, including various shareholder special benefit plans and others.
  3. c. Implement various measures to facilitate relationships with shareholders (e.g., questionnaires).
  4. d. Manage shareholder information based on the Companies Act and other laws and regulations.
(3) Employees’ personal information
  1. a. Facilitate internal business communication and equipment and facilities management.
  2. b. Manage personnel, including transfers, personnel evaluations, awards, and disciplinary actions.
  3. c. Handle labor management tasks.
  4. d. Administer work related to wages, bonuses, retirement allowances, and corporate pensions.
  5. e. Administer education and training.
  6. f. Administer welfare and benefit programs.
  7. g. Administer safety, health, and health management.
  8. h. Administer work related to employment insurance and social insurance.
  9. i. Conduct investigations, maintain records and notifications, and submit reports based on laws and regulations, including taxation and social security.
  10. j. Administer work related to the shareholding association.
  11. k. Fulfill other purposes incidental to the above purposes of use.
(4) Job applicants’ personal information
  1. a. Provide and communicate recruitment information to job applicants (including interns).
  2. b. Manage recruitment operations and respond to inquiries at the Company.

4. Provision of Personal Information to Third Parties

The Company may provide personal data ( as defined in the Act on the Protection of Personal Information)to a third party in the following cases:

  1. a. When the consent of the individual has been obtained.
  2. b. When permitted by laws and regulations.
  3. c. When outsourcing all or part of our operations to a third party to the extent necessary to achieve the purposes set forth in 3 “Use of Personal Information”.

5. Provision to Third Parties Located in Foreign Countries

The Company may provide personal data to cloud service providers and other operators located outside of Japan. In such cases, the Company will obtain prior consent from the customer, except in the following cases:

  1. a. When the third party is located in a country that is stipulated by law or regulation as having a personal information protection system equivalent to that of Japan.
  2. b. When the third party has established a system necessary to continuously implement measures equivalent to those required of business operators handling personal information in Japan.
    In the case of b. above, the Company will take necessary and appropriate measures to ensure the continuous implementation of the corresponding measures by the third party. If you wish to confirm the details of such measures, please inquire through the “Contact for Inquiries about Personal Information” in 10. of this document.

6. Security Control Measures

The Company will properly and carefully manage the personal data it holds and appropriately implement organizational security control measures, physical security control measures, human security control measures, and technical security control measures. It will also understand the external environment to prevent unauthorized access to personal information resulting in leakage, loss, falsification, or any form of unauthorized manipulation of it.

(1) Organizational security control measures
The Company has established an organizational management system by building a management system. This includes designating a personal information protection manager, a personal information protection audit manager, and a person in charge of handling personal information. We have developed internal rules and manuals for handling personal information, and the continuous monitoring and improvement of the status of compliance with those.
(2) Physical security control measures
The Company implements various measures, including controlling access to areas where information is managed, as well as locking and restricting access to personal data when it is stored.
(3) Human security control measures
The Company provides training and education to all officers and employees who handle personal data, personal information databases, and other sensitive data.
This training raises awareness of personal information protection, ensures confidentiality pledges are obtained, and includes supervision and audits to ensure the effectiveness of these measures.
(4) Technical security control measures
The Company has taken technical security control measures, such as access control, including identity checks, authority management, control, and recording when accessing personal data and personal information databases, etc., anti-virus measures for systems, measures against unauthorized software, encryption upon transmission/reception of information, and information system management.
(5) Understanding the external environment
When handling personal data in a foreign country, the Company will implement security control measures after understanding the systems for personal information protection in that country. For more information, such as whether personal information is handled in a foreign country, please inquire through the “Contact for Inquiries about Personal Information” in 10. later in this document.

7. Outsourcing of Personal Data Handling

The Company may outsource the handling of personal data it holds to outside parties. In such cases, the Company will select a party that has taken sufficient measures to protect personal data and provide necessary and appropriate supervision of the contractor.

8. Use of Google Analytics

The Company uses Google Analytics, an access analysis service provided by Google LLC to understand and analyze the usage of the Company’s website.
Google Analytics uses cookies to collect information about users. Information collected by Google Analytics is managed by Google LLC in accordance with its Terms of Use and Privacy Policy.

For more information on how data is collected and processed by Google Analytics, please see “How Google uses information from sites or apps that use our service” below. If users do not wish Google Analytics to collect information through the Company’s website, they can opt out by changing the settings through the “Google Analytics opt-out browser add-on” below. (If Google LLC changes the URL, it shall refer to the URL after the change.)

Google Analytics Terms of Service
https://marketingplatform.google.com/about/analytics/terms/us/
Google Privacy Policy
https://policies.google.com/privacy?hl=en
How Google uses information from sites or apps that use our services
https://policies.google.com/technologies/partner-sites?hl=en
Google Analytics Opt-out Browser Add-on
https://tools.google.com/dlpage/gaoptout?hl=en

9. Procedures for Disclosure, Correction, etc. of Retained Personal Data

When the Company receives a request from an individual for notification of the purpose of use or disclosure of retained personal data (retained personal data as defined in the Act on the Protection of Personal Information) or records of provision of data to a third party, it will notify or disclose such information to the individual without delay. However, this will not apply in cases where the Company is not obligated to disclose such information under the Act on the Protection of Personal Information or other laws and regulations. If the Company decides not to notify or disclose the information, or if the requested information does not exist, the individual will be informed accordingly. When requesting notification or disclosure, the individual must submit the following identification documents and pay a handling fee of 1,000 yen (excluding tax) per request.
One of the following documents:
・A copy of passport
・A copy of driver's license (both sides)
Two of the following documents:
・A copy of health insurance card
・A copy of pension book
・An original copy of residence certificate
・An original copy of seal registration certificate
Additionally, if an individual requests correction, addition, deletion, suspension of use, elimination, suspension of provision to third parties, or make any other requests based on legally recognized rights regarding their personal data retained (collectively, the “Correction, etc.”), we will respond to the request within a reasonable period of time after confirming the identity of the individual. If the Company decides not to make the Correction, etc., it will notify the individual to that effect. However, this will not apply in cases where the Company is not obligated to make the Correction, etc., under the Act on the Protection of Personal Information or other laws and regulations. When requesting the Correction, etc., the individual must submit the identification documents listed above.
There will be no charge for requesting the Correction, etc. of retained personal data. For methods and procedures for requesting the Correction, etc., of retained personal data, please inquire through the “Contact for Inquiries about Personal Information” in 10. below.

10. Contact for Inquiries about Personal Information

For any comments or questions regarding the Policy or the Company’s handling of personal information, please contact us at:
Tasuki Holdings Inc.
Nissho Building 2F, 2-7-9, Kita-Aoyama, Minato-ku, Tokyo
Phone: +81-(0)3-6812-9330 (9:00-18:00 JST, excluding Saturdays, Sundays, holidays, and other company holidays)
E-mail: info@tasuki-holdings.co.jp
11. Revision of the Policy
The Company may revise the Policy, as necessary. If the Company revises the Policy, it will post the revised Policy on the Company's website.
Established: April 1, 2014
Yu Kashiwamura
Representative Director and President
Tasuki Holdings Inc.
Nissho Building 2F, 2-7-9, Kita-Aoyama, Minato-ku, Tokyo