Personal Information Protection Policy

Personal Information Protection Policy

 

 

Personal Information Protection Basic Policy
Personal information handling method
privacy mark

Personal Information Protection Policy

PP0-T-P101-04

Revised August 1, 2023
Enacted March 7, 2005
Microtec Corporation
Representative Director: Chisato Miyashita

We are fully aware of our social mission regarding the protection of all personal information handled by us in the course of our software contract development work, and we shall comply with all laws and regulations regarding the protection of the rights of the individual and personal information. In addition, we hereby declare that we have established a personal information protection management system to embody the following policies, and that we will make company-wide efforts to continuously improve the system while always being aware of the latest trends in information technology, changes in social demands, and fluctuations in the business environment.

1. Personal information Personal information shall be obtained, used, and provided only to the extent necessary for the Company’s legitimate business operations, employee employment, and personnel management, and shall be handled within the scope necessary to achieve the specified purposes of use, and measures shall be taken to ensure that personal information is not used for purposes other than those specified.

2. We will comply with laws, regulations, national guidelines, and other norms related to the protection of personal information.

3. We will not leak, lose, or destroy personal information. To prevent the risk of leakage, loss, or damage of personal information, we will continuously improve our personal information security system by injecting management resources that match the actual conditions of our business in order to prevent such risks by taking reasonable security measures. In the event of an emergency, we will promptly take corrective measures.

4. To respond to complaints and consultations regarding the handling of personal information. We will respond promptly, sincerely, and appropriately to complaints and consultations regarding the handling of personal information.

5. The personal information protection management system will be reviewed in a timely and appropriate manner in light of changes in the environment surrounding the Company, and improvements will be made on an ongoing basis.

This policy shall be distributed to all employees and made known to them, and shall be made available to anyone at any time by posting it on the Company’s website, pamphlets, etc.

That is all.


【Contact Information】
For inquiries regarding our privacy policy, please contact us at the following address.

5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo 141-0001, Japan  

Microtec Corporation Personal Information Inquiry Section

E-mail:privacy@microtech.co.jp(Hours of operation: 9:00-17:30*)

We will respond on the next business day or later, in case of Saturaday, Sunday, national holidays, the year-end and New Year holidays.

Personal information handling method

■Personal Information Handling Method

1.Name of Business
Microtech Co., Ltd
5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo
Representative Director Chisato Miyashita

2.Name or title of the administrator (or his/her representative), affiliation and contact information
Administrator name: Compliance Promotion Office manager
Personal Information Protection Manager Department: Compliance Promotion Office, Microtech Co., Ltd
E-mail:privacy@microtech.co.jp

3. Purpose of use of personal information Purpose of use of personal information

Classification  Purpose of use
 1) Purpose of use when personal information is obtained directly from documents or other media, including information obtained electronically from websites, e-mails, etc.
  Customer Information or delivery of products, related after-sales service, and sending information on new products and services in the software consignment development business
  Shareholder information For information disclosure, distribution, and contact
  Business partner information For business negotiations and business communications, ordering and billing operations
  Employee information For employee personnel and labor management, business management, health management, and security management
  Personal information of job applicants For contact and managing our recruitment operations
 2) Purpose of use when personal information is obtained indirectly from documents or other media, including information obtained electronically from websites, e-mails, etc. (This is not ‘retained personal data’ handled by our company.)
  Engineer information For managing engineers in the software development business
  Personal information of applicants for employment For contact and managing our recruitment operations

4. Provision of personal information to third parties
We will not provide your personal information to third parties except in the following cases
 1) When the person concerned has given consent
 2) When required by law
 3) When it is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the person in question.
 4) Cases in which the provision of personal information is especially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person in question
 5) Cases in which the handling of personal information is necessary for cooperating with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs prescribed by law, and in which obtaining your consent is likely to impede the execution of the relevant affairs.

5. Outsourcing the handling of personal information
In order to ensure the smooth execution of our business, we may outsource all or part of the handling of personal information within the scope necessary to achieve the purpose of use. In such cases, the Company will select a contractor that is deemed to handle personal information appropriately, and will make necessary arrangements in contracts, etc. to prevent leakage of customers’ personal information by appropriately managing personal information and maintaining confidentiality, and will have the contractor implement appropriate management of personal information.

6. Request for Disclosure of Personal Information
Customers may contact us regarding the disclosure of their personal information (notification of purpose of use, disclosure, correction/addition/deletion of content, suspension or deletion of use, suspension of provision to third parties). You can apply at the contact counter. In that case, we will respond within a reasonable period of time after confirming the customer’s identity. For details on requests for disclosure, etc., please see the “Guide to procedures for requesting retained personal data” posted on our website.

7. Acquisition of personal information by methods that are not easily recognizable by the customer
Our website uses cookies. Cookies are used to make it more convenient for customers to visit this site when they return, and do not infringe on the privacy of customers or have any adverse effect on their computers. Our website uses SSL (Secure Sockets Layer) data encryption for all areas where personal information is input.

【Contact Information】
Inquiries and complaints regarding customers’ personal information will be accepted at the following contact point.

 5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo 141-0001, Japan
 Microtech Corporation Personal Information Inquiry Section
 E-mail:privacy@microtech.co.jp (Hours of operation: 9:00-17:30*)

We will respond on the next business day or later, in case of Saturaday, Sunday, national holidays, the year-end and New Year holidays.

【Name of certified personal information protection organization and contact information for complaint resolution】

*We only accept complaints regarding the handling of personal information.

 1) Name of certified personal information protection organization

 Japan Information Economy and Society Promotion Association (JIPDEC)

 2) Where to apply for complaint resolution

 Personal Information Protection Consultation Service Office
 Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo
 TEL: 03-5860-7565/0120-700-779

 

■Information on procedures for requesting retained personal data

With respect to personal data held by our company, the person or his or her representative may request notification of the purpose of use of the personal information, disclosure, correction, addition or deletion of content, suspension of use, erasure, and provision to a third party. If there is a request for suspension or disclosure of records provided to a third party (hereinafter referred to as a “request for disclosure, etc.”), we will respond within a reasonable scope and within a reasonable period of time by following the procedures specified by our company.

1. Request for Disclosure, etc.

Contact for “Request for Disclosure, etc.

To make a “Request for Disclosure, etc.,” please send the Company’s prescribed request form together with the required documents and handling fee to the following address by postal mail.

 5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo 141-0001, Japan
 Microtech Corporation Personal Information Inquiry Section
 E-mail: privacy@microtech.co.jp (Hours of operation: 9:00-17:30*)

We will respond on the next business day or later, in case of Saturaday, Sunday, national holidays, the year-end and New Year holidays.

2. Request for Disclosure, etc. Documents to be submitted when making a “Request for Disclosure, etc.

To make a “Request for Disclosure, etc.”, please fill in all the prescribed items on the request form 1) and send it by mail with 2) enclosed. Please download the PDF file of the request form, print it out, and fill it in.

1) Our prescribed request form
    “Request form for disclosure of retained personal data”   (Download PDF file)
2) Documents for identification
Please enclose a copy of one of the following identification documents. (If the document includes permanent address and personal number, please black out all of the permanent address and personal number.)
  ① Driver’s license
  ② Passport
  ③ Basic resident register card
  ④ Alien registration card
  ⑤ Health insurance card
  ⑥ Other official documents that can verify your identity

3. “Request for Disclosure, etc.” by proxy

If the person making the “Request for Disclosure, etc.” is a proxy, please enclose a copy of the following documents in addition to the documents listed in 2. (If the document includes permanent address and personal number, please black out all of the permanent address and personal number.)
  ① A copy of family register
  ② Certificate of health insurance coverage
  ③ Certificate of registered matters
  ④ Other official documents that can confirm the authority of legal representation

4. Fees for “Requests for Disclosure, etc.” and other collection methods

Only in the case of a request for notification of purpose of use or disclosure, the following fee (including the cost of our reply) will be charged per request. Please enclose a postal fixed-sum money order for the following amount when mailing the request documents. (Fee amount: 1,000 yen)

5. Method of Response to “Request for Disclosure, etc.

In principle, we will respond in writing (by sealed envelope) to the address of the individual indicated on the request form.
If you wish to have disclosure, etc. in electronic data, please fill your e-mail address and indicates “electronic data request” on the request form.
*In the case of electronic data, as a general rule, it will be done by e-mail.

◇ In principle, the response will be sent in writing (by sealed envelope) to the address of the person indicated in the request. Personal information obtained in response to a “Request for Disclosure, etc.” will be handled only to the extent necessary to respond to the request for disclosure, etc.
◇ In the following cases, the Company will respond to the “Request for Disclosure, etc.”. In the following cases, we may not be able to respond to a “Request for Disclosure, etc.”. In such cases, we will notify you to that effect and the reason. Please be advised that a fee will also be charged in the case of non-disclosure.
  ① When the identity of the person in question or his/her representative cannot be verified.
  ② When the prescribed application documents are incomplete
  ③ If the subject of the request for disclosure, etc. does not fall under “retained personal data” (*)
  ④ When there is a risk of harm to the life, body, property, or other rights or interests of the person in question or a third party
  ⑤ If there is a risk of causing significant hindrance to the proper conduct of our business
  ⑥ When it would violate laws and regulations

*Retained personal data is personal information that constitutes a systematically structured collection of information, and our company will disclose, correct, add or delete content, suspend use, erase, and delete information requested by the individual. It has the authority to respond to all requests for suspension of provision to third parties. However, if any of the following a) to d) apply, it does not fall under retained personal data.
  a) Information that is likely to cause harm to the life, body, or property of the person concerned or a third party if its existence or nonexistence is revealed.
  b) Information that may encourage or induce illegal or unjust acts by revealing the existence or non-existence of such personal informatio
  c) Information that is likely to cause harm to national security, damage the relationship of trust with other countries or international organizations, or cause disadvantages in negotiations with other countries or international organizations, if its existence or non-existence is made public
  d) Cases in which the prevention, suppression, or investigation of crimes or the maintenance of public safety and order are likely to be disturbed if the existence or nonexistence of the relevant Personal Information is revealed

6. Personal information handling system and details of measures taken

a) Formulation of basic policy
In order to ensure the proper handling of personal data, we have established a “Personal Information Protection Policy” with regard to “compliance with relevant laws and guidelines, etc.,” “point of contact for handling questions and complaints,” etc.
b) Establishment of regulations regarding the handling of personal data
We have established personal information protection regulations regarding handling methods, persons in charge and their duties, etc. for each stage of acquisition, use, storage, provision, deletion/disposal, etc.
c) Organizational security control measures
  ① In addition to appointing a person responsible for the handling of personal data, we will clarify the employees who handle personal data and the scope of personal data handled by those employees, and will take action in the event that we learn of facts or signs of violations of laws or handling regulations. We have established a system for reporting to the person in charge.
  ② We regularly conduct self-inspections regarding the handling of personal data, and conduct audits by other departments and external parties.
d) Personnel safety management measures
  ① We provide regular training to employees regarding matters to be noted regarding the handling of personal data.
  ② All employees have submitted written pledges regarding confidentiality, including personal data.
e) Physical safety control measures
  ① In areas where personal data is handled, we control the entry and exit of employees, restrict the devices they bring in, and take measures to prevent personal data from being viewed by unauthorized persons.
  ② Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle personal data, and ensure that personal data is easily identified when such equipment, electronic media, etc. are carried around, including when moving within the office. We are taking steps to prevent this from happening.
f) Technical safety control measures
  ① We implement access control to limit the scope of personnel and personal information databases handled.
  ② We have introduced a mechanism to protect information systems that handle personal data from unauthorized access from outside or unauthorized software.
g) Understanding the external environment
When handling acquired personal data in a foreign country, we will implement appropriate security control measures after understanding the foreign country’s personal information protection system.

 

Privacy Mark

Microtech has been re-certified by the Japan Information Processing Development Corporation (JIPDEC) as a “Privacy Mark” company as of October 16, 2021.

As part of the information protection activities stated in our management policy, we have established a system to take appropriate protection measures for personal information and have been promoting efforts to handle such information accurately and safely.

For these activities, we received “Privacy Mark” certification from the Japan Institute for Promotion of Digital Economy and Community (JIPDEC) in October 2007, and we are now in the process of renewing the certification.

The Privacy Mark is granted to businesses that comply with the JIS Q 15001 personal information protection management system and handle personal information appropriately.