Personal Information Protection Policy

Personal information handling method

■Personal Information Handling Method

1.Name of Business
Microtech Co., Ltd
5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo
Representative Director Chisato Miyashita

2.Name or title of the administrator (or his/her representative), affiliation and contact information
Administrator name: Personal information protection administrator
Personal Information Protection Manager Department: Compliance Promotion Office, Microtech Co., Ltd
E-mail：privacy@microtech.co.jp

3. Purpose of use of personal information Purpose of use of personal information

Classification		Purpose of use
1)	Purpose of use when personal information is obtained directly from documents or other media, including information obtained electronically from websites, e-mails, etc.
	Customer Information	or delivery of products, related after-sales service, and sending information on new products and services in the software consignment development business
	Shareholder information	For information disclosure, distribution, and contact
	Business partner information	For business negotiations and business communications, ordering and billing operations
	Employee information	For employee personnel and labor management, business management, health management, and security management
	Personal information of job applicants	For contact and managing our recruitment operations
2)	Purpose of use when personal information is obtained indirectly from documents or other media, including information obtained electronically from websites, e-mails, etc.
	Engineer information	For managing engineers in the software development business
	Personal information of applicants for employment	For contact and managing our recruitment operations

4. Provision of personal information to third parties
We will not provide your personal information to third parties except in the following cases
 1) When the person concerned has given consent
 2) When required by law
 3) When it is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the person in question.
 4) Cases in which the provision of personal information is especially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person in question
 5) Cases in which the handling of personal information is necessary for cooperating with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs prescribed by law, and in which obtaining your consent is likely to impede the execution of the relevant affairs.

5. Outsourcing the handling of personal information
In order to ensure the smooth execution of our business, we may outsource all or part of the handling of personal information within the scope necessary to achieve the purpose of use. In such cases, the Company will select a contractor that is deemed to handle personal information appropriately, and will make necessary arrangements in contracts, etc. to prevent leakage of customers’ personal information by appropriately managing personal information and maintaining confidentiality, and will have the contractor implement appropriate management of personal information.

6. Request for Disclosure of Personal Information
Customers may contact us regarding the disclosure of their personal information (notification of purpose of use, disclosure, correction/addition/deletion of content, suspension or deletion of use, suspension of provision to third parties). You can apply at the contact counter. In that case, we will respond within a reasonable period of time after confirming the customer’s identity. For details on requests for disclosure, etc., please see the “Guide to procedures for requesting retained personal data” posted on our website.

7. Voluntary provision of personal information
Whether or not you provide us with your personal information is at your discretion. However, if you do not provide us with the required information, we may not be able to provide you with our services in an appropriate manner.

8. Acquisition of personal information by methods that are not easily recognizable by the customer
Cookies are used to make it more convenient for customers to visit this site when they return, and do not infringe on the privacy of customers or have any adverse effect on their computers. 　The Company’s website uses SSL (Secure Sockets Layer) data encryption for all areas where personal information is input. In addition, we have adopted measures such as installing firewalls to protect information within the site. However, due to the nature of Internet communications, we cannot guarantee complete security. Please understand this in advance.

9. Details of personal information handling system and measures taken

【Contact Information】
Inquiries and complaints regarding customers’ personal information will be accepted at the following contact point.

　5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo 141-0001, Japan
　Microtech Corporation Personal Information Inquiry Section
　E-mail：privacy@microtech.co.jp (Hours of operation: 9:00-17:30*)

We will respond on the next business day or later, in case of Saturaday, Sunday, national holidays, the year-end and New Year holidays.

【Name of certified personal information protection organization and contact information for complaint resolution】

*We only accept complaints regarding the handling of personal information.

 1) Name of certified personal information protection organization

　Japan Information Economy and Society Promotion Association (JIPDEC)

 2) Where to apply for complaint resolution

　Certified Personal Information Protection Organization Secretariat
　Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo
　TEL: 03-5860-7565/0120-700-779

 

■Information on procedures for requesting retained personal data

With respect to personal data held by our company, the person or his or her representative may request notification of the purpose of use of the personal information, disclosure, correction, addition or deletion of content, suspension of use, erasure, and provision to a third party. If there is a request for suspension (hereinafter referred to as a “request for disclosure, etc.”), we will respond within a reasonable scope and within a reasonable period of time by following the procedures specified by our company.

1. Request for Disclosure, etc.

Contact for “Request for Disclosure, etc.

To make a “Request for Disclosure, etc.,” please send the Company’s prescribed request form together with the required documents and handling fee to the following address by postal mail.

　5-9-41 Kitashinagawa, Shinagawa-ku, Tokyo 141-0001, Japan
　Microtech Corporation Personal Information Inquiry Section
　E-mail: privacy@microtech.co.jp (Hours of operation: 9:00-17:30*)

We will respond on the next business day or later, in case of Saturaday, Sunday, national holidays, the year-end and New Year holidays.

2. Request for Disclosure, etc. Documents to be submitted when making a “Request for Disclosure, etc.

To make a “Request for Disclosure, etc.”, please fill in all the prescribed items on the request form 1) and send it by mail with 2) enclosed. Please download the PDF file of the request form, print it out, and fill it in.

1) Our prescribed request form
　 　 “Request form for disclosure of retained personal data” 　 (Download PDF file)
2) Documents for identification
Please enclose a copy of one of the following identification documents. (If the document includes permanent address and personal number, please black out all of the permanent address and personal number.)
　 ① Driver’s license
　 ② Passport
　 ③ Basic resident register card
　 ④ Alien registration card
　 ⑤ Health insurance card
　 ⑥ Other official documents that can verify your identity

3. “Request for Disclosure, etc.” by proxy

If the person making the “Request for Disclosure, etc.” is a proxy, please enclose a copy of the following documents in addition to the documents listed in 2. (If the document includes permanent address and personal number, please black out all of the permanent address and personal number.)
　 ① A copy of family register
　 ② Certificate of health insurance coverage
　 ③ Certificate of registered matters
　 ④ Other official documents that can confirm the authority of legal representation

4. Fees for “Requests for Disclosure, etc.” and other collection methods

Only in the case of a request for notification of purpose of use or disclosure, the following fee (including the cost of our reply) will be charged per request. Please enclose a postal fixed-sum money order for the following amount when mailing the request documents. (Fee amount: 1,000 yen)

5. Method of Response to “Request for Disclosure, etc.

In principle, we will respond in writing (by sealed envelope) to the address of the individual indicated on the request form.
If you wish to have disclosure, etc. in electronic data, please fill your e-mail address and indicates “electronic data request” on the request form.
*In the case of electronic data, as a general rule, it will be done by e-mail.

◇ In principle, the response will be sent in writing (by sealed envelope) to the address of the person indicated in the request. Personal information obtained in response to a “Request for Disclosure, etc.” will be handled only to the extent necessary to respond to the request for disclosure, etc.
◇ In the following cases, the Company will respond to the “Request for Disclosure, etc.”. In the following cases, we may not be able to respond to a “Request for Disclosure, etc.”. In such cases, we will notify you to that effect and the reason. Please be advised that a fee will also be charged in the case of non-disclosure.
　 ① When the identity of the person in question or his/her representative cannot be verified.
　 ② When the prescribed application documents are incomplete
　 ③ If the subject of the request for disclosure, etc. does not fall under “retained personal data” (*)
　 ④ When there is a risk of harm to the life, body, property, or other rights or interests of the person in question or a third party
　 ⑤ If there is a risk of causing significant hindrance to the proper conduct of our business
　 ⑥ When it would violate laws and regulations

*Retained personal data is personal information that constitutes a systematically structured collection of information, and our company will disclose, correct, add or delete content, suspend use, erase, and delete information requested by the individual. It has the authority to respond to all requests for suspension of provision to third parties. However, if any of the following a) to d) apply, it does not fall under retained personal data.
　 a) Information that is likely to cause harm to the life, body, or property of the person concerned or a third party if its existence or nonexistence is revealed.
　 b) Information that may encourage or induce illegal or unjust acts by revealing the existence or non-existence of such personal informatio
　 c) Information that is likely to cause harm to national security, damage the relationship of trust with other countries or international organizations, or cause disadvantages in negotiations with other countries or international organizations, if its existence or non-existence is made public
　 d) Cases in which the prevention, suppression, or investigation of crimes or the maintenance of public safety and order are likely to be disturbed if the existence or nonexistence of the relevant Personal Information is revealed

6. Personal information handling system and details of measures taken

a) Formulation of basic policy
In order to ensure the proper handling of personal data, we have established a “Personal Information Protection Policy” with regard to “compliance with relevant laws and guidelines, etc.,” “point of contact for handling questions and complaints,” etc.
b) Establishment of regulations regarding the handling of personal data
We have established personal information protection regulations regarding handling methods, persons in charge and their duties, etc. for each stage of acquisition, use, storage, provision, deletion/disposal, etc.
c) Organizational security control measures
　 ① In addition to appointing a person responsible for the handling of personal data, we will clarify the employees who handle personal data and the scope of personal data handled by those employees, and will take action in the event that we learn of facts or signs of violations of laws or handling regulations. We have established a system for reporting to the person in charge.
　 ② We regularly conduct self-inspections regarding the handling of personal data, and conduct audits by other departments and external parties.
d) Personnel safety management measures
　 ① We provide regular training to employees regarding matters to be noted regarding the handling of personal data.
　 ② All employees have submitted written pledges regarding confidentiality, including personal data.
e) Physical safety control measures
　 ① In areas where personal data is handled, we control the entry and exit of employees, restrict the devices they bring in, and take measures to prevent personal data from being viewed by unauthorized persons.
　 ② Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle personal data, and ensure that personal data is easily identified when such equipment, electronic media, etc. are carried around, including when moving within the office. We are taking steps to prevent this from happening.
f) Technical safety control measures
　 ① We implement access control to limit the scope of personnel and personal information databases handled.
　 ② We have introduced a mechanism to protect information systems that handle personal data from unauthorized access from outside or unauthorized software.
g) Understanding the external environment
When handling acquired personal data in a foreign country, we will implement appropriate security control measures after understanding the foreign country’s personal information protection system.