Privacy Policy

We collect and use personal information solely to the extent required to achieve the following purposes. If we ever use personal information in a manner beyond the following scope, we will obtain the subject individual’s consent before doing so.

[Consulting / Software development / System management / Cloud・Security / BPO business]
（１）Communications required for contract-based business.
（２）Various information and questionnaire surveys regarding exhibitions and seminars in which we participate in.
（３）Notifications and questionnaires regarding our products and services.
（４）Response to various queries and comments.
（５）Implementation of information processing services, etc. based on the consignment contract with the consignor.
[Management of shares]
（６）Exercise of voting rights and fulfillment of duties under the Companies Act
（７）Provision of various benefits
（８）Implementation of various shareholder measures
（９）Shareholder management
[Employee Management]
（10）HR management (including human resource evaluations and management of labor, salaries and other remuneration, and health, as well as welfare benefits usage)
（11）Personnel management (certification management, personnel training, placement and transfer, skill evaluations, and management of education and training)
（12）Consigned operations (providing resumes and documentation for supervisors and co-planning personnel)
（13）Correspondence with government organizations and industry groups (reporting to dispatcher supervisors, health supervisors, submitting agreements, tabulating various statistics）
（14）Safety management (making photo IDs for entry and management of entry and exit (including monitoring information and video) and access management)
（15）Advertising activities (posting photos, video, and audio to the company homepage, group bulletins, etc.)
（16）Handling complaints, litigation, etc.
[Recruitment Activities]
（17）Confirmation of applicants related to recruitment activities
（18）Notifications for interview examinations, explanatory sessions, seminars, and events
（19）Notifications for employment examination results
（20）Hiring procedures and management related to preparations for joining the company (salary, tax, and insurance operations)
（21）Information provision using social media (providing stamps, sending and receiving data such as resumes and work experience documentation)
[EC site for Group Company employees]
（22）Confirmation and inquiry of order
（23）Confirmation and inquiry of product shipping
（24）Reply to inquiries
（25）Guidance by postal items, e-mail and etc.
（26）Handling related to investigation, detection, prevention, and notifications for fraudulent activity

The above corresponds to the purpose of use of retained personal data except for (5).

2. Provision of Personal Information to Third Parties (including those in other countries)

We will not disclose any personal information to third parties, except in the following cases.

   （１）When the subject individual’s consent has been obtained.
   （２）When required by law.
   （３）When required to protect the life, body, or property of an individual while it is difficult to obtain the individual’s consent.
   （４）When required to improve public health or promote sound childrearing while difficult to obtain the subject individual’s consent.
   （５）When required to cooperate with a government institution, local public entity, or designated individual or entity for executing administrative tasks prescribed by law or ordinance, and there is a risk that obtaining the subject individual’s consent would interfere with the execution of those tasks.

3. Shared Use of Personal Information

We may carry out shared usage of personal information acquired in the course of its business and sales activities in some cases. The items used, scope of usage, and other details are as follows.

   （１）Content of personal information for shared usage
　　　　Personal information acquired from customers which is essential for achieving the usage purpose: Name, company name, address (for individuals), department name, job title, phone number, fax number, email address, provided documents, participating event or seminar, etc., questionnaire survey results, personal information contained in sales information.
   （２）Scope of third parties for shared usage
　　　　The following ID Group companies (excluding overseas branches):
　　　　・ID Holdings Corporation
　　　　・INFORMATION DEVELOPMENT CO., LTD.
　　　　・ID DATA CENTER MANAGEMENT CO., LTD.
　　　　・DX CONSULTING CO., LTD.
　　　　・ID AI Factory CO., LTD.
   （３）Usage purposes
　　　　Identical to the purposes listed in Chapter 2 1. (1) through (5) above.
   （４）Party responsible for management of shared usage personal information
　　　　Chief Information Officer of each of the companies listed in (2) above.
   （５）Acquisition methods
　　　　Acquired by the companies listed in (2) above through business card exchange, online contact form input, contracts, emails, faxes, questionnaire surveys, oral communication (such as phone calls), or other written means.

4. Entrusting another entity to handle personal information

In some cases, we may entrust the handling of some or all of an individual’s acquired personal information within the scope of stated purpose of use.
In such a case, the selected entity must fulfill our consignee selection standards, and we shall perform necessary and appropriate oversight of selected consignee.
In addition, employee personal information may be consigned to our Group Company, INFORMATION DEVELOPMENT Wuhan CO., LTD. (ID Wuhan). In order to ensure a system compliant with Japan’s Act on the Protection of Personal Information is in place at ID Wuhan, in addition to maintaining the standards for protection of personal information used by the ID Group within Japan, we have also acquired an ISO/IEC27001 (ISMS) certification and are carrying out measures for maintaining this certification and carrying out appropriate security management.

5. Security Control Measures for Personal Information

We shall safely and appropriately manage personal information in accordance with each risk to prevent leakage, destruction, or damage of that information. Moreover, we shall carry out the necessary and suitable oversight of employees and contractors that handle personal information.

• Formulation of basic policy
  To ensure proper handling of personal data, we have established a basic policy based on principles such as compliance with related laws, ordinances, and guidelines and establishment of help desks for handling questions and complaints.
• Establishment of regulations for the handling of personal data
  We have established regulations for the handling of personal data for handling methods, supervisors, employees in charge, and work operations themselves for each stage in processes such as acquisition, usage, storage, provision, deletion, and disposal.
• Organization-wide safety management measures
  In addition to establishing a supervisor for personal data handling, we have clarified which employees handle personal data and the scope within which the applicable employees handle this data. If a violation of the law or our handling regulations is found or suspected, a reporting framework is in place for contacting the supervisor.
  We also implement a regular self-assessment for personal data handling conditions, as well as auditing by other positions and outside individuals.
  
• Personnel security control measures
  We hold regular training sessions for employees regarding point for consideration related to the handling of personal data.
  Confidentiality requirements related to personal data are listed in the work regulations.
• Physical security management measures
  In areas where personal data is handled, there are restrictions in place for managing the entry and exit of employees as well as the equipment brought into these areas, and measures are also implemented to prevent browsing of personal data by individuals without sufficient authority.
  In addition to measures for the prevention of theft, loss, or damage to devices, electronic media, and documentation used for personal data, there is a system in place which prevent easy identification of personal data when carrying the applicable equipment and electronic media, including movement within the office.
• Technical security management measures
  By implementing access controls, we restrict the scope of employees who can access the personal information database as well as the scope within which they can access it.
  A framework is in place for preventing fraudulent access to the personal data handling information system from outside the company as well as protecting it from malicious software.
• Understanding the external environment
  In cases such as when information including personal data is consigned to overseas cloud service businesses, we implement safety management measures with an understanding of the personal information protection system in the foreign country where the personal data is being consigned.
  Details of the specific safety management measures used are available upon request from applicable individuals.

Personal data relocation sites: People's Republic of China, United States of America

6. Creation and provision of anonymous and kana processed information

We do not create or provide anonymized personal information or pseudonymized personal information.

7. Voluntariness and results of providing personal information

Personal information is provided to us at the discretion of the subject individual. However, if we are unable to receive a portion of or all of the required personal information, we may not be able to provide it in an appropriate manner for the stated purpose of use.

8. Dealing with requests to disclose, revise, or delete personal information

At the request of the subject individual, we shall provide notification, disclosure, revision, etc. of the individual’s retained personal data, as well as suspension of use, halting of provision to a third party, etc. (hereinafter “Disclosure, etc.”) upon request. The procedures involved are covered in Chapter 6.

9. Personal information protection manager and inquiry window

Please see Chapter 7 for details of the personal information protection manager (information management manager) and the contact point for inquiries.

When we acquire specific personal information, we will use it for the following purposes.

Office activities (including those to the right) involving the personal numbers of executives and employees (including dependents)	Office activities related to tax withholding, etc.
	Creation of applications for tax exemptions and deductions (changes), return forms for insurance premium deductions, or applications for special spousal deductions for salaried employees, etc. Creation of special spousal deduction reports, etc.
	Creation of salary payment reports, etc.
	Creation of salaried worker change forms related to the special collection of salary payment reports, etc.
	Creation of transition applications, etc. for special collection
	Creation of retirement income related reports, etc.
	Creation of reports, forms, applications, etc. for property accumulation and savings for house construction, or property accumulation and savings for retirement
	Creation of reports for health insurance, welfare pension, corporate pension, etc.
	Notification, etc. for third grade of the national pension
	Application for health insurance, welfare pension, corporate pension, etc.
	Notification, application, etc. for employment insurance
	Provided to create a record of payment for members of the employee shareholding association
Office activities (including those to the right) involving the personal numbers of individuals other than executives and employees	Creation of payment records for remunerations, fees, etc.
	Creation of payment records for real estate usage fees, etc.

When handling personal numbers, our scope of use for these numbers and the specific personal information that is managed in relation to these numbers is as follows.
   （１）The personal numbers of executives, employees, and their dependents, as well as information managed with those numbers, such as name, date of birth,
　　　　gender, address, phone number, and employee number.
   （２）The personal numbers of individuals other than executives and employees, including the information managed together with those numbers such as
　　　　name, date of birth, gender, address, and phone number, to be used for personal number related activities.

3. Provision of specific personal information to a third party

Specific personal information will not be provided to a third party, regardless of whether or not consent is obtained from the subject individual, excluding information as prescribed in the Basic Resident Registration Act, Article 19.

Our website uses a technology called “cookies” on some of its pages.
“Cookies” make it more convenient for those who have visited the website once to visit again, by sending data to the user’s browser for reference. However, no personal information is gathered when using cookies. You can also turn off the “cookies” function by going into browser settings.

2. Usage of Google analytics